Best Cyber Security Week In Review Podcasts (2025)

1
Week in Review: Velociraptor pushes LockBit, Hartman loses nomination, Sotheby’s cyberattack 36:07

Play Pause

4d ago36:07

36:07

Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Tom Hollingsworth, networking technology advisor, The Futurum Group, as well as on BlueSky, and Brett Conlon, CISO, American Century Investments Thanks to our show sponsor, Vanta What’s your 2 AM security worry? Is it “Do I have the …

1
Veeam Acquires Securiti AI for $1.725 Billion to Unite Data Resilience, Security, and AI 28:44

2h ago28:44

28:44

In one of the largest cybersecurity acquisitions of 2025, Veeam Software has announced plans to acquire Securiti AI for $1.725 billion in cash and stock, signaling a fundamental shift in how enterprises will secure, manage, and govern their data in the age of artificial intelligence. The deal, expected to close in the fourth quarter, will bring tog…

1
Defakto Raises $30.75 Million to Redefine Machine Identity Security 34:01

3h ago34:01

34:01

California-based cybersecurity firm Defakto has raised $30.75 million in Series B funding, led by XYZ Venture Capital, bringing its total investment to roughly $50 million. The new capital will power the company’s rapid expansion in product development and global market reach for its identity and access management (IAM) platform—one specifically de…

1
Dr. Allan Friedman Joins NetRise: The Father of SBOMs Goes Private to Fuse AI and Supply Chain Security 24:24

5h ago24:24

24:24

In a landmark move for the cybersecurity industry, Dr. Allan Friedman — often called the Father of SBOMs — has joined supply chain security firm NetRise as a strategic advisor. Friedman’s transition from his influential role at CISA marks a pivotal moment where public policy meets private innovation. His mission: to push the Software Bill of Materi…

1
Russian hackers replace malware with new tools, Windows updates cause login issues, campaign targets high-profile servers 8:03

2h ago8:03

8:03

Russian state hackers replace burned malware with new tools Recent Windows updates cause login issues on some PCs Sophisticated campaign targets servers of high-profile organizations Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That’s …

1
AWS outage, NSA hacking accusations, High risk WhatsApp automation 8:19

8h ago8:19

8:19

DNS failure leads to AWS outage China accuses NSA of hacking national time center Chrome store flooded with high-risk WhatsApp automation Huge thanks to our sponsor, ThreatLocker Cybercriminals don’t knock — they sneak in through the cracks other tools miss. That’s why organizations are turning to ThreatLocker. As a zero-trust endpoint protection p…

1
Pwn2Own Automotive 2026: $3 Million Bounty Targets Tesla and EV Infrastructure Flaws 24:29

1d ago24:29

24:29

The upcoming Pwn2Own Automotive 2026 hacking contest, hosted by Trend Micro’s Zero Day Initiative (ZDI), is set to redefine the economics of automotive cybersecurity. With a record-breaking $3 million prize pool, the event provides a transparent, market-driven valuation of the most dangerous vulnerabilities facing the connected vehicle ecosystem. T…

1
China Claims NSA Breached National Time Network, Threatening Finance and Defense Stability 24:09

2d ago24:09

24:09

China’s Ministry of State Security (MSS) has publicly accused the U.S. National Security Agency (NSA) of conducting a multi-year cyber espionage campaign targeting its National Time Service Center, a critical component of China’s national infrastructure responsible for maintaining and distributing standard time. According to China, the attacks — al…

1
Cl0p Ransomware Targets Oracle E-Business Suite in Global Data Extortion Spree 17:57

2d ago17:57

17:57

A new wave of Cl0p ransomware attacks has struck organizations worldwide by exploiting vulnerabilities in Oracle’s E-Business Suite (EBS) — a mission-critical enterprise management platform used by corporations and universities across the globe. The ongoing campaign, attributed to FIN11, highlights the group’s shift toward exploiting high-value bus…

1
WhatsApp Wins Landmark Case Against NSO Group Over Spyware Attacks 24:02

2d ago24:02

24:02

After six years of intense litigation, WhatsApp has secured a decisive legal victory against the NSO Group, the controversial spyware maker accused of exploiting a zero-day vulnerability to infect more than 1,400 users with surveillance malware. On October 17, 2025, a U.S. District Court issued a permanent injunction that bars NSO from targeting Wh…

1
Google Project Zero Exposes Dolby Decoder Flaw Enabling Zero-Click Android Exploits 21:44

2d ago21:44

21:44

A newly discovered vulnerability in Dolby’s Unified Decoder has sent shockwaves through the cybersecurity world. Tracked as CVE-2025-54957, the flaw — uncovered by Google Project Zero — is a critical out-of-bounds write vulnerability that allows remote code execution (RCE) when a specially crafted audio file is decoded. The issue stems from an inte…

1
Europol dismantles SIM farm, Envoy Air compromised, Everest claims Collins hack 8:34

1d ago8:34

8:34

Europol dismantles 49 million fake account SIM farm Envoy Air confirms Oracle E-Business Suite compromise Cybercrime group Everest claims Collins Aerospace hack Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That’s what ThreatLocker deli…

1
AISLE Launches AI Cyber Reasoning System to Shrink Patch Times from Weeks to Minute 23:54

5d ago23:54

23:54

AISLE has entered the cybersecurity arena with an AI-native Cyber Reasoning System (CRS) built to do what most tools don’t: fix vulnerabilities—fast. While attackers increasingly use AI to weaponize new flaws in roughly five days, most organizations still average ~45 days to remediate critical issues. AISLE’s answer is an autonomous remediation pip…

1
Microsoft Blunts “Vanilla Tempest”: 200 Malicious Certificates Revoked 20:27

5d ago20:27

20:27

In early October 2025, Microsoft executed a targeted disruption against Vanilla Tempest—the threat actor also tracked as Vice Society—after uncovering a streamlined, high-impact campaign that deployed Rhysida ransomware through a cleverly staged infection chain. The operation leaned on SEO poisoning to funnel victims searching for “Microsoft Teams”…

1
Sotheby’s suffers cyberattack, Cisco “Zero Disco’ attacks, Microsoft revokes ransomware certificates 8:34

4d ago8:34

8:34

Sotheby’s suffers cyberattack Hackers exploit Cisco SNMP flaw in “Zero Disco’ attacks Microsoft revokes more than 200 certificates to disrupt ransomware campaign Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ....or the really scary one: "how do I get out…

1
MANGO discloses data breach, Jewelbug infiltrates Russian IT network, nation-state behind F5 attack? 8:50

5d ago8:50

8:50

MANGO discloses data breach Threat group 'Jewelbug' infiltrates Russian IT network F5 discloses breach tied to nation-state threat actor Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ....or the really scary one: "how do I get out from under these old too…

1
Legacy Windows protocols expose theft, Fortra admits GoAnywhere defect, Taiwan claims surge in Chinese attacks 7:43

6d ago7:43

7:43

Legacy Windows protocols still expose theft Fortra admits exploitation of GoAnywhere defect Taiwan claims surge in Chinese attack efforts Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ....or the really scary one: "how do I get out from under these old to…

1
The Deepfake Tipping Point with Frank McKenna 45:39

7d ago45:39

45:39

Fraudology is presented by Sardine. Get your tickets to Sardine[Con] and end the scamedmic In this episode of Fraudology In this must-listen episode of the Fraudology Podcast, host Karisse Hendrick welcomes back fraud prevention expert Frank McKenna, co-founder of Point Predictive. Together, they explore the explosive rise of deepfakes and AI-gener…

1
Salesforce data leak, SimonMed breach, Chipmaker vs. Dutch government 8:38

7d ago8:38

8:38

Millions of records exposed in Salesforce data leak SimonMed breach grows from hundreds to over a million Dutch government freezes Chinese-owned chipmaker Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ....or the really scary one: "how do I get out from u…

1
The “Shotgun” Botnet: How RondoDox Hijacks Routers, Cameras, and Servers Worldwide 23:28

9d ago23:28

23:28

A new and fast-growing botnet dubbed RondoDox is shaking up the global cybersecurity landscape with its “shotgun” exploitation strategy, targeting over 50 known and unknown vulnerabilities across a vast array of internet-connected devices. First detected in mid-2025, the botnet has expanded rapidly, infecting routers, servers, cameras, and DVRs fro…

1
“Inflation Refund” Scam: How Fraudsters Are Stealing Identities Through Texts 19:01

9d ago19:01

19:01

A widespread smishing campaign is sweeping across New York, luring residents with fraudulent text messages about an “Inflation Refund” from the Department of Taxation and Finance. These deceptive messages claim that recipients are eligible for a refund and must click a link to “process” it — a ploy designed to harvest personal and financial informa…

1
Juniper Networks Patches 220 Vulnerabilities in Massive October Security Update 23:29

8d ago23:29

23:29

In one of the year’s most extensive patch cycles, Juniper Networks has released its October 2025 security advisories, addressing a staggering 220 vulnerabilities across its product suite — including Junos OS, Junos Space, Junos Space Security Director, and Junos OS Evolved. Of these, nine critical flaws in Junos Space and Security Director stood ou…

1
Linked Exploitation Campaigns Target Cisco, Fortinet, and Palo Alto Networks Devices 25:08

9d ago25:08

25:08

Cyber intelligence firm GreyNoise has uncovered what appears to be a coordinated exploitation effort targeting network edge appliances from three major security vendors: Cisco, Fortinet, and Palo Alto Networks. After analyzing overlapping IP subnets, identical TCP fingerprints, and synchronized attack patterns, GreyNoise assessed with high confiden…

1
Salesforce Refuses Ransom as Scattered LAPSUS$ Hunters Leak Millions of Records 27:29

9d ago27:29

27:29

A new wave of cyber extortion has rocked the enterprise world as the Scattered LAPSUS$ Hunters—a coalition formed from the notorious Lapsus$, Scattered Spider, and ShinyHunters groups—attempted to ransom Salesforce, claiming to have stolen data from 39 of its customers. When Salesforce refused to negotiate, the hackers retaliated by publishing the …

1
Velociraptor pushes LockBit, Spain dismantles crime group, SonicWall SSL VPN breach 8:40

8d ago8:40

8:40

Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it “Do I have the right controls in place?” Or “Are my vendors secure?” ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, an…

1
Week in Review: Crowdsourced ransomware campaign, Windows 10 woes, California opts out 38:50

11d ago38:50

38:50

Link to episode page This week’s Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guests Mike Lockhart, CISO Eagleview, and Dustin Sachs, chief technologist at CyberRisk collaborative, and author of Behavioral Insights in Cybersecurity Thanks to our show sponsor, ThreatLocker Cybercriminals don’t knock — they sneak in th…

1
Microsoft Azure outage, law firm cyberattack, Russian hacktivists pwned 8:34

11d ago8:34

8:34

Azure outage blocks access to Microsoft 365 services and admin portals Major U.S. law firm suffers cyberattack Hacktivists aiming for critical infrastructure get pwned Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment — and blocking everything else by default. That’s what ThreatLock…

1
DeepMind fixes vulnerabilities, California offers data opt-out, China-Nexus targets open-source tool 7:46

12d ago7:46

7:46

Google DeepMind’s AI agent finds and fixes vulnerabilities California law lets consumers universally opt out of data sharing China-Nexus actors weaponize 'Nezha' open source tool Huge thanks to our sponsor, ThreatLocker Cybercriminals don’t knock — they sneak in through the cracks other tools miss. That’s why organizations are turning to ThreatLock…

1
North Korean attackers steal crypto. Who's sending UK phones to China? Avnet confirms data breach 7:35

13d ago7:35

7:35

1
Inside Meta’s Security Nightmare: Growth Over Safety? 42:22

16d ago42:22

42:22

22d ago28:04

28:04

A new cybersecurity startup with an infamous name attached is making headlines. SafeHill—formerly known as Tacticly—has secured $2.6 million in pre-seed funding to accelerate the development of its continuous threat exposure management (CTEM) platform, SecureIQ. Designed to overcome the shortcomings of traditional, point-in-time penetration testing…