))
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Security Confidential provides weekly interviews and insights into the world of cybersecurity. Produced entirely in-house by MSSP & global risk management firm Dark Rhiino Security.
…
continue reading
Security Management Highlights brings the security professional expert interviews and information on the most critical industry topics. Join host Brendan Howard as he interviews thought leaders and industry professionals, as well as editors from the magazine.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Defense in Depth promises clear talk on cybersecurity's most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community's insights to lead our discussion.
…
continue reading
About bridging the gap between security initiatives and business objectives. Hosted by Matt Alderman, co-hosted by Jason Albuquerque, Ben Carr.
…
continue reading
An IFPOD production for IFPO the very first security podcast called Security Circle. IFPO is the International Foundation for Protection Officers, and is an international security membership body that supports front line security professionals with learning and development, mental Health and wellbeing initiatives.
…
continue reading
A look at issues affecting the bank and insurance securities community
…
continue reading
Podcast by Alex Wood & Robb Reck
…
continue reading
About bridging the gap between security initiatives and business objectives. Hosted by Matt Alderman, co-hosted by Jason Albuquerque, Ben Carr.
…
continue reading
Explore the life of a security leader with NetSPI Field Chief Information Security Officer (CISO) Nabil Hannan. Hear how CISOs with diverse expertise tackle the challenges and opportunities that come with life on the frontlines of cybersecurity.
…
continue reading
Security DNA is a podcast brought to you by SecurityInfoWatch.com, covering subjects of interest to security stakeholders in the industry. Topics range from security industry news, trends and analysis to technology solutions, policy risk analysis and management, and more. Our editorial team, along with industry experts and consultants, fill each podcast episode with information that is of value to security professionals.
…
continue reading
Hosted by Product School Founder & CEO Carlos Gonzalez de Villaumbrosia, The Product Podcast features candid conversations with product management executives from the world's best tech companies like Google, Meta, Netflix, Airbnb, and Amazon. New episodes release weekly, unveiling actionable frameworks, unconventional best practices, and real-world examples you can implement immediately. Perfect for senior product managers, directors, and VPs hungry to build better products, stronger teams, ...
…
continue reading
Soterion’s SAP Security & GRC podcast with host Dudley Cartwright, helping you on your journey to effective access risk management in SAP.
…
continue reading
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
…
continue reading
Cyber Security, data breaches, Hackers, Chief Information Security Officers, Talking Cyber Security (formerly 'The Australian CISO') is a podcast for anyone interested in Cyber Security. Hear about data breaches, cyber news, how security personnel 'tick', how to answer questions at an interview, lessons learnt while doing the security role, how security people network, how they succeed etc. Use the email address [email protected] to make comments, pose questions or even ask to be on ...
…
continue reading
The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Brought to you by vCISO Services, LLC, a leading provider of vCISO and information security risk managemen ...
…
continue reading
THEOS CyberNova is a cutting-edge podcast that explores the dynamic world of cybersecurity, hosted by THEOS Cyber CEO Paul Jackson. Each episode delves into the latest trends, challenges, and innovations shaping the cybersecurity landscape, featuring insights from industry experts, thought leaders, and technologists. Paul brings his expertise and passion for cyber security to engaging discussions on topics ranging from emerging threats and data privacy to the future of AI in cyber defense. W ...
…
continue reading
Teaching you all about IRAs & Roth IRAs, employer retirement plans, taxes, Social Security, Medicare, portfolio withdrawal strategies, annuities, estate planning and much more!
…
continue reading
Helping listeners within 5 years of retirement invest wiser and retire better, as we discuss key financial topics like investing, retirement planning, behavioral finance, taxes, Social Security, Medicare, and more.
…
continue reading
Welcome to Secured Steps, the podcast where Jeff Llewellyn of Rockwood Wealth Management helps families confidently navigate the financial planning journey for individuals with special needs. Each episode features expert insights and real conversations with advocates, professionals, and families from the special needs community—because every family deserves a secure path forward. This podcast is intended for educational purposes only and should not be construed as investment, tax, or legal a ...
…
continue reading
Stay ahead of cyberthreats with expert insights and practical security . Led by an ensemble cast of industry thought leaderss offering in-depth analysis and practical advice to fortify your organization's defenses.
…
continue reading
Two CISOs and a security-minded friend discuss and debate topics of security and privacy, with a focus on looking at the topic from various angles, both that they support and those they don't. Sign up for our newsletter to be notified when new episodes drop, or when new projects are announced https://newsletter.greatsecuritydebate.net
…
continue reading
Ctrl+Alt+Azure offers weekly conversations on Microsoft Azure, cloud strategy, security, identity, and generative AI - focused on what matters for architects, developers, CIOs, and CISOs. Hosted by industry experts Tobias Zimmergren and Jussi Roine.
…
continue reading
Tune in as our hosts answer questions from small business leaders! We will discuss real-world Information Security challenges faced by our callers and offer relevant advice and guidance.
…
continue reading
Welcome to the Ontic Connected Intelligence Podcast, the show for corporate security professionals who are elevating the practice and perception of security. Whether you’re a seasoned professional or new to the field, our podcast offers valuable insights and practical advice to help you navigate the complexities of modern corporate security. Hosted by Fred Burton and Manish Mehta, our episodes are packed with real-world examples and forward-thinking solutions to help you secure your organiza ...
…
continue reading
Each episode we discuss industry trends, talk about new technologies, and speak to industry experts. All so that you, The Modern Hotelier, can succeed in a new age of hospitality.
…
continue reading
How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC).Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy.It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates.Security & GRC Dec ...
…
continue reading
Cloud Security Podcast by Google focuses on security in the cloud, delivering security from the cloud, and all things at the intersection of security and cloud. Of course, we will also cover what we are doing in Google Cloud to help keep our users' data safe and workloads secure. We're going to do our best to avoid security theater, and cut to the heart of real security questions and issues. Expect us to question threat models and ask if something is done for the data subject's benefit or ju ...
…
continue reading
The security repo is a podcast that focuses on real world security issues we are all facing today. We will take deep dives into news events and have exclusive interviews with security leaders on the ground.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
The LP Magazine podcast keeps loss prevention professionals, security staff, and retail management up-to-date on important information and best practices for your business and career. Each episode features insights from retail loss protection, asset protection, law enforcement and more.
…
continue reading
Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge. Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends. Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals commit ...
…
continue reading
CDW Canada Tech Talks: Discussing the Latest Technology Innovations Experts from CDW and our partners tackle hot topics including generative AI, FinOps, the new cybersecurity landscape and more.
…
continue reading
ClearanceJobs is the largest career networking site for individuals with active federal clearances. Get security clearance, intelligence community, espionage, national security and defense contracting updates in our exclusive interviews with IC and government leaders. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
The Proposal Manager Podcast contains a wealth of information about all things related to the public sector bidding process. From the C-Suite to a GovCon newbie, this show has something for everyone. Each episode will discuss topics related to government business development, capture, and proposal management.
…
continue reading
Guard Street is a leading holistic cybersecurity provider, specializing in world-class proactive and emergency solutions. As a boutique, we are dedicated to assisting clients with information security risk management which includes risk quantification, compliance across many frameworks, penetration tests and the ability to predict, prevent, detect and respond to security incidents in a fast-moving, distributed landscape.
…
continue reading
Great security solution are designed from the ground up.. Secured by Design is a podcast where Santosh shares practical insights, frameworks, and perspectives on identity security and other aspects of cybersecurity. Each episode breaks down complex concepts into actionable ideas for professionals protecting digital identities, designing secure systems, and leading security initiatives. Because true security is built and not bolted on...
…
continue reading
RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
…
continue reading
CyberSound™ is a podcast built by and for business owners and professionals. Tune in as our cybersecurity experts cover the latest news regarding IT security, the most recent and relevant threats organizations are facing today, and provide tips to keep your business safe.
…
continue reading
Device management is complex. Security threats are constant. Apple ecosystems are evolving fast. Who's managing these challenges? What does it actually take? And most importantly, how do you stay ahead? Welcome to Jamf After Dark, where IT leaders, security professionals and Apple experts tackle the real issues facing organisations today. Join our hosts as they uncover what works, what doesn't, and how to build technology strategies that actually stick. Hear honest conversations about managi ...
…
continue reading
Dive deep into AI's accelerating role in securing cloud environments to protect applications and data. In each episode, we showcase its potential to transform our approach to security in the face of an increasingly complex threat landscape. Tune in as we illuminate the complexities at the intersection of AI and security, a space where innovation meets continuous vigilance.
…
continue reading
1
Scaling Open Source Observability and Managing Risk in the Software Supply Chain – Avi Press
26:56
26:56
Play later
Play later
Lists
Like
Liked
26:56
Scaling Open Source Observability and Managing Risk in the Software Supply Chain – Avi Press In this episode of the Security Repo Podcast, Avi Press, founder and CEO of Scarf, dives deep into the evolving world of open source observability and its intersection with security. He unpacks how better visibility into software usage can inform both defen…
…
continue reading
1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425
52:57
52:57
Play later
Play later
Lists
Like
Liked
52:57
Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …
…
continue reading
1
Unlocking the Future of Customer Identity Management
22:16
22:16
Play later
Play later
Lists
Like
Liked
22:16
Summary In this episode of 'Secured by Design', we delve into Customer Identity and Access Management (CIAM), exploring its significance in enhancing customer experiences while ensuring security and privacy. The discussion highlights the digital experience gap, the differences between CIAM and traditional IAM, and the core concepts that underpin ef…
…
continue reading
1
EP254 Escaping 1990s Vulnerability Management: From Unauthenticated Scans to AI-Driven Mitigation
31:14
31:14
Play later
Play later
Lists
Like
Liked
31:14
Guest: Caleb Hoch, Consulting Manager on Security Transformation Team, Mandiant, Google Cloud Topics: How has vulnerability management (VM) evolved beyond basic scanning and reporting, and what are the biggest gaps between modern practices and what organizations are actually doing? Why are so many organizations stuck with 1990s VM practices? Why mi…
…
continue reading
1
Catching Critical Security Blind Spots, From Biohazard Attacks to Investigation Resources
39:56
39:56
Play later
Play later
Lists
Like
Liked
39:56
Chemical and biological attack attempts can be hard to detect, but that doesn’t mean they aren’t happening, including at major events and sports games, says Jeff Brodeur in this month’s Security Management Highlights podcast, sponsored by Acoem. We look at other blind spots this episode, including in multitenant building security with René Reider, …
…
continue reading
1
#180 - Q&A edition...Social Security spousal and survivor benefits, finding an advisor who doesn't require investment management, how a decedent's income is taxed and MORE!
56:05
56:05
Play later
Play later
Lists
Like
Liked
56:05
Listener Q&A where Andy talks about: Starting Social Security benefits early so your minor children can claim dependent benefits, and how the earnings test can come into play if you're still working ( 5:53 ) Social Security spousal benefits, and what happens when the lower earning spouse starts their own benefit early at a reduced amount, then late…
…
continue reading
1
Humanely managing IT and security teams
1:23:24
1:23:24
Play later
Play later
Lists
Like
Liked
1:23:24
The Mindful Business Security Show is a call-in radio style podcast for small business leaders. Join our hosts as they take questions from business leaders like you! On this episode, Accidental CISO is joined by guest host Mike Simmons. Mike is a consultant, leadership coach, speaker, and podcaster. He combines systems thinking with a people focuse…
…
continue reading
1
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
4:59
4:59
Play later
Play later
Lists
Like
Liked
4:59
Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attem…
…
continue reading
On this weeks’ Debate, Brian brings a truckload of acronyms for more single panes of glass to help us consolidate our various single panes of glass, Erik may actually be Brian (or maybe Brian is Erik), and Dan confirms he still (and likely always will) spend the rest of his days living in the house he just built deep in the Trough of Disillusionmen…
…
continue reading
1
AI Compliance Security: How Modular Systems Transform Enterprise Risk Management with Richa Kaul
31:26
31:26
Play later
Play later
Lists
Like
Liked
31:26
Cast your vote for Cyber Sentries as Best Technology Podcast here! AI-Powered Compliance: Transforming Enterprise Security In this episode of Cyber Sentries, John Richards speaks with Richa Kaul, CEO and founder of Complyance. Richa shares insights on using modular AI systems for enterprise security compliance and discusses the critical balance bet…
…
continue reading
1
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection) We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on. https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Comma…
…
continue reading
1
The Day the Internet Broke: Cloudflare's Outage Explained
14:26
14:26
Play later
Play later
Lists
Like
Liked
14:26
Summary In this episode of 'Secured by Design', we discuss the root cause for significant Cloudflare outage that occurred on November 18, 2025, which disrupted major internet services and highlighted the fragility of digital infrastructure. The conversation delves into the causes of the outage, its financial impact on businesses, and the lessons le…
…
continue reading
1
Vercel V0 GM on Transforming Developer Workflows to Ship Faster | Zeb Hermann | E280
46:34
46:34
Play later
Play later
Lists
Like
Liked
46:34
In this episode, Carlos Gonzalez de Villaumbrosia interviews Zeb Hermann, General Manager, v0 at Vercel, the AI cloud platform recently valued at $9.3 billion. Zeb oversees v0, which has grown to 3.5 million unique users by fundamentally changing how developers and PMs build software. Zeb dives into the operational shifts required to transform deve…
…
continue reading
1
Can Identity Security Close the AI Governance Gap?
21:29
21:29
Play later
Play later
Lists
Like
Liked
21:29
As AI tools proliferate inside enterprises, often faster than security teams can track or govern them, a new class of risks are emerging. In this episode of the Security Strategist Podcast, IT-Harvest Chief Research Analyst Richard Stiennon sits down with Art Gilliland, CEO of Delinea, to discuss the explosive adoption of AI, the rise of shadow AI,…
…
continue reading
In this week's episode, we look at recent Microsoft Tech updates. By popular request, we're expanding the scope beyond just Azure to include Microsoft 365, Power Platform, and similar Microsoft platforms and capabilities. What's new? What's interesting? What's retiring? (00:00) - Intro and catching up. (04:25) - Show content starts. Show links - Ag…
…
continue reading
1
Securing AI Agents: How to Stop Credential Leaks and Protect Non‑Human Identities with Idan Gour
33:07
33:07
Play later
Play later
Lists
Like
Liked
33:07
Cast your vote for Cyber Sentries as Best Technology Podcast here! Bridging the AI Security Gap—Inside the Rise of Non‑Human Identities In this episode of Cyber Sentries from CyberProof, host John Richards sits down with Idan Gour, co-founder and president of Astrix Security, to unpack one of today’s fastest-emerging challenges: securing AI agents …
…
continue reading
1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425
52:57
52:57
Play later
Play later
Lists
Like
Liked
52:57
Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …
…
continue reading
1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425
52:57
52:57
Play later
Play later
Lists
Like
Liked
52:57
Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …
…
continue reading
1
Salesforce Security Risks, Boards Duty of Care, and Managing CISO Risks - Justin Hazard - BSW #425
52:57
52:57
Play later
Play later
Lists
Like
Liked
52:57
Organizations rely heavily on Salesforce to manage vasts amounts of sensitive data, but hidden security risks lurk beneath the surface. Misconfigurations, excessive user permissions, and unmonitored third party integrations can expose this data to attackers. How do I secure this data? Justin Hazard, Principal Security Architect at AutoRABIT, joins …
…
continue reading
1
EP 155 Turning Adversity Into Advantage: Jeff Slotnick on Health, Hope & Leadership
49:30
49:30
Play later
Play later
Lists
Like
Liked
49:30
Send us a text Podcast Summary In this standout episode of The Security Circle, security legend Jeff Slotnick returns for his second appearance, bringing extraordinary depth, wisdom, and vulnerability. Fresh from a life-changing battle with cancer — which he faced with discipline, positivity, and what he jokingly calls “giving cancer a healthy body…
…
continue reading
1
Inside the Surge of Targeted Attacks: What It Means for Executive Protection
25:33
25:33
Play later
Play later
Lists
Like
Liked
25:33
Host Fred Burton reunites with longtime colleague Scott Stewart, Vice President of Protective Intelligence at Torchstone Global, to unpack the evolving landscape of executive protection. Drawing on recent high-profile attacks and their own book, The Protective Intelligence Advantage, they explore how threat actors operate, what today’s organization…
…
continue reading
1
Burnout in Cybersecurity: Preparing Cyber Staff for the Reality, Not Just the Role
1:07:34
1:07:34
Play later
Play later
Lists
Like
Liked
1:07:34
Is burnout in cybersecurity inevitable, or are we finally learning how to prevent it? Welcome to Razorwire. In this episode, I sit down with clinical traumatologist Eve Parmiter and occupational psychologist Bec McKeown to talk about what's really happening in high pressure cyber roles. This isn't about vague wellness advice or corporate tick-box e…
…
continue reading
1
Risky Business #818 -- React2Shell is a fun one
58:27
58:27
Play later
Play later
Lists
Like
Liked
58:27
In this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: There’s a CVSS 10/10 remote code exec in the React javascript server. JS server? U wot mate? China is out popping shells with it Linux adds support for PCIe bus encryption Amnesty International says Intellexa can just TeamViewer into its customers’ s…
…
continue reading
1
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches.
8:04
8:04
Play later
Play later
Lists
Like
Liked
8:04
Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. h…
…
continue reading
1
Incident Management and the Crowdstrike Event with Liam Westley
41:02
41:02
Play later
Play later
Lists
Like
Liked
41:02
On July 19, 2024, a misconfigured file sent as part of an update to the Falcon Sensor suite by CrowdStrike caused service outages worldwide. Liam Westley talks about his experiences executing the incident management plan at his company that day—even though his company did not use the software! Liam talks about dealing with the regulatory requiremen…
…
continue reading
1
Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50
We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-536
…
continue reading
1
Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Aaran Leyland... - SWN #536
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50
We've got: Hypnotoad, AI Galore, Storm-0249, DocuSign, Broadside, Goldblade, Ships at Sea, Sora, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-536
…
continue reading
In this episode of the BISA Portfolio Podcast guest host LeAnn Rummel, president and CEO at Cetera Investment Services, talks with Lisa D’Ambrosio of MIT AgeLab and Alex Samoila of MassMutual Strategic Distributors about MassMutual Strategic Distributors' research on how language shapes retirement planning. Listen in for insights on: Why the words …
…
continue reading
1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
1:07:43
1:07:43
Play later
Play later
Lists
Like
Liked
1:07:43
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…
…
continue reading
1
Making OAuth Scale Securely for MCPs - Aaron Parecki - ASW #360
1:07:43
1:07:43
Play later
Play later
Lists
Like
Liked
1:07:43
The MCP standard gave rise to dreams of interconnected agents and nightmares of what those interconnected agents would do with unfettered access to APIs, data, and local systems. Aaron Parecki explains how OAuth's new Client ID Metadata Documents spec provides more security for MCPs and the reasons why the behavior and design of MCPs required a new…
…
continue reading
1
#238: Inside Hotel Social Media Marketing | with Dino Jevric
26:07
26:07
Play later
Play later
Lists
Like
Liked
26:07
What does it really take for a boutique hotel to stand out in the crowded world of social media? In this episode, host David Millili and Steve Carran sit down with Dino Jevric, Social Media Marketing Manager at Arlo Hotels, to explore how hotels can thrive in today’s digital world. From Dino’s early days in social media to running creative campaign…
…
continue reading
Please enjoy this encore of Word Notes. The use of similar-looking characters in a phishing URL to spoof a legitimate site. CyberWire Glossary link: https://thecyberwire.com/glossary/homograph-phishing Audio reference link: “Mission Impossible III 2006 Masking 01,” uploaded by DISGUISE MASK, 28 July 2018.…
…
continue reading
1
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in…
…
continue reading
1
EP255 Separating Hype from Hazard: The Truth About Autonomous AI Hacking
29:34
29:34
Play later
Play later
Lists
Like
Liked
29:34
Guest: Heather Adkins, VP of Security Engineering, Google Topic: The term "AI Hacking Singularity" sounds like pure sci-fi, yet you and some other very credible folks are using it to describe an imminent threat. How much of this is hyperbole to shock the complacent, and how much is based on actual, observed capabilities today? Can autonomous AI age…
…
continue reading
1
EDR, XDR, or MDR - What’s the Real Difference and Why Does It Matter?
29:52
29:52
Play later
Play later
Lists
Like
Liked
29:52
In the recent episode of The Security Strategist podcast, Jim Waggoner, VP of Product Strategy at N-able, and Joe Ferla, one of N-able’s Head Nerds, speak to host Chris Steffen, Vice President of Research at Enterprise Management Associates (EMA). They addressed one of cybersecurity’s biggest misconceptions – while organizations might be getting be…
…
continue reading
1
ODNI and UVA's National Security Data and Policy Institute
16:26
16:26
Play later
Play later
Lists
Like
Liked
16:26
Charles Luftig, Deputy Director of National Intelligence for Policy and Capabilities, joined the Security Clearance Careers Podcast to discuss the National Security Data and Policy Institute (NSDPI). He shared insights on the origins of the institute, why UVA was a natural match for this partnership, and the interdisciplinary nature of the NSDPI’s …
…
continue reading
1
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Danny Jenkins, Wendy Nather - ESW #436
1:34:58
1:34:58
Play later
Play later
Lists
Like
Liked
1:34:58
Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and a…
…
continue reading
1
Fix your dumb misconfigurations, AI isn't people, and the weekly news - Wendy Nather, Danny Jenkins - ESW #436
1:34:58
1:34:58
Play later
Play later
Lists
Like
Liked
1:34:58
Interview with Danny Jenkins: How badly configured are your endpoints? Misconfigurations are one of the most overlooked areas in terms of security program quick wins. Everyone freaks out about vulnerabilities, patching, and exploits. Meanwhile, security tools are misconfigured. Thousands of unused software packages increase remediation effort and a…
…
continue reading
1
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln
5:34
5:34
Play later
Play later
Lists
Like
Liked
5:34
AutoIT3 Compiled Scripts Dropping Shellcodes Malicious AutoIT3 scripts are usign the FileInstall function to include additional scripts at compile time that are dropped as temporary files during execution. https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542 React2Shell Update The race is on to patch vulnerable syst…
…
continue reading
1
281 - 12/8 - Shane Cox, Director Cyber Fusion Center @ MorganFranklin
1:03:46
1:03:46
Play later
Play later
Lists
Like
Liked
1:03:46
Our featured guest this month is Shane Cox, Director Cyber Fusion Center at MorganFranklin Cyber, interviewed by Frank Victory. News from Denver Summit FC, EchoStar, Atom Computing, Quantinuum, Ibotta, Optiv, FusionAuth, Swimlane, Red Canary and a lot more!Come join us on the Colorado = Security Slack channel to meet old and new friends.Sign up for…
…
continue reading
1
Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535
33:08
33:08
Play later
Play later
Lists
Like
Liked
33:08
Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-535
…
continue reading
1
Toilet Cams, N. Korea, Brickstorm, MCP, React2Shell, Proxmox, Metaverse, Josh Marpet - SWN #535
33:08
33:08
Play later
Play later
Lists
Like
Liked
33:08
Toilet Cams, North Korea, Brickstorm, MCP, India, React2Shell, Proxmox, Metaverse, Josh Marpet, and More, on the Security Weekly News. Show Notes: https://securityweekly.com/swn-535
…
continue reading
1
How WorkBrew Solves Homebrew Security & Compliance for Mac Developers
41:14
41:14
Play later
Play later
Lists
Like
Liked
41:14
John Britton, CEO of WorkBrew, joins Jamf After Dark to discuss how organizations can solve the security, compliance, and management challenges of using the open-source package manager Homebrew on macOS at scale. This episode is a must-listen for any IT or Security leader managing a fleet of Mac devices used by software engineers. Learn how WorkBre…
…
continue reading
