Zero Days Related Cybersecurity Podcasts

CyberWire Daily

Thu, 18 Dec 2025 21:10:00 -0000

OneView gives attackers the full tour.

-
Hewlett Packard Enterprise patches a maximum-severity vulnerability in its OneView infrastructure management software. Cisco warns a critical zero-day is under active exploitation. An emergency Chrome update fixes two high-severity vulnerabilities. French authorities make multiple arrests. US authorities dismantle an unlicensed crypto exchange accused of money laundering. SonicWall highlights an exploited zero-day. Researchers earn $320,000 for demonstrating critical remote code execution flaws in cloud infrastructure components. A U.S. Senator urges electronic health record vendors to give patients greater control over who can access their medical data. Our guest is Larry Zorio, CISO from Mark43, discussing first responders and insider cyber risks.

Wed, 25 Dec 2024 08:00:00 -0000

The CyberWire: The 12 Days of Malware. [Special edition]

-
Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game!Check out our video for the full effect! The 12 Days of Malware lyrics On the first day of Christmas, my malware gave to me: A keylogger logging my keys. On the second day of

Tue, 26 Nov 2024 21:10:00 -0000

Taking aim at cybercrime.

-
Smashing cybercrime syndicates. CyberVolk goes global. Tech troubles mostly resolved. A malware web weaved by Salt Typhoon targets global sectors. Love at first exploit. Ransomware attack on Blue Yonder brews trouble. Google faces a UK court battle. Lateral moves and lost data. I sit down with Clemence Poirer, Senior Cyberdefense Researcher at the Center for Security Studies (CSS) at ETH Zurich | Space Cybersecurity to discuss cybersecurity attacks in space. And finally, a Cybersecurity sales pitch goes rogue. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence

Wed, 14 Feb 2024 21:10:00 -0000

Its always DNS, but that may just be FUD.

-
Its always DNS, but that may just be FUD. The DoD notifies victims of a cloud email server leak. New Jersey cops sue online data brokers. Crooks use WiFi jammers to thwart security systems. A copyright case against OpenAI is partially dismissed. Patch Tuesday includes two actively exploited zero days. CharmingCypress gathers political intelligence. Ann Johnson from Microsoft Securitys Afternoon Cyber Tea podcast talks with Frank Cilluffo, Director for Cyber and Critical Infrastructure Security at the McCrary Institute of Auburn University, about cyber and critical infrastructure. And beware Cupids misleading arrow. Remember to leave us a 5-star rating and review

Sat, 23 Dec 2023 08:00:00 -0000

The CyberWire: The 12 Days of Malware. [Special Edition]

Mon, 30 Oct 2023 20:15:00 -0000

Bringing AI up rightrealizing its potential without its becoming a threat. (And how deepfakes might be an informational fleet-in-being.)

-
The Hive ransomware gang may be back, and rebranded. Coinminers exploit AWS IAM credentials. LockBit claims to have obtained sensitive information from Boeing. Ukrainian auxiliaries disrupt Internet service in Russian-occupied territory, while internet and telecoms are down in Gaza. Deepfakes have an effect even when they're not used. Joe Carrigan explains executive impersonations on social media. Our guest is David Brumley, cybersecurity professor at Carnegie Mellon and CEO of software security firm, ForAllSecure, discussing spooky zero days and vulnerabilities. And President Biden releases a US Executive Order on artificial intelligence. For links to all of today's stories check out our

Tue, 27 Jun 2023 20:15:00 -0000

Anatsa Trojan's new capabilities. Third-party breach hits airlines. Gas station blues. Whats up with the Internet Research Agency? Infrastructure threats. And DDoS grows more sophisticated.

-
Anatsa Trojan reveals new capabilities. Airlines report employee data stolen in a third-party breach. Canadian energy company SUNCOR reports a cyberattack. What of the Internet Research Agency? Microsoft warns of a rising threat to infrastructure. Joe Carrigan describes an ill-advised phishing simulation. Mr. Security Answer Person John Pescatore takes on zero days. And DDoS grows more sophisticated. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/122 Selected reading. Anatsa banking Trojan hits UK, US and DACH with new campaign (TreatFabric) Anatsa Android trojan now steals banking info from users in US, UK (BleepingComputer) Thousands

Sun, 25 Dec 2022 08:00:00 -0000

The CyberWire: The 12 Days of Malware.[Special Editions]

Thu, 06 Oct 2022 20:15:00 -0000

Updated mitigations for ProxyNotShell. Lloyds investigates cyber incident. Killnet hits US state government sites. Election security. Credential theft. Verdict in Uber breach case.

-
Microsoft updates mitigations for ProxyNotShell. Lloyd's of London investigates a suspected cyberattack. Killnet hits networks of US state governments. The FBI and CISA weigh in on election security. Credential theft in the name of Zoom. Tim Eades from Cyber Mentor Fund on the move to early-stage investing in times of war and recession. Our guest is Nick Lumsden of Tenacity Cloud on cloud infrastructure sprawl. The former security chiefat Uber was found guilty in a case involving data breach cover-up. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/193 Selected reading. Customer Guidance for

Mon, 03 Oct 2022 21:15:00 -0000

Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.

-
Two Microsoft Exchange zero-days exploited in the wild. A supply chain attack, possibly from Chinese intelligence services. Theres new Lazarus activity: bring-your-own-vulnerable-driver. The Mexican government falls victim to apparent hacktivism. Flying under partial mobilizations radar. Betsy Carmelite from Booz Allen Hamilton talks about addressing the cyber workforce skills gap. Our guest Rachel Tobac from SocialProof Security brings a musical approach to security awareness training. Hows your off-boarding program working out? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/190 Selected reading. Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server (CISA) Customer Guidance

Thu, 13 Jan 2022 21:15:00 -0000

A public-private conference takes up open source software security at the White House. MuddyWater attributed to Iran. Espionage and ransomware arrests.

-
A White House government-industry summit today addresses open-source software security. The US officially makes its second attribution of the week to a nation-state: it calls out Iran as the operator of the MuddyWater threat group. Israel arrests five on charges related to spying for Iran (theyre thought to have been recruited through catphishing). Citizen Lab finds Pegasus in Salvadoran phones. Ukraine arrests a ransomware gang. Thomas Etheridge from CrowdStrike on the importance of threat hunting for zero days. Our guest is Dr. David Bader of New Jersey Institute of Technology discussing the challenges of securing massive-scale analytics. And ransomware hits

Sat, 25 Dec 2021 08:00:00 -0000

The CyberWire: The 12 Days of Malware.

Mon, 15 Nov 2021 21:15:00 -0000

Official online channels hijacked in separate US, Philippine incidents. Update on MosesStaff, a ransomware group interested in politics, not profit. Costco breach. Ryuk money-laundering case.

-
Exploitation of a configuration error in the FBIs Law Enforcement Enterprise Portal enables hackers to send bogus warning emails. Philippine Office of Civil Defense Twitter account briefly hijacked. Update on Iranian politically motivated threat group MosesStaff. Discount retailer Costco discloses a point-of-sale skimmer incident. Dinah Davis from Arctic Wolf track zero days. Rick the Toolman Howard drops by the studio. And the US seeks extradition of a Russian alt-coin baron on charges of laundering Ryuks money. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/219 Learn more about your ad choices. Visit megaphone.fm/adchoices

Fri, 05 Mar 2021 21:35:00 -0000

SUNSHUTTLE backdoor described. What the Exchange Server campaign was after. Misconfigured clouds. Airline IT service provided attacked. Criminal-on-criminal crime.

-
A new second-stage backdoor has been found in a SolarWinds compromise victim. Those exploiting the now-patched Exchange Server zero days seem to have done so to establish a foothold in the targeted systems. India continues to investigate a Chinese cyber threat to its infrastructure. Misconfigured clouds leak mobile app data. A major airline IT provider sustains a cyber attack. Dinah David helps us prevent account takeover attacks. Our guest is Troy Hunt from NordVPN. And criminals hack other criminals. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/43 Learn more about your ad choices.

Fri, 27 Mar 2020 19:54:30 -0000

Some notes on cyber gangland. South Koren APT using zero days against North Koreans? USB attacks. Telework challenges. CMMC remains on schedule.

-
Ransomware gangs dont seem to be trimming their activities for the greater good. TA505 and Silence identified as the groups behind recent attacks on European companies. An APT possibly connected to South Korea is linked to attacks on North Korean professionals. A criminal campaign of USB attacks is reported. Problems with VPNs and teleconferencing. The Pentagons CMMC will move forward on schedule. Rob Lee from Dragos on ICS resiliency in the face of Coronavirus, guest is James Dawson from Danske Bank on the unique challenges of IT Risk & Controls in global banking. For links to all of today's stories

Zero Days Related Cybersecurity Podcasts

Cyber Security Headlines

Apple Airplay-Enabled Devices Can Be Hacked, Google tracked 75 zero days, France ties Russian APT28 hackers to 12 cyberattacks

Pwn2Own Toronto winners, EDR data wipers, MuddyWater's new campaign

Microsoft Zero days, Lazarus attacks Dell, NSA employee caught

Cybersecurity Today

iCloud Calendar Invites Disguise New Phishing Campaigns

CyberWire Daily

OneView gives attackers the full tour.

The CyberWire: The 12 Days of Malware. [Special edition]

Taking aim at cybercrime.

Its always DNS, but that may just be FUD.

The CyberWire: The 12 Days of Malware. [Special Edition]

Bringing AI up rightrealizing its potential without its becoming a threat. (And how deepfakes might be an informational fleet-in-being.)

Anatsa Trojan's new capabilities. Third-party breach hits airlines. Gas station blues. Whats up with the Internet Research Agency? Infrastructure threats. And DDoS grows more sophisticated.

The CyberWire: The 12 Days of Malware.[Special Editions]

Updated mitigations for ProxyNotShell. Lloyds investigates cyber incident. Killnet hits US state government sites. Election security. Credential theft. Verdict in Uber breach case.

Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat.

A public-private conference takes up open source software security at the White House. MuddyWater attributed to Iran. Espionage and ransomware arrests.

The CyberWire: The 12 Days of Malware.

Official online channels hijacked in separate US, Philippine incidents. Update on MosesStaff, a ransomware group interested in politics, not profit. Costco breach. Ryuk money-laundering case.

SUNSHUTTLE backdoor described. What the Exchange Server campaign was after. Misconfigured clouds. Airline IT service provided attacked. Criminal-on-criminal crime.

Some notes on cyber gangland. South Koren APT using zero days against North Koreans? USB attacks. Telework challenges. CMMC remains on schedule.

Hacking Humans

The CyberWire: The 12 Days of Malware.[Special Editions]

The CyberWire: The 12 Days of Malware.

Phoenix Cast

MoveIT, Looney Tunables, iPhone zero days, state of DEVOPS

Risky Business

Risky Business #770 -- A Russian IR guy discovers extremely cool spookware