Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
…
continue reading
Player FM - Internet Radio Done Right
2,556 subscribers
Checked 1d ago
Added nine years ago
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Similar to CyberWire Daily
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
The government has ordered an investigation into the fire that forced Heathrow airport to close.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
<
<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/all-about-change">All About Change</a></span>
How do we build an inclusive world? Hear intimate and in-depth conversations with changemakers on disability rights, youth mental health advocacy, prison reform, grassroots activism, and more. First-hand stories about activism, change, and courage from people who are changing the world: from how a teen mom became the Planned Parenthood CEO, to NBA player Kevin Love on mental health in professional sports, to Beetlejuice actress Geena Davis on Hollywood’s role in women’s rights. All About Change is hosted by Jay Ruderman, whose life’s work is seeking social justice and inclusion for people with disabilities worldwide. Join Jay as he interviews iconic guests who have gone through adversity and harnessed their experiences to better the world. This show ultimately offers the message of hope that we need to keep going. All About Change is a production of the Ruderman Family Foundation. Listen and subscribe to All About Change wherever you get podcasts. https://allaboutchangepodcast.com/
Can’t escape RCE flaws.
Manage episode 472497504 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Veeam patches a critical vulnerability in its Backup & Replication software. A spyware data breach highlights ongoing risks. Clearview AI attempted to purchase sensitive data such as Social Security numbers and mug shots. The Netherlands’ parliament looks to reduce reliance on U.S. software firms. A Pennsylvania union notifies over 517,000 individuals of a data breach. Researchers discover a RansomHub affiliate deploying a new custom backdoor called Betruger. A new info-stealer spreads through game cheats and cracks. David Wiseman, Vice President of Secure Communications at BlackBerry, joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. What to do when AI casually accuses you of murder?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
David Wiseman, Vice President of Secure Communications at BlackBerry, joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. Don’t miss the full conversation—listen now on the Caveat podcast!
Selected Reading
Veeam Patches Critical Vulnerability in Backup & Replication (SecurityWeek)
The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it (The Record)
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users (TechCrunch)
Facial Recognition Company Clearview Attempted to Buy Social Security Numbers and Mugshots for its Database (404 Media)
Dutch parliament calls for end to dependence on US software companies (Yahoo)
Pennsylvania education union data breach hit 500,000 people (Bleeping Computer)
RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence (Cyber Security News)
New Arcane infostealer infects YouTube, Discord users via game cheats (Bleeping Computer)
Dad demands OpenAI delete ChatGPT’s false claim that he murdered his kids (Ars Technica)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices
3278 episodes
Share
Manage episode 472497504 series 112238
Content provided by N2K Networks, Inc. and N2K Networks. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by N2K Networks, Inc. and N2K Networks or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
Veeam patches a critical vulnerability in its Backup & Replication software. A spyware data breach highlights ongoing risks. Clearview AI attempted to purchase sensitive data such as Social Security numbers and mug shots. The Netherlands’ parliament looks to reduce reliance on U.S. software firms. A Pennsylvania union notifies over 517,000 individuals of a data breach. Researchers discover a RansomHub affiliate deploying a new custom backdoor called Betruger. A new info-stealer spreads through game cheats and cracks. David Wiseman, Vice President of Secure Communications at BlackBerry, joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. What to do when AI casually accuses you of murder?
Remember to leave us a 5-star rating and review in your favorite podcast app.
Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn.
CyberWire Guest
David Wiseman, Vice President of Secure Communications at BlackBerry, joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. Don’t miss the full conversation—listen now on the Caveat podcast!
Selected Reading
Veeam Patches Critical Vulnerability in Backup & Replication (SecurityWeek)
The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it (The Record)
Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users (TechCrunch)
Facial Recognition Company Clearview Attempted to Buy Social Security Numbers and Mugshots for its Database (404 Media)
Dutch parliament calls for end to dependence on US software companies (Yahoo)
Pennsylvania education union data breach hit 500,000 people (Bleeping Computer)
RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence (Cyber Security News)
New Arcane infostealer infects YouTube, Discord users via game cheats (Bleeping Computer)
Dad demands OpenAI delete ChatGPT’s false claim that he murdered his kids (Ars Technica)
Share your feedback.
We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.
Want to hear your company in the show?
You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info.
The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc.
Learn more about your ad choices. Visit megaphone.fm/adchoices
3278 episodes
All episodes
×
C
CyberWire Daily
1 Alyssa Miller: We have to elevate others. [BISO] [Career Notes] 9:14
9:14 
Play Later 
Play Later 
Lists 
Like 
Liked9:14
Play Later Play Later Lists Like LikedPlease enjoy this encore episode of Career Notes. Business Information Security Officer at S&P Global Ratings, Alyssa Miller, joins us to talk about her journey to become a champion to create a welcoming nature and acceptance of diversity in the cybersecurity community. Starting her first full-time tech position while still in college, Alyssa noted the culture shock being in both worlds. Entering as a programmer and then moving to pen testing where she got her start in security, Alyssa grew into a leader who is committed to elevating those around her. Some stumbling blocks along the way gave her pause and helped point her in her current role where Alyssa works to bring more diverse views to improve the problem-solving in the space, something she sees as a key to success for the industry. We thank Alyssa for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
1 Breaking barriers, one byte at a time. [Research Saturday] 22:21
22:21 Play Later Play Later Lists Like Liked22:21
Play Later Play Later Lists Like LikedThis week, we are joined by Jon Williams , Vulnerability Researcher from Bishop Fox , discussing "Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware." Bishop Fox researchers reverse-engineered the encryption protecting SonicWall SonicOSX firmware, enabling them to access its underlying file system for security research. They presented their process and findings at DistrictCon Year 0 and released a tool called Sonicrack to extract keys from VMware virtual machine bundles, facilitating the decryption of VMware NSv firmware images. This research builds upon previous work, including techniques to decrypt static NSv images and reverse-engineer other encryption formats used by SonicWall. The research can be found here: Tearing Down (Sonic)Walls: Decrypting SonicOSX Firmware Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
Mozilla patches Firefox flaw similar to actively exploited Chrome vulnerability. Russia-based RedCurl gang deploys ransomware for the first time. Ukraine's railway operator recovers from cyberattack. India cracks down on Google’s billing monopoly. Morphing Meerkat's phishing kit abuses DNS mail exchange records. 300,000 attacks in three weeks. Our guest is Chris Wysopal, Founder and Chief Security Evangelist of Veracode, who sits down with Dave to discuss the increase in the average fix time for security flaws. And Liz Stokes joins with another Fun Fact Friday. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Chris Wysopal , Founder and Chief Security Evangelist of Veracode , discussing increase in the average fix time for security flaws and percent of organizations that carry critical security debt for longer than a year. Selected Reading After Chrome patches zero-day used to target Russians, Firefox splats similar bug (The Register) Microsoft fixes Remote Desktop issues caused by Windows updates (Bleeping Computer) Firefox fixes flaw similar to Chrome zero-day used against Russian organizations (The Record) RedCurl's Ransomware Debut: A Technical Deep Dive (Bitdefender) Ukraine’s state railway restores online ticket sales after major cyberattack (The Record) Google App Store Billing Policy Anti-Competitive, India Court Rules (Bloomberg) Morphing Meerkat PhaaS Platform Spoofs 100+ Brands - Infosecurity Magazine (Infosecurity Magazine) Fresh Grandoreiro Banking Trojan Campaigns Target Latin America, Europe (SecurityWeek) Malware distributed via fake DeepSeek ads on Google (SC Media) GorillaBot Attacks Windows Devices With 300,000+ Attack Commands Across 100+ Countries (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
China’s FamousSparrow is back. A misconfigured Amazon S3 bucket exposes data from an Australian fintech firm. Researchers uncover a sophisticated Linux-based backdoor targeting industrial systems. Infiltrating the BlackLock Ransomware group’s infrastructure. Solar inverters in the security spotlight. Credential stuffing gets automated. CISA updates the Known Exploited Vulnerabilities catalog. The UK’s NCA warns of online groups involved in sadistic cybercrime and real-world violence. Authorities arrest a dozen individuals linked to the now-defunct Ghost encrypted communication platform. Our guest is Tal Skverer, Research Team Lead from Astrix, discussing the OWASP NHI Top 10 framework. Remembering our friend Matt Stephenson. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest We are joined by Tal Skverer , Research Team Lead from Astrix , who is discussing the OWASP NHI Top 10 framework and how teams can use these as they implement NHIs into their systems. Selected Reading Chinese Spy Group FamousSparrow Back with a Vengeance, Targets US (Infosecurity Magazine) Aussie Fintech Vroom Exposes Thousands of Records After AWS Misconfiguration (HackRead) New Sophisticated Linux Backdoor Targets OT Systems via 0-Day RCE Exploit (GB Hackers) Blacklock Ransomware: A Late Holiday Gift with Intrusion into the Threat Actor's Infrastructure (Resecurity) Dozens of solar inverter flaws could be exploited to attack power grids (Bleeping Computer) Threat Actors Using Powerful Cybercriminal Weapon 'Atlantis AIO' to Automate Credential Stuffing Attacks (Cyber Security News) CISA Adds of Sitecore CMS Code Execution Vulnerability to List of Known Exploited Vulnerabilities (Cyber Security News) NCA Warns of Sadistic Online “Com” Networks (Infosecurity Magazine) 12 Cybercriminals Arrested Following Takedown of Ghost Communication Platform (Cyber Security News) Matt Stephenson remembrance (LinkedIn) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Researchers uncover a new Windows zero-day. A covert Chinese-linked network targets recently laid-off U.S. government workers. Malicious npm packages are found injecting persistent reverse shell backdoors. A macOS malware loader evolves. DrayTek router disruptions affect users worldwide. A new report warns of growing cyber risks to the commercial space sector. CISA issues four ICS advisories. U.S. Marshals arrest a key suspect in a multi million dollar cryptocurrency heist. Our guest is Brian Levine, Co-Founder and CEO of FormerGov.com, speaking about creating a networking directory for former government and military professionals. The UK’s NCSC goes full influencer to promote 2FA. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Brian Levine , Co-Founder and CEO of FormerGov.com , speaking about the importance of networking and creating a directory for former government and military professionals. Selected Reading New Windows 0-Day Vulnerability Let Remote Attackers Steal NTLM Credentials - Unofficial Patch (cybersecuritynews) Exclusive: Secretive Chinese network tries to lure fired federal workers, research shows (Reuters ) New npm attack poisons local packages with backdoors (bleepingcomputer) macOS Users Warned of New Versions of ReaderUpdate Malware (securityweek) DrayTek Routers Vulnerability Exploited in the Wild – Possibly Links to Reboot Loop (cybersecuritynews) ENISA Probes Space Threat Landscape in New Report (Infosecurity Magazine) CISA Warns of Four Vulnerabilities, and Exploits Surrounding ICS (cybersecuritynews) Crypto Heist Suspect "Wiz" Arrested After $243 Million Theft (hackread) NCSC taps influencers to make 2FA go viral (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
Critical Remote Code Execution vulnerabilities affect Kubernetes controllers. Senior Trump administration officials allegedly use unsecured platforms for national security discussions. Even experts like Troy Hunt get phished. Google acknowledges user data loss but doesn’t explain it. Chinese hackers spent four years inside an Asian telecom firm. SnakeKeylogger is a stealthy, multi-stage credential-stealing malware. A cybercrime crackdown results in over 300 arrests across seven African countries. Ben Yelin, Caveat co-host and Program Director, Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security, joins to discuss the Signal national security leak. Pew Research Center figures out how its online polling got slightly forked. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest We are joined by Ben Yelin , Caveat co-host and Program Director, Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security , on the Signal national security leak. Selected Reading IngressNightmare: critical Kubernetes vulnerabilities in ingress NGINX controller (Beyond Machines) Remote Code Execution Vulnerabilities in Ingress NGINX (Wiz) Ingress-nginx CVE-2025-1974: What You Need to Know (Kubernetes) Trump administration is reviewing how its national security team sent military plans to a magazine editor (NBC News) The Trump Administration Accidentally Texted Me Its War Plans (The Atlantic) How Russian Hackers Are Exploiting Signal 'Linked Devices' Feature for Real-Time Spying (SecurityWeek) Troy Hunt: A Sneaky Phish Just Grabbed my Mailchimp Mailing List (Troy Hunt) 'Technical issue' at Google deletes some customer data (The Register) Chinese hackers spent four years inside Asian telco’s networks (The Record) Multistage Info Stealer SnakeKeylogger Attacking Individuals and Businesses to Steal Logins (Cyber Security News) Over 300 arrested in international crackdown on cyber scams (The Record) How a glitch in an online survey replaced the word ‘yes’ with ‘forks’ (Pew Research) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
Money laundering runs rampant in Cambodia. Privacy advocates question a new data sharing EO from the White House. An NYU website hack exposes the data of millions. A game demo gets pulled from Steam after users report infostealing malware. The Cloak ransomware group claims a cyberattack on the Virginia Attorney General’s Office. 23andMe files for Chapter 11 bankruptcy. Medusa ransomware is using a malicious driver to disable security tools on infected systems. Clearview AI settles a class-action lawsuit over privacy violations. A look back at the CVE program. In today’s Industry Voices segment, we are joined by Joe Ryan, Head of Customer Enablement at Maltego Technologies, who is highlighting how to help analysts in resource-constrained environments overcome training gaps and use investigative tools more effectively. Luring AI bots into the digital labyrinth. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest In today’s Industry Voices segment, we are joined by Joe Ryan , Head of Customer Enablement at Maltego Technologies , who is highlighting how to help analysts in resource-constrained environments overcome training gaps and use investigative tools more effectively. Selected Reading How Scammers Launder Money and Get Away With It (New York Times) Trump order on information sharing appears to have implications for DOGE and beyond (The Record) Over 3 million applicants’ data leaked on NYU’s website (Washington Square News) Steam pulls game demo infecting Windows with info-stealing malware (Bleeping Computer) Ransomware Group Claims Attack on Virginia Attorney General’s Office (SecurityWeek) 23andMe Files for Bankruptcy Amid Concerns About Security of Customers’ Genetic Data (New York Times) Medusa Ransomware Uses Malicious Driver to Disable Security Tools (SecurityWeek) Clearview AI settles class-action privacy lawsuit worth an estimated $50 million (The Record) Despite challenges, the CVE program is a public-private partnership that has shown resilience (CyberScoop) Trapping misbehaving bots in an AI Labyrinth (Cloudflare) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
1 Andrew Hammond: Understanding the plot. [Historian and Curator] [Career Notes] 8:06
8:06 Play Later Play Later Lists Like Liked8:06
Play Later Play Later Lists Like LikedPlease enjoy this encore of Career Notes. Historian and Curator at the International Spy Museum. Dr. Andrew Hammond, shares how he came to share the history of espionage and intelligence as a career. Starting out in the Royal Air Force when 9/11 happened, Andrew found himself trying to understand what was going on in the world. Studying history and international relations gave him some perspective and led him on his career path which included an introduction to museum industry at the 9/11 Museum. After a stint in academia in the UK, Andrew found his way back to the US and eventually ended up at the International Spy Museum in Washington, DC. He said one of the "greatest parts of the job being able to engage with the artifacts" and share their stories. We thank Andrew for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
1 Excel-lerating cyberattacks. [Research Saturday] 26:43
26:43 Play Later Play Later Lists Like Liked26:43
Play Later Play Later Lists Like LikedThis week, we are joined by Tom Hegel , Principal Threat Researcher from SentinelLabs research team, to discuss their work on "Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition." The latest Ghostwriter campaign, linked to Belarusian government espionage, is actively targeting Ukrainian military and government entities as well as Belarusian opposition activists using weaponized Excel documents. SentinelLabs identified new malware variants and tactics, including obfuscated VBA macros that deploy malware via DLL files, with payload delivery seemingly controlled based on a target’s location and system profile. The campaign, which began preparation in mid-2024 and became active by late 2024, appears to be an evolution of previous Ghostwriter operations, combining disinformation with cyberattacks to further political and military objectives. The research can be found here: Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
Over 150 government database servers are dangerously exposed to the internet. Threat actors are exploiting a vulnerability in CheckPoint’s ZoneAlarm antivirus software. Albabat ransomware goes cross-platform. ESET reports on the Chinese Operation FishMedley campaign. VanHelsing ransomware targets Windows systems in the U.S. and France. CISA issues five ICS advisories warning of high-severity vulnerabilities across critical infrastructure systems. A former NFL coach is indicted for allegedly hacking into the accounts of thousands of college athletes. Brandon Karpf joins us with a look at cyberspace in space. A fraud detection firm gets shut down for fraud. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Brandon Karpf , friend of N2K CyberWire, joins T-Minus Space Daily host Maria Varmazis for the Space and Cyber March segment. Selected Reading Over 150 US Government Database Servers Vulnerable to Internet Exposure (GB Hackers) White House Shifting Cyber Risk to State and Local Agencies (Data Breach Today) Cybercriminals Exploit CheckPoint Driver Flaws in Malicious Campaign (Infosecurity Magazine) Albabat Ransomware Attacking Windows, Linux & macOS by Leveraging GitHub (Cyber Security News) Chinese I-Soon Hackers Hit 7 Organizations in Operation FishMedley (SecurityWeek) VanHelsing Ransomware Attacking Windows Systems With New Evasion Technique & File Extension (Cyber Security News) CISA Releases Five Industrial Control Systems Advisories Covering Vulnerabilities & Exploits (Cyber Security News) Former NFL, Michigan Assistant Coach Matt Weiss Charged With Hacking for Athletes' Intimate Photos (SecurityWeek) AdTech CEO whose products detected ad fraud jailed for fraud (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Veeam patches a critical vulnerability in its Backup & Replication software. A spyware data breach highlights ongoing risks. Clearview AI attempted to purchase sensitive data such as Social Security numbers and mug shots. The Netherlands’ parliament looks to reduce reliance on U.S. software firms. A Pennsylvania union notifies over 517,000 individuals of a data breach. Researchers discover a RansomHub affiliate deploying a new custom backdoor called Betruger. A new info-stealer spreads through game cheats and cracks. David Wiseman, Vice President of Secure Communications at BlackBerry, joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. What to do when AI casually accuses you of murder? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest David Wiseman , Vice President of Secure Communications at BlackBerry , joins us to explore how organizations can effectively implement CISA’s encrypted communications guidelines. Don’t miss the full conversation—listen now on the Caveat podcast! Selected Reading Veeam Patches Critical Vulnerability in Backup & Replication (SecurityWeek) The Citizen Lab’s director dissects spyware and the ‘proliferating’ market for it (The Record) Data breach at stalkerware SpyX affects close to 2 million, including thousands of Apple users (TechCrunch) Facial Recognition Company Clearview Attempted to Buy Social Security Numbers and Mugshots for its Database (404 Media) Dutch parliament calls for end to dependence on US software companies (Yahoo) Pennsylvania education union data breach hit 500,000 people (Bleeping Computer) RansomHub Affiliate Deploying New Custom Backdoor Dubbed ‘Betruger’ For Persistence (Cyber Security News) New Arcane infostealer infects YouTube, Discord users via game cheats (Bleeping Computer) Dad demands OpenAI delete ChatGPT’s false claim that he murdered his kids (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
A critical vulnerability could let attackers hijack and potentially disable vulnerable servers. Europol warns of a “shadow alliance” between state-backed threat actors and cybercriminals. Sekoia examines ClearFake. A critical PHP vulnerability is under active exploitation. A sophisticated scareware phishing campaign has shifted its focus to macOS users. Phishing as a service attacks are on the rise. A new jailbreak technique bypasses security controls in popular LLMs. Microsoft has uncovered StilachiRAT. CISA confirms active exploitation of a critical Fortinet vulnerability. On our CertByte segment, Chris Hare is joined by Troy McMillan to break down a question targeting the ISACA® Certified Information Security Manager® (CISM®) exam. AI coding assistants get all judgy. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare , a content developer and project management specialist at N2K , we share practice questions from N2K’s suite of industry-leading certification resources. This week, Chris is joined by Troy McMillan to break down a question targeting the ISACA® Certified Information Security Manager® (CISM®) exam. Today’s question comes from N2K’s ISACA® Certified Information Security Manager® (CISM®) Practice Test . The CISM exam helps to affirm your ability to assess risks, implement effective governance, proactively respond to incidents and is the preferred credential for IT managers, according to ISACA.To learn more about this and other related topics under this objective, please refer to the following resource: CISM Review Manual, 15th Edition, 1.0, Information Security Governance, Introduction. Have a question that you’d like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K’s full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Additional source: https://www.isaca.org/credentialing/cism#1 Selected Reading Critical AMI MegaRAC bug can let attackers hijack, brick servers (bleepingcomputer) Europol Warns of “Shadow Alliance” Between States and Criminals (Infosecurity Magazine) ClearFake’s New Widespread Variant: Increased Web3 Exploitation for Malware Delivery (Sekoia.io Blog) PHP RCE Vulnerability Actively Exploited in Wild to Attack Windows-based Systems (cybersecuritynews) Scareware Combined With Phishing in Attacks Targeting macOS Users (securityweek) Sneaky 2FA Joins Tycoon 2FA and EvilProxy in 2025 Phishing Surge (Infosecurity Magazine) New Jailbreak Technique Bypasses DeepSeek, Copilot, and ChatGPT to Generate Chrome Malware (gbhackers) Microsoft Warns of New StilachiRAT Malware (SecurityWeek) Fortinet Vulnerability Exploited in Ransomware Attack, CISA Warns (Infosecurity Magazine) AI coding assistant Cursor reportedly tells a 'vibe coder' to write his own damn code (TechCrunch) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
An Apache Tomcat vulnerability is under active exploitation. CISA rehires workers ousted by DOGE. Lawmakers look to protect rural water systems from cyber threats. Western Alliance Bank notifies 22,000 individuals of a data breach. A new cyberattack method called BitM allows hackers to bypass multi-factor authentication. A Chinese cyberespionage group targets Central European diplomats. A new cyberattack uses ChatGPT infrastructure to target the financial sector and U.S. government agencies. Australia sues a major securities firm over inadequate protection of customer data. Our Threat Vector segment examines how unifying security capabilities strengthens cyber resilience. Cybercriminals say, “Get me Edward Snowden on the line!” Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . Threat Vector Segment Security platformization is transforming the way organizations defend against cyber threats. In this episode of Threat Vector, host David Moulton speaks with Carlos Rivera , Senior Analyst at Forrester, about how unifying security capabilities strengthens cyber resilience. To listen to the full discussion, please check out the episode here or on your favorite podcast app, and tune in to new episodes of Threat Vector by Palo Alto Networks every Thursday. Selected Reading Critical Apache Tomcat RCE Vulnerability Exploited in Just 30hrs of Public Exploit (Cyber Security News) CISA Rehires Fired Employees, Immediately Puts Them on Leave (GovInfo Security) Western Alliance Bank Discloses Data Breach Linked to Cleo Hack (SecurityWeek) New BitM Attack Lets Hackers Steal User Sessions Within Seconds (Cyber Security News) US Lawmakers Reintroduce Bill to Boost Rural Water Cybersecurity (SecurityWeek) Chinese Hackers Target European Diplomats with Malware (GovInfo Security) Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week (Hackread) Australia Sues FIIG Investment Firm in Cyber 'Wake-Up Call' (GovInfo Security) Extortion crew threatened to inform Edward Snowden (?!) if victim didn't pay up (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
A phishing campaign targets nearly 12,000 GitHub repositories. The BlackLock ransomware group is one to watch. A federal judge orders reinstatement of workers at CISA. Over 100 car dealership websites suffer a supply chain attack, and Hellcat breaches Jaguar Land Rover. Researchers uncover a major vulnerability affecting RSA encryption keys. A Life Insurance Company notifies 355,500 individuals of a December 2024 data breach. A researcher releases a decryptor for Akira ransomware. A new mapping database aims to help NGOs and high-risk individuals find security tools. Tim Starks from CyberScoop reports that trade groups fear a cybersecurity blackout if a key panel and vital cyber law aren’t renewed. A fundamental shift of our understanding of hash tables. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing , and you’ll never miss a beat . And be sure to follow CyberWire Daily on LinkedIn . CyberWire Guest Today our guest is Tim Starks from CyberScoop is discussing how " Trade groups worry information sharing will worsen without critical infrastructure panel, CISA law renewal ." Selected Reading Fake "Security Alert" issues on GitHub use OAuth app to hijack accounts (Bleeping Computer) BlackLock Ransomware Strikes Over 40 Organizations in Just Two Months (GB Hackers) Federal Judges Block Trump's Mass Firings of Federal Workers (BankInfo Security) 100 Car Dealerships Hit by Supply Chain Attack (SecurityWeek) Jaguar Land Rover Breached by HELLCAT Ransomware Group using Jira Credentials (Cyber Security News) Millions Of RSA Key Exposes Serious Flaws That Can Be Exploited (Cyber Security News) Insurer Notifying 335,500 Customers, Agents, Others of Hack (BankInfo Security) New Akira ransomware decryptor cracks encryptions keys using GPUs (Bleeping Computer) Security Database Aims to Empower Non-Profits (Infosecurity Magazine ) Undergraduate Disproves 40-Year-Old Conjecture, Invents New Kind of Hash Table (WIRED ) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit . Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices…
C
CyberWire Daily
1 Ingrid Toppelberg: Knowing how to take risks will pay off. [Cybersecurity education] [Career Notes] 7:32
7:32 Play Later Play Later Lists Like Liked7:32
Play Later Play Later Lists Like LikedPlease enjoy this encore of Career Notes. Chief Product Officer at Cybint Solutions, Ingrid Toppelberg, shares her journey from consulting to bootcamp coach and cybersecurity education. As a young girl, Ingrid wanted to do everything from being a teacher to the head of the World Bank. After consulting for several years, Ingrid found cybersecurity. What she found fascinating about the cyber world is how important it is for absolutely everyone at all levels to know about cybersecurity. Ingrid also develops and conducts bootcamps to reskill displaced people into cybersecurity. Ingrid says to those interested in cyber, "just do it. We need different kinds of minds in cyber keeping us safe." We thank Ingrid for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Similar to CyberWire Daily
Cybersecurity guru Steve Gibson joins Leo Laporte every Tuesday. Steve and Leo break down the latest cybercrime and hacking stories, offering a deep understanding of what's happening and how to protect yourself and your business. Security Now is a must listen for security professionals every week. Records live every Tuesday at 4:30pm Eastern / 1:30pm Pacific / 20:30 UTC.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Technical interviews about software topics.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A daily dose of irreverent, offbeat, and informative takes on business & tech news. Hosted by Jon Weigell, Juliet Bennett Rylah, Mark Dent, Ben Berkley, Sara Friedman, Matthew Brown, and Rob Litterst from The Hustle.
…
continue reading
Windows Weekly is about more than Windows. Veteran Microsoft insiders Paul Thurrott and Richard Campbell join Leo for a deep dive into the most valuable company in the world. From consumer to enterprise, AI to Xbox, Windows Weekly is the only Microsoft podcast you'll ever need. Records live every Wednesday at 2:00pm Eastern / 11:00am Pacific / 18:00 UTC.
…
continue reading
Join Larry Mantle weekdays for lively and in-depth discussions of Los Angeles and Southern California news, politics, science, entertainment, the arts and more. More AirTalk at www.kpcc.org.
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Best Business Podcast (Gold), British Podcast Awards 2023 How do you build a fully electric motorcycle with no compromises on performance? How can we truly experience what the virtual world feels like? What does it take to design the first commercially available flying car? And how do you build a lightsaber? These are some of the questions this podcast answers as we share the moments where digital transforms physical, and meet the brilliant minds behind some of the most innovative products a ...
…
continue reading
The government has ordered an investigation into the fire that forced Heathrow airport to close.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
