))
A podcast about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security professionals need to know, or refresh the memories of seasoned veterans.
…
continue reading
Automation, Generative AI, Shift Left - the world of application security is evolving fast! Security Journey introduces the newest go-to AppSec resource, The Security Champions Podcast, hosted by Director of Application Security Michael Burch.Gain exclusive insight from software development leaders and security experts – from recounting their security champion journey to diving into the latest headlines in the AppSec world. Learn how to build, maintain and scale a successful software securit ...
…
continue reading
Securing the future of DevOps and AI: real talk with industry leaders.
…
continue reading
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
Strange tales of hacking, tech, internet grifters, AI, and security with Jordan & Scott. Are internet hitmen really a thing? What does someone do with a crypto wallet full of millions and a lost password? Did a Minecraft scammer really hack the president? Hacked is a technology show about people hacking things together and apart, with your old pals Jordan Bloemen and Scott Francis Winder. Get at us via [email protected].
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
The world of application development moves quickly. New tools, new processes, and new threats are always popping up. Through enlightening interviews with industry leaders, From Code to the Cloud helps you stay on top of new developments in Low Code and Salesforce DevOps.
…
continue reading
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
…
continue reading
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
…
continue reading
The OWASP Podcast Series is a recorded series of discussions with thought leaders and practitioners who are working on securing the future for coming generations.
…
continue reading
Felix takes a weekly look at Internet of Things (IoT) cyber security. Perfect for IoT project managers, developers, and those learning about penetration testing in this niche area. Email Felix using [email protected] Find You Gotta Hack That on Twitter @gotta_hack yougottahackthat.com
…
continue reading
For more than a dozen years, the Stack Overflow Podcast has been exploring what it means to be a software developer and how the art and practice of programming is changing our world. From Rails to React, from Java to Node.js, join the Stack home team for conversations with fascinating guests to help you understand how technology is made and where it’s headed.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
A weekly podcast of all things application security related. Hosted by Ken Johnson and Seth Law.
…
continue reading
Join host Chris Lindsey as he digs into the world of Application Security with experts from leading enterprises. Each episode is theme based, so it's more conversational and topic based instead of the general interview style. Our focus is growing your knowledge, providing useful tips and advice. With Chris' development background of 35 years, 15+ years of secure coding and 3+ years running an application security program for large enterprise, the conversations will be deep and provide a lot ...
…
continue reading
Main AI by CodeRabbit is a podcast that brings you deep conversations with legendary developers who've shaped the tools we use every day. We explore how artificial intelligence is transforming software development while celebrating the creators and tools that built our foundation. Each episode features intimate discussions about building developer tools, maintaining open source projects, and navigating the evolution of technology.
…
continue reading
DevOps was always meant to include security, but in reality, the cultures didn’t align—leaving many organizations without a mature DevSecOps strategy. So how do you complete the DevSecOps journey? Join Techstrong and Checkmarx for DevSecOps: Cracking the Code, a new webinar series packed with expert insights and actionable advice to help you successfully evolve from DevOps to DevSecOps.
…
continue reading
A podcast focusing on the intersection between cybersecurity, national security, and geopolitics
…
continue reading
Error Code is a biweekly narrative podcast that provides you both context and conversation with some of the best minds working today toward code resilience and dependability. Work that can lead to autonomous vehicles and smart cities. It’s your window in the research solving tomorrow’s code problems today.
…
continue reading
Cyber Security News, Analysis and Opinion
…
continue reading
About all things AppSec, DevOps, and DevSecOps. Hosted by Mike Shema and John Kinsella, the podcast focuses on helping its audience find and fix software flaws effectively.
…
continue reading
Welcome to For a Cloudy Day, the podcast where we talk about the cloud technology industry with insights from experts. Hosted by Co-native, the home of cloud specialists.
…
continue reading
An IFPOD production for IFPO the very first security podcast called Security Circle. IFPO is the International Foundation for Protection Officers, and is an international security membership body that supports front line security professionals with learning and development, mental Health and wellbeing initiatives.
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
1
Software Engineering Institute (SEI) Podcast Series
Members of Technical Staff at the Software Engineering Institute
51
408
The SEI Podcast Series presents conversations in software engineering, cybersecurity, and future technologies.
…
continue reading
As more and more organizations continue to adopt low code as a standard practice for solution development, information technology professionals find themselves learning new skills, translating professional development skills into low code tools and implementing governance and service management strategies. Learn from Microsoft MVPs, Microsoft Product team members, and Microsoft Power Platform users how they approached building solutions using Microsoft Power Platform.
…
continue reading
Larry and Kerry talk about parenting issues during Covid-19 isolation period
…
continue reading
Breaking the Internet is a podcast about tech for tech - but we’re not like other girls. Serena (@shenetworks) and Ali (@endingwithali) take to the mic to talk about the industry, trends, history and more.
…
continue reading
The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.
…
continue reading
A weekly podcast about web design and development with a little zest from Amy Dutton and Brad Garropy
…
continue reading
Software's best weekly news brief, deep technical interviews & talk show.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
Join us for interesting conversations about technology and the business of IT.
…
continue reading
1
Relationship advice by The Relationship Code..
Brett and Marie Jones. International relationship experts and authors.
10297
For Dynamic Couples and Songles Short , smart, incise strategies to boost your Relationship, Love, Family.
…
continue reading
Security Boulevard is the destination for the security community to stay up on the latest news, discussion and analysis. Home of the Security Bloggers Network, Security Boulevard has more security related content than anywhere else on the web.
…
continue reading
The Security Table is four cybersecurity industry veterans from diverse backgrounds discussing how to build secure software and all the issues that arise!
…
continue reading
Revenera experts are joined by industry leaders for discussions on all the latest talking points in the world of software.
…
continue reading
Code WACK! shines a light on our callous healthcare system and what we can do about it. It reveals the healthcare hassles that - far from being just annoying - threaten our peace of mind, our financial security and at times, our very lives. Join us each week as we chat about the challenges that patients and healthcare providers face, amplifying their voices and examining a range of possible solutions, including Medicare for All. Powered by HEAL California, a project of the California OneCare ...
…
continue reading
Code Patrol scrutinizes the month’s tech scene with code-colored glasses. Computer security industry veteran Lisa Vaas chats with guests about all things security — be it cybercrime, hacking, DevSecOps, and beyond — that collide with the code that runs the world.
…
continue reading
Learn to Code is a podcast hosted by Chris Castiglione (OneMonth.com) based in Brooklyn, NY. Each week Chris interviews successful business founders, startups and programmers to ask them: How did you learn to code? What tips and tricks do you have for finding meaningful work? Learn more about One Month and the Learn to Code podcast at www.onemonth.com.
…
continue reading
Entertaining information focused on Fintech industry insights, market trends, news, and life stories from Fintech leaders, thinkers, and doers.
…
continue reading
The law affects our lives and our society in many unique and profound ways. Reasonably Speaking, produced by The American Law Institute, features interviews with legal experts on some of the most important legal topics of our time. Each episode takes you through the law in action, beyond courtrooms and casebooks. Whether you are a legal scholar or a concerned citizen, this examination of the relationship between our laws and our society will leave you with a better understanding of how we go ...
…
continue reading
A short summary of the latest cyber security news and trends, from the perspective of business leaders and owners. Hosts Trish and Tom provide plain English explanations along with practical advice to keep your business safe and secure from cyber crime and disruption. For cyber security help and advice, speak to Cool Waters Cyber: www.cool-waters.co.uk
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
1
Dustin Lehr - Code, Culture, and Community
1:04:44
1:04:44
Play later
Play later
Lists
Like
Liked
1:04:44
Dustin Lehr joined Security Journey as Director of Application Security Advocacy. With nearly two decades of experience as a software engineer, application architect, and cybersecurity leader, Dustin has ample expertise in the industry. In this episode of The Security Champions Podcast, Dustin joined to explore the interconnected roles of secure co…
…
continue reading
1
Actively Exploited: Commvault Web Shells, Active! mail RCE, and Brocade Code Injection Now in KEV
17:21
17:21
Play later
Play later
Lists
Like
Liked
17:21
Three actively exploited vulnerabilities—CVE-2025-42599 (Qualitia Active! mail), CVE-2025-3928 (Commvault Web Server), and CVE-2025-1976 (Broadcom Brocade Fabric OS)—have been added to CISA’s KEV catalog. The Qualitia flaw is a remote stack-based buffer overflow (CVSS 9.8) allowing code execution without authentication. Commvault's vulnerability pe…
…
continue reading
1
Ep. 8 – OTP Flaw & Remote Code Execution: When Small Flaws Go Critical
15:45
15:45
Play later
Play later
Lists
Like
Liked
15:45
A broken logout flow let attackers hijack accounts using just a user ID. A self-XSS and an IDOR exposed stored data. And a forgotten internal tool—running outdated software—ended in full Remote Code Execution. This episode is all about how small bugs, missed checks, and overlooked services can lead to serious consequences. Chapters: 00:00 - INTRO 0…
…
continue reading
1
EP 122 From Marine to Mentor: The Jonathan Perillo Code
53:34
53:34
Play later
Play later
Lists
Like
Liked
53:34
Send us a text Summary of Episode: 🎙️ Episode Summary: Jonathan Perillo on Purpose, Mentorship, and the Evolving Security Industry Introduction & Background Jonathan shares his journey from joining the U.S. Marines post-9/11 to building a career in private security. His early interest in the Coast Guard shifted to the Marines after meeting a recrui…
…
continue reading
1
Progress and Gaps in Securing Salesforce Digital Experiences
29:51
29:51
Play later
Play later
Lists
Like
Liked
29:51
Protecting Salesforce digital experiences is critical to delivering the seamless, secure services your customers expect. Join Justin Hazard, Principal Security Architect at AutoRABIT, and Matt Meyers, Salesforce Certified Technical Architect and CEO of Adaptus, as they dive into the challenges and strategies for safeguarding Salesforce digital expe…
…
continue reading
1
Updating Risk Assessment in the CERT Secure Coding Standard
26:04
26:04
Play later
Play later
Lists
Like
Liked
26:04
Bringing a codebase into compliance with the SEI CERT Coding Standards, requires a cost of time and effort, namely in the form of a static analysis tool. But those who are familiar with static analysis tools know that the alerts are not always reliable and produce false positives that must be detected and disregarded. This year, we plan on making s…
…
continue reading
1
Autonomous ships, cyber security and the workboat code
19:06
19:06
Play later
Play later
Lists
Like
Liked
19:06
In this conversation, Felix and Oli discuss the development of a hydrogen-powered uncrewed surface vessel (USV) and the associated cybersecurity challenges. They explore the importance of integrating cybersecurity measures from the outset, navigating regulatory frameworks like Workboat Code 3, and the ongoing challenges of ensuring compliance and s…
…
continue reading
1
Fortinet Exploits, Windows INET Folder, and AI Code Risks: Cyber Security Today for April 14
6:46
6:46
Play later
Play later
Lists
Like
Liked
6:46
In this episode of Cybersecurity Today, host David Shipley discusses several pressing concerns in the cybersecurity landscape. Attackers have been exploiting Fortinet VPN devices to maintain access even after patches were applied; administrators are urged to upgrade and follow recovery guidance. Microsoft has created a new INET Pub folder through i…
…
continue reading
1
Episode 83: Managed Security (w/ Mihaela and Shawn)
25:11
25:11
Play later
Play later
Lists
Like
Liked
25:11
In this episode of The Low Code Approach, we are joined by Mihaela Blendea and Shawn Nandi to dive into the transformative world of Managed Security for Microsoft Power Platform. Discover how this suite of advanced security features is revolutionizing the way organizations protect their data, manage access, and ensure compliance in an AI-driven era…
…
continue reading
1
SANS Stormcast Thursday, May 1st: Sonicwall Attacks; Cached Windows RDP Credentials
6:28
6:28
Play later
Play later
Lists
Like
Liked
6:28
Web Scanning for Sonicwall Vulnerabilities CVE-2021-20016 For the last week, scans for Sonicwall API login and domain endpoints have skyrocketed. These attacks may be exploiting an older vulnerability or just attempting to brute force credentials. https://isc.sans.edu/diary/Web%20Scanning%20Sonicwall%20for%20CVE-2021-20016/31906 The Wizards APT Gro…
…
continue reading
1
LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time
24:46
24:46
Play later
Play later
Lists
Like
Liked
24:46
LayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that your browser is the most vulnerable—and most overlooked—part of your cybersecurity stack. In this episode, we explore how LayerX turns everyday browsers like Chrome and Firefox into intelligent defense age…
…
continue reading
1
$10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform
13:04
13:04
Play later
Play later
Lists
Like
Liked
13:04
In this episode, we dive into the story of Pistachio, the Norwegian cybersecurity startup that just raised $7 million in new funding—bringing its total to $10.5 million. Pistachio isn’t building another firewall or antivirus tool; it’s targeting the weakest link in most security systems: people. With AI-powered phishing attacks becoming increasingl…
…
continue reading
1
AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices
14:23
14:23
Play later
Play later
Lists
Like
Liked
14:23
In this episode, we dive deep into AirBorne — a critical set of vulnerabilities in Apple’s AirPlay protocol and SDK, recently uncovered by security researchers at Oligo. These flaws enable zero-click, wormable remote code execution (RCE) attacks across iPhones, Macs, Apple TVs, CarPlay systems, and millions of third-party devices. Even more alarmin…
…
continue reading
1
#44 How to Hack What No One Teaches ft. Noah Pack
33:17
33:17
Play later
Play later
Lists
Like
Liked
33:17
In this episode of The Hacker’s Cache, I sit down with Noah Pack, an aerospace pentester with a ridiculous cert stack and an unconventional mindset. We talk about hacking obscure systems with no public tools or documentation, transitioning from SOC analyst to pentester, and why reading the manual might be your secret weapon. If you’ve ever wondered…
…
continue reading
1
Cybersecurity Incidents: Musk's Staffers, Canadian Power Utility Attack, and Massive Password Leak
8:43
8:43
Play later
Play later
Lists
Like
Liked
8:43
In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. Two members of Elon Musk's 'Department of Government Efficiency' reportedly gained access to classified US nuclear networks, though accounts were never activated. Nova Scotia Power faces a cyber attack affecting customer services but not critical inf…
…
continue reading
1
SANS Stormcast Wednesday, April 30th: SMS Attacks; Apple Airplay Vulnerabilities
8:51
8:51
Play later
Play later
Lists
Like
Liked
8:51
More Scans for SMS Gateways and APIs Attackers are not just looking for SMS Gateways like the scans we reported on last week, but they are also actively scanning for other ways to use APIs and add on tools to send messages using other people s credentials. https://isc.sans.edu/diary/More%20Scans%20for%20SMS%20Gateways%20and%20APIs/31902 AirBorne: A…
…
continue reading
Zero Trust is a security model based on default-deny policies and fine-grained access control governed by identity, authentication, and contextual signals. For RSAC 2025, John Kindervag, Chief Evangelist of Illumio and the creator of Zero Trust, talks about introducing a "protect surface" into legacy OT systems —isolating critical data, application…
…
continue reading
1
The Silent Majority: Why 51% of Internet Traffic Is Now Bots
13:03
13:03
Play later
Play later
Lists
Like
Liked
13:03
The bots have taken over—and they’re not just crawling your website. In this episode, we dig into the alarming reality that automated bots now generate over half of all internet traffic. Armed with artificial intelligence and cloaked in residential proxies, these bots are evolving beyond simple scripts into highly evasive, persistent threats target…
…
continue reading
1
Episode 85: We're Chatting Agents! (w/ Mark Smith)
30:57
30:57
Play later
Play later
Lists
Like
Liked
30:57
In this episode, Ken, Sean, and Jocelyn sit down with industry expert Mark Smith, the NZ365 guy, to explore the current state of AI agents in the real world. They delve into the practical applications, challenges, and innovations surrounding AI agents, discussing how these intelligent systems are transforming various industries. From personal produ…
…
continue reading
1
From 1,382 to 4 Million: What VeriSource Didn’t Know (or Say)
9:02
9:02
Play later
Play later
Lists
Like
Liked
9:02
In this episode, we investigate the massive data breach at VeriSource Services, Inc. (VSI), a Houston-based HR outsourcing and employee benefits administrator. Initially reported as affecting fewer than 2,000 individuals, the breach has now ballooned to a confirmed 4 million affected people. We trace the timeline from the initial detection of suspi…
…
continue reading
1
The Case For Steward Ownership And Open Source With Melanie Rieback
44:11
44:11
Play later
Play later
Lists
Like
Liked
44:11
Episode Summary Is the traditional Silicon Valley startup model harming the security industry? In this episode of The Secure Developer, Danny Allan talks with Melanie Rieback, founder of Radically Open Security, about shaking up the industry with nonprofit business models. Tuning in, you’ll learn about the inner workings of Radically Open Security …
…
continue reading
1
Secure Designs, UX Dragons, Vuln Dungeons - Jack Cable - ASW #328
44:08
44:08
Play later
Play later
Lists
Like
Liked
44:08
In this live recording from BSidesSF we explore the factors that influence a secure design, talk about how to avoid the bite of UX dragons, and why designs should put classes of vulns into dungeons. But we can't threat model a secure design forever and we can't oversimplify guidance for a design to be "more secure". Kalyani Pawar and Jack Cable joi…
…
continue reading
1
“We’re not replacing you; we’re with you”: Where AI meets infrastructure
21:22
21:22
Play later
Play later
Lists
Like
Liked
21:22
The Geminus platform is built to automatically integrate data, physics, and computation for autonomous control of complex systems. Explore the platform or get in touch. Find Greg on LinkedIn.By Greg Fallon, Ryan Donovan
…
continue reading
1
SANS Stormcast Tuesday, April 29th: SRUM-DUMP 3; Policy Puppetry; Choice Jacking; @sansinstitute at #RSAC
7:37
7:37
Play later
Play later
Lists
Like
Liked
7:37
SRUM-DUMP Version 3: Uncovering Malware Activity in Forensics Mark Baggett released SRUM-DUMP Version 3. The tool simplifies data extraction from Widnows System Resource Usage Monitor (SRUM). This database logs how much resources software used for 30 days, and is invaluable to find out what software was executed when and if it sent or received netw…
…
continue reading
1
Inside the DARPA AI Cyber Challenge: Securing Tomorrow’s Critical Infrastructure Through AI and Healthy Competition | An RSAC Conference 2025 Conversation with Andrew Carney | On Location Coverage with ...
27:35
27:35
Play later
Play later
Lists
Like
Liked
27:35
During RSAC Conference 2025, Andrew Carney, Program Manager at DARPA, and (remotely via video) Dr. Kathleen Fisher, Professor at Tufts University and Program Manager for the AI Cyber Challenge (AIxCC), guide attendees through an immersive experience called Northbridge—a fictional city designed to showcase the critical role of AI in securing infrast…
…
continue reading
Zach Bellay tells us about the devil and the angel on his shoulders, Pete Koomen thinks today’s AI apps are like horseless carriages, Hyperwood is an open source system for crafting furniture from simple wooden slats, Scott Antipa agrees with YAGNI but adds YAGRI & Antony Henao debunks three common myths that get engineers stuck. View the newslette…
…
continue reading
1
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
11:39
11:39
Play later
Play later
Lists
Like
Liked
11:39
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with no credentials required. In this urgent episode, we dissect: 🔓 The 5 worst flaws (CVSS 9.3+)—from hard-coded database passwords to pre-auth command injecti…
…
continue reading
1
Craft CMS Crisis: The 10.0-Rated RCE Flaw Every Developer Must Patch Now
14:51
14:51
Play later
Play later
Lists
Like
Liked
14:51
A critical, actively exploited vulnerability (CVE-2025-32432) is wreaking havoc on Craft CMS—allowing attackers to execute arbitrary PHP code on unpatched servers with no authentication required. In this urgent episode, we break down: 💥 Why this flaw scores a perfect 10.0 CVSS—the highest severity rating possible. 🔍 How hackers are exploiting it: F…
…
continue reading
1
Unpacking the UK Cyber Governance Code of Practice
12:40
12:40
Play later
Play later
Lists
Like
Liked
12:40
Tune into this episode for a deep dive into the UK government's Cyber Governance Code of Practice. This Code is a crucial resource designed specifically for boards and directors. Understanding it can significantly benefit your organisation. By listening, you will gain insights into: • Why cyber governance is essential for modern businesses and orga…
…
continue reading
1
Policy Puppetry: How a Single Prompt Can Trick ChatGPT, Gemini & More Into Revealing Secrets
12:44
12:44
Play later
Play later
Lists
Like
Liked
12:44
Recent research by HiddenLayer has uncovered a shocking new AI vulnerability—dubbed the "Policy Puppetry Attack"—that can bypass safety guardrails in all major LLMs, including ChatGPT, Gemini, Claude, and more. In this episode, we dive deep into: 🔓 How a single, cleverly crafted prompt can trick AI into generating harmful content—from bomb-making g…
…
continue reading
1
National Day of Action: Single payer & the power of righteous fury
17:01
17:01
Play later
Play later
Lists
Like
Liked
17:01
This week on CodeWACK! Why is National Single Payer organizing a National Day of Action on May 31 amid cuts and freezes to public health programs? How has an incremental approach to universal health care in America made comprehensive healthcare reform more difficult? To find out, we recently talked to Dr. Ana Malinow, who spent three decades workin…
…
continue reading
Pandas is at a the core of virtually all data science done in Python, that is virtually all data science. Since it's beginning, Pandas has been based upon numpy. But changes are afoot to update those internals and you can now optionally use PyArrow. PyArrow comes with a ton of benefits including it's columnar format which makes answering analytical…
…
continue reading
1
Cybersecurity Updates: CEO Legal Troubles, Global Cyber Rules, Microsoft Fix Issues, and AI at B-Side SF
8:49
8:49
Play later
Play later
Lists
Like
Liked
8:49
In this episode of 'Cybersecurity Today', host David Shipley covers multiple key stories: Veritaco CEO Jeffrey Bowie is charged with attempting to infect a hospital with malware. Global Chief Information Security Officers (CISOs) call on world governments to harmonize cybersecurity regulations. Issues arise with Microsoft's recent 'Mystery Folder' …
…
continue reading
1
SANS Stormcast Monday, April 28th: Image Steganography; SAP Netweaver Exploited
7:55
7:55
Play later
Play later
Lists
Like
Liked
7:55
Example of a Payload Delivered Through Steganography Xavier and Didier published two diaries this weekend, building on each other. First, Xavier showed an example of an image being used to smuggle an executable past network defenses, and second, Didier showed how to use his tools to extract the binary. https://isc.sans.edu/diary/Example%20of%20a%20…
…
continue reading
1
EP 123 Alex Bomberg: Bugging, Bribery, and Battle Scars: Tales from the Shadows
49:51
49:51
Play later
Play later
Lists
Like
Liked
49:51
Send us a text Get ready for an adrenaline-charged deep dive into the world of espionage with Alex Bomberg — from army life and corporate spying to the psychology of secrets. Alex shares jaw-dropping stories, career lessons, and why the real battlefield today is inside your mind. Expect truth bombs, laughs, and a few surprises along the way. Alex B…
…
continue reading
A tech worker stumbles upon mass fraud and brings receipts, a flag football prank goes very right, a teenager uses Net Send and gets in trouble — but not as much as the person they're in trouble with, and a guy almost sends his pal on a "Taken" style revenge mission to Kosovo. Got a strange tale of technology, security, or hacking? Share it at Hotl…
…
continue reading
1
Understanding SaaS Security: Insights, Challenges, and Best Practices
38:05
38:05
Play later
Play later
Lists
Like
Liked
38:05
In this episode of Cybersecurity Today, host Jim Love delves into the topic of SaaS (Software as a Service) security. Sharing his early experiences promoting SaaS, Jim elaborates on its inevitable rise due to cost-effectiveness and shared development resources. The episode highlights security concerns with SaaS, such as shadow IT and weak access co…
…
continue reading
Join us on a journey to make believe worlds with our good friend Mat Ryer. The assignment; we each get to make up a new world where we invent a new gadget and declare a new rule. This episode is sure to delight loyal fans and especially those who enjoy Mat Ryer on the show and a good/bad song or two. Join the discussion Changelog++ members get a bo…
…
continue reading
1
Lazarus Strikes Again: Inside Operation SyncHole and the 1-Day Exploitation Crisis
12:49
12:49
Play later
Play later
Lists
Like
Liked
12:49
In this episode, we break down the most urgent cybersecurity developments from late April 2025—including the Lazarus Group’s high-profile “Operation SyncHole” targeting South Korean industries. Discover how attackers are exploiting newly disclosed vulnerabilities faster than ever, with nearly 1 in 3 CVEs weaponized within 24 hours of publication. W…
…
continue reading
1
OAuth Phishing and Microsoft 365: The Hidden Threats SMBs Can't Ignore
13:54
13:54
Play later
Play later
Lists
Like
Liked
13:54
In this episode, we dissect the real-world challenges of securing Microsoft 365 environments—especially for small and medium-sized businesses—amid rising threats and licensing limitations. From Reddit frustrations to official Microsoft documentation, we explore the harsh truth: many essential security features, like alerting on suspicious logins, r…
…
continue reading
1
Why Outlook Is Eating Your CPU — And What Microsoft Says About It
12:17
12:17
Play later
Play later
Lists
Like
Liked
12:17
Microsoft has acknowledged a serious issue affecting users of classic Outlook for Windows: CPU usage spikes up to 50% just from typing emails. First appearing in builds released since November 2024, this bug is now hitting users across several update channels—including Current, Monthly Enterprise, and Insider—leading to power drain, sluggish perfor…
…
continue reading
1
Record-Breaking Cybercrime Losses and Data Breaches in 2024
9:45
9:45
Play later
Play later
Lists
Like
Liked
9:45
In this episode of Cybersecurity Today, host David Shipley discusses the FBI's report on cybercrime losses in 2024, which reached a record $16.6 billion, marking a 33% increase from the previous year. The report highlights major types of cyber crimes such as phishing, spoofing, extortion, and investment fraud, with older adults being significantly …
…
continue reading
Paul Dhaliwal is the founder and CEO of CodeConductor. Priya Joseph is the AI field CEO at DDN. Lizzie Siegle is a developer advocate at Cloudflare. Erin Mikail Staples is a developer experience engineer at Galileo. This episode was recorded at HumanX last month. Next year’s event will be April 6-9, 2026 in San Francisco. Register today!…
…
continue reading
1
SANS Stormcast Friday, April 25th: SMS Gateway Scans; Comvault Exploit; Patch Window Shrinkage; More inetpub issues;
6:38
6:38
Play later
Play later
Lists
Like
Liked
6:38
Attacks against Teltonika Networks SMS Gateways Attackers are actively scanning for SMS Gateways. These attacks take advantage of default passwords and other commonly used passwords. https://isc.sans.edu/diary/Attacks%20against%20Teltonika%20Networks%20SMS%20Gateways/31888 Commvault Vulnerability CVE-2205-34028 Commvault, about a week ago, publishe…
…
continue reading
1
Trojan Map App: Spyware Targets Russian Soldiers via Alpine Quest
9:14
9:14
Play later
Play later
Lists
Like
Liked
9:14
A newly discovered Android spyware campaign is targeting Russian military personnel by weaponizing a popular mapping app. Disguised as a cracked version of Alpine Quest Pro, this trojanized app delivers Android.Spy.1292.origin—a powerful surveillance tool that steals data, tracks location in real-time, and downloads secondary payloads to extract co…
…
continue reading
1
Blue Shield Breach: 4.7 Million Health Records Leaked via Google Analytics
8:47
8:47
Play later
Play later
Lists
Like
Liked
8:47
Blue Shield of California has confirmed a data breach affecting 4.7 million members—caused not by hackers, but by a misconfigured Google Analytics setup. Sensitive health information was inadvertently exposed to Google’s ad platforms between April 2021 and January 2024. In this episode, we break down what went wrong, what data was leaked, and what …
…
continue reading
1
$16.6 Billion Lost: The True Cost of Cybercrime in America
8:48
8:48
Play later
Play later
Lists
Like
Liked
8:48
Cybercrime in the U.S. has reached new, record-breaking heights. In this episode, we dive deep into the FBI's 2024 Internet Crime Complaint Center (IC3) report — a comprehensive look at the economic and human toll of cybercrime in America. With $16.6 billion in reported losses, a 33% increase year-over-year, and 859,532 complaints filed, the data p…
…
continue reading
