Podcasts about Zero Days

Three Buddy Problem - Episode 65: We zero in on one of the biggest security stories of the year: the discovery of a persistent multi-stage bootkit implanting malware on Cisco ASA firewalls. Details on a new campaign, tied to the same threat actors behind ArcaneDoor, exploiting zero-days in Cisco's 5500-X series appliances, devices that sit at the heart of government and enterprise networks worldwide. Plus, Cisco's controversial handling of these disclosures, CISA's emergency deadlines for patching, the absence of IOCs and samples, and China's long-term positioning. Plus, thoughts on the Secret Service SIM farm discovery in New York and evidence of Russians APTs Turla and Gamaredon collaborating to hit Ukraine targets. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

In Today's WINNING Word of The Day, Coach JC shares with you the importance of NO ZERO DAYS! Coach JC | Life Coach | Motivation | Personal Development| Business| Win All Day | Entrepreneur | Author | Speaker COACH JC IS THE FOUNDER OF THE WIN ALL DAY MOVEMENT. A performance company that has become recognized for Building WINNERS & WINNING Teams through Personal Development to achieve Peak Performance! We Do This Through... Coaching, Consulting, Training & Curriculum We Specialize In... Human Performance, Personal Development, Leadership, Mental Performance & Personal Branding. We Serve... Corporations and Organizations Athletes and Athletic Teams First Responding Agencies Entrepreneurs Coach JC is recognized as a passionate coach and advisor to high performers (CEO's, Business Owners, Pastors, Pro Athletes, and First Responders) when it comes to living a life of purpose, leading with passion and WINNING in life! It didn't start there... After throwing away his college basketball career, ending up over $400k in debt, suicidal, in the fight of his life, in a custody battle to see his daughter and be a dad coach JC was able to create a new story for his life.   He now has empowered thousands of people to WIN in life through his 6 books, professional speaking, podcasts, coaching, social media, and the WIN ALL DAY movement. As an entrepreneur Coach JC has launched 5 companies and a non-profit within the personal development and business arena all based around his PERSONAL BRAND and serving others. He has been recognized as a 30 under 30, 40 under 40, The Best of The Best, and The Young Entrepreneur of the year.  Coach JC believes every person deserves the opportunity to WIN in life and through his WIN ALL DAY Playbook and Academy Coach JC and his team help high performers build purpose driven, passion filled lives and highly profitable personal brands. In the WIN ALL DAY Podcast Coach JC drops a daily WINNING Word of The Day (Mon-Fri) and once a month interviews a guest that is representing what WINNING looks like! The podcast will inspire you, motivate you, encourage you, empower you and most importantly coach you to WIN ALL DAY - to live a life of passion, fueled by purpose! Have a question you'd like Coach JC to answer on a future WIN ALL DAY episode? Submit it as a message on our social media accounts:   https://www.instagram.com/thecoachjc/ https://www.facebook.com/WINALLDAYWITHCOACHJC   Subscribe to the WIN ALL DAY podcast and leave a review for a chance to win some FREE WIN ALL DAY merchandise or even a coaching session with Coach JC each month.   Be sure to join Coach JC's VIP email list, download our free resources and learn more about WIN ALL DAY and Coach JC at  www.CoachJC.com    Learn more about what we do at www.WINALLDAY.co If you're ready to personally develop, become your best, and get certified to serve others while building a powerful personal brand business... Then it's time to become a WIN ALL DAY Certified Coach. Master the mindset. Live the mission. Monetize your message. We equip and certify WINNERS just like you to take your story, your purpose and your passion and give it back to the world as a coach and get paid to do it! So if you're ready to go from being a winner… to a certified WINNING WIN ALL DAY COACH… Head over to www.WinAllDayCertified.com  right now and apply. Your next level is waiting. Let's build YOU, your brand, your business, and your legacy.

Referências do EpisódioGoogle fixes actively exploited Android flaws in September updateTrojanized ScreenConnect installers evolve, dropping multiple RATs on a single machineMassive IPTV Piracy Network Uncovered by Silent PushModel Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name TrustRoteiro e apresentação: Carlos CabralEdição de áudio: Paulo ArruzzoNarração de encerramento: Bianca Garcia

The day has arrived. Are you fully husked?

The day has arrived. Are you fully husked?

Chris and Hector break down a Russian-linked zero-day exploit targeting WinRAR users, why stolen browser cookies bypass MFA, the economic motives behind security features (or lack thereof), and Hector's nostalgic farewell to AOL dial-up. Join our new Patreon! ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.patreon.com/c/hackerandthefed⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Send HATF your questions at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠questions@hackerandthefed.com

Send us a textSaaS platforms represent a significant security blind spot for many organizations, with misconceptions about the shared responsibility model leaving sensitive data vulnerable to exposure. Aaron Costello, Chief of SaaS Security Research at AppOmni, shares insights from his research uncovering five zero-day vulnerabilities in Salesforce Industry Clouds and explains why SaaS security requires specialized expertise.• Security teams often mistakenly believe SaaS vendors are fully responsible for security• The shared responsibility model means customers must secure their own configurations and customizations• Nearly a third of Salesforce customers use Industry Cloud solutions, which were found to contain significant vulnerabilities• Agentic AI introduces new security challenges requiring strict access control implementation• AppOmni provides visibility by connecting to SaaS platforms and analyzing security metadata• Effective SaaS security requires collaboration between platform administrators and security teams• Acquisition scenarios create particular security challenges when integrating new technologies• The most effective approach combines administrative knowledge with security expertiseIf you're interested in learning more about SaaS security or accessing the full Salesforce Industry Clouds research paper, visit appomni.com and check out the AO Labs section of their blog.Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

#295th for 31st of July, 2025 or 3311! (33-Oh-Leven, not Oh-Eleven, OH-Leven)http://loosescrewsed.comJoin us on discord! And check out the merch store! PROMO CODEShttps://discord.gg/3Vfap47ReaSupport us on Patreon: https://www.patreon.com/LooseScrewsEDSquad Update: It's been one week since anyone said on this weekly podcast that the BGS is broken. The BD Front started another control war BD+49 3937 - we're up 3-0 on Day 4, hopefully victorious by the time you listen7 Andromedae is in BoomWar in Juan we're ignoring against our friends UtlagarnirOperation Kegstand - We're still pushing FZ Andromedae into boom, by delivering high demand items (silver from V640 Cassiopeia is easiest), then megaship scenarios will be triggered**Pax Screwiana Update** - 23,644,105,873 Citizen Shareholders, 267 Star Systems, 73 Vested Star Systems, 199 Stations, 332 Settlements, 93 Instalations, 1 MegashipPowerPlay Update: - Cycle 40Soontil Relics are back on! (Boom + Civil Liberty)1t trading is dumbQuick UpdateKruger 5's Power Rankings - https://k5elite.com/ Niceygy's Power Points - https://elite.niceygy.net/powerpointsFind out more in the LSN-powerplay-hub forum channel.Galnet Update: https://community.elitedangerous.com/None - CG is still onDev News: The Type 11 Prospector - announced on FU Discussion:Panther Clipper Mk 2: Pay 2 Win?The Type 11 ProspectorDoes mining need a dedicated ship?Community Corner:The Buckyball Racing Club presents: The 3311 Drakhyr Rallyupvote this and add your voice. It's like 40 weeks in. That's at least 40 weeks late on the fix. The issue has expired and been reposted more than once. Make them pay attention. https://issues.frontierstore.net/issue-detail/70594Wrap Up: http://loosescrewsed.comJoin us on discord! And check out the merch store! PROMO CODEShttps://discord.gg/3Vfap47ReaSupport us on Patreon: https://www.patreon.com/LooseScrewsED

This week, Nathan and B.R discuss the latest 'Sig-cident' involving an Sig P320 / M18 handgun, with this particular uncommanded discharge resulting in the death of a U.S. Airman station in Wyoming. The lads talk bluntly about the on-going lack of accountability from Sig in regards to these incidents and scapegoating via blaming the holster or user. Also discussed: The 'Tim-cident', AKA, Tim Kennedy publicly apologizing for lying about receiving the Bronze Star for Valor and the years of inflating his service record publicly and to his own profit and the implications of this and how American hero worship continues to create those who tell exaggerated and embellished tales of war for their own gain.On a more casual note, B.R celebrates carving out two acres for himself and achieving a small slice of the 'American dream' in Appalachia, and Nathan attempts to explain Death Stranding and Kojima to B.R. All that, and much more!All information discussed is open source and available to anyone with an internet connection, documents can be found below for reference and independent assessment.Any legal action pursued due to this episode will be met with more memes. :)SIG INTEL REPORT:⁠https://docs.google.com/document/d/1Ozkb5vouKqtVeHxGBtRJ5z9BVlHMF6k4Uf3gsnLe9Zc/edit?invite=CPu87poP&tab=t.hdaevbdop0sf⁠SIG P320 US I.C.E. Report:⁠https://drive.google.com/file/d/1TayAopJKjz_vspCPnAAuZ_vx5s75T8Vn/view⁠Quality and Safety Problems with the Beretta M9 Handgun:⁠https://www.gao.gov/products/t-nsiad-88-46⁠US Army M17/M18 Modular Handgun Systems Report:⁠https://www.dote.osd.mil/Portals/97/pub/reports/FY2017/army/2017mhs.pdf⁠Washington Criminal Justice Center Report:⁠https://cjtc.app.box.com/s/xt4cmgmo3ass0bqcwzwf75hk8279c1a1⁠Indian Manufacturing Company at SHOT Show Brandon mentions: ⁠https://www.indo-mim.com⁠Check out the guys that put together the SIG report:Brandon -⁠ https://www.instagram.com/bsel107/⁠⁠Drew - ⁠https://www.instagram.com/dfz_engineering/⁠Follow the lads on IG:     ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Nathan / Main Page: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/cbrnart/?hl=en⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠B.R: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/br.the.anarch⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Lucas: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.instagram.com/heartl1ne/⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠

Three Buddy Problem - Episode 55: A SharePoint zero-day exploit chain from Pwn2Own Berlin becomes a full-blown security crisis with Chinese nation-state actors exploiting vulnerabilities that Microsoft struggled to patch properly, leading to trivial bypasses and a cascade of new CVEs. The timeline is messy, the patches are faulty, and ransomware groups are lining up to join the party. We also revisit the ProPublica bombshell about Microsoft's "digital escorts" and U.S. government data exposure to Chinese adversaries and the company's "oops, we will stop" response. Plus, trusting Google's Big Sleep AI claims and a cautionary tale about AI agents gone rogue that wiped out a production database. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

On today's show we talked about workplace accidents.  We also got an update from the Blubber Burn food craving and we found out that Portland legend and longtime news anchor Jeff Gianola will be in studio on Monday!

A) Three ThingsCrypto Week?Tell Your Teenager About Roblox MillionsSuper ResultsB) The Rise of Zero Days to Expiration (0DTE) Options: Opportunity or Danger?C) PIPS Pick Of The Day!Trade while you sleep and across time zones with Arbitrage Trade Assist. Sign up today at ArbitrageTrade.com. Arbitrage Trade is your trusted source for business, finance, and tech info.ArbitrageTrade.com#finance , #investing , #stocks , #Forex , #TrendingNowSupport this show http://supporter.acast.com/arbitrage. Hosted on Acast. See acast.com/privacy for more information.

Genevieve Rohner initially began riding horses for therapy at age four and fell in love with the sport the moment she sat on Sadie, the first horse she rode. The connection between horse and rider provides a sense of calmness and freedom for her and feeds her system in a way nothing else does. Genevieve discovered not only a love of horses, but a love of competing in para dressage. She got classified at age 9 and was named to her first Team USA show team in 2022. We talk with her and her mom Lexi.

This week, we crack open Wander Franco's trial as it kicks off and take a hard look at what's ahead. Then it's all eyes on Rafael Devers as trade rumors swirl—who's in, who's out, and what it means for Boston. We pivot to Greg Hardy, former Cowboy turned chaos magnet, who just can't stay out of the ring—or the headlines. And of course, our Biggest Pickle this week? Let's just say... he's been in the jar before.#MLB #WanderFranco #RafaelDevers #GregHardy #NFL #Boxing #SportsDrama #TradeRumors #BiggestPickle #IAPRadio #SportsPodcast

Ep. 198 is the second episode of our brand-new “Best of…” series. Anderson McKean of Page & Palette Bookstore joined me for the Best of Thrillers, with her all-time TOP TEN favorite thriller novels…and, a couple buzzy thrillers that didn't work for her.⁠ Also, Anderson talks about how she started reading thrillers, the wide variety available in the genre, and books from her list that would be perfect for those new to the genre! This post contains affiliate links through which I make a small commission when you make a purchase (at no cost to you!). CLICK HERE for the full episode Show Notes on the blog. Highlights What draws her to the thriller genre. From domestic to psychological thrillers, Anderson talks about the variety of the genre. Her favorite sub-genres and what doesn't work for her. Anderson picks a few books from her list that would be good starter books for those new to the genre. Anderson's All-Time Top Ten Thrillers [10:33] Gone Girl by Gillian Flynn (2012) | Amazon | Bookshop.org  [12:44] Room by Emma Donoghue (2010) | Amazon | Bookshop.org [16:57] It Girl by Ruth Ware (2022) | Amazon | Bookshop.org  [20:41] A Rip Through Time by Kelley Armstrong (2022) | Amazon | Bookshop.org  [24:16] Everyone Here Is Lying by Shari Lapena (2023) | Amazon | Bookshop.org  [27:43] The Good Sister by Sally Hepworth (2020) | Amazon | Bookshop.org  [31:38] Wrong Place Wrong Time by Gillian McAllister (2022) | Amazon | Bookshop.org   [34:17] Red Queen by Juan Gómez-Jurado (2018) | Amazon | Bookshop.org   [37:48] When the Stars Go Dark by Paula McLain (2021) | Amazon | Bookshop.org  [41:12] These Silent Woods by Kimi Cunningham Grant (2021) | Amazon | Bookshop.org  [45:37] High-Profile Thrillers That Did Not She Didn't Love [48:35]  The House Across the Lake by Riley Sager (2022) | Amazon | Bookshop.org  [48:41] None of This Is True by Lisa Jewell (2023) | Amazon | Bookshop.org  [49:01] Other Books Mentioned The Plot by Jean Hanff Korelitz (2021) [13:23] The Girl on the Train by Paula Hawkins (2015) [16:06] The Blue Hour by Paula Hawkins (2024) [16:13] Where the Crawdads Sing by Delia Owens (2021) [16:38] The Woman in Cabin 10 by Ruth Ware (2016) [20:58] I Have Some Questions for You by Rebecca Makkai (2023) [21:50] Zero Days by Ruth Ware (2023) [23:05] Vantage Point by Sara Sligar (2025) [23:11] One Perfect Couple by Ruth Ware (2024) [23:54] The Time Traveler's Wife by Audrey Niffenegger (2003) [24:51] Death at a Highland Wedding by Kelley Armstrong (2025) [27:35] What Have You Done by Shari Lepena (2024) [30:09] The Couple Next Door by Shari Lepena (2016) [30:24] Someone We Know by Shari Lepena (2019) [30:31] Strange Sally Diamond by Liz Nugent (2023) [32:23] The Mother-In-Law by Sally Hepworth (2019) [33:26] The Soulmate by Sally Hepworth (2022) [33:50] The Darling Girls by Sally Hepworth (2023) [33:53] Just Another Missing Person by Gillian McAllister (2023) [36:36] The Girl with the Dragon Tattoo by Stieg Larsson (2005) [38:04] The Bourne Identity by Robert Ludlum (1980) [39:24] In Light of All Darkness by Kim Cross (2023) [42:25] The Death of Us by Abigail Dean (2025) [44:17] Our Endless Numbered Days by Claire Fuller (2015) [47:20] The Nature of Disappearing by Kimi Cunningham Grant (2024) [48:11] The Fury by Alex Michaelides (2024) [49:47] The Silent Patient by Alex Michaelides (2019) [49:53]

Okay y'all, I need to brace you for this one. I've got Danelle Delgado on the show, and I'm doing everything I can to keep my inner fangirl in check. This woman? She's a powerhouse - single mum, cancer survivor, business coach, author of I Choose Joy - and she somehow manages to serve up the truth with equal parts fire and heart. We talk about what it really means to have no zero days, why choosing joy isn't fluff, and how pain has a seat at the growth table. Honestly, this conversation shook me in the best way. Let's dive right in.Highlights:(04:18) No zero days - where it all began(10:42) Everyone left. That's when I heard myself(22:05) Money on my terms. Period(28:47) Tim Grover's text that floored me(40:10) You don't need a big audience(47:19) Your voice is your mic - use it wellFind out more about Danelle:WebsiteLinkedIn: Danelle DelgadoInstagram: DanelleDelgadoFacebook: DanelleBDelgadoThe Winning MembershipQualia Mind - click hereCoupon Code: SHOCKANDYALL (15% off any purchase)Visit Nicole's on demand fitness platform for live weekly classes and a recorded library of yoga, strength training, guided audio meditations and mobility (Kinstretch) classes, as well: https://www.sweatandstillness.comGrab Nicole's bestselling children's book and enter your email for A FREE GIFT: https://www.yolkedbook.comFind Nicole on Instagram:https://www.instagram.com/nicolesciacca/Tik Tok: https://www.tiktok.com/@thenicolesciaccaFacebook: https://www.facebook.com/nicolesciaccayoga/Youtube:https://www.youtube.com/channel/UC1X8PPWCQa2werd4unex1eAPractice yoga with Nicole in person in Santa Monica, CA at Aviator Nation Ride. Get the App to book in: https://apps.apple.com/us/app/aviator-nation-ride/id1610561929Book a discovery call or virtual assessment with Nicole here: https://www.calendly.com/nicolesciaccaThis Podcast is proudly produced by Wavemakers AudioMentioned in this episode:www.Neurohacker.com/shockandyall and use the code SHOCKANDYALL to get 15% off your first order

Ever wondered why some people seem consistently productive and energized while others constantly bounce between burnout and recovery?   The answer isn't superhuman genetics or fancy supplements - it's understanding the fundamental science of energy management.  After working for 100+ consecutive days without a traditional day off, I've discovered something counterintuitive: sustainable productivity has nothing to do with motivation or willpower. It's about aligning with our biological design rather than fighting against it. Weekends are social constructs, but rest is biological. When you implement strategic, science-backed rest protocols throughout your day, you can maintain high energy levels without requiring complete disconnection.  This approach is validated by leaders like Sam Altman, CEO of OpenAI, who dedicates significant space in his productivity blog to health optimization. This isn't about pushing through fatigue—it's about preventing fatigue from accumulating in the first place.  Ready to transform how you work?  Book a free trial coaching session through this link in the show notes to discover the missing pieces in your energy optimization routine.  https://calendly.com/angelashurina/executive-momentum-360  Whether you're aiming to grow a business, advance your career, or simply live with more vitality, sustainable energy management is the foundation everything else builds upon.    Text Me Your Thoughts and IdeasSupport the show Brought to you by Angela Shurina EXECUTIVE & OPTIMAL PERFORMANCE COACH

Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs   Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

MITRE gets last-minute bailout from CISA Krebs exits SentinelOne after security clearance pulled Apple fixes two zero-days exploited in targeted iPhone attacks Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. For the stories behind the headlines, visit CISOseries.com. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, And helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines.  

On this episode of Bounced From The Roadhouse:Special Guests in 4B:Zero Days LeftLibrary of CongressMorgan Wallen Purchases a BikeFake NewsDino goes PurplePoop on the MoonBackground MusicMegamillions MultiplierUnclaimed LuggagePimp our RidesQuestions? Comments? Leave us a message! 605-343-6161Don't forget to subscribe, leave us a review and some stars Hosted on Acast. See acast.com/privacy for more information.

Jacob coaches the Special Olympics again, 0 days without an incident, nose hairs connected to the moustache, & The human body is weird. Email us at OpenMicersPodcast@gmail.comwww.openmicers.comLinktr.ee/OpenMicersPodcast To watch video of the podcast: www.youtube.com/@jayfunktasticFollow us on Instagram & Threads: @OpenMicersPodcast, @JayFunktastic, @JacobCraigComedyVisit www.BrezCoffeeCo.com and use the code “OMPodcast” at checkout for 10% off of your order! Join our Patreon at www.patreon.com/ompodcast Hosted on Acast. See acast.com/privacy for more information.

Three Buddy Problem - Episode 38: On the show this week, we look at a hefty batch of Microsoft zero-days exploited in the wild, iOS 18.3.2 fixing an exploited WebKit bug, a mysterious Unpatched.ai being credited with Microsoft Access RCE flaws, and OpenAI lobbying for the US to ban China's DeepSeek. Plus, discussion on a Binarly technical paper with new approach to finding UEFI bootkits, Mandiant flagging custom backdoors on Juniper routers, and MEV 'sandwich attacks' front-running cryptocurrency transactions. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Three Buddy Problem - Episode 37: This week, we revisit the public reporting on a US/Russia cyber stand down order, CISA declaring no change to its position on tracking Russian threats, and the high-level diplomatic optics at play. Plus, a dissection of ‘The Lamberts' APT and connections to US intelligence agencies, attribution around ‘Operation Triangulation' and the lack of recent visibility into these actors. We also discuss a fresh batch of VMware zero-days, China's i-Soon ‘hackers-for-hire' indictments, the Pangu/i-Soon connection, and a new wave of Apple threat-intel warnings about mercenary spyware infections. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

In dieser Episode tauchst Du mit Gastgeber Björn Schorre und Gast Tim Schmaderbeck tief ins Thema "No Zero Days" ein – und warum unternehmerisches Denken nicht nur etwas für Selbstständige ist. Gerade als angestellter Ingenieur kannst Du Deine Karriere massiv vorantreiben, wenn Du Dich wie ein Unternehmer im Unternehmen verhältst. Tim erklärt, warum proaktive Mitarbeitende nicht nur schneller aufsteigen, sondern auch die Innovationskraft ihres Unternehmens stärken. Du erfährst, welche Gewohnheiten erfolgreiche Intrapreneure haben, warum selbstgesteuertes Lernen ein Gamechanger ist und wieso es nicht ausreicht, einfach nur gute Arbeit abzuliefern – Du musst auch sichtbar machen, was Du leistest. Ob Du angestellter Ingenieur bist oder selbst ein Team leitest – diese Episode liefert Dir konkrete Tipps, wie Du unternehmerisches Denken in Deinem Job verankerst und damit nicht nur Deine Karriere, sondern auch Dein Unternehmen voranbringst. Hör rein – und mach den ersten Schritt zu Deinem eigenen No Zero Day! Tim's Unternehmen "Mentorwerk" -> https://mentorwerk.de/ Agiles BarCamp in Herford -> https://agile-owl.de/ systems.camp in Padernborn -> https://systemscamp.org/ Gewinnspiel: mailto:feedback@zukunftsarchitekten-podcast.de ### ############### Meine Mailadresse: mailto:feedback@zukunftsarchitekten-podcast.de ### ############### Brauchst Du Unterstützung bei der Erstellung eines Lastenheftes oder hast eine Frage dazu, dann findest Du meine Email in den Shownotes. Klicke darauf oder kopiere sie in Dein Emailprogramm und schicke mir eine Mail und wir sprechen darüber. Dann kannst Du Dir in meinem Online-Kalender auch gerne direkt einen Termin buchen: https://kalender.bjoernschorre.de ### ############### P.S.: Mein Buch zum Thema Lastenhefte ist da. Du findest es auf der Verlagsseite von tredition -> https://shop.tredition.com/booktitle/Erfolgreich_Lastenhefte_schreiben/W-337-928-077?utm_source=zukunftsarchitekten-podcast.de&utm_medium=podcast&utm_campaign=generic

In our latest episode, we review the Zero Day and Paradise tv series. Throughout the episode, we draw parallels between the themes of these shows and real-world events, such as the recent aviation disasters, bank outages, and the ongoing plan of billionaires prepping for doomsday via underground bunkers."Zero Day" explores a chilling scenario where a cyber attack disrupts the electric grid, causing chaos and destruction. (Find on Netflix)On the other hand, "Paradise" presents a story about a catastrophic event that forces the elite to retreat to a hidden bunker, leaving the general population to fend for themselves. (Find on Hulu)Tune into the discussion! Don't forget to visit our website at www.therealisthevisionary.com to join our community, share your thoughts, and stay updated on our latest episodes. And be sure to follow us on TikTok and Instagram for more behind-the-scenes content and updates.Become a supporter of this podcast: https://www.spreaker.com/podcast/the-realist-the-visionary--3304218/support.

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-863

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked! Show Notes: https://securityweekly.com/psw-863

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw-863

Apple, the UK, and data protection, you can get pwned really fast, Australia says no Kaspersky for you!, the default password is on the Internet, topological qubits, dangerous AI tools, old software is not just old but vulnerable too, tearing down Sonic Walls, CWE is good but could be great, updating your pi-hole, should you watch "Zero Day"? my non-spoiler review will tell you, no more DBX hellow SBAT!, and I love it when chat logs of secret not-so-secret ransomware groups are leaked! Show Notes: https://securityweekly.com/psw-863

Send us a textWhen I think about habits, I think about Mike Brown. Today, Mike joins us to share his journey after being diagnosed with ALS in October 2023 and how his lifelong commitment to fitness has helped him cope with the challenges. We take a serious look at Mike's philosophy of “zero days to waste,” and the importance of making every day, and every interaction, meaningful.Mike shares stories about his career in law enforcement, the effects of his diagnosis on his family, and the crucial lessons he's learned along the way. Despite the immense challenges, he continues to embody resilience and discipline, something I have witnessed firsthand over years of friendship. Tune in for a conversation that will inspire you to take control of your habits, maintain a positive outlook, and live each day with purpose.Support Mike and others living with ALS by volunteering or donating ALS United. - - - - - - - - - - -Thanks to our sponsors: Atheltic Brewing | The Patriot Fund | Few Will HuntSupport Consequence of HabitSubscribe: Apple Podcast | SpotifyCheck us out: Instagram | Twitter | WebsiteThe show is Produced and Edited by Palm Tree Pod Co.

The hosts analyze a series of recently released vulnerabilities and CVEs, offer expert insights, and detail their implications for cybersecurity. They review key threats impacting Active Directory, Windows systems, and Apple devices, emphasizing the ease of exploitation and the pressing need for timely patching. The conversation stresses the importance of implementing strong, defense-in-depth cybersecurity strategies.

Three Buddy Problem - Episode 31: Dennis Fisher steps in for Ryan Naraine to moderate discussion on a very busy week in cybersecurity. The cast dig into the wave of big research reports, the disbanding of the Cyber Safety Review Board (CSRB), the ongoing flood of exploits targeting security appliances from Ivanti and SonicWall, and the recent Lumen research on Juniper router backdoors. Plus, the challenges of coordinating disclosures, the tough realities of intelligence work, and the complex landscape of nation-state attacks -- especially around Chinese threat actors and Western defenses. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Dennis Fisher. Ryan Naraine (https://twitter.com/ryanaraine) in on work travel.

In this episode of Trust Issues, host David Puner dives into the recent high-profile cyberattack on the U.S. Treasury Department. Joined by Andy Thompson, CyberArk Labs' Senior Offensive Research Evangelist, and Joe Garcia, CyberArk's Principal DevOps Solutions Engineer, they explore the timeline, details and implications of the attack. Discover proactive security recommendations, insights into zero-day vulnerabilities and the broader impact on federal cybersecurity. Tune in to learn how to help bolster your defenses against future cyber threats.To read CyberArk Labs' analysis of the U.S. Treasury attack, check out the teams' blog, "The US Treasury Attack: Key Events and Security Implications." 

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of Christmas, my malware gave to me: 2 Trojan Apps... And a keylogger logging my keys. On the third day of Christmas, my malware gave to me: 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fourth day of Christmas, my malware gave to me: 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the fifth day of Christmas, my malware gave to me: 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the sixth day of Christmas, my malware gave to me: 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the seventh day of Christmas, my malware gave to me: 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eighth day of Christmas, my malware gave to me: 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the ninth day of Christmas, my malware gave to me: 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the tenth day of Christmas, my malware gave to me: 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the eleventh day of Christmas, my malware gave to me: 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! (Bah-dum-dum-dum!) 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. On the twelfth day of Christmas, my malware gave to me: 12 Hackers hacking... 11 Phishers phishing... 10 Darknet markets... 9 Rootkits rooting... 8 Worms a wiping... 7 Scripts a scraping... 6 Passwords spraying... 5 Zero Days! 4 Crypto scams... 3 Web shells... 2 Trojan Apps... And a keylogger logging my keys. Learn more about your ad choices. Visit megaphone.fm/adchoices

Andrew Tate's platform, formerly known as Hustler's University, has been hacked, exposing the data of over 800,000 users. Meanwhile, Russian hackers have exploited critical zero-day vulnerabilities in Firefox and Windows, demonstrating the growing sophistication of cyberattacks. In this video, we'll break down the Andrew Tate hack, the implications of leaked user data, and how Russian threat actors are chaining vulnerabilities for remote code execution. Stay informed on the latest in cybersecurity and learn how to protect yourself against these emerging threats. If you enjoy this content, don't forget to like, comment, and subscribe to stay updated on the latest in digital crime and cybersecurity! #AndrewTate #Cybersecurity #Hackers #DataBreach #ZeroDay #RussianHackers #HustlersUniversity #TheRealWorld #CyberThreats #DigitalSafety #Malware #Hacktivism #DataLeaks #FirefoxExploit #WindowsExploit #NationStateHackers #TechNews #OnlineSecurity #TheRealWorld

Welcome to this week's episode of the PEBCAK Podcast!  We've got four amazing stories this week so sit back, relax, and keep being awesome!  Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast   Bitfinex hacker gets 5 years in jail https://www.bleepingcomputer.com/news/security/bitfinex-hacker-gets-5-years-in-prison-for-120-000-bitcoin-heist/   Serial swatter pleads guilty https://www.justice.gov/opa/pr/california-teenager-pleads-guilty-florida-making-hundreds-swatting-calls-across-united  https://www.wired.com/story/alan-filion-torswats-guilty-plea-federal-charges-swatting/ Woodysgamertag gets swatted: https://www.youtube.com/watch?v=ERUArsRV1Xc   Foreign threat actors abusing RDP as attack vector https://www.cisa.gov/news-events/alerts/2024/10/31/foreign-threat-actor-conducting-large-scale-spear-phishing-campaign-rdp-attachments    Threat actors are more commonly using zero-days https://therecord.media/surge-zero-day-exploits-five-eyes-report    Christmas comes early https://www.marthastewart.com/2220623/when-to-decorate-for-christmas   Dad Joke of the Week (DJOW)   Please share this podcast with someone you know!  It helps us grow the podcast and we really appreciate it!   Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/

Three Buddy Problem - Episode 22: We discuss Volexity's presentation on Russian APT operators hacking Wi-Fi networks in “nearest neighbor attacks,” the Chinese surveillance state and its impact on global security, the NSA's strange call for better data sharing on Salt Typhoon intrusions, and the failures of regulatory bodies to address cybersecurity risks. We also cover two new Apple zero-days being exploited in the wild, the US Government's demand that Google sell the Chrome browser, and the value of data in the context of AI. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs) (SentinelLabs), Costin Raiu (https://twitter.com/craiu) (Art of Noh) and Ryan Naraine (https://twitter.com/ryanaraine) (SecurityWeek).

A short podcast updating listeners on the security news of the last few days, as prepared by Catalin Cimpanu and read by Claire Aird. You can find the newsletter version of this podcast here. Show notes Risky Biz News: Most of 2023's top exploited vulnerabilities were initially zero-days

Forecast: CYBER WEATHER ALERT | Volt Typhoon bringing sustained APT activity across the Pacific Rim. Expect persistent perimeter probing with a 100% chance of state-sponsored shenanigans. Pack your EDR umbrella! ‍ This week's episode tackles a disturbing story from Disney World where a terminated employee allegedly hacked into their menu system to alter critical peanut allergy information. We dig into the attack details then don our tin-foil hats to explore the potential real-world consequences of malicious insider threats. We're excited to share Sophos' latest research on Pacific Rim, an extensive investigation into nation-state adversaries targeting edge devices. We hone in on this event through the filter of GreyNoise's analysis of this multi-year APT campaigns, and show you live threat data through the GreyNoise Visualizer to demonstrate the ongoing nature of these attacks. VulnCheck brings us two fascinating pieces - a deep examination of ABB vulnerabilities affecting industrial control systems, and an innovative new command-and-control feature called ShellTunnel in the go-exploit framework. GreyNoise has been especially busy, uncovering zero-day vulnerabilities in live streaming cameras using AI assistance. We'll discuss their technical breakdown of CVE-2024-8956 and CVE-2024-8957, which CISA just added to their Known Exploited Vulnerabilities catalog. The October NoiseLetter is out with the latest threat intelligence insights, and don't miss upcoming events including the Quarterly Roadmap Showcase and a special webinar on discovering zero-days with AI. Storm Watch Homepage >> Learn more about GreyNoise >>  

Enjoy those millennia in the crystals, cucks!  

Pokémon game developer breached TrickMo hits with 40 new trojan variants Nation-state actor exploits Ivanti zero-days Thanks to today's episode sponsor, Conveyor  It's spooky season, and nothing's scarier than all of your account execs asking if you're done with their customer security questionnaires. Don't worry—Conveyor is here to help.   Conveyor's market leading AI automates the most time-consuming parts of customer security reviews: answering security questionnaires and sharing security docs like your SOC 2 with customers.   Get instant AI answers to questionnaires and host an enterprise-grade trust center where customers can download documents and self-serve answers to their own questions.   End the horror show. Try it for free at www.conveyor.com. Get the story behind the headlines at CISOSeries.com.

Three Buddy Problem - Episode 8: This week's show digs into Microsoft's in-the-wild zero-day woes, Patch Tuesday and the absence of IOCs, a wormable Windows TCP/IP flaw that the Chinese government knew about for months, Iran's aggressive hacking US election targets, CrowdStrike v Qihoo360 and major problems with APT naming conventions. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek)

Three Buddy Problem - Episode 4: The boys delve into the massive AT&T call logs breach, the Snowflake incidents and the notion of shared-fate/shared responsibilities; news on fresh Apple notifications about mercenary spyware on iPhones and the effectiveness of notifications for different types of controversial targets. Plus, thoughts on Microsoft's zero-day disclosures and useless Patch Tuesday bulletins, AI-powered disinformation campaigns, and the US government's malware sharing initiative fading away. Hosts: Costin Raiu (Art of Noh), Juan Andres Guerrero-Saade (SentinelLabs), Ryan Naraine (SecurityWeek).

When you're the biggest target... Searching for Search How long will a Windows XP machine survive unprotected on the Internet? Free Laundry VPNs and Firewalls Netgate SG1100 Ad Industry vs. Google Privacy Sandbox Bitwarden and passkeys Token2 passkey dongle 312 Scientists & Researchers Respond Show Notes - https://www.grc.com/sn/SN-975-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT 1bigthink.com business.eset.com/twit mylio.com/TWIT25

When you're the biggest target... Searching for Search How long will a Windows XP machine survive unprotected on the Internet? Free Laundry VPNs and Firewalls Netgate SG1100 Ad Industry vs. Google Privacy Sandbox Bitwarden and passkeys Token2 passkey dongle 312 Scientists & Researchers Respond Show Notes - https://www.grc.com/sn/SN-975-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: canary.tools/twit - use code: TWIT 1bigthink.com business.eset.com/twit mylio.com/TWIT25

From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980 https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/ Google Zero Day Report https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf

From JavaScript to AsyncRAT https://isc.sans.edu/diary/From%20JavaScript%20to%20AsyncRAT/30788 TeamCity Patches https://www.jetbrains.com/privacy-security/issues-fixed/?product=TeamCity&version=2024.03 Okta Verify for Windows Auto-update Arbitrary Code Execution CVE-2024-0980 https://trust.okta.com/security-advisories/okta-verify-windows-auto-update-arbitrary-code-execution-cve-2024-0980/ Google Zero Day Report https://storage.googleapis.com/gweb-uniblog-publish-prod/documents/Year_in_Review_of_ZeroDays.pdf