Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Software Patch Podcasts
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Shared Security is your premier cybersecurity and privacy podcast where we explore the bonds shared between people and technology. Join industry experts Tom Eston, Scott Wright, and Kevin Johnson as they deliver the latest news, actionable tips, expert guidance, and insightful interviews with top cybersecurity and privacy specialists. Stay informed and take control of your online security and privacy in today’s interconnected world. Tune in every week to discover invaluable insights, strateg ...
…
continue reading
IT and Cybersecurity news geared towards people involved in the IT industry including vendors, VARs, MSPs, MSSPs, SOCs, NOCs, Resellers, and other industry professionals. Our topics cover industry news, partner programs, cybersecurity, AI and more.
…
continue reading
Regular cybersecurity news updates from the Risky Business team...
…
continue reading
Welcome to the Backend Engineering Show podcast with your host Hussein Nasser. If you like software engineering you’ve come to the right place. I discuss all sorts of software engineering technologies and news with specific focus on the backend. All opinions are my own. Most of my content in the podcast is an audio version of videos I post on my youtube channel here http://www.youtube.com/c/HusseinNasser-software-engineering Buy me a coffee https://www.buymeacoffee.com/hnasr 🧑🏫 Courses I Te ...
…
continue reading
…
continue reading
Endpoint Management Today is a podcast brought to you by Rhonda and James from the BigFix team. Listen in to understand how IT operations and security teams fully automate discovery, management and remediation of endpoints – whether on-premise, virtual, or cloud – regardless of operating system, location or connectivity. Hear from technical experts, customers, thought leaders and more as we bring you new episodes each month. FIND more. FIX more. DO more.
…
continue reading
Hacker Public Radio is an podcast that releases shows every weekday Monday through Friday. Our shows are produced by the community (you) and can be on any topic that are of interest to hackers and hobbyists.
…
continue reading
Interviews with end users and industry experts in, IT, AV and security about commercial technologies that can help institutions from enterprise to education to healthcare and beyond.
…
continue reading
Sam, Jerry, and Joe discuss their thoughts and draw from their combined experience of over 20 years in the Apple Consultants Network (ACN).
…
continue reading
What if you could get a no-nonsense look at security solutions in just 15 minutes? Security You Should Know, the latest podcast from the CISO Series, does just that. Hosted by Rich Stroffolino, each episode brings together one security vendor and two security leaders to break down a real-world problem and the solution trying to fix it. Expect straight answers on: How to explain the issue to your CEO What the solution actually does (and doesn’t do) How the pricing model works Then, our securi ...
…
continue reading
Master the CompTIA Server+ exam with PrepCast—your audio companion for server hardware, administration, security, and troubleshooting. Every episode simplifies exam objectives into practical insights you can apply in real-world IT environments. Produced by BareMetalCyber.com, where you’ll find more prepcasts, books, and resources to power your certification success.
…
continue reading
Welcome to the Flexera Security Vulnerability Insight Podcast, your go-to source for all things related to cybersecurity, software vulnerabilities, and threat intelligence. In this engaging podcast series, we will dive deep into the ever-evolving world of digital security, providing you with valuable insights, expert interviews, and the latest industry trends. Hosted by Jeroen Braak and leading experts in the field, each episode explores critical topics such as: Vulnerability Management: Sta ...
…
continue reading
SAM is the leading provider of cloud-native security and intelligence services for unmanaged networks and IoTs, covering upwards of 500 million connected devices globally. With its powerful and intuitive AI technology, SAM addresses the challenges of our hyperconnected world, in which an explosion of IoT devices exposes potential attack surfaces for companies and consumers alike. SAM's device-agnostic software provides deep network visibility to not only protect against sophisticated cyber- ...
…
continue reading
The Power of Digital Policy is a podcast that teaches you and your organization how to balance the risks and opportunities that come with operating websites, social media, mobile applications, voice assistants, AI and other channels. Through a monthly focus on individual topics, such as accessibility, cookies, copyrights, social media faux pas, data breaches, and data privacy, you will learn how to develop guardrails to maximize digital opportunity and minimize risk. Whether you work for a s ...
…
continue reading
The Natural Reward podcast will focus on questions of innovation, progress and advancement in the evolution of life. We will discuss the evolution of scientific theories, how to think critically about science, and questions of progress and advancement in technology and human culture. The Natural Reward podcast will cover the philosophy and history of science, evolutionary theory, and economic theory. Music by Christian Bjoerklund.
…
continue reading

1
Episode 120 — OS and Software Problems — Login Issues and Patch Failures
10:50
10:50
Play later
Play later
Lists
Like
Liked
10:50This episode addresses troubleshooting operating system and application problems, including failed logins, service outages, and patch installation errors. We explain how authentication misconfigurations, expired credentials, or corrupted profiles can block user access, while incomplete or incompatible patches can destabilize services. We connect th…
…
continue reading

1
Velociraptor C2 tunnel, Baltimore’s expensive con, ransomware gangs multiply
8:11
8:11
Play later
Play later
Lists
Like
Liked
8:11Velociraptor forensic tool used for C2 tunneling City of Baltimore gets socially engineered to the tune of $1.5 million Ransomware gang takedowns create more smaller groups Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day at…
…
continue reading
In this episode, we discuss if the convenience of modern technology compromises our privacy. Inspired by a thought-provoking Reddit post, we explore how everyday actions like saving passwords, enabling location tracking, and using cloud backups put our personal data at risk. Learn about the trade-offs between convenience and privacy, and get tips o…
…
continue reading

1
Risky Bulletin: Noem fires FEMA IT team over alleged cybersecurity failures
5:54
5:54
Play later
Play later
Lists
Like
Liked
5:54FEMA’s IT staff fired over an alleged breach, WhatsApp patches a zero-day, the Salesloft breach impacted more than just Salesforce, and a scammer steals $1.5 million dollars from the city of Baltimore. Show notes Risky Bulletin: Noem fires FEMA IT team over alleged cybersecurity failures
…
continue reading

1
Sponsored: Push Security on the evolution of phishing techniques
18:05
18:05
Play later
Play later
Lists
Like
Liked
18:05In this sponsored interview Casey Ellis chats with Push Security co-founder Jacques Louw. Push’s browser plugin gives a unique level of visibility into how users interact with the web and the attacks they face. Jacques talks through what they’re seeing, and their recently published taxonomy of phishing attacks. It’s on Github for everyone to contri…
…
continue reading

1
Week in Review: Citrix RCE flaw, steganography revived, major telecom fiasco
28:02
28:02
Play later
Play later
Lists
Like
Liked
28:02Link to episode page This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Johna Till Johnson, CEO and founder, Nemertes Thanks to our show sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their Agentic AI SOC Pl…
…
continue reading

1
Salt Typhoon IOCs, Google floats ‘cyber disruption unit’, WhatsApp 0-click
2:24:48
2:24:48
Play later
Play later
Lists
Like
Liked
2:24:48Three Buddy Problem - Episode 60: We dissect a fresh multi-agency Salt Typhoon advisory (with IOCs and YARA rules!), why it landed late, why the wall of logos matters (and doesn’t), and what’s actually usable for defenders: new YARA, tool hashes, naming ambiguity across reports, the mention of Chinese vendors, and a Dutch note that smaller ISPs wer…
…
continue reading

1
Malicious nx Packages, AI worker scam, Salt Typhoon attacks Netherlands
8:56
8:56
Play later
Play later
Lists
Like
Liked
8:56Malicious nx Packages leak GitHub, Cloud, and AI Credentials North Korean remote worker scheme boosted by generative AI The Netherlands announces Salt Typhoon penetration Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That…
…
continue reading

1
SANS Stormcast Friday, August 29th, 2025: Scans for ZIP Files; FreePBX 0-Day; Passwordstate Patch
5:45
5:45
Play later
Play later
Lists
Like
Liked
5:45Increasing Searches for ZIP Files Attackers are scanning our honeypots more and more for .zip files. They are looking for backups of credential files and the like left behind by careless administrators and developers. https://isc.sans.edu/diary/Increasing%20Searches%20for%20ZIP%20Files/32242 FreePBX Vulnerability An upatched vulnerability in FreePB…
…
continue reading

1
Risky Bulletin: npm attack uses AI prompts to steal creds, crypto-wallet keys
7:38
7:38
Play later
Play later
Lists
Like
Liked
7:38An npm supply chain attack uses AI to steal credentials and crypto-wallet keys, Google establishes a cyber disruption unit, a ransomware attack disrupts more than 200 Swedish municipalities, and Salt Typhoon hacks have now hit more than 80 countries. Show notes Risky Bulletin: npm attack uses AI prompts to steal creds, crypto-wallet keys…
…
continue reading

1
Salt Typhoon expands, AI-powered ransomware, Anthropic warns of vibe-hacking
7:39
7:39
Play later
Play later
Lists
Like
Liked
7:39FBI warns of expanded Chinese hacking campaign AI-powered ransomware is a thing now Anthropic warns about “vibe-hacking” Huge thanks to our sponsor, Prophet Security SOC analyst burnout is real - repetitive tasks, poor tooling, and constant alert noise are driving them out. Prophet Security fixes this. Their Agentic AI Analyst handles alert triage …
…
continue reading

1
Srsly Risky Biz: America wants to hack the planet
17:29
17:29
Play later
Play later
Lists
Like
Liked
17:29Tom Uren and Amberleigh Jack talk about proposed legislation that would allow the President to license private sector hackers to go after cybercrime groups. The bill won’t pass, but letting hackers loose on industrial-scale scam farms actually makes sense. They also talk about Microsoft’s blind spot regarding China. It has trusted China-based engin…
…
continue reading

1
SANS Stormcast Thursday, August 28th, 2025: Launching Shellcode; NX Compromise; Volt Typhoon Report
6:39
6:39
Play later
Play later
Lists
Like
Liked
6:39Interesting Technique to Launch a Shellcode Xavier came across malware that PowerShell and the CallWindowProcA() API to launch code. https://isc.sans.edu/diary/Interesting%20Technique%20to%20Launch%20a%20Shellcode/32238 NX Compromised to Steal Wallets and Credentials The popular open source NX build package was compromised. Code was added that uses…
…
continue reading

1
DOGE puts critical SS data at risk? CISA warns of new exploited flaw, K-Pop stock heist attacker extradited to South Korea
7:10
7:10
Play later
Play later
Lists
Like
Liked
7:10DOGE Put Critical Social Security Data at Risk, Whistle-Blower Says CISA warns of actively exploited Git code execution flaw Alleged mastermind behind K-Pop celebrity stock heist extradited to South Korea Huge thanks to our sponsor, Prophet Security Your security analysts didn’t sign up to chase false alarms all day. With Prophet Security’s AI SOC …
…
continue reading

1
Risky Bulletin: FCC removes 1,200 voice providers from US phone network
6:36
6:36
Play later
Play later
Lists
Like
Liked
6:36The FCC removes 1,200 voice providers from the US phone network, a cyberattack shuts down Nevada’s state government services; hackers breach Salesloft and pivot into Salesforce accounts, and Citrix patches yet another zero-day. Show notes Risky Bulletin: FCC removes 1,200 voice providers from US phone network…
…
continue reading

1
SANS Stormcast Wednesday, August 27th, 2025: Analyzing IDNs; Netscaler 0-Day Vuln; Git Vuln Exploited;
5:43
5:43
Play later
Play later
Lists
Like
Liked
5:43Getting a Better Handle on International Domain Names and Punycode International Domain names can be used for phishing and other attacks. One way to identify suspect names is to look for mixed script use. https://isc.sans.edu/diary/Getting%20a%20Better%20Handle%20on%20International%20Domain%20Names%20and%20Punycode/32234 Citrix Netscaler Vulnerabil…
…
continue reading
In this episode, the hosts of Command Control Power discuss a range of IT management topics including the challenges of scheduling in summer, handling client updates with Electrona’s Patch and Addigy’s prebuilt apps, and the intricacies of using Microsoft Outlook. They explore the benefits and drawbacks of these different tools, including how to st…
…
continue reading

1
Farmers Insurance also hit by Salesforce breach, UpCrypter phishing campaign, Pakistan hits Indian government agencies
8:20
8:20
Play later
Play later
Lists
Like
Liked
8:20If Salesforce flutters its wings in San Francisco... How is this still tricking people? From tagging to bagging Huge thanks to our sponsor, Prophet Security Security teams are drowning in alerts - many companies generate upwards of 1000 or more alerts a day, and nearly half go ignored. That’s where Prophet Security comes in. Their AI SOC platform a…
…
continue reading

1
SANS Stormcast Tuesday, August 26th, 2025: Decoding Word Reading Location; Image Downscaling AI Vulnerability; IBM Jazz Team Server Vuln
5:01
5:01
Play later
Play later
Lists
Like
Liked
5:01Reading Location Position Value in Microsoft Word Documents Jessy investigated how Word documents store the last visited document location in the registry. https://isc.sans.edu/diary/Reading%20Location%20Position%20Value%20in%20Microsoft%20Word%20Documents/32224 Weaponizing image scaling against production AI systems AI systems often downscale imag…
…
continue reading

1
Between Two Nerds: Teenage hackers are like goldfish
29:25
29:25
Play later
Play later
Lists
Like
Liked
29:25In this edition of Between Two Nerds, Tom Uren and The Grugq talk about how the teenage hacking groups Scattered Spider, Lapsus$ and Shiny Hunters are collaborating. They examine whether this is bad news and what will it take to slow these wrecking crews down. Plus, how teenage hackers are like goldfish. This episode is also available on Youtube. S…
…
continue reading

1
Enhancing Humans in Your SOC with RedCarbon
14:56
14:56
Play later
Play later
Lists
Like
Liked
14:56All links and images can be found on CISO Series. In this episode, Simone Rapizzi, CSO at RedCarbon, explains how their AI-powered platform uses specialized models to automate threat detection and response while learning from each customer's unique environment. Joining him are Jonathan Waldrop, former CISO, and John Scrimsher, CISO at Kontoor Brand…
…
continue reading

1
Malicious Go module, new Mirai botnet, Silk Typhoon exploits cloud
9:26
9:26
Play later
Play later
Lists
Like
Liked
9:26Malicious Go module steals credentials via Telegram Mirai-based botnet resurfaces targeting systems globally Silk Typhoon hackers exploit cloud trust to hack downstream customers Huge thanks to our sponsor, Prophet Security Ever feel like your security team is stuck in a loop of alert fatigue and manual investigations? Meet Prophet Security. Their …
…
continue reading

1
Public Wi-Fi Myths: Why You’re Probably Safer Than You Think
17:40
17:40
Play later
Play later
Lists
Like
Liked
17:40Public Wi-Fi has a bad reputation — but in 2025, the “you’ll get hacked instantly” fear is largely outdated. In this episode, Tom and Kevin dig into real research and modern protections that make most public Wi-Fi connections reasonably safe. We’ll explore why HTTPS, device security, and updated standards have drastically reduced the risks, what th…
…
continue reading

1
SANS Stormcast Monday, August 25th, 2025: IP Cleanup; Linux Desktop Attacks; Malicious Go SSH Brute Forcer; Onmicrosoft Domain Restrictions
6:04
6:04
Play later
Play later
Lists
Like
Liked
6:04The end of an era: Properly formatted IP addresses in all of our data. When initiall designing DShield, addresses were zero padded , an unfortunate choice. As of this week, datafeeds should no longer be zero padded . https://isc.sans.edu/diary/The%20end%20of%20an%20era%3A%20Properly%20formated%20IP%20addresses%20in%20all%20of%20our%20data./32228 .d…
…
continue reading

1
Risky Bulletin: Hackers sabotage Iranian ships at sea, again
6:12
6:12
Play later
Play later
Lists
Like
Liked
6:12Hackers sabotage Iranian ships for a second time this year, mass cybercrime arrests across Africa, South Korea extradites a Chinese man behind celebrity hacks, and a French supermarket chain discloses a data breach. Show notes Risky Bulletin: Hackers sabotage Iranian ships at sea, again
…
continue reading

1
Sponsored: Why threat actors hate Okta FastPass
14:26
14:26
Play later
Play later
Lists
Like
Liked
14:26In this Risky Business News sponsor interview Tom Uren talks to Brett Winterford, Okta’s VP of Threat Intelligence about FastPass. Brett explains what it is, how Okta uses it and why threat actors avoid it. Show notes
…
continue reading

1
Episode 124 — Misconfigured NICs and VLANs — Interface Troubleshooting Tactics
11:17
11:17
Play later
Play later
Lists
Like
Liked
11:17This episode explains how misconfigured network interface cards (NICs) and VLAN settings can disrupt server connectivity. We cover issues such as incorrect VLAN tagging, mismatched speed and duplex settings, and disabled interfaces. The discussion includes how multi-NIC configurations require careful planning for load balancing, redundancy, or VLAN…
…
continue reading

1
Episode 123 — Network Connectivity Issues — DHCP, DNS, and Route Problems
11:23
11:23
Play later
Play later
Lists
Like
Liked
11:23This episode focuses on diagnosing network connectivity failures by examining IP assignment, name resolution, and routing paths. We explain how DHCP misconfigurations can lead to incorrect or missing IP addresses, how DNS issues prevent hostname resolution, and how routing problems can block communication between subnets or external networks. We pr…
…
continue reading

1
Episode 122 — Configuration and Service Failures — Improper Setup and Missing Resources
10:24
10:24
Play later
Play later
Lists
Like
Liked
10:24This episode covers how incorrect configurations and missing dependencies can prevent services from starting or functioning correctly. We discuss common causes, such as incorrect file paths, insufficient permissions, or disabled services. Identifying these issues often requires checking configuration files, logs, and service dependencies. Practical…
…
continue reading

1
Episode 121 — Dependency and Update Conflicts — Software Incompatibility Resolution
10:24
10:24
Play later
Play later
Lists
Like
Liked
10:24This episode explains how dependency issues and update conflicts can cause application or service failures. We discuss scenarios where software relies on specific versions of libraries, frameworks, or drivers, and how updates can inadvertently break functionality by replacing or removing required components. The importance of maintaining compatibil…
…
continue reading

1
Episode 119 — Partition and Filesystem Errors — Misalignment, Corruption, and Boot Failures
10:52
10:52
Play later
Play later
Lists
Like
Liked
10:52This episode examines how partition and file system errors can impact server operations. We explain problems such as partition misalignment reducing performance, corruption preventing access to data, and boot failures caused by damaged boot sectors or missing system files. The discussion includes how these issues can originate from improper setup, …
…
continue reading

1
Episode 118 — HBA and Controller Issues — Advanced Storage Adapter Failures
10:47
10:47
Play later
Play later
Lists
Like
Liked
10:47This episode focuses on diagnosing problems with host bus adapters (HBAs) and storage controllers, which are critical for connecting servers to storage devices. We discuss symptoms of adapter failure, such as intermittent connectivity, degraded performance, and device detection errors. Configuration mismatches, outdated firmware, and driver incompa…
…
continue reading

1
Episode 117 — Storage Failures — Mount Errors, Slow Access, and File Corruption
10:56
10:56
Play later
Play later
Lists
Like
Liked
10:56This episode covers how to identify and resolve storage-related failures in server environments. We explain symptoms such as inability to mount volumes, significantly degraded read/write speeds, and corrupted files. Common causes include failing drives, controller faults, cabling issues, and file system corruption. Real-world and exam-relevant exam…
…
continue reading

1
Episode 116 — RAID Misconfigurations — Faulty Arrays, Rebuilds, and Bad Sectors
10:44
10:44
Play later
Play later
Lists
Like
Liked
10:44This episode explains how RAID misconfigurations can lead to degraded performance, data loss, or complete array failure. We discuss common causes such as incorrect drive order, mismatched drive sizes, incompatible RAID levels for the workload, and improper rebuild procedures. The importance of verifying configuration settings against vendor guideli…
…
continue reading

1
Episode 115 — Visual and Auditory Cues — LED, LCD, and Unusual Sounds or Smells
10:26
10:26
Play later
Play later
Lists
Like
Liked
10:26This episode examines how to use visual and auditory indicators to troubleshoot hardware problems. We discuss interpreting status LEDs, reading LCD panel error codes, and recognizing abnormal sounds such as failing fans or clicking drives. The importance of detecting unusual smells, like burnt circuitry, as a sign of component failure is also cover…
…
continue reading