))
Automation, Generative AI, Shift Left - the world of application security is evolving fast! Security Journey introduces the newest go-to AppSec resource, The Security Champions Podcast, hosted by Director of Application Security Michael Burch.Gain exclusive insight from software development leaders and security experts – from recounting their security champion journey to diving into the latest headlines in the AppSec world. Learn how to build, maintain and scale a successful software securit ...
…
continue reading
Strange tales of hacking, tech, internet grifters, AI, and security with Jordan & Scott. Are internet hitmen really a thing? What does someone do with a crypto wallet full of millions and a lost password? Did a Minecraft scammer really hack the president? Hacked is a technology show about people hacking things together and apart, with your old pals Jordan Bloemen and Scott Francis Winder. Get at us via [email protected].
…
continue reading
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
…
continue reading
Deception, influence, and social engineering in the world of cyber crime.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today’s interconnected world. Tune in every week to discover invaluable insights, strateg ...
…
continue reading
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
…
continue reading
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
…
continue reading
Code to Cloud is the podcast for builders—founders, engineers, and tech leaders—shipping the future of cloud, faster. From MVP to hyperscale, we dive into what really matters: cloud-native infrastructure, DevSecOps, AI integration, adaptive strategies, and modern app development. Hosted by Kevin Evans, a 25-year tech veteran, Senior Technologist at Microsoft, and fractional CTO at Code to Cloud, each episode delivers tactical conversations with engineering leaders, startup operators, and clo ...
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.
…
continue reading
Error Code is a biweekly narrative podcast that provides you both context and conversation with some of the best minds working today toward code resilience and dependability. Work that can lead to autonomous vehicles and smart cities. It’s your window in the research solving tomorrow’s code problems today.
…
continue reading
Technology and Security (TS) explores the intersections of emerging technologies and security. It is hosted by Dr Miah Hammond-Errey. Each month, experts in technology and security join Miah to discuss pressing issues, policy debates, international developments, and share leadership and career advice. https://miahhe.com/about-ts | https://stratfutures.com
…
continue reading
A podcast focusing on the intersection between cybersecurity, national security, and geopolitics
…
continue reading
Sync Up is your one-stop shop for all things OneDrive. Join hosts, Stephen Rice and Arvind Mishra, as they shed light on how OneDrive connects you to all of your files in Microsoft and enables you to share and work together from anywhere, and any device! Hear from experts behind the design and development of OneDrive, as well as customers and Microsoft MVPs! Each episode will give you news and announcements, tips and best practices for your OneDrive experience, and some fun and humor!
…
continue reading
Main AI by CodeRabbit is a podcast that brings you deep conversations with legendary developers who've shaped the tools we use every day. We explore how artificial intelligence is transforming software development while celebrating the creators and tools that built our foundation. Each episode features intimate discussions about building developer tools, maintaining open source projects, and navigating the evolution of technology.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
discussions on topics connected with software development; privacy, security, management, tools, techniques, skills, training, business, soft skills, health
…
continue reading
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
…
continue reading
Felix explores Internet of Things (IoT) and Operational Technology cyber security. Perfect for project managers, developers, and those learning about penetration testing in this niche area. Email Felix using [email protected] Get more information at the website: yougottahackthat.com Find You Gotta Hack That on LinkedIn and X @gotta_hack
…
continue reading
Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today's interconnected world. Tune in every week to discover invaluable insights, strateg ...
…
continue reading
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
The Lawfare Podcast features discussions with experts, policymakers, and opinion leaders at the nexus of national security, law, and policy. On issues from foreign policy, homeland security, intelligence, and cybersecurity to governance and law, we have doubled down on seriousness at a time when others are running away from it. Visit us at www.lawfareblog.com. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Join us for interesting conversations about technology and the business of IT.
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
The law affects our lives and our society in many unique and profound ways. Reasonably Speaking, produced by The American Law Institute, features interviews with legal experts on some of the most important legal topics of our time. Each episode takes you through the law in action, beyond courtrooms and casebooks. Whether you are a legal scholar or a concerned citizen, this examination of the relationship between our laws and our society will leave you with a better understanding of how we go ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
An IFPOD production for IFPO the very first security podcast called Security Circle. IFPO is the International Foundation for Protection Officers, and is an international security membership body that supports front line security professionals with learning and development, mental Health and wellbeing initiatives.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The world of application development moves quickly. New tools, new processes, and new threats are always popping up. Through enlightening interviews with industry leaders, From Code to the Cloud helps you stay on top of new developments in Low Code and Salesforce DevOps.
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.
…
continue reading
Cyber Security News, Analysis and Opinion
…
continue reading
Welcome to For a Cloudy Day, the podcast where we talk about the cloud technology industry with insights from experts. Hosted by Co-native, the home of cloud specialists.
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
Larry and Kerry talk about parenting issues during Covid-19 isolation period
…
continue reading
Every day, a team of AIs deliver simple, straightforward updates from the world of artificial intelligence.
…
continue reading
Breaking the Internet is a podcast about tech for tech - but we’re not like other girls. Serena (@shenetworks) and Ali (@endingwithali) take to the mic to talk about the industry, trends, history and more.
…
continue reading
1
SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec
6:27
6:27
Play later
Play later
Lists
Like
Liked
6:27
Quasar RAT Delivered Through Bat Files Xavier is walking you through a quick reverse analysis of a script that will injection code extracted from a PNG image to implement a Quasar RAT. https://isc.sans.edu/diary/Quasar%20RAT%20Delivered%20Through%20Bat%20Files/32036 Delayed Windows 11 24H2 Rollout Microsoft slightly throttled the rollout of windows…
…
continue reading
1
40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat
8:04
8:04
Play later
Play later
Lists
Like
Liked
8:04
CISA, Microsoft warn of Windows zero-day used in attack on ‘major’ Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more effic…
…
continue reading
1
Inside the React Native NPM Supply Chain Breach: 16 Packages, 1 Million+ Downloads, and a RAT in the Code
41:15
41:15
Play later
Play later
Lists
Like
Liked
41:15
In this episode, we break down the massive supply chain attack that rocked the React Native ecosystem beginning on June 6, 2025. Over 16 NPM packages, collectively downloaded over one million times per week, were silently weaponized with a Remote Access Trojan (RAT) embedded in obfuscated code. The attack, linked to the same threat actor behind the…
…
continue reading
1
AI Security Report, Policy Shifts, and Amazon’s New Coding Tool
11:36
11:36
Play later
Play later
Lists
Like
Liked
11:36
OpenAI's latest report highlights successes in combating AI misuse, while the Trump administration replaces the U.S. AI Safety Institute with the Center for AI Standards and Innovation, signaling a shift towards innovation. Meanwhile, Amazon plans to roll out the AI coding tool 'Cursor' by 2025, potentially transforming software development. Tune i…
…
continue reading
1
AI in AppSec: Agentic Tools, Vibe Coding Risks & Securing Non-Human Identities - Mo Aboul-Magd, Brian Fox, Mark Lambert, Shahar Man - ASW #332
1:04:35
1:04:35
Play later
Play later
Lists
Like
Liked
1:04:35
ArmorCode unveils Anya—the first agentic AI virtual security champion designed specifically for AppSec and product security teams. Anya brings together conversation and context to help AppSec, developers and security teams cut through the noise, prioritize risks, and make faster, smarter decisions across code, cloud, and infrastructure. Built into …
…
continue reading
1
AI in AppSec: Agentic Tools, Vibe Coding Risks & Securing Non-Human Identities - Mo Aboul-Magd, Shahar Man, Brian Fox, Mark Lambert - ASW #332
1:04:35
1:04:35
Play later
Play later
Lists
Like
Liked
1:04:35
ArmorCode unveils Anya—the first agentic AI virtual security champion designed specifically for AppSec and product security teams. Anya brings together conversation and context to help AppSec, developers and security teams cut through the noise, prioritize risks, and make faster, smarter decisions across code, cloud, and infrastructure. Built into …
…
continue reading
1
zeroRISC Secures $10M to Commercialize OpenTitan and Reinvent Supply Chain Security
51:51
51:51
Play later
Play later
Lists
Like
Liked
51:51
zeroRISC just raised $10 million to bring OpenTitan—the first open-source silicon Root of Trust—to market. In this episode, we break down what this funding means for the future of supply chain security, and why investors are betting on open hardware to fix vulnerabilities baked into modern chips. We explore how geopolitical tension, forced labor en…
…
continue reading
1
Fog, RedFox, and the Rise of Silent Intruders: Cyberattacks Surge Against Financial Institutions
34:42
34:42
Play later
Play later
Lists
Like
Liked
34:42
The financial services industry is under siege. In this episode, we unpack the latest findings from Radware’s 2025 Financial Threat Analysis and multiple intelligence reports detailing a relentless rise in cyberattacks targeting banks and financial institutions across the globe. We examine the surge in sophisticated attacks that blend legitimate to…
…
continue reading
1
Lawfare Archive: Protests, the Police, and the Press
48:20
48:20
Play later
Play later
Lists
Like
Liked
48:20
From June 21, 2023: Carolyn Cole, a Pulitzer-Prize winning staff photographer for the Los Angeles Times, has covered wars and other conflicts in Afghanistan, Iraq, Israel, Kosovo, Liberia, Sudan, Nicaragua, Haiti, and the U.S.-Mexico border. Over the course of her 30 year career, she has been seriously injured on the job precisely once—when members…
…
continue reading
1
The Secret CISO: Navigating the Human and Technical Challenges in Cybersecurity
51:57
51:57
Play later
Play later
Lists
Like
Liked
51:57
In this episode of 'Cybersecurity Today,' hosts John Pinard and Jim Love introduce their unique show, 'The Secret CISO,' which aims to dive deep into the lives and thoughts of CISOs and similar roles, beyond the usual interview-style format. The guest for this episode is Priya Ali, CISO at Sheridan College, who shares her journey from engineering t…
…
continue reading
This week, Dave is joined by Ziv Karliner, Pillar Security’s Co-Founder and CTO, sharing details on their work on "New Vulnerability in GitHub Copilot and Cursor: How Hackers Can Weaponize Code Agents." Vibe Coding - where developers use AI assistants like GitHub Copilot and Cursor to generate code almost instantly - has become central to how e…
…
continue reading
1
Week in Review: Google and Cloudflare outages, Copilot Zero-Click, Cloudflare's Claude flair
25:20
25:20
Play later
Play later
Lists
Like
Liked
25:20
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GR…
…
continue reading
Cloudflare says yesterday’s widespread outage was not caused by a cyberattack. Predator mobile spyware remains highly active. Microsoft is investigating ongoing Microsoft 365 authentication services issues. An account takeover campaign targets Entra ID users by abusing a popular pen testing tool. Palo Alto Networks documents a JavaScript obfuscatio…
…
continue reading
1
9.8 Severity and Counting: Inside Trend Micro’s Latest Security Emergency
32:08
32:08
Play later
Play later
Lists
Like
Liked
32:08
In this episode, we break down Trend Micro’s urgent June 10th security update that patched ten high- and critical-severity vulnerabilities—some with CVSSv3.1 scores as high as 9.8—across Apex Central and Endpoint Encryption PolicyServer (TMEE). While no active exploitation has been observed, the risks are too severe to ignore. We spotlight the most…
…
continue reading
1
Saltiness about frostiness (Friends)
2:07:01
2:07:01
Play later
Play later
Lists
Like
Liked
2:07:01
Justin Searls joins Jerod in Apple’s WWDC wake for hot takes about frosty UIs. We go (almost) point-by-point through the keynote, dissecting and reacting along the way. Concentricity! Join the discussion Changelog++ members save 5 minutes on this episode because they made the ads disappear. Join today! Sponsors: Retool – Assemble your elite AI team…
…
continue reading
1
Zero-Day in the Call Center: Mitel MiCollab Exploited in Active Attacks
12:27
12:27
Play later
Play later
Lists
Like
Liked
12:27
In this episode, we dissect the critical vulnerabilities plaguing Mitel MiCollab, a widely used unified communications platform, and explore how attackers are exploiting these flaws in the wild. Recently, security researchers uncovered a trio of dangerous vulnerabilities, including CVE-2024-35286 (a SQL injection flaw), CVE-2024-41713 (an authentic…
…
continue reading
1
The Info-Stealer Sting: A Deep Dive into INTERPOL's Operation Secure
14:39
14:39
Play later
Play later
Lists
Like
Liked
14:39
Join us for a gripping discussion on "Operation Secure," a landmark international crackdown that reverberated through the dark corners of the cybercriminal world between January and April 2025. Led by INTERPOL and involving law enforcement from 26 countries, primarily across the Asia-Pacific region, this massive coordinated effort, bolstered by cri…
…
continue reading
1
Lawfare Daily: U.S. Troops on the Streets of Los Angeles
1:25:21
1:25:21
Play later
Play later
Lists
Like
Liked
1:25:21
For today's episode, Lawfare Senior Editor and General Counsel Scott R. Anderson sat down with three leading legal experts on domestic military deployments: William Banks of Syracuse University College of Law, Laura Dickinson of the George Washington University Law School, and Chris Mirasola of the University of Houston Law Center. They discussed t…
…
continue reading
1
Microsoft Entra attack, Thursday’s Cloud outages, Mark Green retires
8:10
8:10
Play later
Play later
Lists
Like
Liked
8:10
Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta.…
…
continue reading
1
AI Security Threats: Echo Leak, MCP Vulnerabilities, Meta's Privacy Scandal, and the 'Peep Show'
12:55
12:55
Play later
Play later
Lists
Like
Liked
12:55
In this episode of Cybersecurity Today, host Jim Love discusses critical AI-related security issues, such as the Echo Leak vulnerability in Microsoft's AI, MCP's universal integration risks, and Meta's privacy violations in Europe. The episode also explores the dangers of internet-exposed cameras as discovered by BitSight, highlighting the urgent n…
…
continue reading
1
SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln;
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43
Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data from Copilot…
…
continue reading
Interpol’s Operation Secure dismantles a major cybercrime network, and Singapore takes down scam centers. GitLab patches multiple vulnerabilities in its DevSecOps platform. Researchers unveil a covert method for exfiltrating data using smartwatches. EchoLeak allows for data exfiltration from Microsoft Copilot. Journalists are confirmed targets of P…
…
continue reading
1
Escalation, Episode Seven: Boiling the Frog
58:28
58:28
Play later
Play later
Lists
Like
Liked
58:28
Today, it’s Episode Seven of Escalation, our latest narrative series co-hosted by Lawfare Managing Editor Tyler McBrien and Ukraine Fellow Anastasiia Lapatina. Throughout the show, Nastya and Tyler trace the history of U.S.-Ukrainian relations from the time of Ukrainian independence through the present. You can listen to Escalation in its entirety,…
…
continue reading
1
Lawfare Daily: McCarthyism and Its Echoes in Modern Politics with Clay Risen
43:24
43:24
Play later
Play later
Lists
Like
Liked
43:24
Lawfare Contributing Editor Renée DiResta sits down with Clay Risen to talk about his book “Red Scare: Blacklists, McCarthyism, and the Making of Modern America,” exploring the historical context of McCarthyism and its relevance to contemporary issues. They discuss the dynamics of accusation versus evidence during the Red Scare, the impact of vigil…
…
continue reading
1
CoPilot zero-click, Operation Secure, FIN6 targets recruiters
7:43
7:43
Play later
Play later
Lists
Like
Liked
7:43
Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There’s something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening yo…
…
continue reading
1
Managing online security throughout the decades.
43:09
43:09
Play later
Play later
Lists
Like
Liked
43:09
This week, our hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with some more chicken follow up, this week, delving into malware-relat…
…
continue reading
1
Ghost students “haunting” online colleges.
37:06
37:06
Play later
Play later
Lists
Like
Liked
37:06
Patch Tuesday. Mozilla patches two critical FireFox security flaws. A critical flaw in Salesforce OmniStudio exposes sensitive customer data stored in plain text. The Badbox botnet continues to evolve. AI-powered “ghost students” enrolling in online college courses to steal government funds. Hackers steal nearly 300,000 vehicle crash reports from t…
…
continue reading
1
Tomcat Manager Attacks: 400 IPs in Coordinated Brute-Force Attack
34:49
34:49
Play later
Play later
Lists
Like
Liked
34:49
On June 5, 2025, GreyNoise flagged a massive spike in coordinated brute-force login attempts targeting Apache Tomcat Manager interfaces. Nearly 400 unique IP addresses, many traced back to DigitalOcean infrastructure, were involved in a widespread and opportunistic campaign. In this episode, we dissect the attack pattern, what makes Apache Tomcat a…
…
continue reading
1
The Roc programming language (Interview)
1:35:56
1:35:56
Play later
Play later
Lists
Like
Liked
1:35:56
Jerod chats with Richard Feldman about Roc – his fast, friendly, functional language inspired by Richard’s love of Elm. Roc takes many of Elm’s ideas beyond the frontend and introduces some great ideas of its own. Get ready to learn about static dispatch, platforms vs applications, opportunistic mutation, purity inference, and a whole lot more. Joi…
…
continue reading
On May 12, 2025, the Texas Department of Transportation (TxDOT) disclosed a significant data breach that compromised crash reports containing personal data of over 423,000 individuals. In this episode, we take a forensic look at what went wrong, how one compromised account enabled unauthorized downloads of sensitive crash data, and what this means …
…
continue reading
1
Rational Security: The “How Many Constitutional Crises Can We Fit Into One Episode?” Edition
1:17:17
1:17:17
Play later
Play later
Lists
Like
Liked
1:17:17
This week, Scott sat down with Lawfare Senior Editors Molly Reynolds and Quinta Jurecic, and Contributing Editor Chris Mirasola, to focus on the week’s big domestic news, including: “Drama Majors, Meet Major Drama.” In the glittering city of Los Angeles, the Trump administration has taken the dramatic step of calling up the California National Guar…
…
continue reading
1
EP 129 Fearless and On the Record: Mark Ledlow’s Mindset Mission The Security Circle Meets The Fearless Mindset” — a Clash of two Podcast Powerhouses
56:27
56:27
Play later
Play later
Lists
Like
Liked
56:27
Send us a text 🎙️ Podcast Summary: In this dynamic episode, Yolanda welcomes fellow podcast host and security entrepreneur Mark Ledlow, founder of Fearless Mindset and CEO of Ledlow Security Group. From humble beginnings in the Marine Corps to leading a thriving executive protection firm, Mark shares his unfiltered journey into the world of securit…
…
continue reading
1
Ghost Students and AI Scams: How Identity Theft is Gutting Financial Aid
43:49
43:49
Play later
Play later
Lists
Like
Liked
43:49
What happens when hundreds of thousands of college applications are submitted—not by hopeful students, but by bots using stolen identities? In this episode, we dive deep into the alarming rise of financial aid fraud in U.S. higher education, driven by "ghost students" and increasingly sophisticated scams powered by AI. From fraud rings applying for…
…
continue reading
1
Lawfare Daily: Christina Knight on AI Safety Institutes
38:53
38:53
Play later
Play later
Lists
Like
Liked
38:53
Christina Knight, Machine Learning Safety and Evals Lead at Scale AI and former senior policy adviser at the U.S. AI Safety Institute (AISI), joins Kevin Frazier, the AI Innovation and Law Fellow at Texas and a Senior Editor at Lawfare, to break down what it means to test and evaluate frontier AI models as well as the status of international effort…
…
continue reading
1
Cybersecurity Today: State-Backed ChatGPT Misuse, Dark Gaboon Attacks, and Starlink Installation Controversy
12:50
12:50
Play later
Play later
Lists
Like
Liked
12:50
This episode of 'Cybersecurity Today' hosted by Jim Love covers various significant events in the cybersecurity landscape. OpenAI has banned multiple ChatGPT accounts linked to state-sponsored hackers from countries including China, Russia, North Korea, Iran, and the Philippines for developing malware, generating disinformation, and conducting scam…
…
continue reading
1
SANS Stormcast Wednesday, June 11th, 2025: Microsoft Patch Tuesday; Acrobat Patches
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58
Microsoft Patch Tuesday Microsoft today released patches for 67 vulnerabilities. 10 of these vulnerabilities are rated critical. One vulnerability has already been exploited and another vulnerability has been publicly disclosed before today. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20June%202025/32032 Adobe Vulnerabilities Adobe relea…
…
continue reading
An unsecured Chroma database exposes personal information of Canva Creators. A researcher brute-forces Google phone numbers. Five zero-day vulnerabilities in Salesforce Industry Cloud are uncovered. Librarian Ghouls target Russian organizations with stealthy malware. SAP releases multiple security patches including a critical fix for a NetWeaver bu…
…
continue reading
While cybersecurity threats targeting critical infrastructure, particularly focusing on the vulnerabilities of operational technology (OT) and industrial control systems (ICS).mostly originate on the business or IT side, there’s increasing concern about attacks crossing into OT, which could result in catastrophic consequences, especially in central…
…
continue reading
1
Escalation, Episode Six: Nothing Else Matters
57:50
57:50
Play later
Play later
Lists
Like
Liked
57:50
Today, it’s Episode Six of Escalation, our latest narrative series co-hosted by Lawfare Managing Editor Tyler McBrien and Ukraine Fellow Anastasiia Lapatina. Throughout the show, Nastya and Tyler trace the history of U.S.-Ukrainian relations from the time of Ukrainian independence through the present. You can listen to Escalation in its entirety, a…
…
continue reading
1
Data flows, privacy risks and foreign surveillance of Australians with Johnny Ryan
42:42
42:42
Play later
Play later
Lists
Like
Liked
42:42
Dr Miah Hammond-Errey is joined by Dr Johnny Ryan, Director of Enforce at the Irish Council for Civil Liberties and a leading authority on surveillance, data rights, and privacy. Drawing on his extensive experience in the ad tech industry and digital rights advocacy, Dr Ryan explains how real-time bidding (RTB)—the backbone of online advertising—ro…
…
continue reading
Hayden Smith, Hunted Labs Co-Founder comes on Absolute AppSec to discuss, among other things, the Hunted Labs work discovering and publicizing the EasyJson software supply chain threat. Before co-founding Hunted Labs, Hayden was Senior Director of Field Services at Anchore, assisting US government, intelligence, and Fortune 500 clients. Long a spec…
…
continue reading
1
Mirai Strikes Again: Spring4Shell, Wazuh, and TBK DVRs Exploited in Live Campaigns
43:52
43:52
Play later
Play later
Lists
Like
Liked
43:52
In this episode, we dive into the latest wave of active Mirai botnet campaigns exploiting high-severity remote code execution (RCE) vulnerabilities in critical enterprise and IoT systems. The Mirai malware—still evolving nearly a decade after its first appearance—has adapted its tactics to weaponize recent CVEs with CVSS scores of 9.8 and 9.9, impa…
…
continue reading
1
UNFI Breach: How One Cyberattack Shook the North American Food Supply
36:53
36:53
Play later
Play later
Lists
Like
Liked
36:53
On June 5, 2025, United Natural Foods Inc. (UNFI)—North America's largest publicly traded wholesale food distributor and primary supplier for Whole Foods—was struck by a major cyberattack that forced the company to shut down key IT systems. The result: widespread delivery disruptions to over 30,000 locations across the U.S. and Canada, eerily empty…
…
continue reading
1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334
1:09:09
1:09:09
Play later
Play later
Lists
Like
Liked
1:09:09
CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…
…
continue reading
