The inability of an entity to withstand the adverse effects of a hostile or uncertain environment
POPULARITY
Categories
VisionSpace Technologies has demonstrated how easy it is to exploit software vulnerabilities on satellites, as well as the ground stations that control them. China has conducted its first test of a lunar lander that they plan to use to take humans to the Moon. Rocket Lab has completed the Systems Integration Review (SIR) for the US Space Force's VICTUS HAZE mission, and more. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Guest We are joined by NASASpaceflight.com with the Space Traffic Report. Selected Reading Yamcs v5.8.6 Vulnerability Assessment OpenC3 Cosmos 6.0.0: A Security Assessment of an Open-Source Mission Framework – VisionSpace China tests spacecraft it hopes will put first Chinese on the moon- Reuters Rocket Lab Clears Integration Milestone for VICTUS HAZE, Delivering End-to-End Capabilities for Responsive Space Operations Rocket Lab Announces Second Quarter 2025 Financial Results, Posts Record Quarterly Revenue of $144m, Representing 36% Year-on-Year Growth, While Expanding Gross Margins 650 Basis Points Year-on-Year Globalstar Announces Second Quarter 2025 Financial Results Karman Space & Defense Reports Second Quarter Fiscal Year 2025 Financial Results Firefly Aerospace hits $9.8 billion valuation in Nasdaq debut as shares takeoff- Reuters Voyager Acquires ElectroMagnetic Systems, Inc. As NASA Missions Study Interstellar Comet, Hubble Makes Size Estimate AV and SNC Announce Strategic Partnership to Deliver Golden Dome for America "Limited Area Defense" Architecture Muon Space Unveils XL Satellite Platform, Announces Hubble Network as First Customer The Goddard 100 Student Contest Celebrating a Century of Rocketry - NSS Goddard 100 Contest T-Minus Crew Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
In this episode, host Jim Love thanks listeners for their support of his book 'Elisa, A Tale of Quantum Kisses,' which is available for 99 cents on Kindle. The show then dives into pressing cybersecurity issues discussed at Black Hat USA, including vulnerabilities in AI assistants via prompt injection attacks, and critical flaws in Broadcom chips used by Dell laptops that can lead to stealth backdoors. Microsoft Exchange zero-day vulnerabilities actively being exploited are also covered, along with a listener report about a Canadian domain registrar's expired security certificate. The episode emphasizes the importance of keeping systems and software updated to mitigate these security risks. 00:00 Introduction and Book Promotion 00:58 Cybersecurity Headlines 01:25 AI Assistant Vulnerabilities 03:36 Broadcom Chip Flaws in Dell Laptops 06:10 Microsoft Exchange Zero-Day Exploits 08:18 Listener's Domain Registrar Experience 10:36 Show Wrap-Up and Listener Engagement
How do SOC teams stop threats before they become breaches? In this power-packed episode of our SOC Analyst Essentials series, we uncover the triad every analyst must master: log analysis, vulnerability detection, and threat intelligence. From detecting anomalies in log files to prioritizing high-risk vulnerabilities and leveraging real-world threat intel, this episode dives deep into the day-to-day tools and tactics of top-tier SOC analysts.
Two sophisticated ransomware groups, Akira and Lynx, are increasingly targeting managed service providers (MSPs) and small businesses by exploiting stolen credentials and vulnerabilities. Together, they have compromised over 365 organizations, with Akira targeting major firms like Hitachi Vantara and Lynx focusing on critical infrastructure, including a CBS affiliate in Chattanooga, Tennessee. Both groups utilize double extortion tactics, combining file encryption with data theft to pressure victims into paying ransoms. This shift in tactics highlights the evolving threat landscape for MSPs and small businesses.In response to the growing cybersecurity threats, the U.S. Cybersecurity and Infrastructure Security Agency has released Thorium, an open-source platform designed for malware and forensic analysis. Thorium can automate tasks and process over 10 million files per hour, empowering IT professionals without in-house malware analysis capabilities to conduct effective preliminary analyses. This tool aims to enhance cybersecurity operations and better manage risks associated with complex malware threats.Additionally, SonicWall has issued a warning to its customers to disable SSL Virtual Private Network (VPN) services due to active ransomware attacks targeting its systems. Meanwhile, Google's AI-powered bug hunter, Big Sleep, has identified 20 security vulnerabilities in popular open-source software, raising concerns about the reliability of AI-generated bug reports. A newly discovered prompt injection vulnerability in Google's Gemini AI chatbot poses serious security risks, enabling attackers to craft convincing phishing campaigns without relying on links or attachments.The podcast also discusses the alarming rise in cybersecurity incidents, particularly social engineering attacks, which have tripled in the first half of 2025. A report from Level Blue indicates that social engineering now accounts for 39% of initial access incidents, with fake CAPTCHA schemes rising dramatically. Furthermore, the report highlights the risks associated with unauthorized AI tool usage, revealing that 97% of organizations lack adequate access controls, exposing sensitive data to potential threats. This underscores the need for organizations to strengthen their defenses and educate users on emerging threats. Four things to know today00:00 Attackers Up Their Game: Ransomware Hits MSPs, SonicWall Vulnerable, and Google's AI Found Exploitable05:53 Social Engineering Surges as Shadow AI Breaches Drive Up Cyber Costs and Risk Exposure08:35 Neglected Tech, Rising Risk: Email and Printers Still Expose Businesses to Modern Threats11:04 From Ransomware to Retirements: Vendor Shifts Reveal Risks and Realignment in the IT Channel This is the Business of Tech. Supported by: https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/ Tell us about a newsletter! https://bit.ly/biztechnewsletter All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
Two Chinese nationals are arrested for allegedly exporting sensitive Nvidia AI chips. A critical security flaw has been discovered in Microsoft's new NLWeb protocol. Vulnerabilities in Dell laptop firmware could let attackers bypass Windows logins and install malware. Trend Micro warns of an actively exploited remote code execution flaw in its endpoint security platform. Google confirms a data breach involving one of its Salesforce databases. A lack of MFA leaves a Canadian city on the hook for ransomware recovery costs. Nvidia's CSO denies the need for backdoors or kill switches in the company's GPUs. CISA flags multiple critical vulnerabilities in Tigo Energy's Cloud Connect Advanced (CCA) platform. DHS grants funding cuts off the MS-ISAC. Helicopter parenting officially hits the footwear aisle. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Sarah Powazek from UC Berkeley's Center for Long-Term Cybersecurity (CLTC) discussing her proposed nationwide roadmap to scale cyber defense for community organizations. Black Hat Women on the street Live from Black Hat USA 2025, it's a special “Women on the Street” segment with Halcyon's Cynthia Kaiser, SVP Ransomware Research Center, and CISO Stacey Cameron. Hear what's happening on the ground and what's top of mind in cybersecurity this year. Selected Reading Two Arrested in the US for Illegally Exporting Microchips Used in AI Applications to China (TechNadu) Microsoft's plan to fix the web with AI has already hit an embarrassing security flaw (The Verge) ReVault flaws let hackers bypass Windows login on Dell laptops (Bleeping Computer) Trend Micro warns of Apex One zero-day exploited in attacks (Bleeping Computer) Google says hackers stole its customers' data in a breach of its Salesforce database (TechCrunch) Hamilton taxpayers on the hook for full $18.3M cyberattack repair bill after insurance claim denied (CP24) Nvidia rejects US demand for backdoors in AI chips (The Verge) Critical vulnerabilities reported in Tigo Energy Cloud connect advanced solar management platform (Beyond Machines) New state, local cyber grant rules prohibit spending on MS-ISAC (StateScoop) Skechers skewered for adding secret Apple AirTag compartment to kids' sneakers — have we reached peak obsessive parenting? (NY Post) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Derek Fisher, Director of the Cyber Defense and Information Assurance Program, Temple University – also check out Derek's substack. Thanks to our show sponsor, Dropzone AI Security teams everywhere are drowning in alerts. That's why companies like Zapier and CBTS turned to Dropzone AI—the leader in autonomous alert investigation. Their AI investigates everything, giving your analysts time back for real security work. No more 40-minute rabbit holes. If you're at BlackHat, find them in Startup City. Otherwise, check out their self-guided demo at dropzone.ai. This is how modern SOCs are scaling without burning out. All links and the video of this episode can be found on CISO Series.com
Send us a textIt's a common, yet unsettling, scenario in cybersecurity risk assessment: discovering a crucial component was overlooked after an assessment is complete. The question often arises: "How do you handle missing risks in a risk assessment? What can you do in the situation, and how can you prevent this from happening again?"Let's unpack this compound query, focusing on mission-based cyber risk management and practical prevention strategies.Dr. B.
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Calle is the creator and lead maintainer of the Cashu open source protocol. Cashu enables users to easily use bitcoin in a private, offline, and programmable way. Calle is also the maintainer of Bitchat android, a cross platform meshnet app that enables users to chat and send bitcoin without an internet connection.Calle on Nostr: https://primal.net/calleCalle on X: https://x.com/callebtcBitchat: https://bitchat.free/Cashu: https://cashu.space/AOS: https://andotherstuff.org/EPISODE: 171BLOCK: 907832PRICE: 847 sats per dollar(00:00:00) Bloomberg Intro(00:02:47) Happy Bitcoin Wednesday(00:06:42) Bitchat: Concept and Development(00:15:25) Mesh Networks(00:23:01) Real-World Applications of Mesh Networks(00:29:39) Challenges and Vulnerabilities of Mesh Networks(00:37:14) Adoption Challenges for Mesh Technology(00:44:07) Integrating Cashu with Bitchat(00:52:50) Offline Payments and Privacy with Cashu(01:06:14) Vibe Coding and Development Process(01:25:48) Future of Bitchat and Open Source Funding(01:34:44) Sustainability in Open Source Projects(01:47:00) Final Thoughts and Call to ActionVideo: https://primal.net/e/nevent1qqs2evgxy64mhhr3mw7ywtattah0sw3c8dv2hg7tjdryfnc9xghc54gr90q3nmore info on the show: https://citadeldispatch.comlearn more about me: https://odell.xyz
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
Brave randomizes its fingerprints. The next Brave will block Microsoft Recall by default. Clorox sues its IT provider for $380 million in damages. 6-month Win10 ESU offers are beginning to appear. Warfare has significantly become cyber. Allianz Life loses control of 125 million customers' data. The CIA's Acquisition Research Center website was hacked. The Pentagon says the SharePoint RCE didn't get them. A look at a DPRK "laptop farm" to impersonate Americans. FIDO's passkey was NOT bypassed by a MITM after all. Is our data safe anywhere? The UK is trying to back-pedal out of the Apple ADP mess. Meanwhile, the EU resumes its push for "Chat Control". Microsoft fumbled the patch of a powerful Pwn2Own exploit Show Notes - https://www.grc.com/sn/SN-1036-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: canary.tools/twit - use code: TWIT threatlocker.com for Security Now bitwarden.com/twit uscloud.com
On this week's Security Sprint, Dave is solo and talked about the following topics.Warm Opening.Check out the blogs on the Gate 15 website including the recent one on network segmentation (www.gate15.global). https://gate15.global/digital-firebreaks/Main Topics.NYC active shooter incident. https://www.nbcnews.com/news/us-news/nyc-shooting-suspect-shane-devon-temura-what-know-rcna221638Walmart incident and bystanders. https://www.nbcnews.com/news/us-news/walmart-stabbings-michigan-traverse-city-suspect-terrorism-what-know-rcna221445CISA Active Shooter resources: https://www.cisa.gov/topics/physical-security/active-shooter-preparednessChinese ‘Fire Ant' spies start to bite unpatched VMware instances. https://www.csoonline.com/article/4029545/chinese-fire-ant-spies-start-to-bite-unpatched-vmware-instances.htmlSygnia Uncovers Active Chinese-Nexus Threat Actor Targeting Critical Infrastructure. https://www.sygnia.co/press-release/sygnia-uncovers-chinese-threat-targeting-critical-infrastructure/
Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Dan Berte on Solar Grid and IoT VulnerabilitiesPub date: 2025-07-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform.Dan discusses his team's research, the disclosure process, and the implications on green energy initiatives overall. With the growing popularity of these platforms, Berte cautions that attackers are going to continue to analyze their security for weaknesses and attempt to exploit them. Listen to the Nexus Podcast on your favorite podcast platform. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Dan Berte, director of IoT security at Bitdefender, joins the Nexus Podcast to join his team's ongoing research into the security of solar grid inverters and three serious vulnerabilities uncovered in the popular Deye Solarman management platform.Dan discusses his team's research, the disclosure process, and the implications on green energy initiatives overall. With the growing popularity of these platforms, Berte cautions that attackers are going to continue to analyze their security for weaknesses and attempt to exploit them. Listen to the Nexus Podcast on your favorite podcast platform.
From the rise of enterprise-grade networking to the complexities of command center interoperability, the AV world is evolving at lightning speed. And with new cybersecurity threats looming, how can companies protect themselves?In this episode of AVWeek, Patrick Norton steps in as guest host, joined by top industry guests to explore the importance of robust networks in commercial AV, the growing role of IP in command centers, and how businesses can safeguard themselves against the latest Microsoft SharePoint vulnerabilities.Host: Patrick NortonGuests:Jennifer Weaver – Jennifer on LinkedInDanny Hayasaka – Danny on LinkedInSamantha Potter – Samantha on LinkedInThis Week In AV:AV Magazine – Tomorrowland Stage ReconstructionSCN – Panasonic's Deal with ORIX Falls ThroughAVNation – Registration Opens for CEDIA Expo/Commercial Integrator ExpoThe Verge – Google Killing their Short LinksRoundtable Topics:Commercial Integrator – Networks in Enterprise-Grade ProjectsAV Network – Interoperability for Command & Control SpacesThe Verge – Vulnerability Found in Microsoft SharepointSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
ChatGPT: OpenAI, Sam Altman, AI, Joe Rogan, Artificial Intelligence, Practical AI
In this episode, we're discussing the unusual side of ai vulnerabilities under the theme of AI and Cybersecurity: The Rise of False Bug Reports. This phenomenon is changing the game for ethical hackers, revealing new layers of complexity in cybersecurity defense. We look at what's driving the rise of false bug reports—and how to stay ahead of the curve.Try AI Box: https://aibox.aiAI Chat YouTube Channel: https://www.youtube.com/@JaedenSchaferJoin my AI Hustle Community: https://www.skool.com/aihustle/about
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
Bypassing all passkey protections. The ransomware attacks just keep on coming. Cloudflare capitulates to the MPA and starts blocking. The need for online age verification is exploding. Microsoft really wants Exchange Servers to subscribe. Russia (further) clamps down on Internet usage. The global trend toward more Internet restrictions. China can inspect locked Android phones. Use a burner. Web shells are the new buffer overflow. An age verification protocol sketch. What Cloudflare did to create an outage of 1.1.1.1 Show Notes - https://www.grc.com/sn/SN-1035-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: zscaler.com/security 1password.com/securitynow go.acronis.com/twit
SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam discuss the vulnerabilities in solar technology, particularly focusing on smart inverters and their implications for power grids. They delve into the cybersecurity landscape, emphasizing China's role in technology transfer and its impact on national security. The conversation shifts to the potential of AI in cybersecurity, highlighting its ability to discover vulnerabilities and anomalies, and how it can enhance security operations. The episode concludes with a positive outlook on the integration of AI in cybersecurity practices.----------------------------------------------------YouTube Video Link: https://youtu.be/u3TfSpw10Qc----------------------------------------------------Documentation:https://www.newscientist.com/article/2487089-cyberattacks-could-exploit-home-solar-panels-to-disrupt-power-grids/https://open.spotify.com/show/1xFnf1ReS81p79TtR7f6vj?si=4d4ea5acc39c4bcehttps://www.pcmag.com/news/this-ai-is-outranking-humans-as-a-top-software-bug-hunter----------------------------------------------------Contact Us:Website: https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: https://www.linkedin.com/company/bluesecpodYouTube: https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: https://www.linkedin.com/in/andyjaw/Email: andy@bluesecuritypod.com----------------------------------------------------Adam BrewerTwitter: https://twitter.com/ajbrewerLinkedIn: https://www.linkedin.com/in/adamjbrewer/Email: adam@bluesecuritypod.com
Ms. Kim Woofter and Dr. John Cox discuss the latest updates to the evidence-based standards on oncology medical homes developed by ASCO and COA. These standards serve as the basis for the ASCO Certified program. They share the new and revised standards around topics including the culture of safety and just culture in oncology practice, geriatric assessment and geriatric assessment-guided management, and multidisciplinary team management. They expand on the importance of these standards for clinicians and oncology practices to ensure every patient receives optimal care. Read the complete standards, “Oncology Medical Homes: ASCO-Community Oncology Alliance Standards Update” at www.asco.org/standards. TRANSCRIPT These standards, clinical tools, and resources are available at www.asco.org/standards. Read the full text of the guideline and review authors' disclosures of potential conflicts of interest in the JCO Oncology Practice, https://ascopubs.org/doi/10.1200/OP-25-00498 Brittany Harvey: Hello and welcome to the ASCO Guidelines podcast, one of ASCO's podcasts delivering timely information to keep you up to date on the latest changes, challenges, and advances in oncology. You can find all the shows, including this one, at asco.org/podcasts. My name is Brittany Harvey, and today I'm interviewing Ms. Kim Woofter, a registered nurse in practice leadership and administration from AC3 Inc in South Bend, Indiana, and Dr. John Cox, a medical oncologist and adjunct faculty member from UT Southwestern Medical Center in Dallas, Texas, co-chairs on "Oncology Medical Homes, American Society of Clinical Oncology – Community Oncology Alliance Standards." Thank you for being here today, Ms. Woofter and Dr. Cox. Dr. John Cox: You bet. Ms. Kim Woofter: Thank you. Brittany Harvey: And then before we discuss these standards, I'd just like to note that ASCO takes great care in the development of its standards and ensuring that the ASCO Conflict of Interest Policy is followed for each guidance product. The disclosures of potential conflicts of interest for the expert panel, including Dr. Cox and Ms. Woofter, who have joined us here today, are available online with the publication of the standards in JCO Oncology Practice, which is linked in the show notes. So then, to dive into what we're here today to talk about, Dr. Cox, could you start us off by explaining what prompted an update to these ASCO-COA standards and what the scope of this update is? Dr. John Cox: Well, the ASCO-COA standards relative to defining and outlining Oncology Medical Home were initially published four or five years ago. At the time, we planned a regular update of the standards. So, in essence, this is a planned update. The whole program is built on the idea of continuous improvement. So, this update and future updates are prompted and defined by our literature, our science, the science of care delivery, and new developments and insights gained from studies and evaluations of care delivery methods, and informed by the practice. These standards are in place to underpin a program of care delivery by ASCO, the ASCO Certified, and as practices engage in this program, we are learning from them. The whole idea is to enlarge and improve how patients are cared for in practice. Brittany Harvey: Absolutely. It's great to have this iterative process to continue to review the evidence and update these standards that form the basis for ASCO Certified. So then, following that background, Ms. Woofter, I'd like to review the key points of the revised standards for our listeners. First, how do the revised standards address the culture of safety and just culture in oncology practice? Ms. Kim Woofter: I think safety is of utmost importance to all of us. So let me say that first and foremost. And what we know in oncology is our QOPI standards already address safety in the infusion suite process. So, safe delivery of chemotherapy agents and antineoplastics. It also talked about near misses and medication errors - absolutely essential, for sure. But what we need to do is look at a more systemic approach to safety because we know is processes throughout an organization they'll often cause you trouble. To do that, we know you need what we call a just culture, which is a very common term in today's workplace. But what it really means is it's a culture of open reporting of any potential for error, any potential for malfunction, and it can be in any place in the organization. So, what we are doing in our new standard is to say, look at your entire processes throughout the organization, and approach that in an open-minded way so that people don't feel scared to report things, and it's a really positive approach to intervening early and making sure that errors don't occur anywhere in the workplace. Brittany Harvey: Taking that systemic approach to look at overarching processes seems really key to ensuring safety in oncology practices. So then, the next new section, Dr. Cox, what are the new OMH standards surrounding geriatric assessment and geriatric assessment–guided management? Dr. John Cox: This is a challenging update for our standards. As many folks in practice recognize, there is a deep literature on recognizing the geriatric population in oncology. Geriatric - those in my age group over age 60, 65 - make up the majority of cancer patients in this country. And yet, there are many aspects that should be taken into account as you address treatment decisions in this population. ASCO's recognized this. There has been a guideline previously on geriatric assessment. It's been updated, and we really felt it's time that it be incorporated in any iteration of what oncology care delivery means, so, within the oncology medical home standards. In short, what the standard outlines is that practices that are using these standards, that are using this benchmark, should have a geriatric assessment for patients within the practice care and use that information to guide management. Now, the standard allows wide exploration of how practices meet this standard, but it really puts on the table that if an oncology practice in the United States, or anywhere in the world really, is adhering to a good practice, that they're going to include and recognize these assessments in practice. Ms. Kim Woofter: I would like to add that this is a highly discussed and reviewed standard. Many of our community practices were concerned that they would have the time and manpower to perform this assessment. We all know it reduces toxicities if done appropriately at treatment planning, and so the outcomes are better. And we really left it to the practices to define how they're going to implement it, understanding that it will evolve to every single patient, but maybe day one, it was a step approach to be able to implement. So, I was really proud of the team that - the expert panel - that said, okay, let's step into this, but we do think it's essential. Brittany Harvey: Absolutely. It's important to recognize that practices may have limited resources and time, and implementing it in the way that makes sense for them allows this to be a standard that can be used in practice. And it's great to have this geriatric assessment guideline integrated into these standards to improve care delivery. And we can provide a link to that guideline in the show notes of this episode as well (Practical Assessment and Management of Vulnerabilities in Older Patients Receiving Systemic Cancer Therapy: ASCO Guideline Update). So then, following that section of the standards, Ms. Woofter, how do the updated standards now address multidisciplinary team management? Ms. Kim Woofter: Well, we address multidisciplinary team management in a more comprehensive way in the updated standard. We always thought that that was a critical piece when doing treatment planning, and we kind of highlighted it in a bigger way, understanding that not everybody has the same resources available at the time of treatment planning. And again, this was a much-discussed standard, in that that multidisciplinary team approach doesn't necessarily have to be in a tumor board or a prospective analysis of every case. It is actually a conversation between specialists, between the surgeon and pathologist and the medical oncologist. And we are saying, do what works for you, but we know that that team approach, every specialty coming to the table at time of treatment planning, truly provides better outcomes for our patients. And so we kind of reiterated that, understanding that again, it doesn't have to be a formal tumor board, but it has to be a dialogue between specialties. And we highlighted that again in the new standard. Brittany Harvey: Open communication of all team members is really critical to providing optimal care. Dr. Cox, I'd like to ask you, in your view, how will these updated standards impact both clinicians and oncology practices? Dr. John Cox: Well, our whole goal with discussing a comprehensive care model for oncology practice is to have a benchmark, to have an iteration of what good oncology care delivery looks like. So, our hope is that practices, all practices, whether you're participating formally in ASCO Certified, the marquee quality program for ASCO, or if you are simply running a practice or a team within an academic environment or institutional environment, these standards are to apply across the board wherever oncology is practiced - that you can look at these standards as a benchmark and compare what you are doing in your practice and where are the gaps. So ideally, we drive improved care across the board. You know, one thing I've learned over the last couple of years as ASCO Certified is getting spun up and using and implementing these standards, is practices are remarkably innovative. We've learned a lot by seeing how pilot practices have met the standards, and that's gone into informing how we can improve care delivery for all of our practices and, importantly, for the team members who are delivering this care. The fourth rail of burnout and the like is inefficiency that occurs in practice. And when you know you've got a good, spun-up, effective team, less burnout, less stress for practice. I hope clinicians and oncology practices will use this to help drive improvements in their care and gain insight into how they can approach practice problems in a better way. Kim, you've been leading practices. I have to ask you, your thoughts in leaning into this question. Ms. Kim Woofter: I think very well said, I will say that first. And what I love about this is for practice leaders who are new to our ecosystem, if you will, they need a playbook. It's “Where do I begin?” And Dr. Cox said it very well, no one does everything perfectly day one, but it's a step-by-step self-assessment approach to say, “How do I get to this gold standard?” I really love the standards because they are very comprehensive, everything from treatment planning to end of life. So it's the spectrum of the care we deliver in the oncology setting. So as a leader and an administrator, it is the standard I want all of my departments to understand, adhere to, and engage, and be excited about. We now have a baseline approach, and what's even more important, these standards will evolve as our intelligence evolves, as literature evolves. It's a system that will always grow and change, and that's what we love about it. It's not a one-and-done. So, I'm very proud of the fact that it gives them a road map. Brittany Harvey: Yes, these evidence-based standards provide a critical foundation for practices in ASCO Certified, for those team members you mentioned, and for quality improvement beyond just those individuals and practices as well. So then finally, to wrap us up, Ms. Woofter, what do these revised standards mean for patients receiving cancer treatment? Ms. Kim Woofter: Well, I think that's the most exciting part, is we all do this for our patients and the best outcomes for our patients and the best treatment plans for our patients and their families. And these standards, that is their core, their absolute core. So what it's going to do for a patient is they can say, “Am I at a practice that implements ASCO standards?” And if that is a ‘yes', there's a confidence that, “I am in an evidence-based medicine thinking practice, I have a team around me, they will care for me not only at time of treatment planning but at the time of end of life, they will help me be part of that decision-making, and they will give me resources available to me in my community.” So, it is a true comprehensive approach. As a patient, I have that comfort, that it is bigger than just a great doctor. It is a great team. As a patient, that would be very important to me and important to my family. That being said, Kim Woofter would love every practice to be ASCO Certified. Understanding that that isn't feasible day one, just to know that the practice is implementing and engaging the standards is the great place to start. Every patient can't go to an ASCO Certified practice day one, but our dream would be that everyone would adhere to those standards, engage those standards, believe them, educate their staff on what they mean, so that patient outcomes and satisfaction will be optimized for everyone. The other piece to this that we all know is if you give evidence-based medicine, cost-effective, efficient care, it's better for the system as a whole. And I'm not saying that insurance is our driver - certainly patient outcomes are our driver - but the whole ecosystem of oncology benefits when you do the right thing. Dr. John Cox: It's hard to add anything to Kim's good statements, but I just highlight that this whole area began with the patient-centered medical home, and every time we've met, patients and how we deliver care to patients is top of mind. I think that reflects our community. It reflects oncology as a whole. I don't know any oncologist or practice that is focused on anything else as the prime goal. Brittany Harvey: That's what I was just going to say. The ultimate goal here is to provide patient-centered care across where every single patient is receiving treatment and at every stage of that treatment. So, I want to thank you both so much for your work to update these standards, to review the evidence, and discuss with the experts on the panel to come up with the solutions that will help drive quality improvement across care delivery. So, thank you for that, and thank you for your time today, Dr. Cox and Ms. Woofter. And finally, thank you to all of our listeners for tuning in to the ASCO Guidelines podcast. To read the complete standards, go to www.asco.org/standards. You can also find many of our standards and interactive resources in the free ASCO Guidelines app, which is available on the Apple App Store or the Google Play Store. If you have enjoyed what you've heard today, please rate and review the podcast, and be sure to subscribe so you never miss an episode. The purpose of this podcast is to educate and to inform. This is not a substitute for professional medical care and is not intended for use in the diagnosis or treatment of individual conditions. Guests on this podcast express their own opinions, experience, and conclusions. Guest statements on the podcast do not express the opinions of ASCO. The mention of any product, service, organization, activity, or therapy should not be construed as an ASCO endorsement.
In this episode hosted by Jim Love, 'Cybersecurity Today' celebrates its recognition as number 10 on the Feed Spot list of Canadian News Podcasts and approaches a milestone of 10 million downloads. Key topics include new research identifying Nvidia GPUs as vulnerable to Rowhammer style attacks, Microsoft's significant security improvements in Microsoft 365, a critical Bluetooth vulnerability affecting 350 million cars, and a data exposure incident involving the Fredericton Police. Additionally, the official 'Elmo' account on X was hacked to post offensive content, emphasizing security gaps in high-profile social media accounts. For detailed information, visit technewsday.com or .ca. 00:00 Introduction and Milestones 00:52 Nvidia's Rowhammer Vulnerability 03:39 Microsoft's Security Overhaul 05:45 PerfektBlue Bluetooth Flaw 08:09 Police Data Leak Incident 10:12 Elmo's Twitter Account Hacked 12:43 Conclusion and Thanks
A recent report by Auvik reveals significant challenges faced by managed service providers (MSPs), highlighting issues such as tool sprawl, burnout among IT professionals, and the increasing reliance on IT generalists. The report indicates that 50% of MSPs use over ten tools to manage client networks, with many professionals experiencing high levels of stress and burnout. The ongoing retirement of baby boomers in the IT sector exacerbates these issues, leading to a demand for specialists who can assist generalists in navigating the complexities of technology. Key areas of interest for IT professionals include cybersecurity planning and cloud computing, as they seek to enhance productivity and user experience.In addition to the challenges faced by MSPs, two significant cybersecurity incidents have come to light. Kaseya's Network Detective tool was found to have critical vulnerabilities that could expose sensitive data across managed environments. Similarly, a flaw in McDonald's chatbot job application platform compromised the personal information of over 64 million applicants due to weak security measures. These incidents underscore the importance of robust vendor security practices, as clients often hold their MSPs accountable for data breaches, regardless of the source.The podcast also discusses the ongoing struggle for right-to-repair legislation, which has seen limited enforcement despite public support. A report indicates that many products lack accessible repair materials, and manufacturers continue to resist changes that would facilitate repairs. This situation presents an opportunity for service firms to incorporate repairability into their procurement strategies and asset management services, aligning with client values around sustainability and cost control.Finally, Sonomi has launched new tools aimed at enhancing business impact analysis and continuity planning for cybersecurity professionals. These tools are designed to help MSPs communicate the business value of cybersecurity to leadership, shifting the perception of security from a cost center to a value driver. The success of these initiatives will depend on MSPs' ability to integrate these features into their service delivery, ultimately positioning them as strategic partners who understand both technology and business needs. Four things to know today 00:00 Auvik Report Warns MSPs of Tool Sprawl, Talent Drain, and Rising Burnout04:10 Kaseya and McDonald's Incidents Reveal Fragile Trust in Vendor Security Practices07:01 Manufacturers Withhold Parts, Manuals Despite State-Level Repair Rights Legislation08:40 Cynomi Adds Business Impact and Continuity Planning Tools to Help MSPs Drive Strategic Outcomes This is the Business of Tech. Supported by: https://getflexpoint.com/msp-radio/ ThreatDown Webinar: https://bit.ly/threatdown All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
In this episode of 'Cybersecurity Today,' hosted by David Shipley from the Exchange Security 2025 conference, urgent updates are provided on critical cybersecurity vulnerabilities and threats. CISA mandates a 24-hour patch for Citrix NetScaler due to a severe vulnerability actively being exploited, dubbed 'Citrix Bleed.' Fortinet's FortiWeb also faces a critical pre-auth remote code execution flaw that demands immediate patching. Additionally, significant vulnerabilities in AI-driven developments are highlighted, including shortcomings in Jack Dorsey's BitChat app and a method to extract Windows keys from ChatGPT-4. The episode emphasizes the importance of timely updates, robust security measures, and the potential risks involved with AI-generated code. 00:00 Introduction and Overview 00:35 Urgent Citrix Vulnerability Alert 03:26 Fortinet FortiWeb Exploit Details 06:23 Ingram Micro Ransomware Recovery 09:26 AI Coding and Security Risks 14:03 ChatGPT Security Flaw Exposed 17:20 Conclusion and Contact Information
Bob Moats and Mike Wiemuth dive deep into the shadowy world of negative recruiting in college basketball, exploring the tactics, effectiveness, and ethics of programs steering players away from rival schools.Main TopicsSports Dead Period & Pacers Reflection[00:00-15:00]Bob and Mike discuss the dreaded summer sports lull and reflect on the Indiana Pacers' surprising playoff run. They examine the team's selfless ball movement, Tyrese Haliburton's devastating injury, and what the season meant for bringing fans back to NBA basketball after years away.Negative Recruiting Parallels to Politics[15:00-25:00]Drawing parallels to political campaigning, Bob and Mike establish how negative recruiting works as a persuasion contest. They discuss:Key differences between political ads and recruiting (multiple "candidates," shadow operations)The concept of "kamikaze" recruiting to prevent rivals from landing recruitsStrategic timing of when to go negative in recruitment battlesThe Intelligence Game[25:00-35:00]The conversation turns to how programs gather intelligence on recruits and families. Topics include:Assistant coaches' extensive networks and relationship-buildingUnderstanding family dynamics and decision-makersThe role of third-party surrogates like AAU coachesHow specific intel can get (down to restaurant preferences)Variables & Vulnerabilities[35:00-45:00]Using a comprehensive list of recruiting factors, they explore how different variables create opportunities for negative recruiting. The discussion covers playing time, facilities, academics, party scene, geography, and more, emphasizing how each recruit's priorities differ dramatically.The Scott Drew vs. Bob Knight Story[45:00-55:00]Bob and Mike recount the legendary bathroom confrontation where Bob Knight cornered Scott Drew over negative recruiting materials. This story illustrates the tensions between established programs and upstart challengers trying to disrupt the recruiting landscape.Player Compensation Era & IU's Fresh Start[55:00-End]The discussion shifts to how NIL has changed recruiting dynamics and examines IU's situation under the new coaching staff. They analyze recent comments about fan expectations and how confident leadership can address external criticism.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines
In this episode of Hashtag Trending, host Jim Love covers a range of topics: an increase in copper theft leading to phone and internet outages in North America, allegations against Uber's hidden algorithm for boosting profits by raising fares and cutting driver pay, and a new technique called 'info flood' to trick AI chatbots into providing dangerous information by using academic jargon. The episode explores the implications of these issues and the ongoing challenges for companies and consumers. 00:00 Introduction and Headlines 00:17 Copper Theft Crisis 03:12 Uber's Algorithm Controversy 06:25 Tricking AI with Academic Jargon 07:58 Conclusion and Contact Information
This is a panel discussion.We discussed multiple topics-Floods in Texas, and effects of non-notification-Vulnerabilities imposed by the BBBill-Troops deployed in Florida, California-the ICE budget-Trump's hate for half the US population WNHNLP.ORG productionMusic: David Rovics
In this episode of the Logistics & Leadership Podcast, Brian Hastings sits down with Jimmy Menges—National Director and freight crime investigator—to expose the hidden world of cargo theft and the organized crime rings fueling it.Jimmy pulls back the curtain on how scammers hijack legitimate operations, the loopholes they exploit, and what really happens in the first 48 hours after a load vanishes. From forged documents to fake drivers, and warehouse accomplices to massive multi-million dollar heists, this episode reveals the high-stakes reality most brokers and carriers aren't prepared for.Whether you're a freight broker, a carrier rep, or a shipper trying to protect your freight, this episode is packed with tactical insight, investigative war stories, and hard-won lessons that could save your business.The Logistics & Leadership Podcast, powered by Veritas Logistics, redefines logistics and personal growth. Hosted by industry veterans and supply chain leaders Brian Hastings and Justin Maines, it shares their journey from humble beginnings to a $50 million company. Discover invaluable lessons in logistics, mental toughness, and embracing the entrepreneurial spirit. The show delves into personal and professional development, routine, and the power of betting on oneself. From inspiring stories to practical insights, this podcast is a must for aspiring entrepreneurs, logistics professionals, and anyone seeking to push limits and achieve success.Timestamps:(00:02) – The Nature of the Job(04:33) – The Landscape of Cargo Theft in California(09:29) – Freight Brokerage Challenges & Vulnerabilities(16:20) – How Load Scams Are Investigated(19:04) – Inside the Warehouse Incident(26:46) – The Business Impact of Cargo Theft(34:15) – How to Spot & Fight Industry Scams(36:01) – Navigating Fraud as a Freight Broker(41:33) – Reducing Risk in Freight ShippingConnect with Jimmy Menges:LinkedIn: https://www.linkedin.com/in/jimmy-menges-4a95a4a6Connect with us! ▶️ Website | LinkedIn | Brian's LinkedIn | Justin's LinkedIn▶️ Get our newsletter for more logistics insights▶️ Send us your questions!! ask@go-veritas.comWatch the pod on: YouTube
402-521-3080In this conversation, Stephanie Olson and Rebecca Saunders delve into the myths surrounding human trafficking, discussing common misconceptions, the realities of traffickers and their victims, and the importance of community awareness and education. They emphasize the need to understand the complexities of trafficking, including the vulnerabilities that make individuals susceptible to exploitation, the dehumanization involved, and the challenges faced during recovery. The discussion also touches on the role of media and immigration in shaping perceptions of trafficking, advocating for a more informed and compassionate approach to prevention and support.TakeawaysHuman traffickers often target individuals they know.Trafficking is not just about kidnapping; it involves manipulation and grooming.Vulnerabilities can make anyone a target for trafficking.Dehumanization is a key factor in trafficking and exploitation.Rescue is not a simple solution; recovery is complex and ongoing.Traffickers can be male or female, and often work in couples.Media representations of trafficking can perpetuate myths.Community education is crucial for prevention and awareness.Trafficking can affect individuals of all ages and backgrounds.Everyone has intrinsic value, regardless of their circumstances.Sound Bites"Human traffickers will target people.""Traffickers go after the vulnerable.""The reality is that trauma is ongoing."Chapters00:00 Introduction to Human Trafficking Myths02:58 Debunking Common Myths05:41 Understanding the Grooming Process08:41 The Reality of Trafficking Targets11:41 The Role of Traffickers14:23 The Intrinsic Value of All Humans17:23 The Complexity of Trafficking Dynamics26:23 The Role of Children in Trafficking27:10 Immigration and Human Trafficking28:18 The Misconception of Border Control30:17 Vulnerabilities of Immigrants32:05 The Human Aspect of Trafficking34:26 Dehumanization in Society35:59 The Complexity of Rescue38:12 Understanding Trauma in Survivors39:59 The Reality of Recovery42:12 Emotional Isolation and Trust Issues44:23 Vulnerabilities and Scams47:24 Protecting Ourselves and Our Communities49:47 Education and Community EngagementSupport the showEveryone has resilience, but what does that mean, and how do we use it in life and leadership? Join Stephanie Olson, an expert in resiliency and trauma, every week as she talks to other experts living lives of resilience. Stephanie also shares her own stories of addictions, disordered eating, domestic and sexual violence, abandonment, and trauma, and shares the everyday struggles and joys of everyday life. As a wife, mom, and CEO she gives commentaries and, sometimes, a few rants to shed light on what makes a person resilient. So, if you have experienced adversity in life in any way and want to learn how to better lead your family, your workplace, and, well, your life, this podcast is for you!https://setmefreeproject.net https://www.stephanieolson.com/
PREVIEW US ELECTRIC GRID: Colleague Jack Burnham of FDD reports recent revelation that Chinese scholars have published hundreds of articles identifying vulnerabilities in the US electric grid. More. 1940 WUHAN UNIVERSITY
In this thought-provoking episode of Project Synapse, host Jim and his friends Marcel Gagne and John Pinard delve into the complexities of artificial intelligence, especially in the context of cybersecurity. The discussion kicks off by revisiting a blog post by Sam Altman about reaching a 'Gentle Singularity' in AI development, where the progress towards artificial superintelligence seems inevitable. They explore the idea of AI surpassing human intelligence and the implications of machines learning to write their own code. Throughout their engaging conversation, they emphasize the need to integrate security into AI systems from the start, rather than as an afterthought, citing recent vulnerabilities like Echo Leak and Microsoft Copilot's Zero Click vulnerability. Derailing into stories from the past and pondering philosophical questions, they wrap up by urging for a balanced approach where speed and thoughtful planning coexist, and to prioritize human welfare in technological advancements. This episode serves as a captivating blend of storytelling, technical insights, and ethical debates. 00:00 Introduction to Project Synapse 00:38 AI Vulnerabilities and Cybersecurity Concerns 02:22 The Gentle Singularity and AI Evolution 04:54 Human and AI Intelligence: A Comparison 07:05 AI Hallucinations and Emotional Intelligence 12:10 The Future of AI and Its Limitations 27:53 Security Flaws in AI Systems 30:20 The Need for Robust AI Security 32:22 The Ubiquity of AI in Modern Society 32:49 Understanding Neural Networks and Model Security 34:11 Challenges in AI Security and Human Behavior 36:45 The Evolution of Steganography and Prompt Injection 39:28 AI in Automation and Manufacturing 40:49 Crime as a Business and Security Implications 42:49 Balancing Speed and Security in AI Development 53:08 Corporate Responsibility and Ethical Considerations 57:31 The Future of AI and Human Values
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow
An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40,000 openly available video camera are online. Who owns them? Running SpinRite on encrypted drives. An LLM describes Steve's (my) evolution on Microsoft security. What do we know about the bots that are scanning the Internet? Show Notes - https://www.grc.com/sn/SN-1030-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to Security Now at https://twit.tv/shows/security-now. You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Join Club TWiT for Ad-Free Podcasts! Support what you love and get ad-free shows, a members-only Discord, and behind-the-scenes access. Join today: https://twit.tv/clubtwit Sponsors: joindeleteme.com/twit promo code TWIT bitwarden.com/twit material.security drata.com/securitynow bigid.com/securitynow