Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Information Security Podcasts
A podcast for information security defenders (blue team) on best practices, tools, and implementation for enterprise security.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
1k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Risky Business is a weekly information security podcast featuring news and in-depth interviews with industry luminaries. Launched in February 2007, Risky Business is a must-listen digest for information security pros. With a running time of approximately 50-60 minutes, Risky Business is pacy; a security podcast without the waffle.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
The Lawfare Podcast features discussions with experts, policymakers, and opinion leaders at the nexus of national security, law, and policy. On issues from foreign policy, homeland security, intelligence, and cybersecurity to governance and law, we have doubled down on seriousness at a time when others are running away from it. Visit us at www.lawfareblog.com. Support this show http://supporter.acast.com/lawfare. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
7 Minute Security is a weekly information security podcast focusing on penetration testing, blue teaming and building a career in security. The podcast also features in-depth interviews with industry leaders who share their insights, tools, tips and tricks for being a successful security engineer.
…
continue reading
For the latest in computer security news, hacking, and research! We sit around, drink beer, and talk security. Our show will feature technical segments that show you how to use the latest tools and techniques. Special guests appear on the show to enlighten us and change your perspective on information security. Note: This is only Paul's Security Weekly, a 2-hour show recorded once per week.
…
continue reading
Expert analysis, insights and opinion on the national security challenges facing Australia and the Indo-Pacific. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
A weekly discussion of national security and foreign policy matters featuring Lawfare senior editors Scott R. Anderson, Quinta Jurecic, and Alan Rozenshtein. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Join us for thought provoking conversations on surveillance, digital privacy, and cybersecurity law and policy in the information age. Each week, hosts Dave Bittner and Ben Yelin break down the headlines, legal cases, and policy battles that matter most.
…
continue reading
Explore the life of a security leader with NetSPI Field Chief Information Security Officer (CISO) Nabil Hannan. Hear how CISOs with diverse expertise tackle the challenges and opportunities that come with life on the frontlines of cybersecurity.
…
continue reading
1
Talkin' About [Infosec] News, Powered by Black Hills Information Security
Black Hills Information Security
2520
Download and listen to our weekly infosec podcast where we discuss the latest attacks, breaches, and how they happened and why. We’re a team of penetration testers (ethical hackers) and friends that love how new technology can be broken and made to do things it was never intended to do.
…
continue reading
On WE’RE IN!, you'll hear from the newsmakers and innovators who are making waves and driving the cyber security industry forward. We talk to them about their stories, the future of the industry, their best practices, and more.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Security DNA is a podcast brought to you by SecurityInfoWatch.com, covering subjects of interest to security stakeholders in the industry. Topics range from security industry news, trends and analysis to technology solutions, policy risk analysis and management, and more. Our editorial team, along with industry experts and consultants, fill each podcast episode with information that is of value to security professionals.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
Podcast by Alex Wood & Robb Reck
…
continue reading
Weekly information security podcast airing Monday mornings hosted by Oscar Minks and Brad Nigh. In a unique focus on protecting personal information, Oscar and Brad discuss information security as an issue that includes cyber security, physical security, as well as administrative controls. Oscar is the CTO of FRSecure and heads technical services and operations at the company. Brad is the Principal Security Consultant and a 20+ year veteran of the industry.
…
continue reading
ClearanceJobs is the largest career networking site for individuals with active federal clearances. Get security clearance, intelligence community, espionage, national security and defense contracting updates in our exclusive interviews with IC and government leaders. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Learn how to break into cybersecurity, build new skills and move up the career ladder. Each week on the Cyber Work Podcast, host Chris Sienko sits down with thought leaders from Carbon Black, IBM, CompTIA and others to discuss the latest cybersecurity workforce trends.
…
continue reading
The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.
…
continue reading
The monthly podcast for security professionals, by security professionals.Two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and forward looking discussions with guests working in information security and risk management.
…
continue reading
U.S. foreign policy for the future. Security Dilemma brings you conversations with the experts, policymakers, and thinkers charting new paths forward from the wreckage of recent decades and toward a national security and defense policy guided by prudence and restraint. Cohosts John Allen Gay and A.J. Manuzzi bring you the information you need to shape a wiser approach. Security Dilemma is a podcast of the John Quincy Adams Society, an independent nonprofit organization dedicated to advancing ...
…
continue reading
Welcome to Security Chipmunks where we talk about the development of cybersecurity skills. To stay up to date in today's world you need to be resilient, that’s why as Advanced Persistent Chipmunks we keep chipping away at it.
…
continue reading
Practical DevSecOps (a Hysn Technologies Inc. company) offers vendor-neutral and hands-on DevSecOps and Product Security training and certification programs for IT Professionals. Our online training and certifications are focused on modern areas of information security, including DevOps Security, AI Security, Cloud-Native Security, API Security, Container Security, Threat Modeling, and more.
…
continue reading
Shaping Cybersecurity Leadership: Today, Tomorrow, Together.
…
continue reading
Canada's intelligence landscape is as unique as the country itself. In an evolving global threat environment, fostering informed discussions on intelligence has become increasingly vital to the national security discourse. Secure Line Podcast is designed to influence and inform the national dialogue on security and intelligence in Canada, and internationally. Secure Line is brought to you by the Canadian Association for Security & Intelligence Studies (CASIS).
…
continue reading
Cybersecurity is complex. Its user experience doesn’t have to be. Heidi Trost interviews information security experts about how we can make it easier for people—and their organizations—to stay secure.
…
continue reading
Weekly privacy and security news podcast - Presented by Techlore & The New Oil. The goal of Surveillance Report is keep the world updated on the latest privacy & security news to empower individuals to remain safe with the newest information. Join us for the ride! Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Candid conversations with leading CIOs.
…
continue reading
RunAs Radio is a weekly Internet Audio Talk Show for IT Professionals working with Microsoft products.
…
continue reading
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
…
continue reading
In the security industry, it's easy to get overwhelmed by the constant barrage of information and buzzy trends. On Security Noise, we help you sort through the noise and identify the information that truly matters. Listen to hear from practitioners in the field who are using the latest tools and methodologies to stay ahead. Whether you're a seasoned security pro or an industry newcomer, our podcast has something for anyone in the business of making the world secure. Presented by TrustedSec, ...
…
continue reading
The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Brought to you by vCISO Services, LLC, a leading provider of vCISO and information security risk managemen ...
…
continue reading
Security Management Highlights brings the security professional expert interviews and information on the most critical industry topics. Join host Brendan Howard as he interviews thought leaders and industry professionals, as well as editors from the magazine.
…
continue reading
The International Association of Privacy Professionals is the largest and most comprehensive global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data. More than just a professional association, the IAPP provides a home for privacy professionals around the world to gather, share experiences and enrich their knowledge. Founded in 2000, the IAPP is a not-for-profit association with more than 70,000 ...
…
continue reading
Join us at the intersection of networking and security! Whether you’re fending off ransomware attacks, securing remote workers, hunting for rogue IoT devices, or gearing up for your latest compliance audit, Packet Protector provides practical information that IT and infrastructure pros can put to work. Every episode covers the latest security headlines and then drills into essential topics to provide technical and strategic insights on wired and wireless network security, access control, clo ...
…
continue reading
Everything seems to be accelerating: geopolitics, technology, security threats, the dispersal of information. At times, it feels like a blur. But beneath the dizzying proliferation of events, discoveries, there are deeper trends that can be grasped and understood through conversation and debate. That’s the idea behind Stop the World, the Australian Strategic Policy Institute’s podcast on international affairs and security. Each week, we cast a freeze-frame around the blur of events and bring ...
…
continue reading
Brought to you by IT Audit Labs. Trusted cyber security experts and their guests discuss common security threats, threat actor techniques and other industry topics. IT Audit Labs provides organizations with the leverage of a network of partners and specialists suited for your needs. We are experts at assessing security risk and compliance, while providing administrative and technical controls to improve our clients’ data security. Our threat assessments find the soft spots before the bad g ...
…
continue reading
We talk to security industry leaders, disruptors, and innovators with strong views and opinions on the future of topics like physical security, smart buildings, artificial intelligence, cybersecurity and more. We dig into the latest tech trends, explore how security is shaping the world, and delve into those tricky regulations (like NIS2, the Cyber Resilience Act, the EU Artificial Intelligence Act, the UK's Product Security, Telecommunications, Infrastructure Act and more) that keep everyon ...
…
continue reading
Your dose of tips about all things Information Security, ICT Legislation and Risk. South African podcast.
…
continue reading
1
Kerberoasting Goes to Washington – 2025-09-15
1:02:58
1:02:58
Play later
Play later
Lists
Like
Liked
1:02:58
???? Register for FREE Infosec Webcasts, Anti-casts & Summits – https://poweredbybhis.com 00:00 - PreShow Banter™ — Enter Dark John 03:15 - Kerberoasting Goes to Washington – BHIS - Talkin’ Bout [infosec] News 2025-09-15 03:49 - Story # 1: Senator blasts Microsoft for making default Windows vulnerable to “Kerberoasting” 12:46 - Story # 2: How an At…
…
continue reading
1
Unsecurity Episode 246: Practicing Policy
37:14
37:14
Play later
Play later
Lists
Like
Liked
37:14
In this Friday edition of Unsecurity, Megan and Brad tackle Policy! They approach a topic commonly avoided with a consulting perspective, having real examples of policy benefits. Hear the full coversation, covering: - Standardizing programs, documentation, and access - The relationship between technology and policy development - Legal consideration…
…
continue reading
1
Tidal Cyber Secures $10M to Advance Threat-Informed Defense
48:00
48:00
Play later
Play later
Lists
Like
Liked
48:00
Cybersecurity startup Tidal Cyber, founded in 2022 by three former MITRE experts, has raised $10 million in Series A funding, bringing its total capital to $15 million. The funding will accelerate the company’s product innovation and expansion, advancing its mission to operationalize the MITRE ATT&CK framework and empower organizations with threat-…
…
continue reading
1
Lawfare Archive: Jane Bambauer, Ramya Krishnan, and Alan Rozenshtein on the Constitutionality of the TikTok Bill
42:55
42:55
Play later
Play later
Lists
Like
Liked
42:55
From September 18, 2024: Jane Bambauer, Professor at Levin College of Law; Ramya Krishnan, Senior Staff Attorney at the Knight First Amendment Institute and a lecturer in law at Columbia Law School; Alan Rozenshtein, Associate Professor of Law at the University of Minnesota Law School and a Senior Editor at Lawfare, join Kevin Frazier, Assistant Pr…
…
continue reading
1
Lawfare Archive: The Past, Present, and Future of War Powers with Brian Finucane and Matt Waxman
1:01:34
1:01:34
Play later
Play later
Lists
Like
Liked
1:01:34
From September 12, 2024: Without new congressional authorization for its post-Oct. 7 operations in the Middle East, the Biden administration has sought to legally justify its military activities in the region based on the president’s constitutional authority and the application of existing statutory authorities to operations against new adversaries…
…
continue reading
1
Novakon Ignored Security Reports on ICS Weaknesses, Leaving 40,000+ Devices Exposed
22:35
22:35
Play later
Play later
Lists
Like
Liked
22:35
A new security report has revealed serious, unpatched vulnerabilities in industrial control system (ICS) products manufactured by Novakon, a Taiwan-based subsidiary of iBASE Technology. Security researchers at CyberDanube identified five categories of flaws affecting Novakon’s Human-Machine Interfaces (HMIs), including an unauthenticated buffer ove…
…
continue reading
1
Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical
35:56
35:56
Play later
Play later
Lists
Like
Liked
35:56
Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust C…
…
continue reading
1
RevengeHotels Cybercrime Group Adopts AI and VenomRAT in Hotel Credit Card Theft Campaign
23:00
23:00
Play later
Play later
Lists
Like
Liked
23:00
The cybercrime group known as RevengeHotels, also tracked as TA558, has launched a new wave of attacks against the hospitality sector, evolving its tactics with the help of Artificial Intelligence (AI) and a powerful new malware strain, VenomRAT. Active since 2015, RevengeHotels has long targeted hotels, travel agencies, and tourism businesses to s…
…
continue reading
1
ShadowLeak: Server-Side Data Theft Attack Discovered Against ChatGPT Deep Research
26:15
26:15
Play later
Play later
Lists
Like
Liked
26:15
A groundbreaking new cyberattack dubbed ShadowLeak has been uncovered targeting ChatGPT’s Deep Research capability, marking a dangerous escalation in AI-related threats. Unlike prior exploits such as AgentFlayer and EchoLeak, which operated on the client side, ShadowLeak weaponized OpenAI’s own cloud infrastructure to silently exfiltrate sensitive …
…
continue reading
1
WatchGuard Firebox Vulnerability Could Let Hackers Take Over Networks
28:50
28:50
Play later
Play later
Lists
Like
Liked
28:50
A new critical vulnerability, CVE-2025-9242, has been discovered in WatchGuard Firebox firewalls, putting thousands of networks worldwide at risk. The flaw stems from an out-of-bounds write bug in the Fireware OS’s iked process, which could allow a remote, unauthenticated attacker to execute arbitrary code. If exploited, this would grant full contr…
…
continue reading
1
7MS #693: Pwning Ninja Hacker Academy – Part 3
28:44
28:44
Play later
Play later
Lists
Like
Liked
28:44
This week your pal and mine Joe “The Machine” Skeen kept picking away at pwning Ninja Hacker Academy. To review where we’ve been in parts 1 and 2: We found a SQL injection on a box called SQL, got a privileged Sliver beacon on it, and dumped mimikatz info From that dump, we used the SQL box hash to do a BloodHound run, which revealed that we had ex…
…
continue reading
1
How SystemBC’s 1,500 Infected VPS Servers Fuel Ransomware and Fraud
32:02
32:02
Play later
Play later
Lists
Like
Liked
32:02
The SystemBC proxy botnet has quietly become one of the most persistent pillars of the cybercrime ecosystem. First detected in 2019, SystemBC is less about stealth and more about scale. It maintains an average of 1,500 compromised commercial virtual private servers (VPS) around the world, providing a powerful, high-bandwidth proxy network for cyber…
…
continue reading
1
Scaling Laws: AI Copyright Lawsuits with Pam Samuelson
1:00:07
1:00:07
Play later
Play later
Lists
Like
Liked
1:00:07
On today's Scaling Laws episode, Lawfare Senior Editor and Research Director Alan Rozenshtein sits down with Pam Samuelson, the Richard M. Sherman Distinguished Professor of Law at the University of California, Berkeley, School of Law, to discuss the rapidly evolving legal landscape at the intersection of generative AI and copyright law. They dive …
…
continue reading
1
Google patches zero-day, Copilot’s forced installation, Scattered Spider arrests
8:07
8:07
Play later
Play later
Lists
Like
Liked
8:07
Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your secu…
…
continue reading
1
Safes, Hackers, and Web Servers - PSW #892
2:12:25
2:12:25
Play later
Play later
Lists
Like
Liked
2:12:25
This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news: Your safe is not safe Cisco ASA devices are under attack VMScape HybridPetya and UEFI attacks in the wild Eveything is a Linux terminal Hackers turns 30 Hosting websites on di…
…
continue reading
1
Safes, Hackers, and Web Servers - PSW #892
2:12:25
2:12:25
Play later
Play later
Lists
Like
Liked
2:12:25
This week's technical segment is all about the T-Lora Pager from Lilygo, and really cool Meshtastic device that can also be used for some hacking tasks! In the security news: Your safe is not safe Cisco ASA devices are under attack VMScape HybridPetya and UEFI attacks in the wild Eveything is a Linux terminal Hackers turns 30 Hosting websites on di…
…
continue reading
1
Tiffany & Co. Data Breach Exposes Gift Card Details of 2,500+ Customers
12:33
12:33
Play later
Play later
Lists
Like
Liked
12:33
Tiffany and Company, the iconic luxury jeweler under the LVMH umbrella, has confirmed a serious data breach impacting over 2,500 customers across the United States and Canada. On or around May 12, 2025, hackers infiltrated Tiffany’s internal systems, compromising sensitive customer data tied to gift cards. Exposed information includes names, email …
…
continue reading
1
What Manufacturing Can Teach You About Scaling Enterprise AI
38:29
38:29
Play later
Play later
Lists
Like
Liked
38:29
CIO Classified is back! More CIO secrets. More battle-tested IT wisdom. Straight from leading CIOs across a wide range of industries. In this episode, host Ian Faison and co-host Yousuf Khan dive into the deep end of technology leadership in manufacturing. Ben Davis, Executive Vice President of IT at Cambria, joins the show to talk about his sweepi…
…
continue reading
1
Lawfare Daily: A Trip Through Pennsylvania’s Nascent AI Data Center Industry
44:22
44:22
Play later
Play later
Lists
Like
Liked
44:22
On today’s episode, Lawfare Managing Editor Tyler McBrien sits down with with Maia Woluchem, the Director of Data & Society’s Trustworthy Infrastructures program, along with one of the program’s researchers, Livia Garofalo, and Joan Mukogosi, an affiliate with the program and a PhD candidate at the London School of Economics. They discuss their rec…
…
continue reading
1
How Security Consultant Can Transition to AI Security Engineer in 2025
21:25
21:25
Play later
Play later
Lists
Like
Liked
21:25
In this episode, we explore the rapid evolution of cybersecurity and the critical rise of a new specialisation: the AI Security Engineer. As artificial intelligence advances, it not only enhances our defensive capabilities but also introduces sophisticated new attack vectors that traditional security measures can't handle. AI Security Certification…
…
continue reading
1
Insight Partners warns thousands, Scattered Spider feigns retirement, Consumer Reports calls Microsoft 'hypocritical'
7:58
7:58
Play later
Play later
Lists
Like
Liked
7:58
Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture i…
…
continue reading
1
General (Ret) Charles Flynn on land power, deterrence and technology in the Indo-Pacific
46:55
46:55
Play later
Play later
Lists
Like
Liked
46:55
The Indo-Pacific is a strategic theatre named after two oceans, but according to retired US four-star general Charles Flynn, land forces would be crucial in any conflict, including over Taiwan. In today’s episode, David Wroe speaks with Charles, who retired last year as commanding general of the US Army Pacific, about the often misunderstood and ov…
…
continue reading
Today we are joined by Rebecca Krauthamer, Stanford Quantum Computing Researcher and CEO of QuSecure, to discuss the National Quantum Cybersecurity Migration Strategy Act. Ben has the story of a new California bill regulating AI. Dave's got the story of the controversial technology transfer from the US to the UAE. While this show covers legal topi…
…
continue reading
1
Lakera’s Gandalf Network Joins Check Point in $300M AI Security Deal
24:33
24:33
Play later
Play later
Lists
Like
Liked
24:33
In a major strategic move, Check Point Software Technologies has announced the acquisition of Lakera, a Zurich and San Francisco–based AI security firm founded by former Google and Meta AI researchers. Valued at around $300 million, the acquisition will close in late 2025 and serve as the foundation for Check Point’s new Global Center of Excellence…
…
continue reading
1
Shai-Hulud Exposes Fragility of the Open-Source Software Supply Chain
34:50
34:50
Play later
Play later
Lists
Like
Liked
34:50
A major supply chain attack is underway in the npm ecosystem. Dubbed Shai-Hulud, this worm-style campaign began with the compromise of the popular @ctrl/tinycolor package and has since infected at least 187 npm packages, including some published under CrowdStrike’s official account. The malware, designed to spread automatically, abuses the legitima…
…
continue reading
1
ChatGPT Calendar Vulnerability Exposes User Emails in New AI Attack
20:27
20:27
Play later
Play later
Lists
Like
Liked
20:27
A critical vulnerability has been uncovered in ChatGPT’s new calendar integration, exposing how attackers could exfiltrate sensitive user data—particularly emails—through a deceptively simple exploit. Security researchers at EdisonWatch, led by Eito Miyamura, demonstrated how a malicious calendar invitation could contain hidden instructions that Ch…
…
continue reading
1
Revisiting FISA Section 702 Debate with Josh Geltzer and Glenn Gerstell
43:46
43:46
Play later
Play later
Lists
Like
Liked
43:46
With FISA Section 702 up for reauthorization in 6 months, we’re revisiting the basics of this contested surveillance authority. In this extended episode, Elisa first speaks with Josh Geltzer, former Deputy Assistant to President Biden and Deputy Homeland Security Advisor with the National Security Council, to break down what 702 is and why it’s so …
…
continue reading
1
The “Ten Years, Still Off-Key” Edition
1:46:52
1:46:52
Play later
Play later
Lists
Like
Liked
1:46:52
This week, Scott sat down for a very special episode of the podcast with co-hosts emeritus Benjamin Wittes, Shane Harris, Alan Rozenshtein, and Quinta Jurecic to cover some topics that haven’t gotten quite as much attention as they would have liked. In object lessons, Shane is basking in the glory of HBO’s “Somebody Somewhere”—partly because his bu…
…
continue reading
1
Rational Security: The “Ten Years, Still Off-Key” Edition
1:46:52
1:46:52
Play later
Play later
Lists
Like
Liked
1:46:52
For this week's very special episode on Rational Security's 10th anniversary, Scott sat down with a slew of co-hosts emeritus, each of whom brought their own topic to discuss. Shane Harris flagged the connections between online radicalization and the young men behind many recent public acts of gun violence, including the alleged perpetrator of the …
…
continue reading
1
CrowdStrike Acquires Pangea to Launch AI Detection and Response (AIDR)
22:03
22:03
Play later
Play later
Lists
Like
Liked
22:03
At Fal.Con 2025, CrowdStrike announced one of its boldest moves yet: the acquisition of AI security startup Pangea. The deal signals CrowdStrike’s intent to redefine the future of cybersecurity by protecting not just endpoints and networks, but the entire AI lifecycle. Pangea, founded in 2021, is known for cutting-edge tools like AI Guard, which pr…
…
continue reading
1
RaccoonO365: $100K Phishing-as-a-Service Scheme Taken Down
27:03
27:03
Play later
Play later
Lists
Like
Liked
27:03
Microsoft and Cloudflare have successfully dismantled RaccoonO365, a global phishing-as-a-service (PhaaS) operation that had been running for over a year. This criminal platform, marketed on Telegram and used by up to 200 subscribers, enabled attackers to craft realistic Microsoft 365 phishing campaigns, complete with fake login pages, email lures,…
…
continue reading
1
Lawfare Daily: What Israel's Gaza City Offensive and Airstrikes in Qatar Mean for the Region
1:06:44
1:06:44
Play later
Play later
Lists
Like
Liked
1:06:44
For today's episode, Senior Editor Scott R. Anderson sits down with Dan Byman, Senior Fellow at the Center for Strategic and International Studies; Joel Braunold, Managing Director of the S. Daniel Abraham Center for Middle East Peace; and Natan Sachs, Senior Fellow at the Middle East Institute, to discuss several recent developments in the Israel-…
…
continue reading
1
Board Priority But Lack of Access & CISO Pressure, 360 Privacy and Pentera Interviews - Chuck Randolph, Tom Pore - BSW #413
1:10:10
1:10:10
Play later
Play later
Lists
Like
Liked
1:10:10
In the leadership and communications segment, Lack of board access: The No. 1 factor for CISO dissatisfaction, Pressure on CISOs to stay silent about security incidents growing, The Secret to Building a High-Performing Team, and more! Jackie McGuire sits down with Chuck Randolph, SVP of Strategic Intelligence & Security at 360 Privacy, for a grippi…
…
continue reading
1
Cyber programs extended, older Apple devices attacked, chatbots aid phishing scams
7:16
7:16
Play later
Play later
Lists
Like
Liked
7:16
House lawmakers move to extend two key cyber programs Apple 0-day likely used in spy attacks affected older devices Reuters crafts phishing scam with AI chatbot help Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one…
…
continue reading
1
Risky Business #807 -- Shai-Hulud npm worm wreaks old-school havoc
53:19
53:19
Play later
Play later
Lists
Like
Liked
53:19
On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Shai-Hulud worm propagates via npm and steals credentials Jaguar Land Rover attack may put smaller suppliers out of business Leaked data emerges from the vendor behind the Great Firewall of China Vastaamo hacker walks free while appeal is underway Wh…
…
continue reading
1
AI-Generated Phishing and Deepfakes Supercharge Social Engineering Attacks
1:01:18
1:01:18
Play later
Play later
Lists
Like
Liked
1:01:18
Social engineering has reclaimed center stage as today’s most reliable intrusion vector—and it’s not just email anymore. Recent warnings from law enforcement and national cyber centers underscore how adversaries exploit human psychology to “log in, not hack in,” bypassing hardened perimeters with phishing, vishing (voice phishing) against IT help d…
…
continue reading
The days of the one-year SSL certificate are coming to an end - are you ready? Richard chats with Todd Gardner about the upcoming requirement from the Certification Authority Browser Forum to limit SSL certs to 200 days starting March 2026 - and they keep getting shorter until by 2029, certificates will last no longer than 47 days! If you haven't a…
…
continue reading
1
Phoenix Attack Breaks DDR5 Rowhammer Defenses: Root in 109 Seconds
41:45
41:45
Play later
Play later
Lists
Like
Liked
41:45
The infamous Rowhammer vulnerability, long thought to be contained by new DRAM protections, has resurfaced with devastating force. Academic researchers, working with Google, have unveiled the Phoenix attack, a breakthrough Rowhammer variant that shatters the defenses of DDR5 memory chips. Despite the industry’s investment in Target Row Refresh (TRR…
…
continue reading
1
AI Nuns, Steganography, You're fired, VoidProxy, C++, Carplay Apriso, Josh Marpet... - SWN #512
34:29
34:29
Play later
Play later
Lists
Like
Liked
34:29
AI Nuns, Steganography, You're fired, VoidProxy, C++, Carplay Apriso, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-512
…
continue reading
1
Silent Push Raises $10M Series B to Expand Threat Intelligence Platform
48:07
48:07
Play later
Play later
Lists
Like
Liked
48:07
Cybercriminals aren’t just breaking in—they’re borrowing your brand to do it. This episode dives into the critical intersection of brand protection, threat intelligence, and external attack surface management (EASM) and lays out a practical, intelligence-driven blueprint you can start applying today. We begin with the state of brand abuse: a sharp …
…
continue reading
1
PP078: Using Free Tools for Detection Engineering
49:25
49:25
Play later
Play later
Lists
Like
Liked
49:25
You can build effective, scalable detection pipelines using free and open-source tools like Zeek, Suricata, YARA, and Security Onion. Today on Packet Protector we welcome Matt Gracie, Senior Engineer at Security Onion Solutions — the team behind the open-source platform used for detection engineering, network security monitoring, and log management…
…
continue reading
1
Small Businesses Are Prime Targets, But There Are Ways to Fight Back
27:09
27:09
Play later
Play later
Lists
Like
Liked
27:09
Send us a text "We're too small to be hacked" might be the most dangerous myth in small business cybersecurity today. As James Baierle, founder of SecurePoint Solutions, asks with a touch of irony – how exactly do you let the bad guys know to leave you alone? The hard truth is you can't, and that's why specialized security services for small busine…
…
continue reading
1
Google Accused of Shadow Lobbying Against California Privacy Opt-Out Law
31:38
31:38
Play later
Play later
Lists
Like
Liked
31:38
California’s Assembly Bill 566 (AB 566) has become one of the most hotly contested pieces of privacy legislation in the country. The bill would require universal “opt-out preference signals” in web browsers and mobile operating systems, allowing consumers to automatically block the sale and sharing of their personal data across the internet. Propon…
…
continue reading
1
FinWise Bank Data Breach Exposes 700K Customers Amid Predatory Lending Allegations
33:04
33:04
Play later
Play later
Lists
Like
Liked
33:04
FinWise Bank is facing a double crisis—one of data security and another of public trust. Nearly 700,000 customers of American First Finance (AFF), a FinWise partner, were impacted by a massive data breach after a former employee improperly accessed sensitive records. The bank has responded with offers of free credit monitoring, but the damage to co…
…
continue reading
