))
This is a weekly podcast on cyber security domains. We discuss, dissect and demystify the world of security by providing an in-depth coverage on the cybersecurity topics that matter most. All these in plain easy to understand language. Like it, share it, and most importantly enjoy it!
…
continue reading
A podcast that helps us understand human vulnerability and how we can defend against the attacks that exploit us.
…
continue reading
Exploit brokers is dedicated to tech and hacking news commentary, hacking tutorials, and cyber security topics. Exploit brokers brings the knowledge of hacking to you. We review data breaches, malware infections, Botnet events, and other notable hacking events to learn how to better defend against it by getting in the mind of hackers. #cybersecurity #hackingnews #cybersec #whitehat
…
continue reading
Cypher Tech Hacks is an electrifying deep dive into the world of cyber scams and digital deceptions, where host Alex Cipher unpacks intricate hacking techniques into simple, step-by-step explanations. Each episode dissects legendary cyber exploits and high-tech frauds, making complex digital heists accessible and engaging for tech enthusiasts. Beyond the captivating tales, the podcast empowers listeners with practical insights and preventive measures to fortify their digital defenses.
…
continue reading
We Cover the Cyberspace.
…
continue reading
DIY Cyber Guy, hosted by David W. Schropfer, offers a approachable exploration of cybersecurity, emerging technologies (like AI and Quantum Computing) for all knowledge levels. Through dynamic podcasts, expert interviews, and engaging blog posts, DIY Cyber Guy provides practical, easy-to-apply tips to stay ahead of tech trends and protect your digital world. Whether you’re curious about cutting-edge tech or looking to secure your online life, DIY Cyber Guy makes complex topics both fun and a ...
…
continue reading
1
Security Insights - Cybersecurity for Real-World Workplaces
Ivanti: Cybersecurity and Information Technology Solutions
6
50
Welcome to Security Insights, where best-practice cybersecurity meets the real-world risks facing workplaces every day. Ivanti's VP of Product Management, Chris Goettl, brings in a rotating cast of guests to discuss the strategies and tactics that truly matter to the security teams protecting organizations, agencies and businesses like yours.
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Daily run down of top cyber and tech current events
…
continue reading
Updates on the latest cybersecurity threats to businesses, data breach disclosures, and how you can secure your firm in an increasingly risky time.
…
continue reading
The Breach Report gives you a front-row seat to the latest cybersecurity news and insights, as Rense and Robert share practical takeaways from their day-to-day work in threat intelligence and incident response. Take theory into action!
…
continue reading
Join CovertSwarm and special guests, as they discuss the latest Cyber Security news, trends, 0-day exploits and research. www.covertswarm.com
…
continue reading
A comedy podcast about shame- because no one roasts you harder than yourself! Each week, psychotherapist-turned-comedian Ely Kreimendahl exploits her therapy skills to talk all-things-shame with a new special guest. Every guest shares a core story of something that once made them spiral HARD, answers both silly and emotionally complicated questions, and even if these conversations are ACCIDENTALLY therapeutic, it's not therapy.... Ely goes ALL IN on sharing her shame, too. Does coming togeth ...
…
continue reading
Welcome to The MLSecOps Podcast, presented by Protect AI. Here we explore the world of machine learning security operations, a.k.a., MLSecOps. From preventing attacks to navigating new AI regulations, we'll dive into the latest developments, strategies, and best practices with industry leaders and AI experts. Sit back, relax, and learn something new with us today. Learn more and get involved with the MLSecOps Community at https://bit.ly/MLSecOps.
…
continue reading
Daily Security Review, the premier source for news and information on security threats, Ransomware and vulnerabilities
…
continue reading
Human trafficking is one of the greatest injustices in our world today. It’s the exploitation of vulnerable people for their bodies and labor. It’s modern-day slavery, and it’s generating billions of dollars each year. In this podcast, we will unpack the problem of human trafficking, share powerful stories from the frontlines, hear from thought leaders in the fight for freedom, and equip you to make a difference–right where you are. A21 is a global anti-human trafficking organization operati ...
…
continue reading
The Hub of the Infosec Community. A daily podcast with host and CISO James Azar delivering the latest cybersecurity headlines without the FUD and addressing risk, impact, and mitigation for cybersecurity practitioners globally. The show airs live at 9AM EST Monday through Thursday on YouTube, LinkedIn, Facebook, Twitter and Twitch. Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We want to be a valuable source to assist those cybersecuri ...
…
continue reading
Eric Payne, a divorced dad and retired marriage & fatherhood blogger, tells the comedic tale of his "Chapter 2" — having to start life over brand new after a divorce he didn't want. What Does Starting Over Mean? Although "free” for the first time in 15 years, Eric has years of baggage and a stubborn desire to hold on to the past which initially keeps him stuck as he tries to move in a world way different than the one where he first met his ex-wife in the year 2000. From one-night stands to g ...
…
continue reading
15 Minutes with the Boss is a podcast that gives listeners exclusive access to some of the top CEOs in the country. Each week AFR BOSS editor Sally Patten sits down with a prominent leader and asks them to share the invaluable advice and wisdom they have accumulated throughout their careers. For stories of success and failure and everything in-between, search and follow 15 Minutes with the Boss. It’s 15 minutes you can’t afford to miss.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Youtube: https://www.youtube.com/@ProofOfPodcast
…
continue reading
Flash cybersecurity advisories from the US Government. These alerts provide timely technical and operational information, indicators of compromise, and mitigations for current major security threats, vulnerabilities, and exploits. These alerts have been edited and adapted for audio by N2K Networks as a public service.
…
continue reading
This podcast features all things related to Information Security and Cyber Security
…
continue reading
Bringing you vital facts and perspectives on Islamist extremism and how to combat it directly from leading activists in the field. Clarion Podcast is brought to you by Clarion Project, dedicated to challenging Islamist extremism and promoting dialogue with Muslim human rights activists.
…
continue reading
The Mobile Security Show is a series of panel discussions on the emerging security trends and standards for high-powered mobile computing. Each episode is hosted by tech guru Veronica Belmont and security expert Dino Dai Zovi. The full video of each panel is available from the AT&T Tech Channel at http://techchannel.att.com
…
continue reading
The Mobile Security Show is a series of panel discussions on the emerging security trends and standards for high-powered mobile computing. Each episode is hosted by tech guru Veronica Belmont and security expert Dino Dai Zovi. The full video of each panel is available from the AT&T Tech Channel at http://techchannel.att.com
…
continue reading
A lively discussion of the threats affecting supply chain, specifically focused on firmware and low-level code that is a blind spot for many organizations. This podcast will feature guests from the cybersecurity industry discussing the problems surrounding supply chain-related issues and potential solutions.
…
continue reading
1
Food Supply Chain Under Attack, Ivanti Exploited Again, China Targets Saudi Arabia, O2 Service Vulnerability
19:04
19:04
Play later
Play later
Lists
Like
Liked
19:04
🎙️ Food Supply Chain Under Attack, Ivanti Exploited Again, China Targets Saudi Arabia, O2 Service Vulnerability 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 913: Today’s episode will discuss the latest news as Food Supply Chain Under Attack more news below: · NHS Cyber Attacks · …
…
continue reading
1
Mark's and Spencer Data Breach, Vulnerable Routers, Fortinet Exploits, and New Ransomware Threats
8:38
8:38
Play later
Play later
Lists
Like
Liked
8:38
In this episode of Cybersecurity Today, host Jim Love covers recent cybersecurity incidents including a data breach at Mark's and Spencer, the FBI's alert on outdated routers being exploited, and critical Fortinet vulnerabilities actively used in attacks. Additionally, the episode discusses a researcher’s proof of concept showing how ransomware can…
…
continue reading
1
#75 - The Dark Side of AI: When will Autonomous AI Cyber Weapons Begin?
34:02
34:02
Play later
Play later
Lists
Like
Liked
34:02
AI is changing security fast—hear how Deep Sentinel stops crime in real time and why AI scams are the next big threat. Must-listen for staying ahead! With DeepSentinel CEO and AI expert Dave Selinger.By Extra Something Media
…
continue reading
1
AI Agent Security: Threats & Defenses for Modern Deployments
31:39
31:39
Play later
Play later
Lists
Like
Liked
31:39
Send us a text Researchers Yifeng (Ethan) He and Peter Rong join host Madi Vorbrich to break down their paper "Security of AI Agents." They explore real-world AI agent threats, like session hijacks and tool-based jailbreaks, and share practical defenses, from sandboxing to agent-to-agent protocols. Full transcript with links to resources available …
…
continue reading
1
Coinbase Breach Impact Revealed, Cellcom Disruption by Cyberattack, M&S Breach To Hit $402M
18:08
18:08
Play later
Play later
Lists
Like
Liked
18:08
🎙️ Coinbase Breach Impact Revealed, Cellcom Disruption by Cyberattack, M&S Breach To Hit $402M 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 914: Today’s episode will discuss the latest news as Coinbase Breach Impact Revealed more news below: · SK Telecom Breach Debrief · Alabama …
…
continue reading
1
Microsoft Emergency Patch, Pwn2Own Berlin 2025 Highlights, and Emerging Cybersecurity Threats
10:01
10:01
Play later
Play later
Lists
Like
Liked
10:01
In this episode of 'Cybersecurity Today,' host Jim Love discusses several urgent cybersecurity topics. Microsoft has released an emergency patch after a recent Windows update caused BitLocker recovery mode on certain systems, locking users out without warning. The issue stems from the May security update affecting systems using Intel, vPro chips, a…
…
continue reading
1
SANS Stormcast Wednesday, May 21st 2025: Researchers Scanning the Internet; Forgotten DNS Records; openpgp.js Vulneraiblity
7:51
7:51
Play later
Play later
Lists
Like
Liked
7:51
Researchers Scanning the Internet A newish RFC, RFC 9511, suggests researchers identify themselves by adding strings to the traffic they send, or by operating web servers on machines from which the scan originates. We do offer lists of researchers and just added three new groups today https://isc.sans.edu/diary/Researchers%20Scanning%20the%20Intern…
…
continue reading
1
Arla Foods Upahl Site Hit by Cyberattack—What It Means for Food Supply Chains
17:58
17:58
Play later
Play later
Lists
Like
Liked
17:58
In May 2025, a cyberattack disrupted operations at Arla Foods’ major dairy facility in Upahl, Germany—halting skyr production, impacting local IT systems, and forcing product delivery delays. This episode explores how a ransomware incident brought one of Europe’s leading food manufacturers to a standstill, revealing how vulnerable the food industry…
…
continue reading
1
Bypassing Antivirus: What Defendnot Reveals About the Weak Spots in Windows Security
19:52
19:52
Play later
Play later
Lists
Like
Liked
19:52
In this episode, we dissect one of the most advanced Windows security evasion tools released in recent memory: Defendnot. Designed to exploit undocumented Windows Security Center APIs, this tool disables Windows Defender by impersonating a trusted antivirus and injecting its code into Microsoft-signed Task Manager. We explore how Defendnot bypasses…
…
continue reading
1
BreachRx Raises $15M to Automate the Chaos of Incident Response
11:46
11:46
Play later
Play later
Lists
Like
Liked
11:46
In this episode, we dive into BreachRx’s $15 million Series A raise — and what it means for the future of enterprise cybersecurity incident response. The intelligent SaaS platform promises to replace outdated, reactive playbooks with automated, tailored response plans that span legal, security, IT, and executive teams. With participation from top c…
…
continue reading
1
SANS Stormcast Tuesday, May 20th 2025: AutoIT Code RAT; Fake Keepass Download; Procolored Printer Software Compromise
6:41
6:41
Play later
Play later
Lists
Like
Liked
6:41
RAT Dropped By Two Layers of AutoIT Code Xavier explains how AutoIT was used to install a remote admin tool (RAT) and how to analyse such a tool https://isc.sans.edu/diary/RAT%20Dropped%20By%20Two%20Layers%20of%20AutoIT%20Code/31960 RVTools compromise confirmed Robware.net, the site behind the popular tool RVTools now confirmed that it was compromi…
…
continue reading
1
Melinda Petrunoff: The 20% rule for growth, her undelivered TED talk and why you shouldn’t hide your ambition
19:52
19:52
Play later
Play later
Lists
Like
Liked
19:52
On this week’s episode, Pinterest’s Australian MD Melinda Petrunoff, talks about the importance of feeling uncomfortable for 20% of her role, how communicating her career ambitions led to increased opportunities and she discusses the challenges of raising identical twins. This podcast is sponsored by Aussie Broadband. See omnystudio.com/listener fo…
…
continue reading
1
110,000+ Records Compromised: The NRS Cybersecurity Failure
15:14
15:14
Play later
Play later
Lists
Like
Liked
15:14
In this episode, we unpack the 2024 cybersecurity incident that rocked the debt collection and healthcare sectors: the massive data breach at Nationwide Recovery Services (NRS), a third-party collections agency and subsidiary of ACCSCIENT. Between July 5 and July 11, 2024, threat actors gained unauthorized access to NRS’s systems, exfiltrating sens…
…
continue reading
1
CISA Flags Chrome Vulnerability CVE-2025-4664: Patch Before June 5th
11:44
11:44
Play later
Play later
Lists
Like
Liked
11:44
In this episode, we break down the recently discovered and actively exploited Chrome vulnerability CVE-2025-4664—a high-severity flaw stemming from insufficient policy enforcement in Chrome’s Loader component. This vulnerability allows attackers to leak cross-origin data, including sensitive query parameters and session information, via crafted HTM…
…
continue reading
1
483,000 Patients at Risk: Catholic Health Vendor Breach Exposes Critical Data
11:35
11:35
Play later
Play later
Lists
Like
Liked
11:35
In this episode, we dive deep into a newly disclosed healthcare data breach affecting over 483,000 patients of Catholic Health, stemming from a misconfigured Elasticsearch database maintained by third-party vendor Serviceaide. From September 19 to November 5, 2024, the database was inadvertently exposed to the public internet, putting highly sensit…
…
continue reading
1
Coinbase Breach Hype, UK Legal Aid Breach, Japan Offensive Cyber Operations, Chrome Zero Day
19:16
19:16
Play later
Play later
Lists
Like
Liked
19:16
🎙️ Coinbase Breach Hype, UK Legal Aid Breach, Japan Offensive Cyber Operations, Chrome Zero Day 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 912: Today’s episode will discuss the latest news as Coinbase Breach Hype more news below: · Pwn2Own Berlin · Israel Arrests Nomad Bridge A…
…
continue reading
1
Ep. 305 - Security Awareness Series - Using Empathy to Not Become a Mushroom with Julie Chatman
36:37
36:37
Play later
Play later
Lists
Like
Liked
36:37
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Julie Chatman. Julie is a distinguished cybersecurity executive with nearly two decades of experience in cybersecurity strategy, risk management, and AI governance. She began her career in the U.S. Navy, serving on active duty as a Hospital Corpsman specializing…
…
continue reading
1
SANS Stormcast Monday, May 18th 2025: xorsearch python functions; pwn2own Berlin; senior govt official impersonation; dynamic domain risk
6:30
6:30
Play later
Play later
Lists
Like
Liked
6:30
xorsearch.py: Python Functions Didier s xorsearch tool now supports python functions to filter output https://isc.sans.edu/diary/xorsearch.py%3A%20Python%20Functions/31858 Pwn2Own Berlin 2025 Last weeks Pwn2Own contest in Berlin allowed researchers to demonstrate a number of new exploits with a large focus on privilege escalation and virtual machin…
…
continue reading
1
The Monthly Cybersecurity Review: Data Breaches, Ransomware, and Critical Infrastructure
56:44
56:44
Play later
Play later
Lists
Like
Liked
56:44
In this episode of 'Cybersecurity Today', host Jim Love is joined by panelists Laura Payne from White Tuque and David Shipley from Beauceron Security to review significant cybersecurity events over the past month. The discussion covers various impactful stories such as the disappearance of a professor, a data breach at Hertz, and government officia…
…
continue reading
1
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More... - SWN #477
33:54
33:54
Play later
Play later
Lists
Like
Liked
33:54
Steganography, RICO, CMMC, End of 10, AI is coming for you, Aaran Leyland and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-477
…
continue reading
1
Chrome's New Vulnerability CVE-2025-4664: A Security Flaw That Can Lead to Account Takeover
9:19
9:19
Play later
Play later
Lists
Like
Liked
9:19
In this episode, we take an in-depth look at the newly discovered CVE-2025-4664 vulnerability in Google Chrome’s Loader component. This high-severity security flaw is affecting not only Chrome but also other Chromium-based browsers, including Microsoft Edge, Brave, Opera, and Vivaldi. The issue lies in insufficient policy enforcement within the bro…
…
continue reading
1
Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands
11:52
11:52
Play later
Play later
Lists
Like
Liked
11:52
In this episode, we dive deep into the recent wave of cyberattacks plaguing major UK retailers such as Marks & Spencer, Co-op, and Harrods, with a special focus on the threat group behind them: Scattered Spider (also known as UNC3944, Muddled Libra, and several other aliases). We'll explore how this loosely coordinated cybercriminal group has expan…
…
continue reading
1
Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security
10:18
10:18
Play later
Play later
Lists
Like
Liked
10:18
In a major move within the cybersecurity space, Proofpoint has announced the acquisition of Hornetsecurity for over $1 billion. This deal significantly strengthens Proofpoint’s foothold in Microsoft 365 security, while expanding its reach into the small and mid-sized business (SMB) market through Hornetsecurity’s extensive network of managed servic…
…
continue reading
1
Cybersecurity Updates: Major Ransomware Attacks Thwarted and Illegal Marketplaces Shut Down
8:13
8:13
Play later
Play later
Lists
Like
Liked
8:13
In this episode, Jim Love discusses significant cybersecurity events including Coinbase's refusal to pay a $20 million ransom after a data breach, Broadcom's patch for VMware tools vulnerabilities, and Telegram's shutdown of two illegal marketplaces handling $35 billion in transactions. The episode also covers the Co-op’s preemptive measures to thw…
…
continue reading
1
SANS Stormcast Friday, May 16th: Increase in Sonicwall Scans; RVTools Compromised?; RountPress
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
Web Scanning SonicWall for CVE-2021-20016 - Update Scans for SonicWall increased by an order of magnitude over the last couple of weeks. Many of the attacks appear to originate from Global Host , a low-cost virtual hosting provider. https://isc.sans.edu/diary/Web%20Scanning%20SonicWall%20for%20CVE-2021-20016%20-%20Update/31952 Google Update Patches…
…
continue reading
This week in the security news: Android catches up to iOS with its own lockdown mode Just in case, there is a new CVE foundation Branch privilege injection attacks My screen is vulnerable The return of embedded devices to take over the world - 15 years later Attackers are going after MagicINFO Hacking Starlink Mitel SIP phones can be hacked Reversi…
…
continue reading
1
Supply-Chain Carnage: Chinese Hack Drone Makers, Nucor Steel Knocked Offline, Scattered Spider Mauls Retail, Chrome 0-Day
22:08
22:08
Play later
Play later
Lists
Like
Liked
22:08
🎙️ Supply-Chain Carnage: Chinese Hack Drone Makers, Nucor Steel Knocked Offline, Scattered Spider Mauls Retail, Chrome 0-Day 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 911: Today’s episode will discuss the latest news as Supply-Chain Carnage: Chinese Hack Drone Makers more news…
…
continue reading
1
SANS Stormcast Thursday, May 15th: Google Open Redirects; Adobe, Ivanti, and Samsung patches
6:16
6:16
Play later
Play later
Lists
Like
Liked
6:16
Another day, another phishing campaign abusing google.com open redirects Google s links from it s maps page to hotel listings do suffer from an open redirect vulnerability that is actively exploited to direct users to phishing pages. https://isc.sans.edu/diary/Another%20day%2C%20another%20phishing%20campaign%20abusing%20google.com%20open%20redirect…
…
continue reading
1
Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500
22:55
22:55
Play later
Play later
Lists
Like
Liked
22:55
In this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. Threat actors have been leveraging these flaws since January 2025 to gain unauthenticated access, upload malicious web shells, and ultimately achieve remote code execution by chaining an insecure deseria…
…
continue reading
Send us a text Part 2 with Gavin Klondike dives into autonomous AI agents—how they really work, the attack paths they open, and practical defenses like least-privilege APIs and out-of-band auth. A must-listen roadmap for anyone building—or defending—the next generation of AI applications. Full transcript with links to resources available at https:/…
…
continue reading
1
Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown
16:19
16:19
Play later
Play later
Lists
Like
Liked
16:19
The recent ransomware attack on Marks & Spencer (M&S) is a sobering example of the evolving cyber threat landscape confronting the retail industry. In this episode, we unpack how one of the UK's most iconic retailers fell victim to a sophisticated cybercriminal group known as Scattered Spider. This group, recognized for its advanced social engineer…
…
continue reading
1
5 Microsoft 0days Patched, Fortinet Zeroday, WeChat Money Laundering, Alabama Cyberattack, Ukraine Cyber Spying
24:19
24:19
Play later
Play later
Lists
Like
Liked
24:19
🎙️ 5 Microsoft 0days Patched, Fortinet Zeroday, WeChat Money Laundering, Alabama Cyberattack, Ukraine Cyber Spying 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 910: Today’s episode will discuss the latest news as 5 Microsoft 0days Patched more news below: · SAP Patches Another Ne…
…
continue reading
1
Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast
10:09
10:09
Play later
Play later
Lists
Like
Liked
10:09
In this episode, we break down Apple’s massive May 2025 security update blitz—a sweeping patch release that spanned iOS, macOS, iPadOS, tvOS, visionOS, and watchOS. The urgency? Two zero-day vulnerabilities, CVE-2025-31200 (Core Audio) and CVE-2025-31201 (Core Media), were already under active exploitation in what experts are calling “extremely sop…
…
continue reading
1
CISO Communication and Hiring, as they Combat Threat and Penetration Testing Trends - Derek Manky, Gunter Ollmann - BSW #395
1:06:28
1:06:28
Play later
Play later
Lists
Like
Liked
1:06:28
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap’ to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by …
…
continue reading
1
NotPetya: The Cyber Bomb That Masqueraded as Ransomware
7:53
7:53
Play later
Play later
Lists
Like
Liked
7:53
What if the ransomware locking your files was never meant to make money—but to wipe out everything you’ve built? In this explosive episode, Alex Cipher walks you through the devastating 2017 NotPetya attack. From its origins in Ukraine’s MeDoc software to its global ripple effect on companies like Maersk, FedEx, and Merck, this hack rewrote the rul…
…
continue reading
1
SANS Stormcast Wednesday, May 14th: Microsoft Patch Tuesday; 0-Days patched for Ivanti Endpoint Manager and Fortinet Products
6:38
6:38
Play later
Play later
Lists
Like
Liked
6:38
Microsoft Patch Tuesday Microsoft patched 70-78 vulnerabilities (depending on how you count them). Five of these vulnerabilities are already being exploited. In particular, a remote code execution vulnerability in the scripting engine should be taken seriously. It requires the Microsoft Edge browser to run in Internet Explorer mode. https://isc.san…
…
continue reading
1
Deepfake, South Korea, Moonlander, ChineseAI, FBI, AI damages professional reputation - SWN #476
29:03
29:03
Play later
Play later
Lists
Like
Liked
29:03
Deepfake porn, South Korea, Operation Moonlander, Chinese AI, FBI, AI use damages professional reputation, Joshua Marpet and More Show Notes: https://securityweekly.com/swn-476
…
continue reading
1
Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations
10:35
10:35
Play later
Play later
Lists
Like
Liked
10:35
In this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U.S. history. This isn't just about numbers; it's about how data privacy enforcement is shifting dramatically at the state level in the absence of federal legislation. We dive deep into the Texas Capture…
…
continue reading
1
Marbled Dust's Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
9:40
9:40
Play later
Play later
Lists
Like
Liked
9:40
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the Output Messenger platform—a self-hosted enterprise chat application. This vulnerability (CVE-2025-27920) resides in the Output Messenger Server Manager and allows …
…
continue reading
1
Apple Patches Security Flaws, Microsoft Zeroday Spy Campaign, GlobalX Breach, Co-Op Breach Remains Active
18:54
18:54
Play later
Play later
Lists
Like
Liked
18:54
🎙️ Apple Patches Security Flaws, Microsoft Zeroday Spy Campaign, GlobalX Breach, Co-Op Breach Remains Active 🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Ep – 909: Today’s episode will discuss the latest news as $ Apple Patches Security Flaws more news below: · Output Messenger Zeroda…
…
continue reading
1
TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP
14:14
14:14
Play later
Play later
Lists
Like
Liked
14:14
In this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage, a message archiving app recently thrust into the spotlight due to its use by former National Security Advisor Mike Waltz. Following Waltz’s controversial tenure—marked by the "Signalgate" leak and the subsequent appearance of TeleMessage on his phone—researchers un…
…
continue reading
1
Secure Code Reviews, LLM Coding Assistants, and Trusting Code - Rey Bango, Karim Toubba, Gal Elbaz - ASW #330
1:09:38
1:09:38
Play later
Play later
Lists
Like
Liked
1:09:38
Developers are relying on LLMs as coding assistants, so where are the LLM assistants for appsec? The principles behind secure code reviews don't really change based on who write the code, whether human or AI. But more code means more reasons for appsec to scale its practices and figure out how to establish trust in code, packages, and designs. Rey …
…
continue reading
1
SANS Stormcast Tuesday, May 12th: Apple Patches; Unipi Technologies Scans;
6:29
6:29
Play later
Play later
Lists
Like
Liked
6:29
Apple Updates Everything Apple patched all of its operating systems. This update ports a patch for a recently exploited vulnerability to older versions of iOS and macOS. https://isc.sans.edu/diary/31942 It Is 2025, And We Are Still Dealing With Default IoT Passwords And Stupid 2013 Router Vulnerabilities Versions of the Mirai botnet are attacking d…
…
continue reading
1
Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE
25:18
25:18
Play later
Play later
Lists
Like
Liked
25:18
A new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we break down how threat actors published malicious modules—sw-cur, sw-cur1, and aiide-cur—promising cheap access to Cursor's AI features. Once installed, these packages function as backdoors, stealing cred…
…
continue reading
1
John Longmire: Performing under pressure, how to instil loyalty and the ‘seven out of ten’ rule
20:05
20:05
Play later
Play later
Lists
Like
Liked
20:05
In this week’s episode, John Longmire, the executive director of club performance at the Sydney Swans talks about the relentless pressure athletes are under and the strategies they use to help them focus, how sharing the spoils of success can foster a positive work environment and why it's OK for senior leaders to make mistakes. This podcast is spo…
…
continue reading
1
160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch
9:23
9:23
Play later
Play later
Lists
Like
Liked
9:23
In this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. Over 160,000 individuals are potentially impacted, with exposed data including Social Security numbers, driver’s license information, and financial account details. We explore how the breac…
…
continue reading
