Podcast Episodes
Back to SearchSecurity risks in the hardware and software supply chains. Patches and proofs-of-concept. A look at recent incidents hitting major corporations. Online surveillance and social credit in Russia.
Season 7 Episode 1921
Apple patches actively exploited iOS 17 vulnerability. Qakbot's survival of a major takedown. BADBOX puts malware into the device supply chain. LoonyTunables and a privilege-escalation risk. Scattere…
Published on 2 years, 2 months ago
A phishnet for the C-suite. Rootkit delivered by typosquatting. Stream-jacking in YouTube. Risk management. Hybrid war, and the laws thereof.
Season 7 Episode 1920
EvilProxy phishes for executives. Typosquatting to deliver a rootkit. Stream-jacking on YouTube. A global look at risk management. Assistance from a diverse set of international partners. In our Solu…
Published on 2 years, 2 months ago
Where ICS touches the Internet. BunnyLoader traded in C2C markets. Phantom Hacker scams. API risks. Cybersecurity attitudes and behavior. DHS IG reports on two cyber issues. Updates on the hybrid war.
Season 7 Episode 1919
Nearly 100,000 ICS services exposed to the Internet. BunnyLoader in the C2C market. Phantom Hacker scams. API risks. Cybersecurity attitudes and behaviors. Homeland Security IG finds flaws in TSA pip…
Published on 2 years, 2 months ago
Adventures of ransomware, and other developments in cybercrime. Cyberespionage and hybrid warfare. A government shutdown averted. Cybersecurity Awareness Month is underway.
Season 7 Episode 1918
Double-tapping ransomware hits the same victim twice. Exim mail servers are found exposed to attack. Iran's OilRig deploys Menorah malware against Saudi targets. North Korea's Lazarus Group targets a…
Published on 2 years, 2 months ago
Ted Wagner: Get that hands on experience. [CISO] [Career Notes]
Season 4 Episode 169
This week, we are joined by Ted Wagner, Chief Information Security Officer at SAP National Security Services, or SAP NS2. Ted sits down to share his story on how he got introduced into the industry a…
Published on 2 years, 2 months ago
Downloading cracked software. [Research Saturday]
Season 7 Episode 301
David Liebenberg from Cisco Talos joins to discussing Talos' discovery of cracked Microsoft Windows software being downloaded by enterprise users across the globe. Downloading and running this compro…
Published on 2 years, 2 months ago
Malicious ads in a chatbot. A vulnerability gets some clarification. Cl0p switches from Tor to torrents. Influence operations as an adjunct to WMD. And NSA’s new AI Security Center.
Season 7 Episode 1917
Malicious ads in a chatbot. Google provides clarification on a recent vulnerability. Cl0p switches from Tor to torrents. Influence operations as an adjunct to weapons of mass destruction. Our guest J…
Published on 2 years, 2 months ago
Buckworm APT’s specialized tools. Cyberattack against Johnson Controls. Oversight panel reports on Section 702. Cyber in election security, and in the US industrial base. Hacktivism versus Russia.
Season 7 Episode 1916
The Budworm APT's bespoke tools. Johnson Controls sustains a cyberattack. The US Privacy and Civil Liberties Oversight Board reports on Section 702. The looming government shutdown and cyber risk. Cy…
Published on 2 years, 2 months ago
What up in the underworld’s C2C markets. An update on the Sony hack claims. Notes on cyberespionage, from Russia, China, and parts unknown. And there’s a market for bugs.
Season 7 Episode 1915
A Joint Advisory warns of Beijing's "BlackTech" threat activity. ShadowSyndicate is a new ransomware as a service operation. A Smishing Triad in the UAE. Openfire flaw actively exploited against serv…
Published on 2 years, 2 months ago
Crooks phish for guests; spies phish for drone operators. ZenRAT is used in an info-stealing campaign. More MOVEit-related incidents (some involving Cl0p). DeFi platforms hit. The UK hunts forward.
Season 7 Episode 1914
An advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdraw…
Published on 2 years, 2 months ago