A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
…
continue reading
Bug Bounty Podcasts
The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.
…
continue reading
A Podcast about bugs, bounties and its researchers. Hosted by Fisher.
…
continue reading
Behind The Bounty gives you an inside look at the community and people that make bug bounties happen. Hosted by Ben Sadeghipour (NahamSec) and Nathanial Lattimer (d0nut).
…
continue reading
We’re planting the seeds of fun with the only gardening podcast that’s just for kids! Welcome to Gro-Town where we celebrate the world outside our windows! Join Miss Danielle for growing tips, music, special guests, and a bounty of laughs along the way. Music. Garden. Community. Gro-Town! Continue the fun at https://www.gro-town.com/
…
continue reading
The Cyber Riddler is a podcast that discusses interesting topics in the field of information security. It explores different areas and situations in real-life cyber security engagements and activities. Episodes feature guests from different backgrounds such as hackers, security analysts, cyber security managers, bug bounty hobbyists and more.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Hacks, scams, cyber crimes, and other shenanigans explored and explained. Presented by your friendly neighborhood cybersecurity gal Michele Bousquet.
…
continue reading
Hack for Fun and Profit is a weekly podcast for anyone who is interested in ethical hacking. The topics include bug bounty hunting, penetration testing, red teaming and many more. Sit back and enjoy stories, tips and tricks that will inspire you. For subscription-only episodes, enroll using this link: https://anchor.fm/thehackerish/subscribe
…
continue reading
Security veterans Joe Patti and Adam Roth welcome a diverse lineup of cybersecurity and information security experts to share their insights at the virtual bar. From cutting edge topics like AI and Operational Technology (OT) to the realities of careers and mental health, you'll get the inside view of what's happening across the industry and what it's really like to work in these fields, from the people who do it every day. Reach us at [email protected] or @SecCocktailHour on ...
…
continue reading
Broadcasting Ideas and Connecting Minds at the Intersection of Cybersecurity, Technology and Society. Founded by Sean Martin and Marco Ciappelli in 2015, ITSPmagazine is a multimedia platform exploring how technology, cybersecurity, and society shape our world. For over a decade, we've recognized this convergence as one of the most defining forces of our time—and it's more critical than ever. Our global community encourages intellectual exchange, challenging assumptions and diving deep into ...
…
continue reading
In 10 minutes daily, The Business of Tech delivers the latest IT services and MSP-focused news and commentary. Curated to stories that matter with commentary answering 'Why Do We Care?', channel veteran Dave Sobel brings you up to speed and provides resources to go deeper. With insights and analysis, this focused podcast focuses on the knowledge you need to be effective, profitable, and relevant.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
SecureMac presents The Checklist. Hosted by Ken Ray, each week The Checklist hits security topics for your Mac and iOS devices. From how-to's and safety tips, to security news of the day, The Checklist by SecureMac takes a conversational, solutions oriented approach to security for the average user. Check in each Thursday for a new Checklist!
…
continue reading
Welcome to eCommerceAholic, where we help you get more from your eCommerce store.
…
continue reading
Welcome to Smarter Online Safety: Protect, Empower, Transform—your go-to channel for digital security, AI productivity, and digital transformation. As cyber fraud, identity theft, and AI-driven risks grow, Jocelyn King, “The Queen of Online Safety,” is here to help you stay secure and thrive. A Top 10 Woman in Cybersecurity, speaker, and educator, she has been featured on Dr. Phil, prime-time news, international radio, and top podcasts. 💡 What You’ll Learn: ✔️ Protect yourself & your family ...
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
A podcast about the makers and breakers shaping cybersecurity. New episodes every other Monday! Go to https://hackerculture.fm for more information!
…
continue reading
Welcome to Behind the Binary, the podcast that introduces you to the fascinating people, technology, and tools driving the world of reverse engineering. Join your host, Josh Stroschein, a reverse engineer with the FLARE team at Google, and someone passionate about sharing knowledge and shedding light on the art of reverse engineering, as he sits down with intriguing guests to explore the human side of this profession. Behind the Binary goes beyond the code, sharing the stories, motivations, ...
…
continue reading
Hacker Talk brings you interesting conversation between some of the world best hackers, cyber security professionals and information security people.
…
continue reading
In "Surfacing Security," we explore a variety of cybersecurity topics relevant to Attack Surface Management and beyond. Your co-hosts are Michael Gianarakis (Assetnote Co-Founder/CEO) and Shubham Shah (Assetnote Co-Founder/CTO).
…
continue reading
The Business Security (BizSec) Podcast. Hosts Beau Woods and Dave Kennedy analyze and discuss the latest business news in the information and technology security world, as well as a bigger picture theme each episode. Follow us @bizsecpodcast
…
continue reading
STEM brother Basir Vincent podcast sharing small connect with the Tech bytes to encourage thought about STEM and STEAM engagement. Cover art photo provided by Oliver Pecker on Unsplash: https://unsplash.com/@ollipexxer
…
continue reading
Building better software, one incident at a time. Host Kevin Riggle talks with software engineers about that time they broke production. Whether you're an industry professional, or just curious about what makes the modern Internet run and what happens when it breaks, we bring you stories you haven't heard elsewhere. This is the audio version of the podcast. Watch on YouTube: https://youtube.com/@critical-point Produced by Complex Systems Group (https://complexsystems.group). Part of Critical ...
…
continue reading
Join us as we watch and discuss the entire Star Wars Canon from The Phantom Menace to the Force Awakens and beyond! Co-hosts Mondo, Joe (both from Not the Show) and with Ty (from Geek Fight Club's Chaos Inc.) talk about what they love and hate about The Saga.
…
continue reading
An insanely enjoyable Bitcoin podcast with a strong focus on liberty. Every Thursday, we chat about how Bitcoin sets the world free and share the latest cryptocurrency news and general Bitcoin talk. Guests have included: - Mastering Bitcoin author Andreas Antonopoulos - Liberty.me CLO Jeffrey Tucker - Antiwar.com editor Angela Keaton - Bitcoin/liberty activist Michele Seven - Jason King from Sean's Outpost Homeless Outreach - Drew Phillips from Bitcoin Not Bombs - Numerous other Bitcoin-lovi ...
…
continue reading
1
Episode 151: Client-side Advanced Topics
1:07:26
1:07:26
Play later
Play later
Lists
Like
Liked
1:07:26
Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL Parsing, and more. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criti…
…
continue reading
1
A Practical Look at Incident Handling: How a Sunday Night Bug Bounty Email Triggered a Full Investigation | A Screenly Brand Spotlight Conversation with Co-founder of Screenly, Viktor Petersson
17:48
17:48
Play later
Play later
Lists
Like
Liked
17:48
This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validat…
…
continue reading
1
The Truth About Bug Bounties & Cyber Risks
43:25
43:25
Play later
Play later
Lists
Like
Liked
43:25
Grant McCracken joins Jocelyn King on this episode of Smarter Online Safety to demystify bug bounties, penetration testing, AI security and the human mistakes that fuel most breaches. If you want practical, non-technical advice for protecting your business (or the businesses you rely on), this is the episode to watch. What we cover: 1. What a bug b…
…
continue reading
1
SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch
6:44
6:44
Play later
Play later
Lists
Like
Liked
6:44
Attempts to Bypass CDNs Our honeypots recently started receiving scans that included CDN specific headers. https://isc.sans.edu/diary/Attempts%20to%20Bypass%20CDNs/32532 React Vulnerability CVE-2025-55182 React patched a critical vulnerability in React server components. Exploitation is likely imminent. https://react.dev/blog/2025/12/03/critical-se…
…
continue reading
1
MSP Cybersecurity: Addressing AI Vulnerabilities and Account Takeover Fraud Risks
13:49
13:49
Play later
Play later
Lists
Like
Liked
13:49
AI-integrated tools, such as OpenAI's Atlas and Microsoft Teams, are introducing new trust and identity risks, particularly through vulnerabilities like prompt injections and guest access features. The Atlas browser, launched on October 21, 2025, has been identified as having security flaws that could allow attackers to inject harmful instructions.…
…
continue reading
If Facebook has seemed scammy for the past few years, it's not your imagination. A leaked internal document shows that Facebook, and its parent company Meta, are well aware that many of their ads and posts are scams, but they make too much money off of them to do anything about it. Get all the details on this scathing report from Reuters that has r…
…
continue reading
1
SANS Stormcast Wednesday, December 3rd, 2025: SmartTube Compromise; NPM Malware Prompt Injection Attempt; Angular XSS Vulnerability
6:06
6:06
Play later
Play later
Lists
Like
Liked
6:06
SmartTube Android App Compromise The key a developer used to sign the Android YouTube player SmartTube was compromised and used to publish a malicious version. https://github.com/yuliskov/SmartTube/issues/5131#issue-3670629826 https://github.com/yuliskov/SmartTube/releases/tag/notification Two Years, 17K Downloads: The NPM Malware That Tried to Gas…
…
continue reading
1
AI, Quantum, and the Changing Role of Cybersecurity | ISC2 Security Congress 2025 Coverage with Jon France, Chief Information Security Officer at ISC2 | On Location with Sean Martin and Marco Ciappelli ...
26:22
26:22
Play later
Play later
Lists
Like
Liked
26:22
What Security Congress Reveals About the State of Cybersecurity This discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioner…
…
continue reading
1
AI, Quantum, and the Changing Role of Cybersecurity | ISC2 Security Congress 2025 Coverage with Jon France, Chief Information Security Officer at ISC2 | On Location with Sean Martin and Marco Ciappelli ...
26:22
26:22
Play later
Play later
Lists
Like
Liked
26:22
What Security Congress Reveals About the State of Cybersecurity This discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioner…
…
continue reading
1
AI for MSPs: OpenAI's Code Red and the Need for Data Governance in IT Services
15:34
15:34
Play later
Play later
Lists
Like
Liked
15:34
OpenAI has declared a "code red" as it faces intensified competition from companies like Google and Anthropic, prompting a shift in focus towards enhancing the capabilities of its ChatGPT platform. CEO Sam Altman has urged staff to prioritize improvements in speed, reliability, and personalization, delaying other initiatives such as advertising. Th…
…
continue reading
1
Bonus: Holiday Scams Unwrapped: Tips to Stay Safe this Season
32:37
32:37
Play later
Play later
Lists
Like
Liked
32:37
Scammers stay busy during the holidays. From recognizing fake gift card requests to safe phone payments for teens, we're bringing back the best cyber security tips from last year's holiday episode, as a warmup for a new episode focusing on the latest job scams coming next week. 00:00 Introduction to the Holiday Episode 00:31 Phone malware and app p…
…
continue reading
1
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.
5:49
5:49
Play later
Play later
Lists
Like
Liked
5:49
Hunting for SharePoint In-Memory ToolShell Payloads A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524 Android Security Bulletin December 20…
…
continue reading
1
MSP Cybersecurity: Addressing Rising Costs and Job Losses in Small Businesses
16:15
16:15
Play later
Play later
Lists
Like
Liked
16:15
Small businesses in the U.S. are facing rising costs and job losses, with 70% of owners citing inflation as their primary concern, according to a recent Bank of America study. Despite this, 75% of small business owners remain optimistic about revenue growth in the coming year. However, the disparity in employment trends is stark, as small firms she…
…
continue reading
1
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity
5:42
5:42
Play later
Play later
Lists
Like
Liked
5:42
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix The latest variant of ClickFix tricks users into copy/pasting commands by displaying a fake blue screen of death. https://www.acronis.com/en/tru/posts/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix/ B2B Guest Access Cre…
…
continue reading
1
Navigating Endpoint Security: Tackling Shadow IT, Tool Sprawl, and Human Factors in Cybersecurity
1:00:39
1:00:39
Play later
Play later
Lists
Like
Liked
1:00:39
The episode discusses the increasing complexity of endpoint security, driven by the rapid proliferation of devices due to remote work, BYOD policies, and the rise of shadow IT. Data indicates that shadow IT has surged by 59% since remote work became mainstream, with nearly half of cyberattacks linked to these unauthorized applications. Managed Serv…
…
continue reading
1
Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture
1:57:12
1:57:12
Play later
Play later
Lists
Like
Liked
1:57:12
(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 74: We attempt to parse the rumor-fog around Microsoft’s CISO at CYBERWARCON and what it reveals about the company’s shifting posture…
…
continue reading
1
Book: Spy's Mate | A Conversation with Bradley W. Buchanan About Chess, Cold War Espionage, and His Journey Into Writing This Story | Audio Signals Podcast With Marco Ciappelli
44:22
44:22
Play later
Play later
Lists
Like
Liked
44:22
Spy's Mate: A Conversation with Bradley W. Buchanan About Chess, Cold War Intrigue, and the Stories That Save Us After a few months away, I couldn't stay silent. Audio Signals is back, and I'm thrilled that this conversation marks the official return. The truth is, I tried to let it go. I thought maybe I'd hang up the mic and focus solely on my wor…
…
continue reading
Smarter Online Safety — Jocelyn King with Daphne Ng A frank, non-technical conversation about how AI (voice cloning & deepfakes) is changing scams — including a $25M corporate fraud case — and what everyday people and teams can do right now to protect themselves. 🔔 Subscribe for weekly, simple online-safety tips 🎧 Listen on Apple/Spotify/Google Key…
…
continue reading
1
Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration
57:20
57:20
Play later
Play later
Lists
Like
Liked
57:20
Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankful for you all! Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@critica…
…
continue reading
1
AI Transparency Regulations Impacting MSPs: German Court Ruling on OpenAI Training Data
19:34
19:34
Play later
Play later
Lists
Like
Liked
19:34
A German court has ruled that OpenAI's training of its GPT-4 and GPT-4.0 models involved copyright infringement, requiring the company to disclose the frequency of usage of specific song lyrics in its training data. This ruling, initiated by GEMA, a German copyright collective, has significant implications for copyright holders, particularly in the…
…
continue reading
1
Checklist 451 - Safe Holiday Shopping 2025
19:08
19:08
Play later
Play later
Lists
Like
Liked
19:08
We're going a day early this week because Friday might be too late. The holiday shopping season kicks off in earnest this Friday. We're looking at tips for safe shopping both online and in lines this holiday season. Plus - a look back at nine years of this show. It's all ahead on Checklist No. 451, brought to you by SecureMac. Check out our show no…
…
continue reading
1
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving
6:07
6:07
Play later
Play later
Lists
Like
Liked
6:07
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Spyware attacks messaging applications in part by triggering vulnerabilities in messaging applications but also by deploying tools like keystroke loggers and screenshot applications. https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-targ…
…
continue reading
1
A Practical Look at Incident Handling: How a Sunday Night Bug Bounty Email Triggered a Full Investigation | A Screenly Brand Spotlight Conversation with Co-founder of Screenly, Viktor Petersson
17:48
17:48
Play later
Play later
Lists
Like
Liked
17:48
This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validat…
…
continue reading
1
MSP Cybersecurity: Governments Target Russian Cybercrime and New Offensive Strategies
13:50
13:50
Play later
Play later
Lists
Like
Liked
13:50
The United States, United Kingdom, and Australia have imposed sanctions on the Russian hosting provider MediaLand due to its facilitation of ransomware operations. MediaLand has been linked to various cybercrime activities, including support for groups like LockBit and BlackSuit, and has been identified as a provider for cybercrime marketplaces. Th…
…
continue reading
1
Inside the Economics That Shape Modern Cybersecurity Innovations: How the Cybersecurity Startup Engine Really Works | A Conversation with Investor and Author, Ross Haleliuk | Redefining CyberSecurity with ...
47:10
47:10
Play later
Play later
Lists
Like
Liked
47:10
⬥EPISODE NOTES⬥ Understanding the Startup Engine Behind Cybersecurity This episode brings Sean Martin together with Ross Haleliuk, author, investor, product leader, and creator of Venture Insecurity, for a candid look at the forces shaping cybersecurity startups today. Ross shares how his decade of product leadership and long involvement in the sec…
…
continue reading
1
Inside the Economics That Shape Modern Cybersecurity Innovations: How the Cybersecurity Startup Engine Really Works | A Conversation with Investor and Author, Ross Haleliuk | Redefining CyberSecurity with ...
47:10
47:10
Play later
Play later
Lists
Like
Liked
47:10
⬥EPISODE NOTES⬥ Understanding the Startup Engine Behind Cybersecurity This episode brings Sean Martin together with Ross Haleliuk, author, investor, product leader, and creator of Venture Insecurity, for a candid look at the forces shaping cybersecurity startups today. Ross shares how his decade of product leadership and long involvement in the sec…
…
continue reading
1
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore
6:11
6:11
Play later
Play later
Lists
Like
Liked
6:11
Conflicts between URL mapping and URL based access control. Mapping different URLs to the same script, and relying on URL based authentication at the same time, may lead to dangerous authentication and access control gaps. https://isc.sans.edu/diary/Conflicts%20between%20URL%20mapping%20and%20URL%20based%20access%20control./32518 Sha1-Hulud, The Se…
…
continue reading
1
AI for MSPs: Bridging the Skills Gap and Enhancing Cloud Managed Services Profitability
14:16
14:16
Play later
Play later
Lists
Like
Liked
14:16
Cloud managed services are experiencing rapid growth, with the market projected to expand from approximately $50.62 billion in 2025 to $120 billion by 2035, reflecting a compound annual growth rate of 8.16%. This growth is driven by organizations across various sectors, including finance and healthcare, seeking to enhance their cloud operations and…
…
continue reading
1
Author Kate O'Neill's Book "What Matters Next": AI, Meaning, and Why We Can't Delegate Creativity | Redefining Society and Technology with Marco Ciappelli
48:35
48:35
Play later
Play later
Lists
Like
Liked
48:35
Author Kate O'Neill's Book "What Matters Next": AI, Meaning, and Why We Can't Delegate Creativity | Redefining Society and Technology with Marco Ciappelli Kate O'Neill: https://www.koinsights.com/books/what-matters-next-book/ Marco Ciappelli: https://www.marcociappelli.com/ When Kate O'Neill tells me that AI's most statistically probable outcome is…
…
continue reading
1
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
4:59
4:59
Play later
Play later
Lists
Like
Liked
4:59
Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attem…
…
continue reading
1
AI Governance: Balancing Power, Bias, and Transparency in Democracy and Business
20:33
20:33
Play later
Play later
Lists
Like
Liked
20:33
The discussion centers on the book "Rewiring Democracy," authored by Bruce Schneier and Nathan E. Sanders, which explores the implications of artificial intelligence (AI) on governance, power distribution, and democratic principles. The authors highlight the risks associated with AI, particularly the concentration of power among a few corporations,…
…
continue reading
1
MSP Events Shift: From Mega Conferences to Micro Communities and the Rise of Cybersecurity Focus
44:02
44:02
Play later
Play later
Lists
Like
Liked
44:02
MSP events are experiencing a notable shift, with a growing preference for smaller, localized gatherings over traditional mega-conferences. Jessica Davis, Principal Analyst at Omdia, highlights that this trend is driven by factors such as increased travel costs and a desire for more meaningful community interactions. Research indicates that MSPs ar…
…
continue reading
1
Solar EV That Never Needs Charging w/ Robert Hoevers (Squad Mobility) | Brand Highlight Story
6:02
6:02
Play later
Play later
Lists
Like
Liked
6:02
The Solar Car That Charges Itself While You Live Your Life Growing up, I always wondered: why can't cars just recharge themselves as we drive? Turns out, someone finally built exactly that. Robert Hoevers and his team at Squad Mobility created a solar-powered city car that does something brilliantly simple—it charges itself. There's a solar panel o…
…
continue reading
1
Cyberattacks Surge 85% During Shutdown; Telecom Security Regulations Weaken Amid AI Evolution
15:53
15:53
Play later
Play later
Lists
Like
Liked
15:53
Cyberattacks against U.S. government employees surged by 85% during the recent government shutdown, with projections estimating over 555 million attacks by the end of November 2025. These attacks, characterized as targeted digital assaults rather than generic phishing attempts, exploit vulnerabilities during periods of financial stress, particularl…
…
continue reading
1
Gemini 3 reactions, Fortinet/Chrome zero-days, a Cloudflare monoculture and a billion-dollar crypto twist
2:19:41
2:19:41
Play later
Play later
Lists
Like
Liked
2:19:41
(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 73: The buddies react to Google’s release of Gemini 3 and its early performance, new Chrome interface changes landing on users’ machi…
…
continue reading
1
Checklist 450 - Weak Passwords and Deepfake Celebrities 2025
21:03
21:03
Play later
Play later
Lists
Like
Liked
21:03
It is that time of year. Time to reflect… to look back… to realize how little we've learned, and shake our heads in sadness. 123456 is still the most used password according to a new study - and people still think that Taylor Swift is trying to sell them stuff on social media. We're looking at weak passwords and deepfake celebrities for 2025 on thi…
…
continue reading
1
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection.
14:09
14:09
Play later
Play later
Lists
Like
Liked
14:09
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757) We observed some exploit attempts in September against an Oracle Identity Manager vulnerability that was patched in October, indicating that exploitation may have occurred prior to the patch being released. https://isc.sans.edu/diary/Oracle%20Identity%20Manager%20Exploit%20…
…
continue reading
1
AI Race Heats Up: Google Gemini 3, Intuit ChatGPT, OpenAI Codex MAX, and EU GDPR Changes
18:52
18:52
Play later
Play later
Lists
Like
Liked
18:52
Google has launched its latest AI model, Gemini 3, which is designed to enhance multimodal processing capabilities by simultaneously handling text, images, and audio. This model, particularly the Gemini 3 Pro version, aims to improve the accuracy and reasoning capabilities of AI systems, positioning Google to compete more effectively with OpenAI in…
…
continue reading
1
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
1:02:33
1:02:33
Play later
Play later
Lists
Like
Liked
1:02:33
Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites. Follow us on X Got any ideas and suggestions? Feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ====== Links ====== Foll…
…
continue reading
1
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers
6:34
6:34
Play later
Play later
Lists
Like
Liked
6:34
Unicode: It is more than funny domain names. Unicode can cause a number of issues due to odd features like variance selectors and text direction issues. https://isc.sans.edu/diary/Unicode%3A%20It%20is%20more%20than%20funny%20domain%20names./32472 FortiWeb Multiple OS command injection in API and CLI A second silently patched vulnerability in FortiW…
…
continue reading
1
Microsoft's AI Agent 365 Launch, Vendor Integrations, and Cybersecurity Media Consolidation
17:24
17:24
Play later
Play later
Lists
Like
Liked
17:24
Microsoft has launched Agent 365, a management platform designed for overseeing AI agents within enterprise environments. This platform, now available in early access, includes features such as the Microsoft Entra Registry for managing agent identities, risk-based access policies, and performance measurement tools. The introduction of Agent 365 sig…
…
continue reading
1
Beg Bounty: The New Wave of Unrequested Bug Claims and What They Mean | A Conversation with Casey Ellis | Redefining CyberSecurity with Sean Martin
36:25
36:25
Play later
Play later
Lists
Like
Liked
36:25
⬥EPISODE NOTES⬥ Understanding Beg Bounties and Their Growing Impact This episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security…
…
continue reading
1
Beg Bounty: The New Wave of Unrequested Bug Claims and What They Mean | A Conversation with Casey Ellis | Redefining CyberSecurity with Sean Martin
36:25
36:25
Play later
Play later
Lists
Like
Liked
36:25
⬥EPISODE NOTES⬥ Understanding Beg Bounties and Their Growing Impact This episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security…
…
continue reading
1
EP19 The Art of Deconstructing Problems: Tools, Tactics, and the ScatterBrain Obfuscator with Nino Isakovic
1:53:18
1:53:18
Play later
Play later
Lists
Like
Liked
1:53:18
In this episode, we’re joined by Nino Isakovic, a long-time low-level security expert, for a thought-provoking conversation that spans the foundational and the cutting-edge. Nino discusses the art of deconstructing problems—sharing insights on how to learn effectively, the building blocks of a robust RE toolkit, and the critical shift required in o…
…
continue reading
1
SANS Stormcast Wednesday, November 19th, 2025: Kong Tuke; Cloudflare Outage
4:38
4:38
Play later
Play later
Lists
Like
Liked
4:38
KongTuke Activity This diary investigates how a recent Kong Tuke infections evolved all the way from starting with a ClickFix attack. https://isc.sans.edu/diary/KongTuke%20activity/32498 Cloudflare Outage Cloudflare suffered a large outage today after an oversized configuration file was loaded into its bot protection service https://x.com/dok2001 G…
…
continue reading
1
AI-Driven Cyber Threats Surge: SMBs Embrace MDR, Shadow AI, and Evolving Malware Tactics
14:56
14:56
Play later
Play later
Lists
Like
Liked
14:56
The rise of artificial intelligence (AI) in cyber attacks is prompting small and medium-sized businesses (SMBs) to adopt managed detection and response (MDR) services and explore autonomous security operations centers (SOCs). Research from TechAisle indicates that awareness of MDR among SMBs increased from 39% in 2023 to 61% in 2025, with 89% of mi…
…
continue reading
1
SANS Stormcast Tuesday, November 18th, 2025: Binary Expression Decoding. Tea NPM Pollution; IBM AIX NIMSH Vulnerability
4:58
4:58
Play later
Play later
Lists
Like
Liked
4:58
Decoding Binary Numeric Expressions Didier updated his number to hex script to support simple arithmetic operations in the text. https://isc.sans.edu/diary/Decoding%20Binary%20Numeric%20Expressions/32490 Tea Token NPM Pollution The NPM repository was hit with around 150,000 submissions that did not contain any useful contributions, but instead atte…
…
continue reading
1
IT Budgets Surge as AI Reshapes Roles; VMware Disruption Sparks Modernization Opportunities
17:55
17:55
Play later
Play later
Lists
Like
Liked
17:55
The recent partnership between OpenAI and Search Kings, a digital marketing firm, aims to provide ChatGPT services to small and medium-sized businesses (SMBs), particularly in the home services sector. This collaboration is designed to facilitate the integration of artificial intelligence into SMB operations, addressing the challenges these busines…
…
continue reading
1
Cybersecurity at Nanosecond Speed | Securing High Frequency Trading
59:58
59:58
Play later
Play later
Lists
Like
Liked
59:58
In this episode of the Security Cocktail Hour, guest Jatin Mannepalli introduces co-hosts Joe Patti and Adam Roth the high-speed, high stakes world of high frequency trading (HFT) and its many security challenges. The conversation delves into the intricacies of high frequency trading, the stress of incident response, and the importance of redundanc…
…
continue reading
1
SANS Stormcast Monday, November 17th, 2025: New(isch) Fortiweb Vulnerability; Finger and ClickFix
7:10
7:10
Play later
Play later
Lists
Like
Liked
7:10
Fortiweb Vulnerability Fortinet, with significant delay, acknowledged a recently patched vulnerability after exploit attempts were seen publicly. https://isc.sans.edu/diary/Honeypot+FortiWeb+CVE202564446+Exploits/32486 https://labs.watchtowr.com/when-the-impersonation-function-gets-used-to-impersonate-users-fortinet-fortiweb-auth-bypass/ https://fo…
…
continue reading
