Best Endpoint Security Software Podcasts (2025)

1
Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More. - SWN #487 33:37

3h ago33:37

33:37

Donut Holes, clickfix, rapperbots, bad devs, war, Doug Rants about Backups, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-487

1
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords 5:46

1h ago5:46

5:46

How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, N…

1
Hacking Drivers - PSW #879 2:03:17

1h ago2:03:17

2:03:17

This week: * The true details around Salt Typhoon are still unknown * The search for a portable pen testing device * Directories named "hacker2" are suspicious * Can a $24 cable compete with a $180 cable? * Hacking Tesla wall chargers * Old Zyxel exploits are new again * Hacking Asus drivers * Stealing KIAs - but not like you may think * Fake artic…

1
Ep. 251 Breaking Through Bureaucracy: Modernizing Federal Systems in an Era of Digital Urgency 29:06

11h ago29:06

29:06

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Many of today’s archaic federal systems have been built over decades. As a result, they are perfected but also fragile. One obvious source of vulnerability is the workforce that created it. It is hard to believe t…

1
Gold bars and bold lies. 45:57

12h ago45:57

45:57

Please enjoy this encore of Hacking Humans. On Hacking Humans, ⁠Dave Bittner⁠, ⁠Joe Carrigan⁠, and ⁠Maria Varmazis⁠ (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there…

1
CISO Cyber Insurance Empowerment - Morey Haber, Peter Hedberg, Stephan Jou - BSW #400 1:03:41

4d ago1:03:41

1:03:41

Segment description coming soon! This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assess…

1
Ep. 250 Can Your Agency Withstand a DDoS Attack? How Radware is Raising the Bar 26:39

1d ago26:39

26:39

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com How do you defend your website against an attack that can reach one hundred million requests a second? The federal government is in an unusual position: in addition to the "garden variety" attacks, such as phishin…

1
AI Zombie Lawyer, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet - SWN #486 36:26

2d ago36:26

36:26

AI Zombie Lawyers, Scattered Spider, ASUS, Mainframes, GrayAlpha, Backups, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-486

1
Threat Modeling With Good Questions and Without Checklists - Farshad Abasi - ASW #335 1:08:00

2d ago1:08:00

1:08:00

What makes a threat modeling process effective? Do you need a long list of threat actors? Do you need a long list of terms? What about a short list like STRIDE? Has an effective process ever come out of a list? Farshad Abasi joins our discussion as we explain why the answer to most of those questions is No and describe the kinds of approaches that …

1
Ep. 249 Securing Endpoints in Federal Systems Amid Constant Change 18:22

2d ago18:22

18:22

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Sometimes, one plus one is three. Back in 2021, McAfee’s Enterprise business merged with FireEye to form Trellix. Today, the net result is a company that generates $1.2 billion globally and $400 million in the pub…

1
SANS Stormcast Monday, June 16th, 2025: Extracting Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC 5:46

3d ago5:46

5:46

Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European …

1
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Rob Allen, Matthew Warner, Yotam Segev - ESW #411 1:19:04

6d ago1:19:04

1:19:04

Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry’s…

1
Insider threats, migrating away from cloud, RSAC interviews with Cyera and Blumira - Rob Allen, Matthew Warner, Yotam Segev - ESW #411 1:19:04

6d ago1:19:04

1:19:04

Segment 1 - Interview with Rob Allen from Threatlocker Segment 2 - Topic: Growing Trend - Edge Computing and Hybrid Cloud Segment 3 - Interviews from RSAC 2025 Cyera Cyera is the fastest-growing data security company in history, empowering companies to classify, secure, and manage their data, wherever it is, and leverage the power of the industry’s…

1
SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil 6:44

4d ago6:44

6:44

Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer. https://isc.sans.edu/diary/More+Steganography/32044 https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/ JavaScript obfuscated with JSF*CK is bei…

1
$200,000 Zoom Call, Microsoft, Zero-Click, China & HD With $649 million of Bitcoin - SWN #485 28:38

6d ago28:38

28:38

This week we have, $200,000 Zoom Call, Microsoft Teams, INTERPOL, Zero-Click, Junk Food, China & Hard Drive With $649 million of Bitcoin. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-485

1
SANS Stormcast Friday, June 13th, 2025: Honeypot Scripts; EchoLeak MSFT Copilot Vuln; Thunderbolt mailbox URL Vuln; 5:43

7d ago5:43

5:43

Automated Tools to Assist with DShield Honeypot Investigations https://isc.sans.edu/diary/Automated%20Tools%20to%20Assist%20with%20DShield%20Honeypot%20Investigations%20%5BGuest%20Diary%5D/32038 EchoLeak: Zero-Click Microsoft 365 Copilot Data Leak Microsoft fixed a vulnerability in Copilot that could have been abused to exfiltrate data from Copilot…

1
UEFI Vulnerabilities Galore - PSW #878 2:10:48

7d ago2:10:48

2:10:48

This week: You got a Bad box, again Cameras are expose to the Internet EU and connected devices Hydrophobia NVRAM variables Have you heard about IGEL Linux? SSH and more NVRAM AI skeptics are nuts, and AI doesn't make you more efficient Trump Cybersecurity orders I think I can root my Pixel 6 Decentralized Wordpres plugin manager Threat actor namin…

1
Ep. 248 Federal Efficiency Starts with Talent: What HR Experts Know 26:23

8d ago26:23

26:23

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com If you are a regular listener, you know that I interview tech companies to have them elucidate the ways they can help federal agencies reach goals. Today, I will pull back the curtain and sit down with an HR profe…

1
Managing online security throughout the decades. 43:09

7d ago43:09

43:09

This week, our hosts⁠⁠⁠⁠⁠ Dave Bittner, ⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with some more chicken follow up, this week, delving into malware-relat…

1
SANS Stormcast Thursday, June 12th, 2025: Quasar RAT; Windows 11 24H2 Delay; SMB Client Vuln PoC; Connectwise Signing Keys; KDE Telnet code exec 6:27

8d ago6:27

6:27

Quasar RAT Delivered Through Bat Files Xavier is walking you through a quick reverse analysis of a script that will injection code extracted from a PNG image to implement a Quasar RAT. https://isc.sans.edu/diary/Quasar%20RAT%20Delivered%20Through%20Bat%20Files/32036 Delayed Windows 11 24H2 Rollout Microsoft slightly throttled the rollout of windows…

1
Security Money: The Index is Up, CISOs Need to Get Out, and Are You Burning Out? - BSW #399 56:27

11d ago56:27

56:27

This week, it’s time for security money. The index is up, but the previous quarterly results were brutal. In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, …

1
SANS Stormcast Wednesday, June 11th, 2025: Microsoft Patch Tuesday; Acrobat Patches 6:58

9d ago6:58

6:58

Microsoft Patch Tuesday Microsoft today released patches for 67 vulnerabilities. 10 of these vulnerabilities are rated critical. One vulnerability has already been exploited and another vulnerability has been publicly disclosed before today. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20June%202025/32032 Adobe Vulnerabilities Adobe relea…

1
Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more... - SWN #484 32:23

9d ago32:23

32:23

Vixen Panda, NPM, Roundcube, IoT, 4Chan, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-484

1
Ep. 247 Winning Federal Contracts: Smarter Proposal Writing for Tech Leaders in a Shifting Landscape 26:39

9d ago26:39

26:39

In this episode of the Federal Tech Podcast, host John Gilroy sits down with Vishwas Lele, CEO and co-founder of pWin.ai, and Larry Katzman, President and CEO of Applied Information Sciences (AIS), to explore how technology leaders can write smarter proposals in an increasingly complex federal landscape. The conversation dives into the current stat…

1
Ep. 246 Thales Powers Federal Data Security Against Quantum-Era Threats 25:40

10d ago25:40

25:40

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Years ago, the headline “Data Breach” was shocking; today, it is common. That may not be a problem for some, but the federal government maintains data stores that contain information about finances, health, and mi…

1
Bringing CISA's Secure by Design Principles to OT Systems - Matthew Rogers - ASW #334 1:09:09

9d ago1:09:09

1:09:09

CISA has been championing Secure by Design principles. Many of the principles are universal, like adopting MFA and having opinionated defaults that reduce the need for hardening guides. Matthew Rogers talks about how the approach to Secure by Design has to be tailored for Operational Technology (OT) systems. These systems have strict requirements o…

1
OWASP software and data integrity failures (noun) [Word Notes] 8:27

9d ago8:27

8:27

Please enjoy this encore of Word Notes. Code and data repositories that don't protect against unauthorized changes.By N2K Networks

1
SANS Stormcast June, Tuesday, June 10th, 2025: Octosql; Mirai vs. Wazuh DNS4EU; Wordpress Fair Package Manager 6:09

10d ago6:09

6:09

OctoSQL & Vulnerability Data OctoSQL is a neat tool to query files in different formats using SQL. This can, for example, be used to query the JSON vulnerability files from CISA or NVD and create interesting joins between different files. https://isc.sans.edu/diary/OctoSQL+Vulnerability+Data/32026 Mirai vs. Wazuh The Mirai botnet has now been obser…

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

13d ago1:38:02

1:38:02

Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …

1
The enterprise security news, more secure by removing credentials, & RSAC interviews - Marty Momdjian, Amit Saha, Dr. Tina Srivastava - ESW #410 1:38:02

13d ago1:38:02

1:38:02

Segment 1 - Enterprise Security News, Live at IDV This week, in the enterprise security news, Acquisitions potential IPOs Terminator Salvation in real life First $1B one-employee business? Mikko puts in his notice Pitch Black in real life, and more! Segment 2 - Interview with Dr. Tina Srivastava The #1 cause of data breaches is stolen credentials. …

1
SANS Stormcast June, June 9th, 2025: Extracting PNG Data; GlueStack Packages Backdoor; MacOS targeted by Clickfix; INETPUB restore script 5:43

11d ago5:43

5:43

Extracting With pngdump.py Didier extended his pngdump.py script to make it easier to extract additional data appended to the end of the image file. https://isc.sans.edu/diary/Extracting%20With%20pngdump.py/32022 16 React Native Packages for GlueStack Backdoored Overnight 16 npm packages with over a million weekly downloads between them were compro…

1
Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More... - SWN #483 34:00

13d ago34:00

34:00

Elsa, Redline, ChaosRat, iMessage, Bladed Feline , Aaran Leyland, and More on this episode of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-483

1
SANS Stormcast Friday, June 6th, 2025: Fake Zoom Clients; Python tarfile vulnerability; HPE Insight Remote Support Patch 5:01

14d ago5:01

5:01

Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zoom clients (and likely other meeting software) by first sending them fake meeting invites that direct victims to a page that offers malware for download as an update to the Zoom client. https://isc.sans.edu/diary/Be%20Careful%20With%20Fake%20Zoom%20Cl…

1
Updating & Protecting Linux Systems - PSW #877 1:05:23

14d ago1:05:23

1:05:23

Two parts to this episode: Tech Segment: Updating Linux Systems - Beyond apt-get upgrade * Custom scripts for ensuring your Linux systems are up-to-date * topgrade - tutorial for using topgrade to update Linux systems on various Linux distributions Discussion Topic: Anti-Malware and/or EDR on Linux Platforms * PCI calls for scanning Linux systems *…

1
Ep. 245 Women in Technology Leadership Awards for 2025 35:39

15d ago35:39

35:39

Today, we have a pattern interrupt. Instead of a standard 25 minute interview, we will sit down with five nominees for a leadership award from Women in Technology. Each candidate sits for a "lightning" round of eight minutes where they answer three questions about leadership and give their reason for participating in Women In Technology. In order t…

1
No cameras, no crew—just code. 46:33

14d ago46:33

46:33

This week, our hosts⁠⁠⁠ ⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠, and ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠T-Minus⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney …

1
SANS Stormcast Thursday, June 5th, 2025: Phishing Comment Trick; AWS default logging mode change; Cisco Backdoor Fixed; Infoblox Vulnerability Details Released 5:26

15d ago5:26

5:26

Phishing e-mail that hides malicious links from Outlook users Jan found a phishing email that hides the malicious link from Outlook users. The email uses specific HTML comment clauses Outlook interprets to render or not render specific parts of the email s HTML code. Jan suggests that the phishing email is intented to not expose users of https://is…

1
Regain Control of Business Risks, Your Leadership Habits, and Being Present - Alla Valente - BSW #398 1:18:17

18d ago1:18:17

1:18:17

During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive. Alla Valente, Principal Analyst at Forreste…

1
Ep. 244 Unlocking Federal Efficiency: Cutting Costs and Boosting Security in LLM Development 22:38

16d ago22:38

22:38

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Everyone is trying to figure out how to apply AI to federal problems—essentially, building large language models and trying to wring value from them. Inevitably, many are jumping into creating LLMs from various da…

1
SANS Stormcast Wednesday, June 4th, 2025: vBulletin Exploited; Chrome 0-Day Patch; Roundcube RCE Patch; Multiple HP StoreOnce Vulns Patched 7:25

16d ago7:25

7:25

vBulletin Exploits CVE-2025-48827, CVE-2025-48828 We do see exploit attempts for the vBulletin flaw disclosed about a week ago. The flaw is only exploitable if vBulltin is run on PHP 8.1, and was patched over a year ago. However, vBulltin never disclosed the type of vulnerability that was patched. https://isc.sans.edu/diary/vBulletin%20Exploits%20%…

1
Bovril, Deranged, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet... - SWN #482 37:10

16d ago37:10

37:10

Bovril, Deranged Hookworm, Crocodilus, Cartier, Jinx, Conti, Scattered Spider, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-482

1
Ep. 243 From Bottlenecks to Breakthroughs: Boosting Federal Efficiency with Automation 27:19

17d ago27:19

27:19

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Automation is a two-edged sword. On the one hand, it promises greater efficiency; on the other hand, it can pose inherent risks, such as maliciously modified data, bias, and even data poisoning. During today’s int…

1
AIs, MCPs, and the Acutal Work that LLMs Are Generating - ASW #333 39:06

16d ago39:06

39:06

The recent popularity of MCPs is surpassed only by the recent examples deficiencies of their secure design. The most obvious challenge is how MCPs, and many more general LLM use cases, have erased two decades of security principles behind separating code and data. We take a look at how developers are using LLMs to generate code and continue our sea…

1
OWASP server-side request forgery (noun) [Word Notes] 7:38

16d ago7:38

7:38

Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.By N2K Networks

1
The great CoGUI caper. [OMITB] 36:20

16d ago36:20

36:20

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is jo…

1
SANS Stormcast Tuesday, June 3rd, 2025: Windows SSH C2; Google Removes CAs from trusted list; MSFT issues Emergency Patch to fix Crash issue; Qualcom Adreno GPU 0-day 6:06

19d ago6:06

6:06

Simple SSH Backdoor Xavier came across a simple SSH backdoor taking advantage of the ssh client preinstalled on recent Windows systems. The backdoor is implemented via an SSH configuration file that instructs the SSH client to connect to a remote system and forward a shell on a random port. This will make the shell accessible to anybody able to con…

1
SANS Stormcast Monday, June 2nd, 2025: PNG with RAT; Cisco IOS XE WLC Exploit; vBulletin Exploit 5:42

17d ago5:42

5:42

A PNG Image With an Embedded Gift Xavier shows how Python code attached to a PNG image can be used to implement a command and control channel or a complete remote admin kit. https://isc.sans.edu/diary/A+PNG+Image+With+an+Embedded+Gift/31998 Cisco IOS XE WLC Arbitrary File Upload Vulnerability (CVE-2025-20188) Analysis Horizon3 analyzed a recently p…

1
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409 1:38:33

20d ago1:38:33

1:38:33

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creatin…

1
Building Cyber Resilience: AI Threats, Mid-Market Risks & Ransomware Trends - Karl Van den Bergh, Tony Anscombe, Eyal Benishti, Nick Carroll, Chad Alessi, Chris Peluso - ESW #409 1:38:33

20d ago1:38:33

1:38:33

Segment 1 CTG Interview Middle market companies face unique challenges in the ever-evolving cyber environment. Developing a comprehensive cybersecurity approach is a business imperative for middle market companies, and Chad Alessi will discuss the threat landscape, what’s keeping IT decision-makers awkward at night, and the best approach to creatin…

1
Ep. 242 Inside the SANS Institute’s Mission to Fortify Federal Cyber Defenses 27:04

18d ago27:04

27:04

Here we are in the spring of 2025, and the headline news is that the federal government is removing tech staff; at the same time, reports are coming in of thousands of unfilled cybersecurity positions across the government. Today, we sit down with a self-proclaimed “Cybersecurity Lifer” who will give the perspective of the SANS Institute on this di…

Podcasts Worth a Listen

Endpoint Security Software Podcasts

Podcasts Worth a Listen