Microsoft Related Podcasts - PodGrabber.com

All In Podcast

---

Microsoft CEO Satya Nadella on AI's Business Revolution: What Happens to SaaS, OpenAI, and Microsoft? | LIVE from Davos Play Episode
(0:00) Jason and Sacks welcome Microsoft CEO Satya Nadella (1:31) Future of AI copilots and agents, impact on white collar work (8:01) How Microsoft has scaled revenue and profits with flat headcount (10:50) The extreme competition in AI: Microsoft, xAI, Google, OpenAI, Anthropic (12:39) Views on diffusion, how the US tech stack can win globally (19:59) OpenAI deal, owning the IP, thoughts on open-source winning AI, Microsoft's AI stack,do they need a foundation model? (26:08) What SaaS adoption looks like in the age of AI Follow Satya: https://x.com/satyanadella Follow the besties: https://x.com/chamath https://x.com/Jason https://x.com/DavidSacks https://x.com/friedberg Follow on X: https://x.com/theallinpod Follow...

Iran's Breaking Point, Trump's Greenland Acquisition, and Solving Energy Costs Play Episode
(0:00) Bestie intros! (4:18) Iran's breaking point: regime change coming? (14:28) Solving energy prices: Microsoft first hyperscaler to "pay its own way" and subsidize residential electric costs (31:18) OpenAI's compute deal with Cerebras, the renaissance in decode silicon (35:09) Billionaire backlash in California: Wealth Tax exodus (56:13) Greenland acquisition: Why it's crucial Follow the besties: https://x.com/chamath https://x.com/Jason https://x.com/DavidSacks https://x.com/friedberg Follow on X: https://x.com/theallinpod Follow on Instagram: https://www.instagram.com/theallinpod Follow on TikTok: https://www.tiktok.com/@theallinpod Follow on LinkedIn: https://www.linkedin.com/company/allinpod Intro Music Credit: https://rb.gy/tppkzl https://x.com/yung_spielburg Intro Video Credit https://x.com/TheZachEffect Referenced in the show: https://polymarket.com/event/khamenei-out-as-supreme-leader-of-iran-by-january-31 https://polymarket.com/event/will-the-iranian-regime-fall-by-the-end-of-2026 https://home.treasury.gov/news/press-releases/sb0364 https://truthsocial.com/@realDonaldTrump/posts/115884759090137876 https://www.ft.com/content/3f392c9b-c07d-42f5-b000-0a7347ad1ec0 https://www.wsj.com/tech/ai/openai-forges-multibillion-dollar-computing-partnership-with-cerebras-746a20e4 https://www.theinformation.com/briefings/openai-signs-compute-deal-worth-least-10-billion-chipmaker-cerebras?rc=f8fu8f https://x.com/chamath/status/2011486582386106387 https://x.com/friedberg/status/2011703965143220457 https://x.com/chamath/status/2011197387830935777 https://polymarket.com/event/will-trump-acquire-greenland-before-2027 https://x.com/chamath/status/2011197387830935777

AI Doom vs Boom, EA Cult Returns, BBB Upside, US Steel and Golden Votes Play Episode
(0:00) Bestie intros! (1:25) The AI Doomer Ecosystem: goals, astroturfing, Biden connections, effective altruist rebrand, global AI regulation (25:17) Doom vs Boom in AI: Job Destruction or Abundance? (52:44) Big, Beautiful Bill cleanup and upside: DOGE angle, CBO issues (1:17:14) US Steel/Nippon Steel deal: national champions and golden votes Follow the besties: https://x.com/chamath https://x.com/Jason https://x.com/DavidSacks https://x.com/friedberg Follow on X: https://x.com/theallinpod Follow on Instagram: https://www.instagram.com/theallinpod Follow on TikTok: https://www.tiktok.com/@theallinpod Follow on LinkedIn: https://www.linkedin.com/company/allinpod Intro Music Credit: https://rb.gy/tppkzl https://x.com/yung_spielburg Intro Video Credit: https://x.com/TheZachEffect Referenced in the show: https://nypost.com/2025/05/28/business/ai-could-cause-bloodbath-for-white-collar-jobs-spike-unemployment-to-20-anthropic-ceo https://polymarket.com/event/us-enacts-ai-safety-bill-in-2025 https://www.aipanic.news/p/the-ai-existential-risk-industrial https://www.semafor.com/article/05/30/2025/anthropic-emerges-as-an-adversary-to-trumps-big-bill https://x.com/nypost/status/1760623631283954027 https://www.telegraph.co.uk/news/2024/02/23/google-gemini-ai-images-wrong-woke https://www.thefp.com/p/ex-google-employees-woke-gemini-culture-broken https://www.campusreform.org/article/biden-admins-new-ai-executive-order-prioritizes-dei/24312 https://x.com/chamath/status/1927847516500009363 https://www.cnbc.com/2025/05/13/microsoft-is-cutting-3percent-of-workers-across-the-software-company.html https://x.com/DavidSacks/status/1927796514337746989 https://x.com/StephenM/status/1926715409807397204 https://x.com/neilksethi/status/1926981646718206243 https://thehill.com/opinion/finance/5320248-the-bond-market-is-missing-the-real-big-beautiful-story https://x.com/chamath/status/1928536987558105122...

Dueling Presidential interviews, SpaceX's big catch, Robotaxis, Uber buying Expedia?, Nuclear NIMBY Play Episode
(0:00) Bestie intros (2:01) Polls vs Prediction markets, dueling interviews, election update (16:06) Tesla's Robotaxi event and SpaceX's Starship catch (27:36) Uber reportedly looking into acquiring Expedia (45:19) Nuclear Vibe Shift? Big tech is looking toward nuclear solutions to power AI (1:11:10) Lawfare from the California Coastal Commission Follow the besties: https://x.com/chamath https://x.com/Jason https://x.com/DavidSacks https://x.com/friedberg Follow on X: https://x.com/theallinpod Follow on Instagram: https://www.instagram.com/theallinpod Follow on TikTok: https://www.tiktok.com/@theallinpod Follow on LinkedIn: https://www.linkedin.com/company/allinpod Intro Music Credit: https://rb.gy/tppkzl https://x.com/yung_spielburg Intro Video Credit: https://x.com/TheZachEffect Referenced in the show: https://polymarket.com/event/presidential-election-winner-2024?tid=1729285428575 https://x.com/elonmusk/status/1846826782797799580 https://x.com/collinrugg/status/1845472475322462468 https://x.com/SawyerMerritt/status/1839424008900477354 https://www.ft.com/content/94a25bf7-e62b-462a-a4f0-e4feb6e244f7 https://www.google.com/finance/quote/EXPE:NASDAQ https://companiesmarketcap.com/expedia/revenue https://x.com/Jason/status/1847016512583786921 https://www.cnbc.com/2024/10/16/amazon-goes-nuclear-investing-more-than-500-million-to-develop-small-module-reactors.html https://www.cnbc.com/2024/10/14/google-inks-deal-with-nuclear-company-as-data-center-power-demand-surges.html https://www.cnbc.com/2024/09/20/constellation-energy-to-restart-three-mile-island-and-sell-the-power-to-microsoft.html https://www.politico.com/news/2024/10/16/california-coastal-commission-elon-musk-00184017

In conversation with Reid Hoffman & Robert F. Kennedy Jr. Play Episode
(0:00) Bestie intros: Buttons are back for fall (1:48) Reid Hoffman joins the show, reminiscing on PayPal stories with Sacks (7:52) State of AI: Nvidia, cluster buildouts, competition (19:51) OpenAI's corporate structure and thoughts on Elon's lawsuit (29:09) Inflection AI's deal structure with Microsoft, Lina Khan's impact on the tech industry (41:27) Reid's perspective on Kamala being hot swapped for Biden, funding groups that attempted to keep RFK Jr. off ballots (52:02) Reid's thoughts on growing antisemitism (55:03) Thoughts on Kamala's economic proposals: price caps, wealth tax, etc. (1:04:19) How Silicon Valley views both candidates, why Reid funded legal action...

Presidential Debate Reaction, Biden Hot Swap?, Tech unemployment, OpenAI considers for-profit & more Play Episode
(0:00) Bestie intros! (1:54) Debate recap and analysis: Hot swap incoming? (16:53) Subverting democracy, power grab, Democratic party shakeup (36:43) Why tech job postings are down significantly from pre-COVID levels (42:43) OpenAI considering for-profit conversion (54:11) The problem with safety-focused AI startups (1:03:20) EU charges Microsoft with antitrust violations for bundling Teams into Office Follow the besties: https://twitter.com/chamath https://twitter.com/Jason https://twitter.com/DavidSacks https://twitter.com/friedberg Follow on X: https://twitter.com/theallinpod Follow on Instagram: https://www.instagram.com/theallinpod Follow on TikTok: https://www.tiktok.com/@all_in_tok Follow on LinkedIn: https://www.linkedin.com/company/allinpod Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://www.predictit.org/markets/detail/7057/Who-will-win-the-2024-Democratic-presidential-nomination https://polymarket.com/event/will-biden-drop-out-of-presidential-race?tid=1719589320811 https://youtu.be/R6hJh-OwoZw https://x.com/KellyO/status/1806505436457189594 https://x.com/WesternLensman/status/1806660589315658003 https://x.com/stoolpresidente/status/1806496453545586779 https://fred.stlouisfed.org/series/IHLIDXUSTPSOFTDEVE https://www.theinformation.com/articles/openai-ceo-says-company-could-become-benefit-corporation-akin-to-rivals-anthropic-xai https://www.bloomberg.com/news/articles/2024-06-19/openai-co-founder-plans-new-ai-focused-research-lab https://www.youtube.com/watch?v=YMnkqY98Cyo...

DOJ targets Nvidia, Meme stock comeback, Trump fundraiser in SF, Apple/OpenAI, Texas stock market Play Episode
(0:00) Besties intros! (2:10) Responding to recent media coverage (17:58) DOJ/FTC strike deal to target Nvidia, OpenAI, and Microsoft (32:40) Meme stocks are back: Keith Gill aka Roaring Kitty resurfaces, disclosing nine figure position in GameStop (58:36) Citadel and BlackRock back TXSE to take on NYSE and Nasdaq (1:02:34) Apple to announce OpenAI iPhone deal at WWDC (1:09:07) Science Corner: Alarming ocean temps continue, what to expect for hurricane season Follow the besties: https://twitter.com/chamath https://twitter.com/Jason https://twitter.com/DavidSacks https://twitter.com/friedberg Follow on X: https://twitter.com/theallinpod Follow on Instagram: https://www.instagram.com/theallinpod Follow on TikTok: https://www.tiktok.com/@all_in_tok Follow on LinkedIn: https://www.linkedin.com/company/allinpod Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video...

E171: DOJ sues Apple, AI arms race, Reddit IPO, Realtor settlement & more Play Episode
(0:00) Bestie Intros: Don't spoil Dune 2! (0:55) DOJ drops antitrust suit on Apple (23:36) Apple reportedly in talks with Google and OpenAI to power AI features on iPhone (32:17) NAR settlement: how it impacts residential real estate going forward (44:30) Microsoft's "Shadow Acquihire" of Inflection AI (48:43) How the besties would deploy $40B in AI as a sovereign wealth fund (1:01:57) Reddit IPO: is risk-on back? (1:07:17) Science Corner(s): Universe expansion, first pig kidney transplant in human, Neuralink Follow the besties: https://twitter.com/chamath https://twitter.com/Jason https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect...

E116: Toxic out-of-control trains, regulators, and AI Play Episode
(0:00) Bestie intros, poker recap, charity shoutouts! (8:34) Toxic Ohio train derailment (25:30) Lina Khan's flawed strategy and rough past few weeks as FTC Chair; rewriting Section 230 (57:27) AI chatbot bias and problems: Bing Chat's strange answers, jailbreaking ChatGPT, and more DONATE: https://www.humanesociety.org/news/going-big-beagles https://www.beastphilanthropy.org/donate Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://techcrunch.com/2023/02/10/mrbeasts-blindness-video-puts-systemic-ableism-on-display https://doomberg.substack.com/p/railroaded https://www.usatoday.com/story/news/2023/02/14/norfolk-southerns-ohio-train-derailment-emblematic-rail-trends/11248956002 https://www.bloomberg.com/news/features/2023-02-15/zantac-cancer-risk-data-was-kept-quiet-by-manufacturer-glaxo-for-40-years https://www.foxnews.com/video/6320573959112 https://www.wsj.com/articles/why-im-resigning-from-the-ftc-commissioner-ftc-lina-khan-regulation-rule-violation-antitrust-339f115d https://fedsoc.org/commentary/fedsoc-blog/gonzalez-google-and-section-230-all-on-the-same-side https://www.investopedia.com/section-230-definition-5207317 https://www.usatoday.com/story/news/2023/02/14/norfolk-southerns-ohio-train-derailment-emblematic-rail-trends/11248956002 https://twitter.com/elonmusk/status/1626097497109311495 https://chat.openai.com/chat https://twitter.com/Jason/status/1626091654120894464 https://politiquerepublic.substack.com/p/chatgpt-is-democrat-propoganda https://www.bbc.com/news/technology-35902104 https://www.nytimes.com/2023/02/16/technology/bing-chatbot-microsoft-chatgpt.html https://unusualwhales.com/news/openais-chatgpt-has-reportedly-predicted-that-the-stock-market-will-crash-on-march-15-2023 https://www.history.com/news/josef-stalin-great-purge-photo-retouching https://www.hollywoodreporter.com/business/business-news/ec-funds-france-build-google-106934 https://www.nytimes.com/2008/03/21/technology/21iht-quaero24.html

E115: The AI Search Wars: Google vs. Microsoft, Nordstream report, State of the Union Play Episode
0:00 Bestie intro! 1:49 Report about US involvement in the destruction of Nordstream pipelines, breaking away from the military-industrial complex 28:26 Bestie refresh! 33:13 The AI Search Wars: Microsoft presses hard, Google's rough week 45:06 Sundar's next move: How should Google counterpunch? Google's troubled business model, will we see successful lawsuits over training data? 1:12:41 Will generative AI commodify enterprise SaaS? If so, what happens to VC returns? 1:31:14 Disappointing State of the Union, precarious situation between debt, taxes, and entitlements Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video...

E113: DOJ tries to break up Google, vaccine questions, Ukraine escalation & more Play Episode
(0:00) David Sacks does bestie intros! (2:49) DOJ sues Google over ads business (23:09) EU probes Microsoft over Slack complaint based on "bundling" Teams (40:27) Pfizer CEO grilled at Davos, studies questioning vaccine effectiveness (1:12:14) Ukraine escalation: US to send tanks and warms to Crimea invasion, reconstruction costs, and more (1:22:39) Science Corner: Will we soon be able to reverse aging? Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://thebulletin.org/2023/01/press-release-doomsday-clock-set-at-90-seconds-to-midnight https://www.nytimes.com/2023/01/24/us/doomsday-clock-midnight.html https://www.wsj.com/articles/u-s-sues-google-for-alleged-antitrust-violations-in-its-ad-tech-business-11674582792 https://blog.google/outreach-initiatives/public-policy/doj-ad-tech-lawsuit-response https://noahpinion.substack.com/p/would-breaking-up-google-really-do https://thehustle.co/12232022-ad-spend https://www.adweek.com/programmatic/advertisers-sweet-tooth-fades-with-many-unfazed-by-googles-latest-cookie-removal-delay https://www.politico.eu/article/microsoft-european-union-antitrust-video-calls-software-giant https://twitter.com/rebelnewsonline/status/1615770518606561282 https://www.ahajournals.org/doi/10.1161/CIRCULATIONAHA.122.061025 https://www.nature.com/articles/s41467-022-31401-5 https://www.seacoastonline.com/story/opinion/columns/2022/01/29/kerr-covid-vaccines-anti-vaxxers-should-reject-hospital-beds-too/9246198002/ https://www.cnn.com/videos/media/2021/12/05/marcus-lamb-death-covid-19-vaccines-rs-vpx.cnn https://www.ncbi.nlm.nih.gov/pmc/articles/PMC9451592...

E111: Microsoft to invest $10B in OpenAI, generative AI hype, America's over-classification problem Play Episode
(0:00) Bestie intro! (0:43) Reacting to Slate's article on All-In (11:18) SF business owner caught spraying homeless person on camera (29:22) Microsoft to invest $10B into OpenAI with unique terms, generative AI VC hype cycle (1:09:57) Biden's documents, America's over-classification problem (1:27:16) Best cabinet positions/ambassadorships Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://twitter.com/mattyglesias/status/1613135006272045056 https://www.epsilontheory.com/gell-mann-amnesia https://slate.com/technology/2023/01/all-in-podcast-elon-musk-david-sacks-jason-calacanis-chamath-palihapitiya-david-friedberg.html https://newrepublic.com/article/168125/david-sacks-elon-musk-peter-thiel https://twitter.com/BettyKPIX/status/1613080547022229504 https://www.bloomberg.com/news/articles/2023-01-12/bankers-bet-millions-on-sovereign-debt-deals-tied-to-green-goals https://fortune.com/2023/01/11/structure-openai-investment-microsoft https://www.ft.com/content/6670acad-8a5b-4c4a-b6a8-48dc307b6d4d https://openai.com/blog/introducing-openai https://ai.facebook.com/tools/pytorch https://fairuse.stanford.edu/overview/fair-use/four-factors https://fred.stlouisfed.org/series/USAPEFANA

E93: Twitter whistleblower, cloud security vulnerabilities, student debt forgiveness & more Play Episode
0:00 Bestie intros! 1:25 Twitter's former head of security makes allegations against the company 22:08 Foreign countries placing government agents in US tech companies, cloud security vulnerabilities 33:54 Student loan forgiveness 1:03:25 Red wave or red ripple? 1:07:57 Science corner: Gut microbiome, fecal transplants Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://www.washingtonpost.com/technology/interactive/2022/twitter-whistleblower-sec-spam https://www.npr.org/2022/08/23/1119071586/twitter-whistleblower-complaint-elon-musk-security-bots-fake-users https://www.cnn.com/2022/08/23/tech/twitter-whistleblower-peiter-zatko-security/index.html https://time.com/6207996/twitter-whistleblower-allegations/ https://twitter.com/DavidSacks/status/1562179576800763904 https://twitter.com/DavidSacks/status/1562179705322684416 https://www.reuters.com/world/india/india-forced-twitter-put-agent-payroll-whistleblower-says-2022-08-23 https://twitter.com/elonmusk/status/1562105413977493504 https://www.dailymaverick.co.za/article/2022-08-24-musk-gets-a-potential-boost-with-twitter-whistle-blowers-claims-2 https://www.cnn.com/2022/08/23/tech/twitter-whistleblower-peiter-zatko-security/index.html https://www.zuckermanlaw.com/sp_faq/largest-sec-whistleblower-awards https://blogs.microsoft.com/on-the-issues/2021/06/30/the-need-for-legislative-reform-on-secrecy-orders https://theliberalpatriot.substack.com/p/the-democrats-shifting-coalition https://fortune.com/2022/08/24/biden-changing-income-driven-repayment-plan-student-debt-borrowers https://twitter.com/LHSummers/status/1562040653432999936 https://www.socialcapital.com/ideas/2021-annual-letter https://www.cookpolitical.com/analysis/house/2022-primaries/red-wave-looks-more-ripple https://www.cell.com/cell/pdf/S0092-8674(22)00919-9.pdf https://grow.google

E67: Revisiting Rogan, Canadian truckers' protest, fusion breakthrough, $MSFT's savvy move & more Play Episode
0:00 Bestie Intro: Phil Hellmuth found a new billionaire 1:30 Chamath's new camera positioning 3:58 Revisiting the Joe Rogan/Spotify situation, racism claims, and the video controversy 30:04 Canadian truckers' "Freedom Convoy": root causes, impact, what is this turning into? 45:00 Nuclear fusion breakthrough: Friedberg shares thoughts and theories on what this could mean for the future of energy and life on Earth 54:15 Contrarian energy trade, Chamath's Big Tech play morphing into a long-term investment 1:01:01 Microsoft's savvy "burn it down" app store strategy, US income not keeping up with inflation, consumer sentiment getting worse, opening up and getting back...

E66: $FB's major pullback, Rogan/Spotify mess, Xi/Putin meetup and understanding supply chain issues with Bestie Guestie Ryan Petersen (Flexport CEO) Play Episode
0:00 Sacks' shining moment 2:34 Bestie Guestie Ryan Petersen joins to break down the supply chain situation: core issues, solutions, things to look out for 45:49 $FB's major pullback: causes, headwinds, and why going all-in on the Metaverse might have been a "frothy market mistake" 55:28 Breaking down the competition in the "XR Wars": Meta, Apple, Microsoft and Google; why a phone might have been a better $10B/year bet for Facebook, Google's strategic brilliance 1:09:14 Spotify's Joe Rogan situation: positions, speech rights, division amongst free speech 1:23:08 Reflection on Baby Boomers' transition from radically free speech and anti-government to authoritarian,...

E65: VC markup dynamics, Russia/US tensions over Ukraine, Altos Labs raises $3B, Stripe mafia & more Play Episode
0:00 Chamath's preferred cosplay 1:35 Reflecting on bad investment decisions and markup dynamics 15:20 Rising tensions between US and Russia over Ukraine, Putin's demands, NATO negotiations as the underreported key piece, Obama's savvy Russia dealings 39:16 Bill Ackman buys the Netflix dip, Tesla and Microsoft crush earnings, the Fed signals rate hikes 55:18 Altos Labs raises $3B in the largest Seed round ever, incredible Yamanaka factors breakthrough, dynamics of a richly capitalized bio-moonshot 1:04:08 The Stripe Mafia, Bolt CEO punches up, reflecting on old emails Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit:...

E54: Spread trading big tech, capital allocation, Zillow's misfire, Progressives suffer losses Play Episode
Show Notes: 0:00 Besties do a Microsoft-themed intro 7:53 Spread trading big tech, amazing power of Google and Microsoft 17:28 Sacks speaks about Bird going public from the NYSE, understanding distributions and evergreen funds, why Friedberg went the startup studio route 30:36 How DAOs fit in to the capital allocation landscape, the balance of consumer-facing products and infrastructure solutions for web 3.0 35:24 Zillow's iBuying implosion 46:05 Wokelash: Progressive democrats take huge hit on election day 2021, what are American voters looking for? 1:14:57 New CO2 to starch conversion discovered by Chinese researchers, future climate incentives Follow the besties: https://twitter.com/chamath...

E53: Wealth tax, dealing with inflation as a capital allocator, big tech earnings, Facebook's rebrand, paternity leave & more Play Episode
0:00 Bestie intro, child update, Joe Lonsdale's take on paternity leave 20:44 Proposed "Wealth Tax" 35:13 Inflation discussion: corporate and government reactions 52:30 Dealing with inflation as a capital allocator 58:49 Big Tech's outrageous quarterly earnings, why Google is the best business ever, Facebook's "Meta" rebrand Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://twitter.com/JTLonsdale/status/1453399478254379008 https://www.npr.org/sections/money/2019/02/26/698057356/if-a-wealth-tax-is-such-a-good-idea-why-did-europe-kill-theirs https://www.treasury.gov/resource-center/data-chart-center/interest-rates/pages/textview.aspx?data=yield https://www.npr.org/2021/10/28/1049980529/starbucks-and-costco-raising-wages-in-the-nationwide-competition-for-workers https://fred.stlouisfed.org/series/GFDEGDQ188S https://markets.businessinsider.com/news/currencies/crypto-investor-turned-8000-into-5-billion-buying-shiba-inu-2021-10 https://www.bloomberg.com/news/articles/2021-10-29/tesla-s-tsla-hidden-billionaire-how-one-retail-investor-made-7-billion https://finance.yahoo.com/quote/TOST/ https://www.wsj.com/articles/microsoft-overtakes-apple-as-most-valuable-company-11635516976 https://abc.xyz/investor/static/pdf/2021Q3_alphabet_earnings_release.pdf?cache=f1ba3f6 https://twitter.com/Jason/status/1450108244915937284 https://www.theverge.com/22743744/facebook-teen-usage-decline-frances-haugen-leaks https://vm.tiktok.com/TTPdYPqdJ6/

E50: Crypto investing deep dive, Facebook's whistleblower fallout, Chappelle's new special & more Play Episode
Show Notes: 0:00 Mercury is in retrograde & impacting the besties 2:01 Sacks on Solana, sophisticated crypto strategies, crypto deep dive 26:23 Building regulatory framework for utility tokens, institutional money in crypto 40:59 Facebook whistleblower, potential ramifications & regulation 57:10 Comparing potential Facebook regulation to Microsoft regulation in the 1990s 1:02:34 Is decentralization a solution for social media? 1:09:09 Chappelle's controversial new special, All-In summit & more Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Intro Video Credit: https://twitter.com/TheZachEffect Referenced in the show: https://coinmarketcap.com https://www.bitgo.com/newsroom/press-releases/galaxy-digital-to-acquire-bitgo https://www.coindesk.com/policy/2021/09/30/fed-chair-powell-says-he-has-no-intention-of-banning-crypto/ https://www.bitwiseinvestments.com https://www.bloomberg.com/news/features/2021-10-07/crypto-mystery-where-s-the-69-billion-backing-the-stablecoin-tether https://twitter.com/KariyaKanav/status/1446207805220917252 https://www.ledgerinsights.com/sec-gensler-calls-out-utility-tokens-in-european-crypto-asset-briefing/ https://techcrunch.com/2021/10/06/fantasy-equity-nft-game-wants-you-to-spend-real-money-buying-fake-shares-of-real-startups/...

E27: The Great Inflation Debate, Amazon gets spicy on Twitter, rethinking supply chains & more Play Episode
Sacks' Inflation Deck: https://docs.google.com/presentation/d/1vBeh__Kyf57jfhWPOQXaU64VdLaowQBAHwXjBzuVSPs/edit?usp=sharing Follow the besties: https://twitter.com/chamath https://linktr.ee/calacanis https://twitter.com/DavidSacks https://twitter.com/friedberg Follow the pod: https://twitter.com/theallinpod https://linktr.ee/allinpodcast Intro Music Credit: https://rb.gy/tppkzl https://twitter.com/yung_spielburg Referenced in the show: Tweets https://twitter.com/davehclark/status/1375045409542823939 https://twitter.com/BernieSanders/status/1374901873484967938 https://twitter.com/Mat_Yarger/status/1374212541367345155 https://twitter.com/Mat_Yarger/status/1375163739759116297 https://twitter.com/Jason/status/1375488265915002883 https://twitter.com/chamath/status/1375244032230625281 https://twitter.com/DavidSacks/status/1375283834711777282 https://twitter.com/chamath/status/1375484528559448064 Bitclout https://rb.gy/sjtjzy Show Notes: 0:00 Besties get ready to rumble & discuss recent Twitter polls 7:25 Debating inflation, Sacks presents his deck 37:20 Amazon social team goes on the offensive, Facebook's regulatory capture play around content moderation 48:42 Suez Canal, rethinking our centralized infrastructure & supply chain risk management, infrastructure bill concerns 1:00:18 Microsoft in talks to buy Discord for $10B, Sacks on SaaS exits from...

Application Security PodCast

---

Dr. Jared Demott -- Cloud Security & Bug Bounty Play Episode
Chris and Robert are thrilled to have an insightful conversation with Dr. Jared Demott, a seasoned expert in the field of cybersecurity. The discussion traverses a range of topics, from controversial opinions on application security to the practical aspects of managing bug bounty programs in large corporations like Microsoft.We dive into the technicalities of bug bounty programs, exploring how companies like Microsoft handle the influx of reports and the importance of such programs in a comprehensive security strategy. Dr. Demott provides valuable insights into the evolution of bug classes and the never-ending challenge of addressing significant bug types, emphasizing that...

Kim Wuyts -- The Future of Privacy Threat Modeling Play Episode
Kim Wuyts discusses her work in privacy threat modeling with LINDDUN, a framework inspired by Microsoft's STRIDE for security threat modeling. LINDDUN provides a structure to analyze privacy threats across multiple categories such as linking, detecting data disclosure, and unawareness. The framework has been updated over the years to incorporate new knowledge and developments in privacy, and it has become recognized as a go-to approach for privacy threat modeling.Kim believes that privacy and security can be combined and highlights the importance of protecting individuals' rights and data while securing systems and assets.Privacy by design, which focuses on reducing unnecessary data...

Adam Shostack -- Fast, cheap and good threat models Play Episode
Adam is a leading expert on threat modeling, and a consultant, expert witness, author and game designer. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft. While not consulting or training, Shostack serves as an advisor to a variety of companies and academic institutions. Adam joins us to talk about fast, cheap, and good threat models. We discuss how Adam defines these categories, the weight of threat modeling, questionnaires/requirements, expertise, and how to make threat modeling conversational. We hope you enjoy this conversation with...Adam Shostack.FOLLOW OUR...

Loren Kohnfelder -- Designing Secure Software Play Episode
Loren Kohnfelder has over 20 years of experience in the security industry. At Microsoft, he was a key contributor to STRIDE, the industrys first formalized proactive security process methodology, and also program-managed the .NET platform security effort. At Google, he worked as a software engineer on the Security team and as a founding member of the Privacy team. Loren joins us to talk about his new book, Designing Secure Software. We start the conversation geeking out about his work to create STRIDE and digital certificates. We then discuss facets of the book, like secure software, security design review, and what...

Steve Lipner The Past, Present, and Future of SDL Play Episode
Steve Lipner is a pioneer in cybersecurity, approaching 50 years experience. He retired in 2015 from Microsoft where he was the creator and long-time leader of Microsofts Security Development Lifecycle (SDL) team. While at Microsoft, Steve also created initiatives to encourage industry adoption of secure development practices and the SDL and served as a member and chair of the SAFECode board. Steve joins us to talk about all things SDL, and I must say, I was super excited for this interview, with way too many questions for someone who was there on day 1 of Secure Development Lifecycle. We hope...

Glenn Leifheit -- An Inner Glimpse of the Microsoft SDL Play Episode
This is our second interview at ISC2 Security Congress. We are joined by Glenn Leifheit (@gleifhe), an InfoSec and Development Evangelist at Microsoft. Microsoft is the grandparent to almost every secure development lifecycle across the industry.This is an in-depth discussion about how actually to do SDL. Glenn shares some things during this conversation that Ive never heard about the internals of Microsofts SDL process in public. You will take something away from this conversation to apply to your program.Enjoy!FOLLOW OUR SOCIAL MEDIA: Twitter: @AppSecPodcastLinkedIn: The Application Security PodcastYouTube: https://www.youtube.com/@ApplicationSecurityPodcast Thanks for Listening! ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Bloomberg Technology

---

AI Spending Delivers Mixed Results to Stocks Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss AI capital expenditures after Meta, Microsoft and Tesla all reported raising spend in their earnings. Plus, Apple is set to release results after the bell with investors focused on holiday sales and memory costs. And, Amazon reported hundreds of thousands of pieces of content it believed included child sexual abuse material, which it found in data gathered to improve its AI models.See omnystudio.com/listener for privacy information.

Meta Shifts to AI Devices From Metaverse Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Meta’s plans to double the output of its Ray-Ban AI-glasses as it pivots away from the metaverse. Plus, Microsoft pledges to pay electricity rates that will cover costs for its data centers, seeking to quell consumer anxiety over power prices. And, Klarna CEO Sebastian Siemiatkowski weighs in on President Trump’s call for a one-year 10% interest rate cap on credit cards.See omnystudio.com/listener for privacy information.

Nvidia Wins US Approval to Sell H200 Chips to China Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss President Trump’s decision to allow Nvidia to ship its H200 AI chip to China, in exchange for a 25% surcharge. Plus, the battle for Warner Bros. heats up, as antitrust concerns swirl around both Netflix’s and Paramount Skydance’s offers. And Microsoft is committing $17.5 billion over four years to help build India's cloud and AI infrastructure.See omnystudio.com/listener for privacy information.

Microsoft, Nvidia Commit $15 Billion to OpenAI Rival Play Episode
Bloomberg’s Caroline Hyde breaks down what’s behind Microsoft’s and Nvidia’s commitment to invest up to $15 billion combined in AI startup Anthropic. Plus, Saudi Arabia's Crown Prince visits the White House with discussions expected on chips, tech investments and AI innovation. And Roblox CEO Dave Baszucki talks about the roll out of age-verification tools as the gaming platform works to increase safety for users.See omnystudio.com/listener for privacy information.

Tech Earnings Show Heavy AI Spending Continuing Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss earnings from Alphabet, Microsoft and Meta as Apple and Amazon prepare to report after the bell. Plus, Roblox CEO David Baszucki discusses the platform’s user growth which added to the company’s costs. And President Trump and China's Xi Jinping discussed trade and chips during a meeting in South Korea.See omnystudio.com/listener for privacy information.

Nvidia Becomes First $5 Trillion Firm, Lifted by AI Boom Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Nvidia’s impact on the market as the chipmaker becomes the first $5 trillion firm off the back of its GTC event. Plus, Alphabet, Microsoft and Meta are all set to report results after the closing bell today. And AI startup Character.AI will ban kids from having conversations with chatbots on its platform.See omnystudio.com/listener for privacy information.

OpenAIs For-Profit Path Cleared Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss OpenAI’s agreement to give Microsoft a 27% stake in the startup as part of a restructuring plan that clears the path for the ChatGPT maker to become a for-profit business. Plus, the chair of Tesla’s board of directors talks about efforts to convince investors to approve the proposed $1 trillion compensation package for Elon Musk. And Nvidia plans to make a $1 billion equity investment in Nokia, this as Nvidia’s GTC conference gets underway in DC.See omnystudio.com/listener for privacy information.

Qualcomm Takes Aim at Nvidia with New Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Qualcomm’s jump into the AI data center market with new chips and computers that could challenge Nvidia. Plus, investors prepare for a big week of tech earnings with Microsoft, Google, Meta, Amazon and Apple all reporting. And Crusoe CEO Chase Lochmiller discusses the AI data center startup’s new $10 billion valuation.See omnystudio.com/listener for privacy information.

ASML Earnings Signal AI Demand Holding Strong Play Episode
Bloomberg’s Caroline Hyde breaks down ASML’s earnings as the AI boom continues to fuel demand for its cutting-edge chip-making machines. Plus, deals to develop data centers just keep coming, among them Microsoft and UK startup NScale inking a fourth deal. And Apple updates its top-of-the-line iPad Pro and other products with its own in-house chip.See omnystudio.com/listener for privacy information.

OpenAI Becomes Worlds Largest Startup Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss OpenAI becoming the largest startup after it closed a deal allowing current and former employees to sell shares at a $500 billion valuation. Plus, Tesla's vehicle sales jumped to a worldwide record in the third quarter as US buyers got in before US tax credits expired. And Microsoft has inked more than $33 billion in commitments to neocloud providers, as it aims to cope with a shortage of AI data center capacity.See omnystudio.com/listener for privacy information.

China Tells Companies to Stop Buying Nvidia Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss reports that China's internet watchdog has told Alibaba, ByteDance and others to terminate orders for an Nvidia AI chip. Plus, Microsoft, OpenAI and other US tech giants announce plans to spend tens of billions on AI infrastructure in the UK, as President Trump conducts a state visit. And StubHub CEO Eric Baker joins the show as shares of the ticket reseller begin trading publicly.See omnystudio.com/listener for privacy information.

Bloomberg Tech Live From Apple's WWDC Event Play Episode
Caroline Hyde in New York and Ed Ludlow in Cupertino, California break down Apple's biggest product launch event of the year. Analysts join live from Apple Park to discuss details of the company's iPhone 17 and other new devices. And in other news: Microsoft and Europe's Nebius strike a massive infrastructure deal worth as much as $19.4 billion.See omnystudio.com/listener for privacy information.

US and China Trade Talks Impact Tech Ecosystem Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss ongoing trade talks between the US and China taking place in Stockholm and how those could affect AI and the sale of rare earths. Plus, for the first time ever, Apple is shuttering a retail store in China. And Microsoft and OpenAI are in advanced talks to change the partnership that helped kick off the AI boom.See omnystudio.com/listener for privacy information.

Samsung Inks $16.5B Deal with Tesla for AI Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Tesla’s plans to buy AI chips from Samsung in a new deal worth $16.5 billion. Plus, the US and EU reach a trade agreement that will see the European bloc face a 15% tariff on its exports, including cars and chips. And investors prepare for a busy week of tech earnings, as Microsoft, Meta, Apple, and Amazon all get ready to report results.See omnystudio.com/listener for privacy information.

US AI Action Plan Targets Rapid Data Center Growth Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the newly released U.S. AI Action Plan, which centers on open-source development and aims to expand national data center capacity. Plus, the US National Nuclear Security Administration is among the organizations targeted by hackers exploiting a Microsoft SharePoint flaw. And, Tesla, Alphabet, and IBM are among the companies releasing earnings after markets close.See omnystudio.com/listener for privacy information.

Microsoft Points to Chinese Hackers in SharePoint Breach Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the latest update in the Microsoft SharePoint hacking. Plus, OpenAI and Oracle announce plans to expand US data center capacity. And semiconductor maker NPX fails to impress investors with its third-quarter forecast.See omnystudio.com/listener for privacy information.

Microsoft SharePoint Hack, Musks Wild Business Bets Play Episode
Bloomberg’s Caroline Hyde discusses the hack of Microsoft SharePoint software that could impact tens of thousands of organizations. Plus, investors prepare for more second-quarter tech earnings. And Elon Musk’s wild bets and his feud with President Trump are creating challenges for his business empire.See omnystudio.com/listener for privacy information.

Teslas Sales Fall but Investor Support Stays Strong Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the drop in Tesla’s second-quarter sales. Plus, Foxconn pulls Chinese workers from India in a blow to Apple. And Microsoft plans a second large round of layoffs as it looks to spend more on artificial intelligence.See omnystudio.com/listener for privacy information.

Nvidia Shrugs Off China Concerns With Upbeat Forecast Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Nvidia surpassing Microsoft as the most valuable company, after investors shrugged off concerns about China-related curbs. Plus, Informatica’s CEO explains what is driving Salesforce's $8 billion acquisition of the company. And Tesla targets June 12 to launch its robotaxi service in Austin, as Elon Musk steps back from his government role.See omnystudio.com/listener for privacy information.

Microsoft and Meta Allay Investors Tariff Fears; A Court Deals Apple an Epic Blow Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Microsoft’s and Meta’s earnings beats. Plus, Carolina Milanesi, President and Principal Analyst at Creative Strategies, explains what investors are waiting to hear from Apple when the iPhone maker reports results. Andy McLoughlin, Managing Partner at Uncork Capital, also joins to talk about the firm's new $300 million fund and its search for the next big AI startup.See omnystudio.com/listener for privacy information.

Intel Appoints New CEO, FTC Moves Ahead With Microsoft Antitrust Probe Play Episode
Bloomberg's Caroline Hyde and Jackie Davalos discuss the news pushing Intel shares higher. And, we hear from SuRo Capital CEO Mark Klein about how market volatility could impact one of the year's hotly anticipated IPOs. Plus, OpenAI asks the White House for relief from state AI rules.See omnystudio.com/listener for privacy information.

Apple's Big US Investment, Musk's Federal Worker Orders Play Episode
Bloomberg's Caroline Hyde and Jackie Davalos break down Apple's $500 billion investment in the US and the company's plans to boost hiring as it seeks relief from President Trump's tariffs. Plus, TD Cowen analysts say Microsoft is cancelling some leases for US data center capacity, and Elon Musk's emails asking federal workers to justify their jobs is dividing the Trump administration.See omnystudio.com/listener for privacy information.

Bonus Episode: Tesla, Meta and Microsoft Earnings Play Episode
Bloomberg's Carol Massar and Tim Stenovec discuss the latest Big Tech earnings featuring Tesla, Meta and Microsoft. They speak with: Bloomberg Intelligence Senior Technology Analyst Mandeep Singh Bloomberg Technology Co-Host Caroline Hyde James Cakmak, Technology Analyst at Clockwise Capital Bloomberg Intelligence Senior Technology Analyst Anurag Rana See omnystudio.com/listener for privacy information.

ASML's Record Surge, Microsoft Investigates DeepSeek Code Play Episode
Bloomberg's Caroline Hyde and Mike Shepard discuss ASML's record surge as it sees sustained AI demand. And, Microsoft and OpenAI are investigating whether OpenAI code was obtained in an unauthorized way for a group linked to DeepSeek. Plus, a conversation with T-Mobile CEO Mike Sievert after posting a fourth quarter earnings beat and a secret partnership with Apple to implement SpaceX's Starlink service.See omnystudio.com/listener for privacy information.

Digesting DeepSeek's AI Impact Play Episode
Bloomberg's Caroline Hyde and Mike Shepard discuss the ripple effect of DeepSeek's AI turmoil as the tech sector and markets digest the implications of cheaper and more accessible AI. And, we speak with the Chief AI scientist of Hugging Face on the future of open-sourced AI models. Plus, could Microsoft be on the verge of acquiring TikTok's US arm?See omnystudio.com/listener for privacy information.

Intel Looks Outside the Box, Microsoft Faces FTC Troubles Play Episode
Bloomberg's Caroline Hyde discusses Intel's latest hunt for a new CEO as they look outside of the company. And, Microsoft faces a broad FTC probe over its operating system, cybersecurity and potential generative AI dominance. Plus, we hear from AWS CEO Matt Garman as the company expands its new chip arrays and large language models to compete with the likes of Nvidia.See omnystudio.com/listener for privacy information.

Big Tech Earnings, Reid Hoffman and the Election Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's and Meta's earnings results, dragging the market lower. They also sit down with the CFO of Doordash after the company posted its first operating profit since the pandemic, and with LinkedIn co-founder and Kamala Harris supporter Reid Hoffman ahead of the election.See omnystudio.com/listener for privacy information.

Apple's iPhone Hits Stores and Microsoft's AI Power Needs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Apple's iPhone 16 sales as the product hits stores today - without the crucial AI features. Plus, Microsoft's AI power needs prompt the revival of a dormant reactor, and we hear from Salesforce CEO Marc Benioff and from the company's head of ventures.See omnystudio.com/listener for privacy information.

The Fed Decides, Microsoft and BlackRock Team Up Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what to expect from the upcoming Fed decision. Plus, Microsoft and BlackRock plan to launch a $30 billion AI investment fund, and EU judges overturn Google's $1.7 billion antitrust fine.See omnystudio.com/listener for privacy information.

Intel's Amazon Deal and Musk's Super PAC Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Intel's deal with Amazon after postponing expansion plans in Germany, and Elon Musk expands his support for Republicans by donating millions to back the GOP in key congressional races. Plus, Microsoft boosts its dividend and unveils a $60 billion buyback plan, and we hear from co-founder Bill Gates as he tackles a different $3 trillion problem.See omnystudio.com/listener for privacy information.

AMD's AI Chip Sales Boost and Microsoft Azure's Slowing Growth Play Episode
Bloomberg's Ed Ludlow sits down with the CEOs of AMD, T-Mobile and Pinterest as tech earnings move into full swing. Plus, full coverage of Microsoft as Azure's slowing growth tests investors' patience, and the US spares ASML and Tokyo Electron from chip curbs.See omnystudio.com/listener for privacy information.

Microsoft and AMD Earnings, and Nvidia and Meta CEOs Discuss AI Play Episode
Bloomberg's Ed Ludlow pushes ahead to Microsoft and AMD earnings as Big Tech flirts with a correction. Plus, the CEOs of Nvidia and Meta discuss the future of AI, and a Tesla analyst narrowly avoids a car accident while testing Full Self Driving.See omnystudio.com/listener for privacy information.

Tesla's Deliveries and Microsoft's AI Deal with the UAE's G42 Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Tesla's delivery numbers beating estimates despite posting its second consecutive drop in quarterly deliveries. Plus, Microsoft's AI deal with the UAE's G42 raises national security concerns, and AWS CEO Matt Garman sits down for a live interview as he wraps up his first month on the job.See omnystudio.com/listener for privacy information.

TSMC and ASML's China Invasion Plan; Microsoft's New Team Co-Pilot Play Episode
Bloomberg's Caroline Hyde breaks down the news that TSMC and ASML can remotely shut their equipment in the event of an invasion. Plus, Microsoft launches a new Team Co-Pilot AI tool. And, actress Scarlett Johansson pushes back against OpenAI and the eerily similar Sky voice.See omnystudio.com/listener for privacy information.

Intel Slides on Outlook, Google and Microsoft See AI Demand, Lime Expands E-Fleet Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow sit down with Intel CEO Pat Gelsinger as shares fall on its tepid outlook. Plus, AI demand sends shares of Microsoft and Google soaring after strong earnings results. And, Uber-backed Lime expands its fleet of e-scooters globally.See omnystudio.com/listener for privacy information.

Bonus Daybreak Special: Google, Microsoft Earnings with Gene Munster and Dan Ives Play Episode
Microsoft and Google parent Alphabet are both on the rise after delivering results that suggest their investments in artificial intelligence and cloud computing are starting to pay off. For more on the results Bloomberg's Nathan Hager caught up with Gene Munster, managing partner at Deepwater Asset Management and Dan Ives, Senior Equity Analyst at Wedbush Securities.See omnystudio.com/listener for privacy information.

Meta Shares Plunge, Microsoft-Backed Rubrik Goes Public, ServiceNow CEO on Earnings Play Episode
Bloomberg's Ed Ludlow breaks down a disappointing earnings report from Meta that weighed on the technology sector. Plus, the CEO of Rubrik joins to discuss the company's initial public offering. And, the CEO of ServiceNow joins to break down the company's earnings results.See omnystudio.com/listener for privacy information.

Microsoft and the UAEs G42 Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's plan to invest $1.5 billion in the UAE's top AI firm, G42, as the US government pushes the Abu Dhabi business to end all cooperation with China. Plus, a conversation with the EU's Commissioner for Financial Services in San Francisco.See omnystudio.com/listener for privacy information.

Tesla's Deliveries Expectations and Rubrik's IPO Plans Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at what to expect from Tesla's deliveries report as analysts slash estimates with the quarter coming to a close. Plus, more momentum in the IPO market as Microsoft-backed Rubrik says it is ready to file for its initial public offering.See omnystudio.com/listener for privacy information.

Microsoft and Alphabet's AI Struggle, Musk's Pay Package Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how Microsoft, Alphabet and AMD can prove themselves down the road after they struggle to Meet AI expectations in their earnings reports. Plus, a Delaware judge voids Tesla CEO Elon Musk's compensation package.See omnystudio.com/listener for privacy information.

Alphabet and Microsoft earnings, Neuralink's Brain Implant Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow look ahead to Alphabet, AMD, Microsoft earnings and the impact of AI on their earnings. Plus, Elon Musk's Neuralink puts its brain implant technology in its first patient.See omnystudio.com/listener for privacy information.

Intel Plunges Post-Earnings and the FTC's Big Tech Probe Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Intel's plunge after disappointing investors with its forecast. Plus, Alphabet, Amazon and Microsoft face FTC probes over their investments and partnerships with AI companies.See omnystudio.com/listener for privacy information.

Microsoft, Labor Unions and OpenAI Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's 'historic' alliance on artificial intelligence with labor unions. Plus, global regulators examine Microsoft's $13 billion investment in OpenAI, and the EU strikes a deal to regulate ChatGPT and AI.See omnystudio.com/listener for privacy information.

Microsoft, OpenAI and UK Regulators Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why OpenAI and Microsoft's partnership is facing potential antitrust scrutiny in the UK. Plus, EU negotiators continue to debate rules for AI.See omnystudio.com/listener for privacy information.

Bonus Episode: Microsoft CEO Satya Nadella Talks to Bloomberg Play Episode
Microsoft CEO Satya Nadella sits down with Bloomberg's Emily Chang to discuss the turmoil surrounding OpenAI and the ouster of Sam Altman from the company.See omnystudio.com/listener for privacy information.

Microsoft's Chips and Starlink's 2024 IPO Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at Microsoft's custom-designed AI and cloud chips and what the move means for the company and competitors. Plus, SpaceX plans to spin off its Starlink unit for a public listing in 2024, and Presidents Biden and Xi meet in San Francisco.See omnystudio.com/listener for privacy information.

Google, Microsoft, Snap Report and Qualcomm Unveils New Processor Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the day's biggest tech earnings. Plus, a conversation with the CEO of Qualcomm as the chip firm unveils it's latest processor.See omnystudio.com/listener for privacy information.

Israel-Hamas War, Microsoft and Activision Close the Deal Play Episode
Bloomberg's Ed Ludlow looks at the latest updates from the Israel-Hamas war and speaks with Israel's first ever chief technology officer. Plus, Activision CEO Bobby Kotick joins to discuss the $69B Microsoft-Activision deal finally closing after nearly two years of fighting for approval.See omnystudio.com/listener for privacy information.

UK Watchdog Probes Amazon and Microsoft Cloud Play Episode
Bloombergs Caroline Hyde breaks down why the UKs antitrust watchdog launched an investigation into Amazon and Microsofts cloud services on concerns they could be abusing market power. Plus, a look into crypto hedge fund Alameda Research and Caroline Ellisons role on Day 2 of the historic FTX fraud trial.See omnystudio.com/listener for privacy information.

Microsoft CEO at Google Trial and Tesla's Delivery Numbers Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the latest updates from Google's antitrust trial as Microsoft CEO Satya Nadella takes the stand. Plus, they get a read on the state of the EV industry as Tesla and Rivian report third quarter numbers.See omnystudio.com/listener for privacy information.

Meta Connect and the FTC's Big Tech Fights Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what to expect from Meta Connect as analysts watch for the company's generative AI and VR plans. Plus, the FTC revives its challenge against the Microsoft-Activision deal just a day after its landmark antitrust suit against Amazon.See omnystudio.com/listener for privacy information.

Microsoft's Activision Takeover and UAW Strike Expansion Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at Microsoft poised to clear its final hurdle for its $69 billion takeover of Activision Blizzard. Plus: the UAW expands its strike against GM and Stellantis as talks progress with Ford, and Apple's iPhone 15 hits shelves around the world.See omnystudio.com/listener for privacy information.

FTC vs. Amazon and Starfield Launches Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow zoom in on the FTC gearing up to sue Amazon this month after a four-year antitrust investigation into the company. Plus, after years in development, Microsoft's highly anticipated Starfield hits the marketplace to rave reviews.See omnystudio.com/listener for privacy information.

Arm Files for its IPO, Zoom CFO on Earnings & Microsoft's Final Activision Push Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow discuss Arm's filing for its IPO which will be the biggest of 2023. Plus, Zoom CFO Kelly Steckelberg joins to discuss the video-conferencing company's earnings. And, Microsoft pushes to get its Activision deal done by submitting a new bid to the CMA in the UK.See omnystudio.com/listener for privacy information.

Robotaxis Expand and Microsoft Gets Probed Play Episode
Bloomberg's Ed Ludlow breaks down a court ruling siding in favor of robotaxis expanding in San Francisco and discusses with Cruise CEO Kyle Vogt. Plus, a look at a government probe including Microsoft's role in suspected Chinese hacking of government officials.See omnystudio.com/listener for privacy information.

Microsoft Sinks, Alphabet Spikes, Meta Next to Report Play Episode
Bloomberg's Caroline Hyde breaks down earnings results from tech giants, including Microsoft, Alphabet and Snap. Plus, a preview of Meta's results and the company's cost cutting initiatives. And, a discussion on Elon Musks grand vision to turn Twitter into a one-stop shop for financial services.See omnystudio.com/listener for privacy information.

UK's CMA on the Microsoft Deal and Big Tech's AI Safeguards Play Episode
Bloomberg's Caroline Hyde breaks down the latest on Microsoft and Activision as UK regulators reject claims they're bowing to pressure to clear the deal. Plus, Big Tech commits to safeguards for AI at the White House's request.See omnystudio.com/listener for privacy information.

Microsoft and Activision Deadline Extended, Netflix Earnings Preview Play Episode
Bloomberg's Caroline Hyde breaks down why Microsoft and Activision extended their deadline for closing the $69 billion dollar deal as they seek approval in the UK. Plus, how the password crackdown and the actor strikes are impacting Netflix's business.See omnystudio.com/listener for privacy information.

Microsoft-Activision Deal Nears Finish Line, and China Chip Curbs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's Activision acquisition getting close to the finish line as a court deadline approaches. Plus, chip CEOs meet with White House officials to push back on new restrictions threatening sales to China.See omnystudio.com/listener for privacy information.

Microsoft's UK Talks and Hollywood's Actors on Strike Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how Microsoft is clearing the final hurdle in its $69 billion takeover of Activision in the UK. Plus, a look at the sticking points in the strikes that have shut down Hollywood and the role of AI there. See omnystudio.com/listener for privacy information.

The FTC Loses to Microsoft and Hollywood Actors Go on Strike Play Episode
Bloomberg's Caroline Hyde breaks down how the FTC lost its request to temporarily block Microsoft from acquiring Activision Blizzard. Plus, Hollywood actors join writers in their strike, bringing productions of films to a standstill amid the first simultaneous walkout since 1960.See omnystudio.com/listener for privacy information.

Microsoft's Activision Deal and Meta's Threads Play Episode
Bloomberg's Caroline Hyde breaks down the latest on Microsoft's $69b deal for Activision as the companies get a new shot at winning over the UK on the acquisition. Plus, how Meta's Threads could add $8 billion dollars in revenue within the next two years. See omnystudio.com/listener for privacy information.

Microsoft Gets Green Light to Buy Activision Play Episode
Bloomberg's Caroline Hyde breaks down the ramifications of Microsoft winning US court approval to move forward with its $69 billion dollar deal for Activision Blizzard. Plus, Ed Ludlow reports live from Sun Valley, Idaho as billionaires descend on the mountains for their annual gathering.See omnystudio.com/listener for privacy information.

TSMC's AI Boost and the Microsoft-Activision Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how the AI hype cycle is helping TSMC shares, and the fate of Microsoft's $69 billion-dollar takeover of Activision Blizzard. Plus, Meta's newest social app Threads tops 100 million users in less than 5 days.See omnystudio.com/listener for privacy information.

Twitter Under EU Scrutiny and Tech Execs Meet with Biden Play Episode
Bloomberg's Ed Ludlow breaks down the EU's warning to Twitter on disinformation. Plus, the CEOs of Apple, Google, Microsoft and OpenAI dine with President Biden and India's Prime Minister, and Ed takes a ride in a Waymo.See omnystudio.com/listener for privacy information.

The Crypto Market and AI's Impact on Jobs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the state of the crypto market and how artificial intelligence is changing the labor force. Plus, how Silicon Valley is playing catch up with Microsoft in the AI space.See omnystudio.com/listener for privacy information.

Marcelo Claure's New Venture and Microsoft's Activision Blizzard Takeover Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow sit down with Marcelo Claure as he launches a new venture firm focused on Latin America. Plus, more hurdles facing the Microsoft's $69 billion takeover of Activision Blizzard.See omnystudio.com/listener for privacy information.

EU Greenlights Microsoft/Activision Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the EU's decision to allow Microsoft's $69 billion takeover of Activision Blizzard. Plus, Linda Yaccarino prepares to take the helm of Twitter, and C3 AI beats analyst expectations.See omnystudio.com/listener for privacy information.

Meta's Results and Activision CEO Reacts to UK Halting Microsoft Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Meta's results and push ahead to Amazon's earnings report after the bell. Plus, our interview with the CEO of Activision Blizzard as the UK halts the $69 billion gaming deal with Microsoft.See omnystudio.com/listener for privacy information.

Microsoft Activision Deal in UK and RSA Conference Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what the UK's ruling on the Microsoft/Activision deal means for the future of big tech M&A. Plus, what's being talked about at the RSA cyber security conference in San Francisco.See omnystudio.com/listener for privacy information.

Look Ahead to Alphabet and Microsoft Earnings Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Spotify's earnings results and discuss what to expect from the upcoming Alphabet and Microsoft earnings. Plus, what the EU's new content moderation rules mean for Twitter.See omnystudio.com/listener for privacy information.

The AI Arms Race and Apple's India Sales Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why Samsung is considering replacing Google with Microsoft's Bing as the default search engine on its devices. Plus, Apple's sales in India ramp up, and Netflix apologizes after traffic issues around the 'Love Is Blind' live reunion.See omnystudio.com/listener for privacy information.

TikTok, the US and China, and Microsoft's Activision Deal in the UK Play Episode
Bloomberg's Caroline Hyde dives deeper into US-China relations as tensions simmer following the TikTok CEO's testimony on the Hill. Plus, Microsoft's $69 billion Activision deal gets a boost from the UK.See omnystudio.com/listener for privacy information.

BONUS EPISODE: Interview with Microsoft CEO Satya Nadella Play Episode
Artificial Intelligence is coming to Microsoft Word, PowerPoint and Outlook, in the form of new AI assistants called Copilots. Microsoft CEO Satya Nadella joins Bloomberg's Emily Chang to discuss the new technology.See omnystudio.com/listener for privacy information.

Microsoft's AI-Powered Bing and Arm's Revenue Increase Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the AI race heating up - from Baidu to Google to Microsoft, just out with a new OpenAI-powered Bing search engine. Plus, how Arm has been able to buck the trend and defy the chip downturn.See omnystudio.com/listener for privacy information.

Microsoft Rises after 2Q Beat, the DOJ Sues Google Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's quarterly earnings beating analyst estimates. Plus, a look at why eight states along with the Justice Department are suing to break up Google's ad business.See omnystudio.com/listener for privacy information.

Microsoft Backs ChatGPT, Elliott Invests in Salesforce Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's $10 billion bet on OpenAI. Plus, Elliott's multibillion dollar stake in Salesforce and a peak into what Apple's mixed reality headset is capable of.See omnystudio.com/listener for privacy information.

Microsoft and Amazon Downsize Staff Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the latest tech layoffs out of Microsoft and Amazon. Plus, Texas universities ban access to TikTok from their WiFi networks, and Twitter auctions some of its office items.See omnystudio.com/listener for privacy information.

The FTC's War on Big Tech Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the FTC now seeking to block Microsoft's acquisition of Activision Blizzard, and what's new in the case of Meta's acquisition of Within. Plus, why pressure is building on Elon Musk and his bankers.See omnystudio.com/listener for privacy information.

Elon Musk vs SF Mayor and the FTX Warning Signs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why Elon Musk is feuding with the city of San Francisco over makeshift bedrooms in the Twitter office. Plus, a look at FTX's warning signs, and Microsoft meeting the FTC on its Activision deal.See omnystudio.com/listener for privacy information.

Google Earnings and Bilt Rewards Play Episode
Bloomberg's Caroline Hyde, in for Emily Chang, breaks down the latest from Google's and Microsoft's earnings results. Plus, a look at Bilt Rewards' latest valuation and mission, and Matt Levine's "Story of Crypto" in the latest Bloomberg Businessweek edition.See omnystudio.com/listener for privacy information.

Microsoft CEO on Productivity and Dreamforce in San Francisco Play Episode
Bloomberg's Ed Ludlow breaks down the news of the day and presents two interviews from anchor Emily Chang with Microsoft CEO Satya Nadella on productivity monitoring, and Salesforce's Marc Benioff on Dreamforce coming back in person in San Francisco.See omnystudio.com/listener for privacy information.

Netflix, Microsoft Team Up Play Episode
Emily Chang gets a breakdown of Netflix's partnership with Microsoft, as both companies delve into the advertising space. Plus, IBM CEO Arvind Krishna explains the importance of Congress' CHIPS Act; and Unity Software CEO John Riccitiello justifies his company's $4.4 billion acquisition of mobile ad giant ironSource.See omnystudio.com/listener for privacy information.

Musk and Twitter Day 2 and Microsoft, Google Earnings (Podcast) Play Episode
Bloomberg's Emily Chang breaks down Microsoft's and Google's earnings results and dives deeper into Musk's purchase of Twitter and what it means for free speech. Plus, a look at Finnish wearable tech startup Oura.See omnystudio.com/listener for privacy information.

War for Tech Talent & Information Play Episode
Bloomberg's Emily Chang covers Russia's war on information. Plus, Microsoft's work shifting survey - and how the war for talent rages on in a rapidly evolving work environment, with an exclusive interview of Box CEO Aaron Levie. Learn more about your ad-choices at https://www.iheartpodcastnetwork.comSee omnystudio.com/listener for privacy information.

Bloomberg Technology

---

AI Spending Delivers Mixed Results to Stocks Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss AI capital expenditures after Meta, Microsoft and Tesla all reported raising spend in their earnings. Plus, Apple is set to release results after the bell with investors focused on holiday sales and memory costs. And, Amazon reported hundreds of thousands of pieces of content it believed included child sexual abuse material, which it found in data gathered to improve its AI models.See omnystudio.com/listener for privacy information.

Meta Shifts to AI Devices From Metaverse Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Meta’s plans to double the output of its Ray-Ban AI-glasses as it pivots away from the metaverse. Plus, Microsoft pledges to pay electricity rates that will cover costs for its data centers, seeking to quell consumer anxiety over power prices. And, Klarna CEO Sebastian Siemiatkowski weighs in on President Trump’s call for a one-year 10% interest rate cap on credit cards.See omnystudio.com/listener for privacy information.

Nvidia Wins US Approval to Sell H200 Chips to China Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss President Trump’s decision to allow Nvidia to ship its H200 AI chip to China, in exchange for a 25% surcharge. Plus, the battle for Warner Bros. heats up, as antitrust concerns swirl around both Netflix’s and Paramount Skydance’s offers. And Microsoft is committing $17.5 billion over four years to help build India's cloud and AI infrastructure.See omnystudio.com/listener for privacy information.

Microsoft, Nvidia Commit $15 Billion to OpenAI Rival Play Episode
Bloomberg’s Caroline Hyde breaks down what’s behind Microsoft’s and Nvidia’s commitment to invest up to $15 billion combined in AI startup Anthropic. Plus, Saudi Arabia's Crown Prince visits the White House with discussions expected on chips, tech investments and AI innovation. And Roblox CEO Dave Baszucki talks about the roll out of age-verification tools as the gaming platform works to increase safety for users.See omnystudio.com/listener for privacy information.

Tech Earnings Show Heavy AI Spending Continuing Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss earnings from Alphabet, Microsoft and Meta as Apple and Amazon prepare to report after the bell. Plus, Roblox CEO David Baszucki discusses the platform’s user growth which added to the company’s costs. And President Trump and China's Xi Jinping discussed trade and chips during a meeting in South Korea.See omnystudio.com/listener for privacy information.

Nvidia Becomes First $5 Trillion Firm, Lifted by AI Boom Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Nvidia’s impact on the market as the chipmaker becomes the first $5 trillion firm off the back of its GTC event. Plus, Alphabet, Microsoft and Meta are all set to report results after the closing bell today. And AI startup Character.AI will ban kids from having conversations with chatbots on its platform.See omnystudio.com/listener for privacy information.

OpenAIs For-Profit Path Cleared Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss OpenAI’s agreement to give Microsoft a 27% stake in the startup as part of a restructuring plan that clears the path for the ChatGPT maker to become a for-profit business. Plus, the chair of Tesla’s board of directors talks about efforts to convince investors to approve the proposed $1 trillion compensation package for Elon Musk. And Nvidia plans to make a $1 billion equity investment in Nokia, this as Nvidia’s GTC conference gets underway in DC.See omnystudio.com/listener for privacy information.

Qualcomm Takes Aim at Nvidia with New Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Qualcomm’s jump into the AI data center market with new chips and computers that could challenge Nvidia. Plus, investors prepare for a big week of tech earnings with Microsoft, Google, Meta, Amazon and Apple all reporting. And Crusoe CEO Chase Lochmiller discusses the AI data center startup’s new $10 billion valuation.See omnystudio.com/listener for privacy information.

ASML Earnings Signal AI Demand Holding Strong Play Episode
Bloomberg’s Caroline Hyde breaks down ASML’s earnings as the AI boom continues to fuel demand for its cutting-edge chip-making machines. Plus, deals to develop data centers just keep coming, among them Microsoft and UK startup NScale inking a fourth deal. And Apple updates its top-of-the-line iPad Pro and other products with its own in-house chip.See omnystudio.com/listener for privacy information.

OpenAI Becomes Worlds Largest Startup Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss OpenAI becoming the largest startup after it closed a deal allowing current and former employees to sell shares at a $500 billion valuation. Plus, Tesla's vehicle sales jumped to a worldwide record in the third quarter as US buyers got in before US tax credits expired. And Microsoft has inked more than $33 billion in commitments to neocloud providers, as it aims to cope with a shortage of AI data center capacity.See omnystudio.com/listener for privacy information.

China Tells Companies to Stop Buying Nvidia Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss reports that China's internet watchdog has told Alibaba, ByteDance and others to terminate orders for an Nvidia AI chip. Plus, Microsoft, OpenAI and other US tech giants announce plans to spend tens of billions on AI infrastructure in the UK, as President Trump conducts a state visit. And StubHub CEO Eric Baker joins the show as shares of the ticket reseller begin trading publicly.See omnystudio.com/listener for privacy information.

Bloomberg Tech Live From Apple's WWDC Event Play Episode
Caroline Hyde in New York and Ed Ludlow in Cupertino, California break down Apple's biggest product launch event of the year. Analysts join live from Apple Park to discuss details of the company's iPhone 17 and other new devices. And in other news: Microsoft and Europe's Nebius strike a massive infrastructure deal worth as much as $19.4 billion.See omnystudio.com/listener for privacy information.

US and China Trade Talks Impact Tech Ecosystem Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss ongoing trade talks between the US and China taking place in Stockholm and how those could affect AI and the sale of rare earths. Plus, for the first time ever, Apple is shuttering a retail store in China. And Microsoft and OpenAI are in advanced talks to change the partnership that helped kick off the AI boom.See omnystudio.com/listener for privacy information.

Samsung Inks $16.5B Deal with Tesla for AI Chips Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Tesla’s plans to buy AI chips from Samsung in a new deal worth $16.5 billion. Plus, the US and EU reach a trade agreement that will see the European bloc face a 15% tariff on its exports, including cars and chips. And investors prepare for a busy week of tech earnings, as Microsoft, Meta, Apple, and Amazon all get ready to report results.See omnystudio.com/listener for privacy information.

US AI Action Plan Targets Rapid Data Center Growth Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the newly released U.S. AI Action Plan, which centers on open-source development and aims to expand national data center capacity. Plus, the US National Nuclear Security Administration is among the organizations targeted by hackers exploiting a Microsoft SharePoint flaw. And, Tesla, Alphabet, and IBM are among the companies releasing earnings after markets close.See omnystudio.com/listener for privacy information.

Microsoft Points to Chinese Hackers in SharePoint Breach Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the latest update in the Microsoft SharePoint hacking. Plus, OpenAI and Oracle announce plans to expand US data center capacity. And semiconductor maker NPX fails to impress investors with its third-quarter forecast.See omnystudio.com/listener for privacy information.

Microsoft SharePoint Hack, Musks Wild Business Bets Play Episode
Bloomberg’s Caroline Hyde discusses the hack of Microsoft SharePoint software that could impact tens of thousands of organizations. Plus, investors prepare for more second-quarter tech earnings. And Elon Musk’s wild bets and his feud with President Trump are creating challenges for his business empire.See omnystudio.com/listener for privacy information.

Teslas Sales Fall but Investor Support Stays Strong Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss the drop in Tesla’s second-quarter sales. Plus, Foxconn pulls Chinese workers from India in a blow to Apple. And Microsoft plans a second large round of layoffs as it looks to spend more on artificial intelligence.See omnystudio.com/listener for privacy information.

Nvidia Shrugs Off China Concerns With Upbeat Forecast Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Nvidia surpassing Microsoft as the most valuable company, after investors shrugged off concerns about China-related curbs. Plus, Informatica’s CEO explains what is driving Salesforce's $8 billion acquisition of the company. And Tesla targets June 12 to launch its robotaxi service in Austin, as Elon Musk steps back from his government role.See omnystudio.com/listener for privacy information.

Microsoft and Meta Allay Investors Tariff Fears; A Court Deals Apple an Epic Blow Play Episode
Bloomberg’s Caroline Hyde and Ed Ludlow discuss Microsoft’s and Meta’s earnings beats. Plus, Carolina Milanesi, President and Principal Analyst at Creative Strategies, explains what investors are waiting to hear from Apple when the iPhone maker reports results. Andy McLoughlin, Managing Partner at Uncork Capital, also joins to talk about the firm's new $300 million fund and its search for the next big AI startup.See omnystudio.com/listener for privacy information.

Intel Appoints New CEO, FTC Moves Ahead With Microsoft Antitrust Probe Play Episode
Bloomberg's Caroline Hyde and Jackie Davalos discuss the news pushing Intel shares higher. And, we hear from SuRo Capital CEO Mark Klein about how market volatility could impact one of the year's hotly anticipated IPOs. Plus, OpenAI asks the White House for relief from state AI rules.See omnystudio.com/listener for privacy information.

Apple's Big US Investment, Musk's Federal Worker Orders Play Episode
Bloomberg's Caroline Hyde and Jackie Davalos break down Apple's $500 billion investment in the US and the company's plans to boost hiring as it seeks relief from President Trump's tariffs. Plus, TD Cowen analysts say Microsoft is cancelling some leases for US data center capacity, and Elon Musk's emails asking federal workers to justify their jobs is dividing the Trump administration.See omnystudio.com/listener for privacy information.

Bonus Episode: Tesla, Meta and Microsoft Earnings Play Episode
Bloomberg's Carol Massar and Tim Stenovec discuss the latest Big Tech earnings featuring Tesla, Meta and Microsoft. They speak with: Bloomberg Intelligence Senior Technology Analyst Mandeep Singh Bloomberg Technology Co-Host Caroline Hyde James Cakmak, Technology Analyst at Clockwise Capital Bloomberg Intelligence Senior Technology Analyst Anurag Rana See omnystudio.com/listener for privacy information.

ASML's Record Surge, Microsoft Investigates DeepSeek Code Play Episode
Bloomberg's Caroline Hyde and Mike Shepard discuss ASML's record surge as it sees sustained AI demand. And, Microsoft and OpenAI are investigating whether OpenAI code was obtained in an unauthorized way for a group linked to DeepSeek. Plus, a conversation with T-Mobile CEO Mike Sievert after posting a fourth quarter earnings beat and a secret partnership with Apple to implement SpaceX's Starlink service.See omnystudio.com/listener for privacy information.

Digesting DeepSeek's AI Impact Play Episode
Bloomberg's Caroline Hyde and Mike Shepard discuss the ripple effect of DeepSeek's AI turmoil as the tech sector and markets digest the implications of cheaper and more accessible AI. And, we speak with the Chief AI scientist of Hugging Face on the future of open-sourced AI models. Plus, could Microsoft be on the verge of acquiring TikTok's US arm?See omnystudio.com/listener for privacy information.

Intel Looks Outside the Box, Microsoft Faces FTC Troubles Play Episode
Bloomberg's Caroline Hyde discusses Intel's latest hunt for a new CEO as they look outside of the company. And, Microsoft faces a broad FTC probe over its operating system, cybersecurity and potential generative AI dominance. Plus, we hear from AWS CEO Matt Garman as the company expands its new chip arrays and large language models to compete with the likes of Nvidia.See omnystudio.com/listener for privacy information.

Big Tech Earnings, Reid Hoffman and the Election Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's and Meta's earnings results, dragging the market lower. They also sit down with the CFO of Doordash after the company posted its first operating profit since the pandemic, and with LinkedIn co-founder and Kamala Harris supporter Reid Hoffman ahead of the election.See omnystudio.com/listener for privacy information.

Apple's iPhone Hits Stores and Microsoft's AI Power Needs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Apple's iPhone 16 sales as the product hits stores today - without the crucial AI features. Plus, Microsoft's AI power needs prompt the revival of a dormant reactor, and we hear from Salesforce CEO Marc Benioff and from the company's head of ventures.See omnystudio.com/listener for privacy information.

The Fed Decides, Microsoft and BlackRock Team Up Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what to expect from the upcoming Fed decision. Plus, Microsoft and BlackRock plan to launch a $30 billion AI investment fund, and EU judges overturn Google's $1.7 billion antitrust fine.See omnystudio.com/listener for privacy information.

Intel's Amazon Deal and Musk's Super PAC Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Intel's deal with Amazon after postponing expansion plans in Germany, and Elon Musk expands his support for Republicans by donating millions to back the GOP in key congressional races. Plus, Microsoft boosts its dividend and unveils a $60 billion buyback plan, and we hear from co-founder Bill Gates as he tackles a different $3 trillion problem.See omnystudio.com/listener for privacy information.

AMD's AI Chip Sales Boost and Microsoft Azure's Slowing Growth Play Episode
Bloomberg's Ed Ludlow sits down with the CEOs of AMD, T-Mobile and Pinterest as tech earnings move into full swing. Plus, full coverage of Microsoft as Azure's slowing growth tests investors' patience, and the US spares ASML and Tokyo Electron from chip curbs.See omnystudio.com/listener for privacy information.

Microsoft and AMD Earnings, and Nvidia and Meta CEOs Discuss AI Play Episode
Bloomberg's Ed Ludlow pushes ahead to Microsoft and AMD earnings as Big Tech flirts with a correction. Plus, the CEOs of Nvidia and Meta discuss the future of AI, and a Tesla analyst narrowly avoids a car accident while testing Full Self Driving.See omnystudio.com/listener for privacy information.

Tesla's Deliveries and Microsoft's AI Deal with the UAE's G42 Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Tesla's delivery numbers beating estimates despite posting its second consecutive drop in quarterly deliveries. Plus, Microsoft's AI deal with the UAE's G42 raises national security concerns, and AWS CEO Matt Garman sits down for a live interview as he wraps up his first month on the job.See omnystudio.com/listener for privacy information.

TSMC and ASML's China Invasion Plan; Microsoft's New Team Co-Pilot Play Episode
Bloomberg's Caroline Hyde breaks down the news that TSMC and ASML can remotely shut their equipment in the event of an invasion. Plus, Microsoft launches a new Team Co-Pilot AI tool. And, actress Scarlett Johansson pushes back against OpenAI and the eerily similar Sky voice.See omnystudio.com/listener for privacy information.

Intel Slides on Outlook, Google and Microsoft See AI Demand, Lime Expands E-Fleet Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow sit down with Intel CEO Pat Gelsinger as shares fall on its tepid outlook. Plus, AI demand sends shares of Microsoft and Google soaring after strong earnings results. And, Uber-backed Lime expands its fleet of e-scooters globally.See omnystudio.com/listener for privacy information.

Bonus Daybreak Special: Google, Microsoft Earnings with Gene Munster and Dan Ives Play Episode
Microsoft and Google parent Alphabet are both on the rise after delivering results that suggest their investments in artificial intelligence and cloud computing are starting to pay off. For more on the results Bloomberg's Nathan Hager caught up with Gene Munster, managing partner at Deepwater Asset Management and Dan Ives, Senior Equity Analyst at Wedbush Securities.See omnystudio.com/listener for privacy information.

Meta Shares Plunge, Microsoft-Backed Rubrik Goes Public, ServiceNow CEO on Earnings Play Episode
Bloomberg's Ed Ludlow breaks down a disappointing earnings report from Meta that weighed on the technology sector. Plus, the CEO of Rubrik joins to discuss the company's initial public offering. And, the CEO of ServiceNow joins to break down the company's earnings results.See omnystudio.com/listener for privacy information.

Microsoft and the UAEs G42 Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's plan to invest $1.5 billion in the UAE's top AI firm, G42, as the US government pushes the Abu Dhabi business to end all cooperation with China. Plus, a conversation with the EU's Commissioner for Financial Services in San Francisco.See omnystudio.com/listener for privacy information.

Tesla's Deliveries Expectations and Rubrik's IPO Plans Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at what to expect from Tesla's deliveries report as analysts slash estimates with the quarter coming to a close. Plus, more momentum in the IPO market as Microsoft-backed Rubrik says it is ready to file for its initial public offering.See omnystudio.com/listener for privacy information.

Microsoft and Alphabet's AI Struggle, Musk's Pay Package Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how Microsoft, Alphabet and AMD can prove themselves down the road after they struggle to Meet AI expectations in their earnings reports. Plus, a Delaware judge voids Tesla CEO Elon Musk's compensation package.See omnystudio.com/listener for privacy information.

Alphabet and Microsoft earnings, Neuralink's Brain Implant Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow look ahead to Alphabet, AMD, Microsoft earnings and the impact of AI on their earnings. Plus, Elon Musk's Neuralink puts its brain implant technology in its first patient.See omnystudio.com/listener for privacy information.

Intel Plunges Post-Earnings and the FTC's Big Tech Probe Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Intel's plunge after disappointing investors with its forecast. Plus, Alphabet, Amazon and Microsoft face FTC probes over their investments and partnerships with AI companies.See omnystudio.com/listener for privacy information.

Microsoft, Labor Unions and OpenAI Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's 'historic' alliance on artificial intelligence with labor unions. Plus, global regulators examine Microsoft's $13 billion investment in OpenAI, and the EU strikes a deal to regulate ChatGPT and AI.See omnystudio.com/listener for privacy information.

Microsoft, OpenAI and UK Regulators Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why OpenAI and Microsoft's partnership is facing potential antitrust scrutiny in the UK. Plus, EU negotiators continue to debate rules for AI.See omnystudio.com/listener for privacy information.

Bonus Episode: Microsoft CEO Satya Nadella Talks to Bloomberg Play Episode
Microsoft CEO Satya Nadella sits down with Bloomberg's Emily Chang to discuss the turmoil surrounding OpenAI and the ouster of Sam Altman from the company.See omnystudio.com/listener for privacy information.

Microsoft's Chips and Starlink's 2024 IPO Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at Microsoft's custom-designed AI and cloud chips and what the move means for the company and competitors. Plus, SpaceX plans to spin off its Starlink unit for a public listing in 2024, and Presidents Biden and Xi meet in San Francisco.See omnystudio.com/listener for privacy information.

Google, Microsoft, Snap Report and Qualcomm Unveils New Processor Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the day's biggest tech earnings. Plus, a conversation with the CEO of Qualcomm as the chip firm unveils it's latest processor.See omnystudio.com/listener for privacy information.

Israel-Hamas War, Microsoft and Activision Close the Deal Play Episode
Bloomberg's Ed Ludlow looks at the latest updates from the Israel-Hamas war and speaks with Israel's first ever chief technology officer. Plus, Activision CEO Bobby Kotick joins to discuss the $69B Microsoft-Activision deal finally closing after nearly two years of fighting for approval.See omnystudio.com/listener for privacy information.

UK Watchdog Probes Amazon and Microsoft Cloud Play Episode
Bloombergs Caroline Hyde breaks down why the UKs antitrust watchdog launched an investigation into Amazon and Microsofts cloud services on concerns they could be abusing market power. Plus, a look into crypto hedge fund Alameda Research and Caroline Ellisons role on Day 2 of the historic FTX fraud trial.See omnystudio.com/listener for privacy information.

Microsoft CEO at Google Trial and Tesla's Delivery Numbers Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the latest updates from Google's antitrust trial as Microsoft CEO Satya Nadella takes the stand. Plus, they get a read on the state of the EV industry as Tesla and Rivian report third quarter numbers.See omnystudio.com/listener for privacy information.

Meta Connect and the FTC's Big Tech Fights Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what to expect from Meta Connect as analysts watch for the company's generative AI and VR plans. Plus, the FTC revives its challenge against the Microsoft-Activision deal just a day after its landmark antitrust suit against Amazon.See omnystudio.com/listener for privacy information.

Microsoft's Activision Takeover and UAW Strike Expansion Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow take a look at Microsoft poised to clear its final hurdle for its $69 billion takeover of Activision Blizzard. Plus: the UAW expands its strike against GM and Stellantis as talks progress with Ford, and Apple's iPhone 15 hits shelves around the world.See omnystudio.com/listener for privacy information.

FTC vs. Amazon and Starfield Launches Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow zoom in on the FTC gearing up to sue Amazon this month after a four-year antitrust investigation into the company. Plus, after years in development, Microsoft's highly anticipated Starfield hits the marketplace to rave reviews.See omnystudio.com/listener for privacy information.

Arm Files for its IPO, Zoom CFO on Earnings & Microsoft's Final Activision Push Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow discuss Arm's filing for its IPO which will be the biggest of 2023. Plus, Zoom CFO Kelly Steckelberg joins to discuss the video-conferencing company's earnings. And, Microsoft pushes to get its Activision deal done by submitting a new bid to the CMA in the UK.See omnystudio.com/listener for privacy information.

Robotaxis Expand and Microsoft Gets Probed Play Episode
Bloomberg's Ed Ludlow breaks down a court ruling siding in favor of robotaxis expanding in San Francisco and discusses with Cruise CEO Kyle Vogt. Plus, a look at a government probe including Microsoft's role in suspected Chinese hacking of government officials.See omnystudio.com/listener for privacy information.

Microsoft Sinks, Alphabet Spikes, Meta Next to Report Play Episode
Bloomberg's Caroline Hyde breaks down earnings results from tech giants, including Microsoft, Alphabet and Snap. Plus, a preview of Meta's results and the company's cost cutting initiatives. And, a discussion on Elon Musks grand vision to turn Twitter into a one-stop shop for financial services.See omnystudio.com/listener for privacy information.

UK's CMA on the Microsoft Deal and Big Tech's AI Safeguards Play Episode
Bloomberg's Caroline Hyde breaks down the latest on Microsoft and Activision as UK regulators reject claims they're bowing to pressure to clear the deal. Plus, Big Tech commits to safeguards for AI at the White House's request.See omnystudio.com/listener for privacy information.

Microsoft and Activision Deadline Extended, Netflix Earnings Preview Play Episode
Bloomberg's Caroline Hyde breaks down why Microsoft and Activision extended their deadline for closing the $69 billion dollar deal as they seek approval in the UK. Plus, how the password crackdown and the actor strikes are impacting Netflix's business.See omnystudio.com/listener for privacy information.

Microsoft-Activision Deal Nears Finish Line, and China Chip Curbs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's Activision acquisition getting close to the finish line as a court deadline approaches. Plus, chip CEOs meet with White House officials to push back on new restrictions threatening sales to China.See omnystudio.com/listener for privacy information.

Microsoft's UK Talks and Hollywood's Actors on Strike Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how Microsoft is clearing the final hurdle in its $69 billion takeover of Activision in the UK. Plus, a look at the sticking points in the strikes that have shut down Hollywood and the role of AI there. See omnystudio.com/listener for privacy information.

The FTC Loses to Microsoft and Hollywood Actors Go on Strike Play Episode
Bloomberg's Caroline Hyde breaks down how the FTC lost its request to temporarily block Microsoft from acquiring Activision Blizzard. Plus, Hollywood actors join writers in their strike, bringing productions of films to a standstill amid the first simultaneous walkout since 1960.See omnystudio.com/listener for privacy information.

Microsoft's Activision Deal and Meta's Threads Play Episode
Bloomberg's Caroline Hyde breaks down the latest on Microsoft's $69b deal for Activision as the companies get a new shot at winning over the UK on the acquisition. Plus, how Meta's Threads could add $8 billion dollars in revenue within the next two years. See omnystudio.com/listener for privacy information.

Microsoft Gets Green Light to Buy Activision Play Episode
Bloomberg's Caroline Hyde breaks down the ramifications of Microsoft winning US court approval to move forward with its $69 billion dollar deal for Activision Blizzard. Plus, Ed Ludlow reports live from Sun Valley, Idaho as billionaires descend on the mountains for their annual gathering.See omnystudio.com/listener for privacy information.

TSMC's AI Boost and the Microsoft-Activision Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down how the AI hype cycle is helping TSMC shares, and the fate of Microsoft's $69 billion-dollar takeover of Activision Blizzard. Plus, Meta's newest social app Threads tops 100 million users in less than 5 days.See omnystudio.com/listener for privacy information.

Twitter Under EU Scrutiny and Tech Execs Meet with Biden Play Episode
Bloomberg's Ed Ludlow breaks down the EU's warning to Twitter on disinformation. Plus, the CEOs of Apple, Google, Microsoft and OpenAI dine with President Biden and India's Prime Minister, and Ed takes a ride in a Waymo.See omnystudio.com/listener for privacy information.

The Crypto Market and AI's Impact on Jobs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the state of the crypto market and how artificial intelligence is changing the labor force. Plus, how Silicon Valley is playing catch up with Microsoft in the AI space.See omnystudio.com/listener for privacy information.

Marcelo Claure's New Venture and Microsoft's Activision Blizzard Takeover Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow sit down with Marcelo Claure as he launches a new venture firm focused on Latin America. Plus, more hurdles facing the Microsoft's $69 billion takeover of Activision Blizzard.See omnystudio.com/listener for privacy information.

EU Greenlights Microsoft/Activision Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the EU's decision to allow Microsoft's $69 billion takeover of Activision Blizzard. Plus, Linda Yaccarino prepares to take the helm of Twitter, and C3 AI beats analyst expectations.See omnystudio.com/listener for privacy information.

Meta's Results and Activision CEO Reacts to UK Halting Microsoft Deal Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Meta's results and push ahead to Amazon's earnings report after the bell. Plus, our interview with the CEO of Activision Blizzard as the UK halts the $69 billion gaming deal with Microsoft.See omnystudio.com/listener for privacy information.

Microsoft Activision Deal in UK and RSA Conference Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down what the UK's ruling on the Microsoft/Activision deal means for the future of big tech M&A. Plus, what's being talked about at the RSA cyber security conference in San Francisco.See omnystudio.com/listener for privacy information.

Look Ahead to Alphabet and Microsoft Earnings Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Spotify's earnings results and discuss what to expect from the upcoming Alphabet and Microsoft earnings. Plus, what the EU's new content moderation rules mean for Twitter.See omnystudio.com/listener for privacy information.

The AI Arms Race and Apple's India Sales Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why Samsung is considering replacing Google with Microsoft's Bing as the default search engine on its devices. Plus, Apple's sales in India ramp up, and Netflix apologizes after traffic issues around the 'Love Is Blind' live reunion.See omnystudio.com/listener for privacy information.

TikTok, the US and China, and Microsoft's Activision Deal in the UK Play Episode
Bloomberg's Caroline Hyde dives deeper into US-China relations as tensions simmer following the TikTok CEO's testimony on the Hill. Plus, Microsoft's $69 billion Activision deal gets a boost from the UK.See omnystudio.com/listener for privacy information.

BONUS EPISODE: Interview with Microsoft CEO Satya Nadella Play Episode
Artificial Intelligence is coming to Microsoft Word, PowerPoint and Outlook, in the form of new AI assistants called Copilots. Microsoft CEO Satya Nadella joins Bloomberg's Emily Chang to discuss the new technology.See omnystudio.com/listener for privacy information.

Microsoft's AI-Powered Bing and Arm's Revenue Increase Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the AI race heating up - from Baidu to Google to Microsoft, just out with a new OpenAI-powered Bing search engine. Plus, how Arm has been able to buck the trend and defy the chip downturn.See omnystudio.com/listener for privacy information.

Microsoft Rises after 2Q Beat, the DOJ Sues Google Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's quarterly earnings beating analyst estimates. Plus, a look at why eight states along with the Justice Department are suing to break up Google's ad business.See omnystudio.com/listener for privacy information.

Microsoft Backs ChatGPT, Elliott Invests in Salesforce Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down Microsoft's $10 billion bet on OpenAI. Plus, Elliott's multibillion dollar stake in Salesforce and a peak into what Apple's mixed reality headset is capable of.See omnystudio.com/listener for privacy information.

Microsoft and Amazon Downsize Staff Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the latest tech layoffs out of Microsoft and Amazon. Plus, Texas universities ban access to TikTok from their WiFi networks, and Twitter auctions some of its office items.See omnystudio.com/listener for privacy information.

The FTC's War on Big Tech Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down the FTC now seeking to block Microsoft's acquisition of Activision Blizzard, and what's new in the case of Meta's acquisition of Within. Plus, why pressure is building on Elon Musk and his bankers.See omnystudio.com/listener for privacy information.

Elon Musk vs SF Mayor and the FTX Warning Signs Play Episode
Bloomberg's Caroline Hyde and Ed Ludlow break down why Elon Musk is feuding with the city of San Francisco over makeshift bedrooms in the Twitter office. Plus, a look at FTX's warning signs, and Microsoft meeting the FTC on its Activision deal.See omnystudio.com/listener for privacy information.

Google Earnings and Bilt Rewards Play Episode
Bloomberg's Caroline Hyde, in for Emily Chang, breaks down the latest from Google's and Microsoft's earnings results. Plus, a look at Bilt Rewards' latest valuation and mission, and Matt Levine's "Story of Crypto" in the latest Bloomberg Businessweek edition.See omnystudio.com/listener for privacy information.

Microsoft CEO on Productivity and Dreamforce in San Francisco Play Episode
Bloomberg's Ed Ludlow breaks down the news of the day and presents two interviews from anchor Emily Chang with Microsoft CEO Satya Nadella on productivity monitoring, and Salesforce's Marc Benioff on Dreamforce coming back in person in San Francisco.See omnystudio.com/listener for privacy information.

Netflix, Microsoft Team Up Play Episode
Emily Chang gets a breakdown of Netflix's partnership with Microsoft, as both companies delve into the advertising space. Plus, IBM CEO Arvind Krishna explains the importance of Congress' CHIPS Act; and Unity Software CEO John Riccitiello justifies his company's $4.4 billion acquisition of mobile ad giant ironSource.See omnystudio.com/listener for privacy information.

Musk and Twitter Day 2 and Microsoft, Google Earnings (Podcast) Play Episode
Bloomberg's Emily Chang breaks down Microsoft's and Google's earnings results and dives deeper into Musk's purchase of Twitter and what it means for free speech. Plus, a look at Finnish wearable tech startup Oura.See omnystudio.com/listener for privacy information.

War for Tech Talent & Information Play Episode
Bloomberg's Emily Chang covers Russia's war on information. Plus, Microsoft's work shifting survey - and how the war for talent rages on in a rapidly evolving work environment, with an exclusive interview of Box CEO Aaron Levie. Learn more about your ad-choices at https://www.iheartpodcastnetwork.comSee omnystudio.com/listener for privacy information.

Conan O'Brien Needs A Friend

---

Melinda French Gates Play Episode
Businesswoman and philanthropist Melinda French Gates feels like a bit of a newbie about being Conan OBriens friend.Melinda sits down with Conan to discuss her introduction to computer science while at Catholic school, getting her start at Microsoft, the importance of giving back, and why education, especially of women, is critical to developing personal autonomy.For Conan videos, tour dates and more visitTeamCoco.com.Got a question for Conan? Call our voicemail: (669) 587-2847. Get access to all the podcasts you love, music channels and radio shows with the SiriusXM App! Get 3 months free using this show link: https://siriusxm.com/conan. Hosted by Simplecast,...

Nicole Byer Play Episode
Comedian and actress Nicole Byer feels excited about being Conan OBriens friend!Nicole and Conan sit down to chat about loving the people they torment, marriages of convenience, Ayahuasca side effects, Conans dateability, and making your own tattoos with Microsoft Word. Later, Conan recaps a texting miscommunication during a game of True or False with Sona Movsesian.Got a question for Conan? Call our voicemail: (323) 451-2821.For Conan videos, tour dates and more visit TeamCoco.com.This episode is sponsored by VRBO, Yousician (www.yousician.com/CONAN code: CONAN), Robinhood (www.CONAN.robinhood.com), State Farm (1-800-STATE-FARM), Mizzen+Main (www.comfortable.af code: CONAN), Fracture (www.fractureme.com/CONAN), and HotelTonight (www.hoteltonight.com). Get access to all...

Confessions Of A SEO

---

How Much Did That Content Really Cost? - Season 5, episode 41 Play Episode
Never listen to news articles on the radio while in your car about electric infrastructure unless you like to torture the brain on un-sustainability issues. In this week's show let's talk about how civil war battlefields and AI power demands intersect and how that depressing concept lead me to a positive, more hopeful place about the capacity for the human brain to find a new way for an old problem.And yes, SEO is in the mix because we are feet first into this new reality.Last Week's episodehttps://www.confessionsofanseo.com/podcast/duplicate-content-works-until-it-doesnt-season-5-episode-40/Mentioned in the showIn-chip cooling fluidhttps://news.microsoft.com/source/features/innovation/microfluidics-liquid-cooling-ai-chips/Why you need liquid cooling for AI performance at...

Critical Thinking - Bug Bounty Podcast

---

Episode 14: Mobile Hacking Dynamic Analysis w/ Frida + Random Hacker Stuff Play Episode
Episode 14: In this episode of Critical Thinking - Bug Bounty Podcast we talk about Dynamic Analysis within Mobile Hacking and a bunch of random hacker stuff. It's a good time. Enjoy the pod.Follow us on Twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on Twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynoraterJoels Alternative to UberTooth One:https://www.amazon.com/Bluetooth-UD100-G03-Exchangeable-Bluesoleil-Microsoft/dp/B0161B5ATMD3monDevs Burp VPS Plug-in:https://github.com/d3mondev/burp-vps-proxyFireProx:https://github.com/ustayready/fireproxJoels Universal SSL De-pinning Frida Script:https://gist.github.com/teknogeek/4dc35fb3801bd7f13e5f0da5b784c725Command-line Fuzzy Finder:https://github.com/junegunn/fzfJustins two article recommendations for using Frida:https://tinyurl.com/5n94d6ryhttps://tinyurl.com/yfy3n5f5Copy screen of physical device:https://tinyurl.com/ymdrscm5Flipper:https://flipperzero.one/BetterCap BLE Module:https://www.bettercap.org/modules/ble/Timestamps:(00:00:00) Intro(00:00:55) Hacker Chats(00:03:27) Podcast...

Cyber Distortion Podcast Series

---

S4 - Episode 008 Unleashing Your Inner Hacker (w/ Ted Harrington) Play Episode
This episode welcomes Ted Harrington, a celebrated ethical hacker, TEDX keynote speaker, and executive partner at Independent Security Evaluators (ISE). With decades of realworld experience hacking everything from iPhones and cars to medical devices, cryptocurrency platforms, and password managers, Ted brings unmatched expertise to our conversation. He's built a reputation for uncovering hidden vulnerabilities, helping clients such as Google, Amazon, Netflix, Microsoft, Disney, and Adobe to fix tens of thousands of security flawsdemonstrating why no system is truly unhackable. In this episode, Ted walks us through his journey from early penetration testing to leading elite security research. We discuss the...

Cyber Security Headlines

---

Critical SharePoint flaw, real-time cyberattack prevention, CISA's Intune warning Play Episode
Critical Microsoft SharePoint flaw now exploited in attacks 1stProtect reveals endpoint security platform intended to prevent cyberattacks in real time CISA urges U.S. organizations to secure Microsoft Intune systems following Stryker breach Get links to all our stories in the show notes: https://cisoseries.com/cybersecurity-news-critical-sharepoint-flaw-real-time-cyberattack-prevention-cisas-intune-warning/ Huge thanks to our episode sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first security awareness platform built to stop AI-powered social engineering. Picture a "new hire" who interviews well except they're synthetic: AI video, AI voice, AI backstory. Once they're in, they go after payroll, internal docs, and access. That's the...

Copilot summarizes confidential emails, ShinyHunters targets CarGurus, Texas sues TP-Link Play Episode
Microsoft Copilot summarizes confidential emails ShinyHunters takes CarGurus records Texas sues TP-Link over router hack Get the full show notes here: https://cisoseries.com/cybersecurity-news-copilot-summarizes-confidential-emails-shinyhunters-targets-cargurus-texas-sues-tp-link/ Huge thanks to our sponsor, Conveyor Every fast-growing company hits this one moment. Sales wants to close bigger enterprise deals, but this means the security team is buried in security questionnaires. Alteryx avoided the deluge of questionnaires by using Conveyor to automate their customer security reviews.The result? AI completes questionnaires, 40% more customers are supported through a self-serve trust center, and over half a billion dollars in security influenced revenue. If you're trying to scale without adding headcount,...

Ivanti actor identified, search overviews manipulated, ClickFix leverages Nslookup Play Episode
One threat actor responsible for 83% of recent Ivanti RCE attacks Google's AI search overviews manipulated by scammers Microsoft warns of DNS-based ClickFix attack that uses Nslookup Get the full show notes here: https://cisoseries.com/cybersecurity-news-ivanti-actor-identified-search-overviews-manipulated-clickfix-leverages-nslookup/ Huge thanks to our sponsor, Conveyor I'll tell you two things Conveyor can't help you with. Conveyor will not make security questionnaires fun and it will not make your sales team stop asking you questions. But it did help Alteryx support half a billion dollars in enterprise deals with the same 4 person team. All they did was get an AI trust center and use Conveyor's...

Crazy gang abuses employee monitoring tool, Nevada unveils new data classification, Georgia healthcare breach impact grows Play Episode
Crazy gang abuses employee monitoring tool Nevada unveils new data classification Georgia healthcare breach impacts more than 620,000 Get the show notes here: https://cisoseries.com/cybersecurity-news-google-gets-eu-wiz-approval-microsoft-secures-secure-boot-certificates-north-korean-hackers-target-crypto-exec/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 46 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

Google gets EU Wiz approval, Microsoft secures Secure Boot certificates, North Korean hackers target crypto exec Play Episode
EU grants Google approval for Wiz Microsoft rolls out Secure Boot certificates before expiration North Korean hackers target crypto exec Get the show notes here: https://cisoseries.com/cybersecurity-news-google-gets-eu-wiz-approval-microsoft-secures-secure-boot-certificates-north-korean-hackers-target-crypto-exec/ Huge thanks to our episode sponsor, ThreatLocker Want real Zero Trust training? Zero Trust World 2026 delivers hands-on labs and workshops that show CISOs exactly how to implement and maintain Zero Trust in real environments. Join us March 46 in Orlando, plus a live CISO Series episode on March 6. Get $200 off with ZTWCISO26 at ztw.com.

OpenClaw targets ClawHub users, Notepad++ update delivers malware, APT28 attackers abuse Microsoft Office zero-day Play Episode
OpenClaw targets ClawHub users Notepad++ update delivers malware APT28 attackers abuse Microsoft Office zero-day Get the show notes here: https://cisoseries.com/cybersecurity-news-openclaw-targets-clawhub-users-notepad-update-delivers-malware-apt28-attackers-abuse-microsoft-office-zero-day/ Huge thanks to our sponsor, Strike48 It's no secret that AI is only as good as the data available to it. Strike48 unifies agentic AI with unmatched log visibility while avoiding the typical hefty price tag. Build and deploy agents for phishing detection, alert triage, threat correlation and more. Queries existing logs where they currently live, so you can keep the technology you already have. Learn more at Strike48.com.

France fines unemployment agency, Teams flags calls, UK pushes deterrence Play Episode
France fines unemployment agency 5 million over data breach Microsoft Teams addition will allow for suspicious calls to be reported UK leaders warned about absorbing cyberattacks without offensive deterrence Check out the show notes here: Huge thanks to our episode sponsor, Conveyor Want to hear a horror story? An infosec manager found out that their sales rep had filled in a customer security questionnaire themselves and sent it back to the customer without review. Which led to dozens of follow up questions. With Conveyor's Trust Center AI Agent, you can avoid all of that. The Agent lives in your Conveyor...

Microsoft patches Office zero-day vulnerability, Indian users targeted by Blackmoon, Konni targets blockchain developers Play Episode
Microsoft patches Office zero-day vulnerability Indian users targeted by Blackmoon Konni targets blockchain developers Huge thanks to our episode sponsor, Conveyor True story, an infosec team had to give customers MapQuest style directions just to navigate their Trust Center. Spoiler: it didn't reduce follow-up questions and created even more work for everyone involved. With Conveyor's new Trust Center AI Agent, customers get answers instantly and can even upload questionnaires for the Agent to complete. This way, customers find what they need and keep moving, without your team needing to intervene.Learn more at conveyor.com

Microsoft Patch problems, Sandworm hits Poland, Dresden Museum cyberattack Play Episode
Microsoft Outlook and boot problems Sandworm likely behind cyberattack on Poland's power grid Dresden museum network suffers cyberattack Huge thanks to our episode sponsor, Conveyor Ever wish your customers could magically get answers to their own security questionnaires before they ever hit your desk? We've heard this wish from hundreds of teams so Conveyor just launched a new Trust Center AI Agent. The Agent lives in your Conveyor hosted Trust Center and answers customer questions, surfaces documents and even completes full questionnaires instantly so customers can finish their review without your intervention. Join top tech companies using Conveyor today like...

Microsoft enforces admin MFA, Cisco patches ISE, Illinois breaches self Play Episode
Microsoft to enforce MFA for Microsoft 365 admin center sign-ins Cisco patches ISE security vulnerability after PoC release Illinois state agency breaches itself Huge thanks to our sponsor, Hoxhunt A small tip for CISOs: if you're unsure whether your security training is actually reducing phishing risk, check out what Qualcomm achieved with Hoxhunt. They took their 1,000 highest-risk users from consistent under-performers to outperforming the rest of the company, driving measurable human risk reduction and earning a CSO50 Award. See the Qualcomm case athoxhunt.com/qualcomm Find the stories behind the headlines at CISOseries.com.

US taps private firms in cyber offensive, Microsoft updates cause queuing failures, phishing campaign delivers Phantom Stealer Play Episode
US turns to private firms in cyber offensive Microsoft updates cause queuing failures Phishing campaign delivers Phantom stealer Huge thanks to our sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. Attackers don't need malware anymore; they need trust. Tip: set a simple passphrase for high-risk actions, like wire requests or "urgent" account recovery especially within finance teams and families. If the caller can't answer it, pause and verify. Adaptive runs deepfake and vishing simulations so employees practice this before it's real. Learn more at adaptivesecurity.com.

Department of Know: CISO hiring warning, critical threat actor law, Microsoft Defender outage Play Episode
Link to episode page This week's Department of Know is hosted by Sarah Lane with guests Jason Shockey, CISO, Cenlar FSB, and Mike Lockhart, CISO, Eagleview Thanks to our show sponsor, Adaptive Security This episode is brought to you by Adaptive Security, the first cybersecurity company backed by OpenAI. AI is rewriting the cybersecurity rulebook, because attackers can now scale persuasion as easily as they scale code. The real target isn't just your systems anymore; it's human trust. If you aren't actively testing your organization against AI-driven phishing, vishing, and deepfakes, you're leaving a gap criminals will exploit. Adaptive runs...

Microsoft Defender outage disrupts threats, Apple resists India's app order, MuddyWater strikes Israel Play Episode
Microsoft Defender outage disrupts threats Apple resists India's state-run app order MuddyWater strikes Israel with MuddyViper Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO

Asahi ransomware details, California browser law, Windows Teams accelerated Play Episode
Japanese brewer Asahi provides details regarding October ransomware attack California law regulating web browsers might impact national data privacy Microsoft to speed up Teams Huge thanks to our episode sponsor, Vanta This message comes from Vanta. What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and simplifies your security at scale. Get started at Vanta.com/CISO Find...

Microsoft blocks Entra, AI scammer legislation, ASUS patches AiCloud Play Episode
Microsoft to block unauthorized scripts in Entra ID logins with 2026 CSP update New legislation targets scammers that use AI to deceive ASUS firmware patches critical AiCloud vulnerability Huge thanks to our episode sponsor, KnowBe4 Cybersecurity isn't just a tech problemit's a human one. That's why KnowBe4's Human Risk Management platform allows you to measure, quantify and actuallyreduce human risk across your organization. With AI-powered risk scoring, automated coaching and reporting, HRM+ helps you surface your highest risk users and reduce the risk of data breaches and cyberattacks proactively. Ready to move from awareness to action? Request a demo of...

Sturnus captures encrypted chats, PowerSchool schools blamed, SEC security bill Play Episode
Sturnus Android Trojan captures encrypted chats and hijacks devices Canadian regulators say schools share blame for PowerSchool hack Bill reintroduced to bolster cybersecurity at Securities and Exchange Commission Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind...

Cloudflare blames database, Crypto heist takedown, WhatsApp flaw exposed billions Play Episode
Cloudflare blames database Crypto heist takedown WhatsApp flaw exposed billions Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

FCC to torch Salt Typhoon rules, Group claims Danish party website hits, MI5 warns Chinese spies are on LinkedIn Play Episode
FCC to torch rules from Salt Typhoon Group claims hits on Danish party websites MI5 warns Chinese spies are using LinkedIn Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

Azure hit by DDoS, Kenyan government sites recover, EVALUSION emerges Play Episode
Azure hit by DDoS using 500K IPs Kenyan government websites back online EVALUSION emerges Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523.

Department of Know: Autonomous AI cyberattack, CISOs back to work, bus kill switches Play Episode
Link to episode page This week's Department of Know is hosted by Rich Stroffolino with guests Robb Dunewood, Host, Daily Tech News Show, and Howard Holton, CEO, GigaOm Thanks to our show sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. All links and the video...

Windows 10 update failure, autonomous AI cyberattack, Feds fumble Cisco patches Play Episode
Microsoft warns of potential Windows 10 update failure China-backed hackers launch first large-scale autonomous AI cyberattack Feds fumbled Cisco patches requirements, says CISA Huge thanks to our episode sponsor, KnowBe4 Your email gateway isn't catching everything and cybercriminals know it. That's why there's KnowBe4's Cloud Email Security platform. It's not just another filterit's a dynamic, AI-powered layer of defense that detects and stops advanced threats before they reach your users' inbox. Request a demo of KnowBe4's Cloud Email Security at knowbe4.com or visit them this week at Microsoft Ignite booth #5523. Find the stories behind the headlines at CISOseries.com.

Cyber laws reprieved, Microsoft screen capture, FBI highlights Akira Play Episode
Two key cyber laws are back as president signs bill to end shutdown Microsoft's screen capture prevention for Teams users is finally rolling out FBI calls Akira top five ransomware variant out of 130 targeting U.S. businesses Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling...

Microsoft WSUS vulnerability, LastPass death hoax, Copilot phishing technique Play Episode
Microsoft WSUS vulnerability could allow for remote code execution Fake LastPass death claims used to breach password vaults New CoPhish attack steals OAuth tokens via Copilot Studio agents Huge thanks to our sponsor, Conveyor If security questionnaires make you feel like you're drowning in chaos, you're not alone. Endless spreadsheets, portals, and questionsalways when you least expect them. Conveyor brings calm to the storm. With AI that auto-fills questionnaires and a trust center that shares all your docs in one place, you'll feel peace where there used to be panic. Find your security review zen at www.conveyor.com. Find the stories...

Sotheby's suffers cyberattack, Cisco "Zero Disco' attacks, Microsoft revokes ransomware certificates Play Episode
Sotheby's suffers cyberattack Hackers exploit Cisco SNMP flaw in "Zero Disco' attacks Microsoft revokes more than 200 certificates to disrupt ransomware campaign Huge thanks to our sponsor, Vanta What's your 2 AM security worry? Is it "Do I have the right controls in place?" Or "Are my vendors secure?" ....or the really scary one: "how do I get out from under these old tools and manual processes? Enter Vanta. Vanta automates manual work, so you can stop sweating over spreadsheets, chasing audit evidence, and filling out endless questionnaires. Their trust management platform continuously monitors your systems, centralizes your data, and...

Microsoft Azure outage, law firm cyberattack, Russian hacktivists pwned Play Episode
Azure outage blocks access to Microsoft 365 services and admin portals Major U.S. law firm suffers cyberattack Hacktivists aiming for critical infrastructure get pwned Huge thanks to our sponsor, ThreatLocker Imagine having the power to decide exactly what runs in your IT environment and blocking everything else by default. That's what ThreatLocker delivers. As a zero-trust endpoint protection platform, ThreatLocker fills the gaps traditional solutions leave behind, giving your business stronger security and control. Don't just react to threats stop them with ThreatLocker. Learn more at ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.

Shutdown furloughs CISA, Defender BIOS bug, Motilily dealership cyberattack Play Episode
Government shutdown furloughs most CISA staff Microsoft Defender bug triggers erroneous BIOS update alerts Motility RV software company suffers cyberattack Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control everything (which,...

Breaches set for North America, Outlook bug needs Microsoft support, Air Force admits SharePoint issue Play Episode
Breach notification letters set to flood North America's mailboxes New bug in classic Outlook only fixed via Microsoft support Air Force admits SharePoint privacy issue over breach Huge thanks to our sponsor, Nudge Security AI notetakers like Otter AI spread fast. In fact, one Nudge Security customer discovered 800 new accounts created in only 90 days. Viral AI notetakers introduce a slew of data privacy risks by gaining access to calendars and adding themselves to every meeting. Nudge Security can help. Within minutes of starting a free trial, you'll see every AI app, account, and integration, even those created in...

Microsoft blocks AI code, Breach hits WestJet, Harrods suffers new data incident Play Episode
AI-generated code used in phishing campaign blocked by Microsoft WestJet notifies American consumers of data breach Ukrainian cops spoofed in fileless phishing attacks on Kyiv Huge thanks to our sponsor, Nudge Security AI tools have spread to every corner of your tech stack, which is great for innovation, but not so great for data governance. That's where Nudge Security comes in. Nudge discovers shadow AI across your org - chatbots, MCP integrations, AI in the supply chain, and more. And, Nudge delivers guardrails to employees to help you stop data leakage before it even starts. The best part? You'll have...

Dutch espionage arrest, DOD risk management framework, Oyster malvertising Play Episode
Dutch teenagers arrested for attempted espionage for Russia DoD announces replacement for risk management framework Fake Microsoft Teams installers deliver Oyster malware Huge thanks to our sponsor, Nudge Security Here's the thing: your employees are signing up for new apps, sharing data, and connecting tools together, often without anyone knowing. And, AI adoption is accelerating this trend. What if you could continuously discover when people start using new apps or sharing data, then prompt them with security guidance right when and where they are working? At Nudge Security, we call that securing the Workforce Edge. Instead of trying to control...

Windows 10 extension, teenage Vegas hacker released, Boyd Gaming hacked Play Episode
Microsoft to offer free Windows 10 security updates in Europe Teenage Vegas casino hacker released to parents Boyd Gaming hacked, employee data stolen Huge thanks to our sponsor, Conveyor Logging into yet another security questionnaire portal on a Friday at 3pm? Yeah, that's chaos. Conveyor AI is your fast path to calm. It finds every question no matter the format and fills in the answersacross portals, spreadsheets, PDFs, you name it. So instead of grinding through copy-paste, you get a first pass of accurate answers in minutes. Find your Friday Zen at www.conveyor.com. Find the stories behind the headlines at...

Week in Review: Student hackers increase, CISA wants CVE, Microsoft called hypocritical Play Episode
Link to episode page This week'sCyber Security Headlines Week in Review is hosted by Rich Stroffolino with guests Jack Kufahl, CISO, Michigan Medicine, and Nick Espinosa, host, The Deep Dive Radio Show Thanks to our show sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means...

Google patches zero-day, Copilot's forced installation, Scattered Spider arrests Play Episode
Google patches sixth Chrome zero-day exploited in attacks this year Microsoft to force install the Microsoft 365 Copilot app in October Two more Scattered Spider teen suspects arrested Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and...

Insight Partners warns thousands, Scattered Spider feigns retirement, Consumer Reports calls Microsoft 'hypocritical' Play Episode
Insight Partners warns thousands after ransomware breach Scattered Spider gang feigns retirement, breaks into bank instead Consumer Reports calls Microsoft 'hypocritical' Huge thanks to our sponsor, Drata Leading security teams trust SafeBase by Drata to turn trust into a growth engine. Our enterprise-grade Trust Center puts your security posture in one secure, customer-facing portal, giving buyers instant visibility into your company's continuous controls, certifications, and policies. With AI-powered Questionnaire Assistance, blast through inbound security questionnaires in minutes instead of days, automate cross functional workflows, and eliminate friction. That means less manual work, and faster deal cycles. Win with Trust. Learn...

npm update, Cursor Autorun flaw details, Microsoft probe over Ascension hack? Play Episode
The npm incident: nothing to fret about? Cursor Autorun flaw lets repositories execute code without consent Senator Wyden urges FTC to probe Microsoft over Ascension hack Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows...

Apple's urgent update, Scattered Spider sentence, Microsoft seeks SSD feedback Play Episode
Apple urges iPhone, iPad and Mac update ASAP Scattered Spider operative gets 10 years and a big fine Microsoft seeks customer feedback on SSD failure issues Huge thanks to our sponsor, Conveyor Does logging into a portal security questionnaire feel like punishment? We get it. Other solutions offer browser extensions that require you to do all the copy-pasting. It's slow, tedious, and frustrating. Conveyor takes care of it for you. Our AI auto-scrolls, finds every question, and fills in accurate answersall automatically.Oh, and our AI completes security questionnaires of any format, not just portals. Visit www.conveyor.com to learn more. Find...

North Korean crypto theft, Microsoft rolls out back up, four charged in global scheme Play Episode
North Korean crypto theft Microsoft rolls out PC back up during attack U.S. charges four in $100M global fraud scheme Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting,...

Hybrid Exchange flaw, France telecom breach, Dialysis company attack Play Episode
Microsoft warns of high-severity flaw in hybrid Exchange deployments France's third-largest mobile operator suffers breach Dialysis company's April attack affects 900,000 people Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Gemini AI hijacked, Nvidia rejects AI chip backdoors, phishers abuse Microsoft 365 Play Episode
Hackers hijacked Google's Gemini AI with a poisoned calendar invite to take over a smart home Nvidia rejects US demand for backdoors in AI chips Google says hackers stole its customers' data by breaching its Salesforce database Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Microsoft & Google lead zero day exploits, Plague Linux malware maintains SSH access, panel to create US Cyber Force Play Episode
Microsoft and Google among most affected as zero day exploits jump 46% Vietnamese hackers use PXA Stealer, hit 4,000 IPs and steal 200,000 passwords globally New Plague Linux malware stealthily maintains SSH access Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

NASCAR announces breach, Plankey for CISA, 365 Admin outage Play Episode
NASCAR announces data breach following March cyberattack Plankey appears to be on track to lead CISA Microsoft investigates another outage affecting 365 admin center Huge thanks to our sponsor, Dropzone AI Today's sponsor is Dropzone AI, the leader in AI-powered SOC automation. Major companies like Zapier and UiPath are using Dropzone to give their security teams superpowers. Imagine your analysts focusing on real threats while AI handles every routine investigationin minutes, not hours. If you're heading to BlackHat, stop by their booth in Startup City. But you don't have to waitcheck out their self-guided demo atdropzone.ai and see why Fortune...

Sharepoint hack linked to Chinese groups, NGOs targeted with phishing tactics, engineer admits US missile theft Play Episode
Microsoft links Sharepoint ToolShell attacks to Chinese hackers Russian threat actors target NGOs with new OAuth phishing tactics Silicon Valley engineer admits theft of US missile tech secrets Huge thanks to our sponsor, Nudge Security Nudge Security discovers every SaaS app used in your org, secures configurations, enforces MFA, and manages app-to-app access so you can prevent identity based attacks. Start a free 14-day trial today at NudgeSecurity.com

Google issues Chrome security update, ICC targeted by new attack, Microsoft nixes Authenticator password management Play Episode
Chrome Zero-Day CVE-2025-6554 under active attack Google issues security update International Criminal Court targeted by new 'sophisticated' attack Kelly Benefits says 2024 data breach impacts 550,000 customers, Esse Health says recent data breach affects over 263,000 patients Huge thanks to our sponsor, Palo Alto Networks You're moving fast in the cloud and so are attackers. But while SecOps and cloud securityteams are working in silos, attackers are exploiting the gaps between them. Cortex Cloud by Palo Alto Networks bridges this divide, unifying teams and stopping attackswith real-time cloud security that includes AI-powered protection, detection and automatedresponse capabilities. Threats are stopped...

Week in Review: Qilin adds lawyers, Iranian spearphishing campaign, Microsoft Direct Send hack Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Bil Harmer, operating partner and CISO, Craft Ventures. Check out Bil's page, KillSwitchAdvisory. Thanks to our show sponsor, ThreatLocker Alert fatigue, false positives, analyst burnoutyou know the drill. What if you could stop threats before they run? ThreatLocker gives CISOs what they've been asking for: real control at the execution layer. Only approved apps, scripts, and executables run. Period. Known-good is enforced. Everything else? Denied by default. Ringfencing and storage control keep even trusted tools in their laneso PowerShell doesn't become...

Iranian-backed spearphishing campaign, Microsoft Outlook fix, Glasgow suffers cyberattack Play Episode
Iranian-backed spearphishing campaign seeks out cybersecurity experts Microsoft fixes Outlook bug causing crashes when opening emails Glasgow City Council suffers cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

70 Microsoft Exchange servers targeted, Apple, Netflix, Microsoft sites hacked, data breach hits Aflac Play Episode
Hackers target over 70 Microsoft Exchange servers to steal credentials via keyloggers Apple, Netflix, Microsoft sites 'hacked' for tech support scams The 2022 initiative by Cloudflare, CrowdStrike and Ping Identity provided cybersecurity support to critical infrastructure sectors seen as potential targets of Russia-linked attacks Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Microsoft Entra attack, Thursday's Cloud outages, Mark Green retires Play Episode
Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes Vanta. With Vanta, GRC can be so. much. easierwhile also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC programincluding compliance, risk, and customer trustand streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using...

40K IoT cameras stream secrets to browsers, Marks & Spencer taking online orders post-cyberattack, PoC Code escalates Roundcube Vuln threat Play Episode
CISA, Microsoft warn of Windows zero-day used in attack on 'major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes Vanta. With Vanta, GRC can be so. much. easierwhile also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC programincluding compliance, risk, and customer trustand streamlines the way...

Week in Review: Senators' CSRB bid, Deepfakes dodge detection, Microsoft-CrowdStrike collaboration Play Episode
Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Rusty Waldron, chief business security officer, ADP Thanks to our show sponsor, Conveyor Let me guess, another security questionnaire just landed in your inbox. Which means all the follow up tasks you don't have time for are close behind.What are you going to do? Here's a better question: what would Sue do? Sue is Conveyor's new AI Agent for Customer Trust. She handles the entire security review process like answering every customer request from sales, completing every questionnaire or executing...

Russian bomber maker popped, vishing targets Salesforce, MS helps out governments Play Episode
Ukraine claims cyberattack on Russian bomber maker Vishing campaign targets Salesforce Microsoft lends a hand to European governments Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security reviews? You know, chasing down SMEs for answers, updating systems, coordinating across teamsall the grunt work nobody wants to do. Plus, having to finish the dang questionnaire itself. Well. That teammate existsConveyor just launched Sue, the first AI Agent for Customer Trust. Sue really is the dream teammate. She never misses a deadline, answers every customer request from sales, completes...

MS and CrowdStrike partner, Qualcomm bugs exploited, new CISA cut details Play Episode
Microsoft and CrowdStrike partner to link threat actor names Qualcomm sees Adreno bugs under active exploitation New details on proposed CISA cuts Huge thanks to our sponsor, Conveyor Does trying to get the security questionnaire done and back to your customer ever feel like you're herding cats? It's not answering questions - most of you have automation software for that. It's all of the manual back and forth that becomes a slog like communicating between teams, tracking people down to get their review, updating sources and updating systems. Conveyor just launched an AI agent, Sue, to do all of these...

Windows startup failures, Victoria's Secret cyberattack, stolen cookie threat Play Episode
Windows 11 might fail to start after installing KB5058405, says Microsoft Victoria's Secret website goes offline following cyberattack Billions of stolen cookies available, worrying security experts Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Microsoft updates Update, LexisNexis leak, cyber insurance premiums Play Episode
Microsoft wants to update all the things LexisNexis breach impacts 364,000 people Cyber insurance premium volume expected to double Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.

Week in Review: Disabling Microsoft Defender, corrupted power inverters, bipartisan training bill Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest George Finney, CISO, The University of Texas System check out George's new book plus all his other achievements at his website, WellAwareSecurity. Thanks to our show sponsor, Conveyor Still spending hours maintaining a massive spreadsheet of Q&A pairs or using RFP tools to answer security questionnaires? Conveyor's AI doesn't need hand-holding and gets you accurate answers every time with limited knowledge base maintenance. It reads directly from your connected sourcesdocuments, wikis, websites, Confluence, Google drive, and even your Conveyor trust center....

UK retailer update, Microsoft Defender disabler, deepfakes target officials Play Episode
Scattered Spider facilitates UK retail hacks and is moving to the U.S. Defendnot tool can disable Microsoft Defender FBI warns government officials about new waves of deepfakes Huge thanks to our sponsor, Conveyor Are you dealing with security questionnaire chaos this week? If so, get Conveyor's AI to knock them out for you. Connect Conveyor to any source, easily upload any format of questionnaire or use the browser extension for portals and their AI handles the restfrom parsing the questions to generating answers and auto-tagging collaborators. Let Conveyor do the work for you. Learn more at www.conveyor.com. Find the stories...

Week in Review: Hackers pump stocks, Microsoft stops screenshots, AI encrypts cybersecurity Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Nick Espinosa, host, The Deep Dive Radio Show. Here's where you can find him: Daily Podcast on SoundCloud | YouTube | Forbes | Twitter/X | Facebook | BlueSky | Mastodon Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Likeright now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls...

Japan finance hacks, Pearson suffers cyberattack, Teams blocks screen captures Play Episode
Hackers hijack Japanese financial accounts to conduct billions in trades Education giant Pearson hit by cyberattack exposing customer data Microsoft Teams will soon block screen capture during meetings Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize...

Microsoft Authenticator passkeys, StealC malware upgraded, CISA budget slashed Play Episode
Microsoft ends Authenticator password autofill in favor of Edge StealC malware enhanced with stealth upgrades and data theft White House proposes cutting $491M from CISA budget Thanks to today's episode sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

SAP zero-day active, another OAuth exploit, cybersecurity CEO arrested Play Episode
SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.

Week in Review: Secure by Design departure, Microsoft's security report, LLMs outrace vulnerabilities Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO emeritus, The Carlyle Group Thanks to our show sponsor, Dropzone AI Alert investigation is eating up your security team's day30 to 40 minutes per alert adds up fast. Dropzone AI's SOC Analyst transforms this reality by investigating every alert with expert-level thoroughness at machine speed. Our AI SOC Analyst gathers evidence, connects the dots across your security tools, and delivers clear reports with recommended actionsall in minutes. No playbooks to build, no code to write. Just consistent,...

Microsoft Recall updates, Russian orgs deal with networking software updates, SSL.com certificate issuance vulnerability Play Episode
Microsoft Recall on Copilot+ PC: testing the security and privacy implications Russian organizations targeted by backdoor masquerading as secure networking software updates SSL.com Scrambles to Patch Certificate Issuance Vulnerability Huge thanks to our sponsor, Dropzone AI Is your security team spending too much time chasing alerts instead of stopping threats? Dropzone AI modernizes your security operations by handling the routine investigations that consume your team's day. Our AI SOC Analyst works with your existing security tools, learns your environment, and delivers clear, actionable reports within minutes. Your human analysts can finally focus on the most critical threats. Organizations using our...

Microsoft Entra lockouts, wine tasting malware, job scam solution Play Episode
Widespread Microsoft Entra lockouts cause by new security feature rollout Malware delivered through diplomatic wine-tasting invites British companies told to hold in-person interviews to thwart North Korea job scammers Huge thanks to our sponsor, Dropzone AI Growing your MSSP client roster while your alerts are multiplying? Dropzone AI works alongside your team, investigating alerts just like your best human analysts would. Our AI SOC Analyst cuts investigation time from an hour to minutes while handling five times more alerts per analyst. Unlike complex SOAR solutions, Dropzone deploys quickly and adapts to your environment without the need for playbooks or coding....

CISA cuts planned, Windows 'inetpub' warning, health lab breach Play Episode
Major workforce cuts planned for CISA Microsoft warns Windows users not to delete 'inetpub' folder Data breach at testing lab affects 1.6 million people Thanks to this week's episode sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like...

New WhatsApp vulnerability, Microsoft patches 125 Windows Vulns, Fake Microsoft Office add-in tools push malware Play Episode
WhatsApp vulnerability could facilitate remote code execution Spyware targeting Chinese diaspora Microsoft Patches 125 Windows Vulns, Including Exploited CLFS Zero-Day Thanks to our episode sponsor, Nudge Security Nudge Security provides advanced security posture management for Okta, Microsoft 365, Google Workspace, and other critical apps. With Nudge, you'll be alerted of risks like weak or missing MFA, inactive admin accounts, and risky integrations, plus you can automate remediation tasks and on-going identity governance. Start a free 14-day trial today

Week in Review: Microsoft's account bypass, CrushFTP CVE clash, 23andMe warning Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Howard Holton, COO and industry analyst, GigaOm Thanks to our show sponsor, Qualys Overwhelmed by noise in your cybersecurity processes? Cut through the clutter with Qualys Enterprise TruRisk Management. Quantify your cyber risk in clear financial terms and focus on what matters most. Actionable insights help you prioritize critical threats, streamline remediation, and accelerate risk reduction while effectively communicating impact to stakeholders. Empower your cybersecurity strategy with tools that drive faster, smarter, and more efficient risk management. Your secure future starts...

Mozilla Thunderbird takes on Gmail, surge in scans on PAN GlobalProtect VPNs, Microsoft uncovers bootloader vulnerabilities Play Episode
Mozilla Thunderbird finally takes on Gmail with new email service Surge in scans on PAN GlobalProtect VPNs hints at attacks Microsoft Using AI to Uncover Critical Bootloader Vulnerabilities Thanks to today's episode sponsor, Qualys "Overwhelmed by noise in your cybersecurity processes? Cut through the clutter with Qualys Enterprise TruRisk Management. Quantify your cyber risk in clear financial terms and focus on what matters most. Actionable insights help you prioritize critical threats, streamline remediation, and accelerate risk reduction while effectively communicating impact to stakeholders. Empower your cybersecurity strategy with tools that drive faster, smarter, and more efficient risk management. Your secure...

Week in Review: Microsoft Trust abuse, 23andMe bankruptcy risks, NIST's growing backlog Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Jonathan Waldrop, CISO, The Weather Company Jonathan will be speaking at The CrowdStrike Crowd Tour, on Tuesday, April15, 2025 in Atlanta details here. He will also be speaking at the C Vision International Think Tank on April 24, 2025, also in Atlanta details here. Thanks to our show sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the...

EncryptHub exploit, Copilot agents, PETs in government Play Episode
EncryptHub linked to Microsoft Management Console exploit Security Copilot gets AI agents A call for more PETs in government Huge thanks to our episode sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.

Tornado cash sanctions lifted, Russia Cloudflare outage, Microsoft Trust abused Play Episode
U.S. Treasury lifts sanctions on Tornado Cash Web service outage in Russia due to reported Cloudflare block Microsoft Trust Signing service abused to code-sign malware Huge thanks to our episode sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.

Stalkerware company breach, Microsoft Zero Day, Global Jira attack Play Episode
Stalkerware company SpyX suffers data breach Nation-state groups hit organizations with Microsoft Windows zero-day Swiss telecom Ascom the latest victim of HellCat's Jira campaign Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find and remove your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals. With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you...

GitHub repositories targeted, Apache Tomcat RCE exploit, BEC campaigns target Microsoft 365 Play Episode
23,000 repositories targeted in popular GitHub action Apache Tomcat RCE exploit hits serversno authentication required Microsoft 365 users targeted in new BEC campaigns Thanks to this week episode sponsor, DeleteMe Data brokers bypass online safety measures to sell your name, address, and social security number to scammers. DeleteMe scours the web to find and remove your private information before it gets into the wrong hands by scanning for exposed information, and completing opt-outs and removals. With over 100 Million personal listings removed, DeleteMe is your trusted privacy solution for online safety. Get 20% off your DeleteMe plan when you go...

Microsoft patches 57 security flaws, Sola aims to build the 'Stripe for security', US council wants to counter China threats Play Episode
Microsoft Patches 57 Security Flaws, Including 6 Actively Exploited Zero-Days US communications regulator to create council to counter China technology threats Signal no longer cooperating with Ukraine on Russian cyberthreats, official says Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO...

Hegseth orders standdown, Microsoft terminates Skype, Cuban offers lifeline Play Episode
Hegseth orders Cyber Command to stand down on Russia planning Microsoft hangs up on Skype after 14 years Mark Cuban offers to fund government tech unit that was cut Huge thanks to our sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.

OpenSSH flaws enable new attacks, Microsoft prepares for deprecation, Zwipe files for bankruptcy Play Episode
New OpenSSH Flaws Enable Man-in-the-Middle and DoS Attacks Patch Now Microsoft reminds admins to prepare for WSUS driver sync deprecation Zwipe runs out of time for biometric card revenues, files for bankruptcy Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That's www.scrut.io.

DOGE outrage and lawsuit, CISA KEV additions, DeepSeek encryption lapses Play Episode
Shock and lawsuit over security failures in DOGE takeover CISA adds Microsoft Outlook and Sophos XG Firewall to its Known Exploited Vulnerabilities catalog DeepSeek App transmits sensitive user and device data without encryption Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programswe rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and...

Outlook RCE bug, Kimsuky forceCopy malware, Treasury tightens DOGE Play Episode
Critical RCE bug in Microsoft Outlook now exploited in attacks Kimsuky uses forceCopy malware to steal browser-stored credentials Treasury agrees to block additional DOGE staff from accessing sensitive payment systems Huge thanks to our episode sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com. Find the stories behind the headlines at CISOseries.com.

Cyber Trust label, UK deepfake laws, Treasury attack details Play Episode
Cyber Trust marks to roll out in 2025 UK to criminalize sexually explicit deepfakes CISA says government hack limited to Treasury Huge thanks to our sponsor, Nudge Security Nudge Security provides advanced security posture management for Okta, Microsoft 365, and Google Workspace. With Nudge, you'll be alerted of identity security risks like weak or missing MFA, inactive admin accounts, and risky integrations, plus you can automate remediation tasks and on-going identity governance. Start a free 14-day trial today

Cisco data leak, Microsoft domain transition, stories of the year Play Episode
Cisco confirms data leak Microsoft announces urgent .NET domain transition Stories of the year from Cyber Security Headlines reporters Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from...

Week in Review: Microsoft deactivation flaw, BeyondTrust on KEV, LLM generated malware Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, CISO in Residence Thanks to our show sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization...

FlowerStorm attacks Microsoft 365, BeyondTrust on KEV, Ascension Health fallout Play Episode
PaaS platform "FlowerStorm" attacking Microsoft 365 users CISA adds BeyondTrust flaw to its Known Exploited Vulnerabilities catalog Ascension Health ransomware attack impacted nearly 6 million people Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep...

Week in Review: Salt Typhoon saga, Microsoft MFA bypass, Yahoo cuts Paranoids Play Episode
Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guest Jimmy Sanders, president, ISSA International. ISSA International April 2025- will be celebrating its 40th Anniversary in April 2025. Watch for notifications at ISSA.org Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation...

Microsoft MFA bypass, cybercrime marketplace takedown, Sophos hacker charged Play Episode
Microsoft MFA bypassed in AuthQuake attack Cybercrime marketplace Rydox taken down U.S. charges Chinese national for hacking thousands of Sophos firewall devices Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently...

Massachusetts hospital breach, Recall's next deployment, Blue Yonder restoration Play Episode
Anna Jaques Hospital confirms details of Christmas Day ransomware breach Microsoft expands Recall preview to Intel and AMD Copilot+ PCs Blue Yonder announces restoration progress after November 21 attack Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker...

Microsoft 365 outage update, China's cyber campaign fallout, Fake IT worker scheme Play Episode
Microsoft 365 outage update "Hair on Fire" over China's cyber campaign North Korean fake IT worker scheme unveiled Huge thanks to our sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware,...

Week in Review: Drinking water threat, CISO liability insurance, Microsoft zero-day event Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Jimmy Benoit, vp, cybersecurity, PBS Thanks to our show sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization...

Easterly to step down, Maxar discloses breach, Microsoft hacking event Play Episode
CISA director Jen Easterly to step down Space tech giant Maxar discloses employee data breach Microsoft launches Zero Day Quest hacking event Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently...

EPA warns of critical risks, Four million WordPress sites exposed, Sextortion scams bypass filters Play Episode
EPA warns of critical risks in drinking water infrastructure Four million WordPress sites exposed Sextortion scams bypass Microsoft security filters Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected...

Entra MFA mandatory, German pharma cyberattack, LightSpy iPhone enhancements Play Episode
Microsoft Entra "security defaults" to make MFA setup mandatory Ransomware attack hits German pharmaceutical wholesaler AEP Upgraded LightSpy spyware targets iPhones with more destructive power Thanks to today's episode sponsor, Vanta As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Questionnaire Automation, security & compliance teams can complete security reviews up to 5 times faster, giving you time back to focus on running your security & compliance programs. Over 8,000 global companies like ZoomInfo, SmartRecruiters and Noibu use Vanta to save time on security reviews. Visitvanta.com to learn...

Week in Review: Solar Winds fines, Microsoft loses security logs, employee security awareness lacking Play Episode
Link to episode page This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Dmitriy Sokolovskiy, senior vice president, information security, Semrush Thanks to our show sponsor, SpyCloud SpyCloud disrupts cybercrime by telling you what criminals know about your business, so you can take action on exposed identity data to prevent cyber attacks like ransomware. To learn more how to level the playing field against bad actors and combat cyber attacks, visit spycloud.com/headlines. All links and the video of this episode can be found on CISO Series.com

Qiliin ransomware upgrade, Sharepoint KEV flaw, Rhysida ransoms Easterseals Play Episode
Researchers reveal upgraded Qilin ransomware-as-a-service CISA adds Microsoft SharePoint flaw to its KEV catalog Rhysida ransoms Easterseals Thanks to today's episode sponsor, SpyCloud Ransomware continues to impact organizations. A new report released by SpyCloud shares insights from your peers in security the majority of whom were affected by ransomware in the past year. The report has some fascinating industry-specific stats you'll want to see plus confirms some stark truths: that the industry you're in can affect your likelihood of being hit with ransomware. Check it out at spycloud.com/headlines. Find the stories behind the headlines at CISOseries.com.

Microsoft logs lost, Omni Family breach, Internet Archive Zendesk breach Play Episode
Microsoft warns it lost some customers' security logs for a month Omni Family Health data breach impacts almost half a million individuals Internet Archive breached again through stolen access tokens Thanks to today's episode sponsor, SpyCloud It turns out infostealer infections are a major contributing factor to a company's ransomware risk, with some industries faring better than others. Get the new research from our sponsor, SpyCloud, and see if your ransomware defense strategy stacks up against your peers. Visit spycloud.com/headlines Find the stories behind the headlines at CISOseries.com.

Iran exploits Windows, Microsoft deprecates tunnels, NATO cyberexpert swap Play Episode
Iranian hackers exploit Windows flaw to elevate privileges Microsoft deprecates PPTP and L2TP VPN protocols in Windows Server NATO's 'most experienced expert on cyber rotated out of cyber section Thanks to today's episode sponsor, Conveyor What's the ultimate jumpscare? That moment when the security questionnaire in the portal didn't auto-save all your work. Good news: with Conveyor, that's one horror you won't have to face. Conveyor is the market leader in instant, generative AI answers for security questionnaires, no matter the format. They even offer a zero-touch option for portal-based questionnaires where you can just paste the URL, and the...

Largest DDoS blocked, Adobe Commerce compromise, neural data law Play Episode
Cloudflare blocks largest recorded DDoS attack Adobe Commerce and Magento stores compromised by CosmicSting bug DOJ and Microsoft take down 107 domains used in Star Blizzard phishing attacks Huge thanks to our sponsor, SpyCloud Ransomware continues to impact organizations. A new report released by SpyCloud shares insights from your peers in security the majority of whom were affected by ransomware in the past year. The report has some fascinating industry-specific stats you'll want to see plus confirms some stark truths: that the industry you're in can affect your likelihood of being hit with ransomware. Check it out at spycloud.com/headlines. Get...

Avis rentals breach, Microsoft disables ActiveX, Wisconsin Medicare breach Play Episode
Car rental company Avis discloses data breach Microsoft Office 2024 to disable ActiveX controls by default Wisconsin Medicare users had information leaked in MOVEit breach Huge thanks to our sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. Get the...

SonicWall access flaw, Microsoft security summit, Telegram details Play Episode
SonicWall warns of critical access control flaw Microsoft to host security summit More details on Telegram CEO's arrest Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 native integrations reverse compliance debt and help manage risk proactively as your business grows. Visit scrut.io to schedule a demo or learn more. That's www.scrut.io. Find the stories behind the headlines at CISOSeries.com

Japanese auto security, Feds tap encrypted messages, Microsoft breaks Linux dual-booting Play Episode
Security initiative from Japanese auto companies Feds tapping into encrypted messaging haul Microsoft breaks Linux dual-boot systems Thanks to today's episode sponsor, Nudge Security How big is your SaaS attack surface? Find out today with Nudge Security. Nudge Security discovers all SaaS accounts ever created by anyone in your org, in minutes, and gives you automated workflows to scale SaaS security and governance. Take control of your SaaS security posture. Start a free trial today atnudgesecurity.com/cisoseries

National Public Data breach update, Flaws in macOS apps, FlightTracker configuration issue Play Episode
'Only' 1.3 million affected by National Public Data Breach Flaws in Microsoft macOS Apps allowing secret recording Configuration issue exposes flight tracking site Thanks to today's episode sponsor, Nudge Security Do you know who's using genAI tools in your org? Find out today with Nudge Security. Their patented approach to SaaS discovery gives you a full inventory of all apps ever introduced by anyone in your org, in minutes, including genAI apps. And, automated workflows help you scale security and governance without breaking a sweat. Start a free trial today at nudgesecurity.com/genai

Entra forces MFA, another AnyDesk heist, Google Pixel vulnerability Play Episode
Microsoft Entra admins must enable MFA or lose access to admin portals Cybercrime gang uses fake Windows update screen to hide data theft Google Pixel devices shipped with vulnerable Verizon app Thanks to today's episode sponsor, Nudge Security How big is your SaaS attack surface? Find out today with Nudge Security. Nudge Security discovers all SaaS accounts ever created by anyone in your org, in minutes, and gives you automated workflows to scale SaaS security and governance. Take control of your SaaS security posture. Start a free trial today at nudgesecurity.com/cisoseries For the stories behind the headlines, head to CISOseries.com.

Delta's legal maneuver, Record-breaking ransom, Meta $1.4B settlement Play Episode
Delta enlists Microsoft's legal nemesis over CrowdStrike losses Dark Angels receives record-breaking ransom payment Meta to pay $1.4 billion biometric lawsuit Huge thanks to our sponsor, Dropzone AI Dropzone AI's Analyst investigates alerts and responds to threats with unmatched speed and precision. No playbooks, no code required. Transform your SOC's performance with a 3-month free trial at dropzone.ai. For the stories behind the headlines, head to CISOseries.com.

HealthEquity data breach, CrowdStrike impact grows, Proofpoint exploit Play Episode
4.3 million impacted by HealthEquity data breach Microsoft admits CrowdStrike incident far greater than first reported Proofpoint exploit allows for millions of fake emails Huge thanks to our sponsor, Dropzone AI Imagine an analyst who never misses an alert. Dropzone AI autonomously investigates every alert and provides decision-ready reports, enhancing your SOC's efficiency. Try it free for 3 months at dropzone.ai.

Microsoft Defender exploited, assassin's encryption frustration, NK elite hackers Play Episode
Hackers exploiting Microsoft Defender SmartScreen bug IT leaders note increase in severity of cyber-attacks, ransomware and BEC stand out, Trump shooting investigation revives the end-to-end encryption issue Huge thanks to our sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines....

CrowdStrike hits Cloud PCs, criminals exploit CrowdStrike fix, CISA rebuked Play Episode
Microsoft confirms CrowdStrike update also hit cloud Windows PCs Cybercriminals exploit CrowdStrike problem to distribute malware CISA adds some big names to its KEV catalog Huge thanks to our sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. For the...

Week in Review: Crowdstrike Microsoft outage, AT&T breach implications, CDK pays up Play Episode
Link to blog post get exact one from https://cisoseries.com This week's Cyber Security Headlines Week in Review is hosted by Rich Stroffolino with guest Adam Arellano, former vp, enterprise cybersecurity, PayPal Thanks to our show sponsor, Conveyor Why do teams choose Conveyor over the competition to automate answering security questionnaires? A few reasons. One. Market-leading AI accuracy Two. They don't have to maintain a crazy knowledge base anymore because ConveyorAI can read from any source like external support sites, documents, past questionnaires and more. Three. It can process ANY customer file format even PDFs! It will even auto-scroll and auto-complete...

BlackSuit behind CDK, Microsoft spoofing bug, Nuclear compliance failures Play Episode
CDK Global outage caused by BlackSuit ransomware attack Bug allows Microsoft corporate email account spoofing UK's largest nuclear site pleads guilty over cybersecurity failures Huge thanks to our sponsor, Prelude Security When executives ask the question, are we vulnerable to this threat? How long does it take you to get a confident answer? Prelude automatically transforms threat intelligence into validated detections, so you can know with certainty in just a manner of minutes. Visit preludesecurity.com to upload your own threat intelligence and see for yourself. For the stories behind the headlines, head to CISOseries.com.

Microsoft resets Recall, LastPass outage update, New York Times breach Play Episode
Microsoft resets Recall plans LastPass says outage caused by bad Chrome extension update New York Times source code stolen using exposed GitHub token Thanks to today's episode sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. For the stories behind...

Chinese hack military, Search engine outage, Mattis speaks out Play Episode
Chinese hackers hide on military and government networks for 6 years Microsoft outage affects Bing, Copilot, DuckDuckGo and ChatGPT internet search Mattis speaks out against separate military cyber service Thanks to today's episode sponsor, Tines Break away from traditional SOAR with Tines. Trusted by security teams at McKesson, Canva, and Mars, Tines is scalable and accessible for the whole team. Use Tines to automate security team toil, enrich alerts with data from across your tech stack, and foster a culture of cybersecurity. Start building for free at tines.com/ciso For the stories behind the headlines, head to CISOseries.com.

UK ransomware reporting, Tech Against Scams, secure Windows 11 defaults Play Episode
Brits to propose mandatory ransomware reporting Industry heavyweights launch Tech Against Scams Microsoft targets secure defaults in Windows 11 Thanks to today's episode sponsor, Tines Automate the toil with SOAR that actually works for your team. With Tines, your whole team can build complex workflows, without having to write or manage code. Security teams at McKesson, Canva, and Mars use Tines to build, run, and monitor their most important workflows, from endpoint detection and response, to vulnerability management. Start building for free at tines.com/ciso

Neuberger proposes improvements, Olympic cybersecurity preparations, Microsoft VPN warning Play Episode
NSC's Neuberger suggests operational approach for on mitigating cyberattacks French cybersecurity teams prepare for "unprecedented" Olympic threat Feds warn about North Korean exploitation of improperly configured DMARC Huge thanks to our sponsor, Vanta Are lengthy security reviews pulling attention away from your security program? With the largest network of Trust Centers, Vanta can help you streamline security reviews to win customer trust, save time, and close deals fast. Proactively demonstrate security by showcasing key resources like your SOC 2 or ISO 27001 and provide real-time evidence for passing controls. And when a security questionnaire is required, Vanta takes the first...

Week in Review: Dropbox Sign breach, Cybersecurity consultant arrested, Ukraine Microsoft hack Play Episode
Link to blog post This week'sCyber Security Headlines Week in Reviewis hosted byRich Stroffolinowith guestPhil Beyer, former CISO, Etsy Thanks to today's episode sponsor, Dropzone.ai Dropzone.ai's AI Autonomous Analyst is transforming cybersecurity as we know it. By replicating the techniques of elite analysts and autonomously investigating every alert, our patented system force multiplies your SOC team by 10X without adding headcount. Experience the future of threat detection and response atdropzone.ai. Request a trial today! All links and the video of this episode can be found on CISO Series.com

Week in Review: Cisco MFA breach, Bad bots surge, Microsoft mail breach fallout Play Episode
Link to blog post This week'sCyber Security Headlines Week in Reviewis hosted byRich Stroffolinowith guestDan Walsh, CISO,Paxos Thanks to our show sponsor, Conveyor Happy Friday! Are you tired of hearing about Conveyor's AI security review automation software? We'll stop talking about it if you book a call. Ready to give the market leading AI for security questionnaires a spin? Try a free proof of concept at www.conveyor.com. Don't forget to mention this podcast for 5 free questionnaire credits when you purchase a Pro plan. All links and the video of this episode can be found on CISO Series.com

Threads out in Turkey, Palo Alto backdoor, Microsoft' security overhaul Play Episode
Meta to close Threads in Turkey Palo Alto fixes backdoor zero-day Details on Microsoft's security overhaul Thanks to today's episode sponsor, Conveyor What are infosec teams measuring these days? More often than not, their impact on sales. As infosec teams become hands on in the sales cycle, proving your value becomes key. A director of GRC said last week that the most direct value for their CEO was showing the efficiencies and the dollars that security has been able to bring in from enabling sales. See these trends and more in Conveyor's '2024 State of the Security Review" report at...

U.S. surveillance reauthorization, Roku breach update, Microsoft breach exposed agencies Play Episode
House passes reauthorization of U.S. surveillance program Roku says 576,000 accounts compromised in latest security breach Microsoft breach exposed federal agencies Thanks to today's episode sponsor, Conveyor It's Conveyor again, the market-leading AI software for answering security questionnaires and securely sharing your security posture and documents. Conveyor's 'State of the Security Review" report for 2024 was just released and it's all about what the "new era" of infosec holds. Learn how positioning security and compliance early in the sales cycles increases win rates by 42% and what infosec teams need to prepare for as they move closer to the sales...

Ukraine cyber head suspended, LG TV vulns, Microsoft exposed passwords Play Episode
Ukraine's head of cybersecurity suspended and assigned to combat zone Over 90,000 LG Smart TVs exposed to remote attack Microsoft exposed internal passwords in security lapse Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta's market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and...

Week in Review: Five Eyes breach, Microsoft's Chinese hack response, AT&T customer breach Play Episode
Link to blog post This week'sCyber Security Headlines Week in Reviewis hosted byDavid Sparkwith guestSteve Gentry, Advisor,Clari Thanks to our show sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta's market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security...

Microsoft security failings, NIST NVD backlog, Chrome DBSC beta Play Episode
Report criticizes Microsoft's Chinese hack response NIST needs help with vulnerability backlog Chrome tests feature to prevent session hijacking Thanks to today's episode sponsor, Vanta The average security pro spends nearly a full workday every week just on compliance. With Vanta, you can automate compliance for in-demand frameworks like SOC 2, ISO 27001, and HIPAA. Even more, Vanta's market-leading Trust Management Platform enables you to unify security program management with a built-in risk register and reporting, and streamline security reviews with AI-powered security questionnaires. Over 7,000 fast-growing companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and...

Zero-day rise, SharePoint vulnerability, Facebook sniffs app traffic Play Episode
Spyware fuels rise in zero-day exploits CISA warns about Microsoft SharePoint vulnerability Facebook snooped on encrypted Snapchat traffic Thanks to today's episode sponsor, Varonis Ready to reduce your risk without taking any? Try Varonis' free data risk assessment. It takes minutes to set up and in 24 hours you'll have a clear, risk-based view of the data that matters most and a clear path to automated remediation. Get started for free today at varonis.com/cisoseries.

Microsoft Server crashes, npm package discrepancies, Nemesis marketplace raided Play Episode
Microsoft confirms Windows Server issue behind domain controller crashes Over 800 npm packages found with discrepancies Nemesis darknet marketplace raided in Germany-led operation Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to...

Week in Review: Russian Microsoft exfiltration, JetBrains Rapid7 feud, Change Healthcare fallout Play Episode
Link to blog post This week'sCyber Security Headlines Week in Reviewis hosted byRich Stroffolinowith guestAlexandra Landegger, Executive Director and CISOCollins Aerospace Thanks to our show sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and...

Microsoft breach update, CISA flags JetBrains, ChatGPT creds sale Play Episode
Microsoft says Russian hackers breached its systems, accessed source code CISA adds JetBrains TeamCity bug to its KEV catalog Over 225,000 compromised ChatGPT credentials for sale Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn...

Microsoft zero-day warning, Neuberger addresses Munich, trojan steals faces Play Episode
Microsoft warns of new Exchange Server zero-day Neuberger: Pace of ransomware takedown operations isn't enough Gold Pickaxe malware steals your face Huge thanks to our sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and...

Week in Review: Microsoft email explanation, Brazilian banking trojan, Mercedes GitHub error Play Episode
Link to blog post Cyber Security Headlines Week in Reviewis hosted byRich Stroffolinowith guestMary Rose Martinez, vp, CISOMarathon Petroleum Thanks to our show sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their...

Microsoft takes another hit, Energy giant hit by ransomware, the NSA is secretly buying your data Play Episode
Microsoft takes another hit Energy giant hit by ransomware The NSA is secretly buying your data Thanks to today's episode sponsor, Vanta From dozens of spreadsheets and screenshots to fragmented tools and manual security reviews, managing the requirements for modern compliance and security programs is increasingly challenging. Vanta is the leading Trust Management Platform that helps you centralize your efforts to establish trust and enable growth across your organization. Over 6,000 companies partner with Vanta to automate compliance, strengthen security posture, streamline security reviews, and reduce third-party risk. To learn more, go to vanta.com/ciso and watch their 3-minute product demo....

Hewlett Packard breach, exposed API study, Ukraine infrastructure attacks Play Episode
Hewlett Packard Enterprise (HPE) attacked through Microsoft 365 email system Study reveals 18,000 exposed API secrets, including $20 million in vulnerable Stripe tokens Ukrainian energy, postal, and transportation services hit by cyberattacks Thanks to today's episode sponsor, Conveyor Conveyor, the security questionnaire automation software known for generating the most accurate AI answers to questionnaires is launching a much-requested feature. Conveyor's AI can now use uploaded security documents like a SOC 2 and security policy whitepapers to auto-generate precise answers to entire questionnaires in seconds. See why customers like Lucid and Carta are raving about the software and try the AI...

Russia Microsoft breach, JPMorganChase hacking increase, TeamViewer still abused Play Episode
Russian hackers breach Microsoft executive emails to learn about themselves JPMorgan Chase says hacking attempts are increasing TeamViewer still being abused to breach networks in new ransomware attacks Thanks to today's episode sponsor, Conveyor AI can now literally answer any question in seconds, yet infosec teams are still in a living nightmare manually filling out questionnaires. Conveyor AI's can now use your uploaded security documents to auto-generate precise answers to entire questionnaires. The software one of our customers dubbed "my favorite security tool of the year" in 2023 has gotten even better and it takes just minutes to get started....

HCL investigates ransomware, Agent Tesla returns, JavaScript bank malware Play Episode
Indian tech company HCL investigating ransomware attack Agent Tesla and an old Microsoft Office vulnerability create new problems New JavaScript malware targets banks Thanks to today's episode sponsor, Barricade Cyber Solutions Is ransomware affecting your business operations? Contact Barricade Cyber Solutions at recoverfromransomware.com. Barricade Cyber Solutions are elite DFIR experts who come to the rescue for businesses like yours daily. The trusted team at Barricade Cyber traces the source of infiltration and fortifies your defenses. Depend on Barricade Cyber Solutions for your data and system security prevention and recovery. Go to recoverfromransomware.com and set up a time to connect with...

Microsoft Copilot, YouTube addresses AI uploads, CISA's AI roadmap Play Episode
Microsoft goes all in on Copilot YouTube's AI disclosure requirement CISA's AI Roadmap Thanks to today's episode sponsor, Sysdig For businesses innovating in the cloud, every second counts. Sysdig strengthens cyber resilience by reducing the attack surface, detecting threats in real time, and accelerating incident response. Our platform correlates signals across cloud workloads, identities, and services to enable businesses to prioritize risks and act decisively. Sysdig. Secure every second.

Shields Ready campaign, AI imagery rules for the election, App Defense Alliance moves to Linux Foundation Play Episode
US launches "Shields Ready" campaign Microsoft and Meta announced AI imagery rules App Defense Alliance moves under the Linux Foundation Thanks to today's episode sponsor, OffSec And now a word from our sponsor. OffSec (formerly Offensive Security), the cyber training company behind the well-known OSCP certification and Kali Linux distro, is running a virtual summit for CISOs and Cybersecurity leaders called Evolve on November 15th. Attend Evolve and get insider insights from a former bank hacker. Discover strategies on stretching your security budget and get tips to attract the crme de la crme of talent. It's more than just an...

Chrome IP Protection, Microsoft Security Copilot, Cisco patches IOS XE Play Episode
Chrome testing IP Protection Microsoft tests Security Copilot Cisco releases IOS XE patches Thanks to today's episode sponsor, Vanta Growing a business? That likely means more tools, third-party vendors, and data sharing AKA, way more risk. Vanta's market-leading trust management platform brings GRC and security efforts together. Integrate information from multiple systems and reduce risks to your business and your brand all without the need for additional staffing. And by automating up to 90% of the work for SOC 2, ISO 27001, and more, you'll be able to focus on strategy and security, not maintaining compliance. Join 5,000 fast-growing companies...

Microsoft thwarts Akira, Sullivan appeals conviction, ToddyCat targets telcos Play Episode
Microsoft thwarts large-scale ransomware attack Former Uber CISO files appeal ToddyCat group targets telcos Thanks to today's episode sponsor, Hyperproof Is your company scaling? Do you need to quickly add more compliance frameworks but don't know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit hyperproof.io to get started today.

Zero-day fuels largest-ever DDoS attack, 23andMe resets user passwords after data leak, Exchange gets 'better' patch for critical bug Play Episode
Internet-wide zero-day bug fuels largest-ever DDoS attack 23andMe resets user passwords after genetic data posted online Microsoft Exchange gets 'better' patch to mitigate critical bug Thanks to today's episode sponsor, Hyperproof We get it. You're a risk manager or compliance professional, and you're overworked. You're trying to do the right thing by keeping your company safe and secure, but your technology is holding you back. Why not upgrade to Hyperproof? Hyperproof is a platform that not only eliminates the manual tasks you dread, but helps you scale security. Get a demo today at hyperproof.io. For the stories behind the headlines,...

Government email damage, Johnson Controls attacked, Google's 5th zero-day Play Episode
Chinese hackers stole emails from US State Dept in Microsoft breach Johnson Controls faces $51 million ransomware demand Google fixes year's fifth Chrome zero-day Thanks to today's episode sponsor, AppOmni If you think CASBs effectively secure your SaaS data think again. CASBs lack visibility into your SaaS estate. Nor can they address and detect risks that arise from SaaS apps' unlimited endpoints. What you need is a robust SSPM designed to secure the dynamic and extensible nature of SaaS apps and their data. That's where AppOmni comes in. We continuously monitor your SaaS estate to detect cyber risks and secure...

Week in Review: UK and US cyberlaws, Microsoft's bad week, Cisco buys Splunk Play Episode
Link to blog post This week'sCyber Security Headlines Week in Review, is hosted byRich Stroffolinowith guestShawn Bowen, CISO,World Kinect Corporation Thanks to our show sponsor, Hyperproof Is your company scaling? Do you need to quickly add more compliance frameworks but don't know where to start? Hyperproof has you covered. Hyperproof is a risk and compliance management platform that can help you manage compliance at scale. With Hyperproof, you can quickly add new frameworks, crosswalk controls between frameworks, view your risk posture, and manage your risks, all in one place. Visit hyperproof.io to get started today. All links and the video...

Microsoft leaks AI data, UK CMA AI principles, Germany warns of natural gas terminal attacks Play Episode
Microsoft leaks terabytes of internal data UK CMA outlines principles for AI regulation Germany warns of attacks on LNG terminals Huge thanks to our sponsor, Hyperproof Imagine. You have an audit coming up, but instead of the usual rush, you actually feel prepared. You've collected your evidence. You can see which risks have been mitigated. And best of all, you don't have to send out any last-minute emails to other teams begging them for that one screenshot. Sounds like a dream, right? With Hyperproof's risk and compliance platform, this could be your reality. Get a demo at hyperproof.io.

Week in Review: Microsoft MSA answers, Keystroke monitoring software, G-Man Mudge Play Episode
Link to blog post This week'sCyber Security Headlines Week in Review, is hosted byRich Stroffolinowith guestDan Walsh, CISO,VillageMD Thanks to our show sponsor, Comcast DataBee DataBee, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes. Built by security professionals for security professionals, DataBee makes your data a gold mine, rich with information that enables you to examine the past, react to the present, and protect the future of your business. Learn more at https://comca.st/DataBee. All links and the video of this episode can be found on...

China's MSA key hack, cyberwar crimes, North Korea targeting Russia Play Episode
How Chinese hackers stole a Microsoft signing key The ICC to prosecute cyberwar crimes North Korean cyberattacks against Russian targets Thanks to today's episode sponsor, Comcast DataBee, from Comcast Technology Solutions, is a cloud-native security, risk and compliance data fabric platform that transforms your security data chaos into connected outcomes. Built by security professionals for security professionals, DataBee makes your data a gold mine, rich with information that enables you to examine the past, react to the present, and protect the future of your business. Learn more at https://comca.st/DataBee.

FBI dismantles Qakbot operation, University of Michigan cuts internet after cyberattack, Microsoft criticizes UN cybercrime treaty Play Episode
FBI dismantles Qakbot operation that took millions in ransom University of Michigan severs ties to internet after cyberattack Microsoft joins growing list of organizations criticizing UN cybercrime treaty Huge thanks to today's episode sponsor, AppOmni Over provisioned users could lead to your most sensitive data being exposed or leaked. Just a single attack on one of those users may compromise your entire SaaS estate. With AppOmni's SaaS Identity Fabric, secure and manage end-users, entitlements, and threat-based activity. Gain visibility and control over provisioned users, the SaaS data they have access to, and receive guided remediation. Get connected with SaaS security...

Ford WiFi vulnerability, Government reviews Azure hack, TripAdvisor ransomware Play Episode
Ford says cars with WiFi vulnerability still safe to drive Cyber Safety Review Board to analyze cloud security in wake of Microsoft hack Knight ransomware distributed in fake TripAdvisor complaint emails Huge thanks to today's episode sponsor, Veza 75% of breaches happen because of bad permissions. The problem is that you don't know exactly WHO has access to WHAT data in your environment. For example, roles labeled as "read-only" can often edit and delete sensitive data. Veza automatically finds and fixes every bad permissionin every appacross your environment. For the stories behind the headlines, head to CISOseries.com.

Week in Review: Microsoft slapped by Tenable, Tampa Hospital lawsuit, Zoom's AI decision Play Episode
Link to blog post This week'sCyber Security Headlines Week in Review, August 7-11, is hosted byRich Stroffolinowith guest,Michael Woods, CISO,GE Thanks to our show sponsor, Conveyor We can all agree there's one thing the AI bots can take from us: completing customer security questionnaires. That's why we built Conveyor's GPT-questionnaire response tool. It auto-generates precise, accurate answers to entire questionnaires with accuracy far superior to existing tools on the market. It's so accurate, your customers can now use it in our new 'upload questions to trust portal' feature. It's exactly as it sounds. Customers can upload questions and the AI...

Tenable smacks Microsoft, hospital ransomware attacks, accurate acoustic spyware Play Episode
Microsoft resolves vulnerability following criticism from Tenable CEO FBI investigating ransomware attack crippling hospitals across 4 states New acoustic attack steals data from keystrokes with 95% accuracy Thanks to today's episode sponsor, Conveyor Did you catch the biggest release of the year? No, not Barbenheimer. It's Conveyor's GPT-powered security questionnaire response tool: the most accurate questionnaire automation tool on the market. It's so good, you can let your customers upload their own questions in your trust portal to get instant answers based on your content. And of course, it's not just for your customers. You can use the GPT-questionnaire response...

Week in Review: Stolen Microsoft key, government Maximus breach, Clop on clearweb Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, July 24-28, is hosted byRich Stroffolinowith guest,TC Niedzialkowski, CISO,Nextdoor Thanks to today's episode sponsor, AppOmni Over provisioned users could lead to your most sensitive data being exposed or leaked. Just a single attack on one of those users may compromise your entire SaaS estate. With AppOmni's SaaS Identity Fabric, secure and manage end-users, entitlements, and threat-based activity. Gain visibility and control over provisioned users, the SaaS data they have access to, and receive guided remediation. Get connected with SaaS security experts at AppOmni.com. All links and the video of...

Azure hack deepens, JumpCloud is Lazarus, DHL MOVEIt victim Play Episode
Microsoft key stolen by Chinese hackers provided access far beyond Outlook JumpCloud breach traced back to North Korean state hackers DHL investigating MOVEit breach as number of victims surpasses 20 million Thanks to today's episode sponsor, AppOmni Over provisioned users could lead to your most sensitive data being exposed or leaked. Just a single attack on one of those users may compromise your entire SaaS estate. With AppOmni's SaaS Identity Fabric, secure and manage end-users, entitlements, and threat-based activity. Gain visibility and control over provisioned users, the SaaS data they have access to, and receive guided remediation. Get connected with...

Week in Review: Fast acting Gamaredon, WormGPT AI weapon, Microsoft Azure mystery Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, July 17-21, is hosted byRich Stroffolinowith our guest,Dimitri van Zantvliet, CISO,Dutch Railways Thanks to our show sponsor, OpenVPN According to Oriel Hernan Villalba Pinzetta, a System Administrator with CEDEC's cybersecurity and IT department, "The pandemic meant we could not come to the office, and we needed to facilitate access to our local resources," says Villalba. "Cloud Connexa was really easy and fast to set up, two things we really needed in that moment."Read more here. All links and the video of this episode can be found on CISO Series.com

A rise in complex DDoS attacks, Mi6 warns of data traps, Microsoft expands log access Play Episode
Complex DDoS attacks on the rise MI6 warns of Chinese data traps Microsoft expands cloud log access And now a word from our sponsor, OpenVPN Karim Hakim, CTO at Hakim Misr Paco, says that CloudConnexa has given him some long-sought peace of mind. "OpenVPN has helped my company to access remote nodes securely without worrying about security protocols," he says. "My company has been looking for a similar solution for years, and we finally got what we were looking for." Read more at the link in our show notes.

Fast-acting Gamaredon, WormGPT improves phishing, Microsoft email mystery Play Episode
Russia-linked Gamaredon starts stealing data 30 to 50 minutes after initial compromise New AI tool WormGPT allows for sophisticated cyber attacks Microsoft still unsure how hackers stole Azure AD signing key And now a word from our sponsor, OpenVPN We asked Anthony Hook, the CTO at Dataweavers, if he would recommend Cloud Connexa to other companies. His response? A resounding yes! With Cloud Connexa, he says "we bypassed the clunky client-owned VPNs and networks, gaining a seamless, secure, and efficient connectivity solution." Read more at the link in our show notes. For the stories behind the headlines, head to CISOseries.com.

Over 6,500 arrested since EncroChat hack, Third-party vendor hack exposes American and Southwest data, Microsoft service outage woes continue Play Episode
Thanks to today's episode sponsor, AppOmni Over provisioned users could expose your organization's most sensitive data. Just a single attack on one of those users may compromise your entire SaaS estate. With AppOmni's identity and threat detection capabilities, you can detect and respond to suspicious activities within your SaaS environment. Gain visibility into over provisioned users, the SaaS data they have access to, and receive guided remediation. Get started at AppOmni.com. For the stories behind the headlines, visit CISOseries.com.

CISA adds vulnerabilities, mysterious military smartwatches, more Office problems Play Episode
CISA adds 6 flaws to known exploited vulnerabilities catalog US military personnel report receiving smartwatches in the mail Microsoft 365 users new Outlook and Teams problems Thanks to today's episode sponsor, AppOmni Over provisioned users could expose your organization's most sensitive data. Just a single attack on one of those users may compromise your entire SaaS estate. With AppOmni's identity and threat detection capabilities, you can detect and respond to suspicious activities within your SaaS environment. Gain visibility into over provisioned users, the SaaS data they have access to, and receive guided remediation. Get started at AppOmni.com. For the stories...

Week in Review: Microsoft confirms cyberattack, more MOVEit damage, reddit hit with ransomware Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, June 19-23, is hosted byRich Stroffolinowith our guest,Janet Heins, CISO,iHeartMedia Thanks to our show sponsor, Wing Security The first step to securing your organization's SaaS usage is knowing which SaaS applications your employees are using. 3rd party included. Wing offers a completely free, SaaS Shadow IT Discovery tool. You can find it atwing.securityand self onboard. No sales in the process, no credit card needed, no time-limit. Just go ahead and discover your SaaS usage. All links and the video of this episode can be found on CISO Series.com

Microsoft's June cyberattacks, third MOVEit vulnerability, US Clop bounty Play Episode
Microsoft says early June service outages were cyberattacks Third MOVEit vulnerability raises alarms as US Agriculture Department says it may be impacted US govt offers $10 million bounty for info on Clop ransomware Thanks to today's episode sponsor, Wing Security The folks at Wing believe that SaaS Shadow IT discovery is the basic first step to securing your SaaS usage. They believe it so strongly that they launched a completely free SaaS Shadow IT Discovery solution. Check out wing.security to self-onboard today, no strings attached, no time limit. Wing.security. For the stories behind the headlines, head to CISOseries.com.

Week in Review: Microsoft banking warning, undetectable BatCloak malware, more MOVEit vulnerabilities Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, June 12-16, is hosted bySean Kellywith our guest,Phil Beyer, former Head of Security, Etsy Thanks to our show sponsor, Conveyor Your scariest questionnaires that are hundreds of questions long are no match for Conveyor's GPT-questionnaire tool now with a browser extension for complex portals. Get GPT-generated precise answers to entire questionnaires so your review takes seconds. Now you can spend 89% less time completing questionnaires when you get accurate answers you don't have to re-write. Try a free proof of concept with your own data to see it in...

Microsoft $20M COPPA settlement, Hactivists take credit for Outlook.com outages, SEC accuses Coinbase of breaking US regulations Play Episode
Thanks to this week's episode sponsor, Trend Micro Hybrid work, cloud adoption, and shadow IT have introduced new cybersecurity risks to organizations. Security leaders are left asking, "How can I manage our expanding attack surface?" Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities in their "Risk to Resilience World Tour. Hear from experts on the latest threat landscape trends, solutions, and platform strategies to manage risk and defend your organization with speed and accuracy. Find the closest city to you and register today to take a leap towards a more...

Switzerland Xplain attack, BlackSuit resembles Royal, Microsoft retires Cortana Play Episode
Xplain hack impacts Swiss cantonal police and Fedpol BlackSuit shows similarities to Royal Microsoft is retiring Cortana on Windows Thanks to this week's episode sponsor, Trend Micro Hybrid work, cloud adoption, and shadow IT have introduced new cybersecurity risks to organizations. Security leaders are left asking, "How can I manage our expanding attack surface?" Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities in their "Risk to Resilience World Tour. Hear from experts on the latest threat landscape trends, solutions, and platform strategies to manage risk and defend your organization with...

GobRAT targets Linux, RPMSG messages exploited, Augusta Georgia cyberattack Play Episode
New GobRAT remote access trojan targeting Linux routers in Japan Attackers use encrypted RPMSG messages in Microsoft 365 targeted phishing attacks Hackers hold city of Augusta hostage in a ransomware attack Thanks to today's episode sponsor, Barricade Cyber Solutions Have you fallen victim to a ransomware attack? Don't worry! Barricade Cyber Solutions has helped thousands of customers in situations just like yours. Their proprietary ransomware recovery services are designed to quickly get your business back on track. Their team of experts will identify the source of the attack and provide a comprehensive solution to prevent it from happening again. You...

Twitter encrypts messages, Microsoft's Outlook patch, Seoul hospital breached Play Episode
Twitter launches encrypted private messages Microsoft releases fix for patched Outlook issue exploited by Russian hackers North Korea-linked APT group breaches the Seoul National University Hospital Thanks to today's episode sponsor, TrendMicro Cybersecurity is not just about protection, it's about foresight, agility, and resilience. Navigating a new era of cyber risk demands evolved strategies, new frameworks, and integrated tools to equip security teams to anticipate and defend against even the most advanced attacks. Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities around the world in their latest "Risk to Resilience...

New BellaCiao malware, PaperCut is Clop, Europe tech crackdown Play Episode
Charming Kitten APT uses a new BellaCiao malware Microsoft blames clop affiliate for PaperCut attacks Big tech crackdown looms as EU, UK ready new rules And now a word from our sponsor, Tines Ready to take security automation up a notch? With Tines, it's easier than ever! The no-code automation platform is redefining and simplifying security operations - start building mission-critical workflows and apps that streamline processes AND ensure crucial data stays safe while extending the influence of your security team throughout your organization. Visit Tines.com to find out more! For the stories behind the headlines, head to CISOseries.com.

US policing AI use for civil rights violations, Bill proposes security testing centers for government tech, Microsoft Edge leaking browsing data to Bing Play Episode
US policing use of AI for civil rights violations Bill proposes new security testing centers for critical government tech Microsoft Edge is leaking user browsing data to Bing And now a word from our sponsor, Tines To proactively protect against threats, you need a culture of cybersecurity - and solutions that facilitate this. With Tines' no-code automation platform, you can: 1. Remediate threats faster. 2. Improve automation. 3. Control access to your data. 4. Create a culture of cybersecurity. Tines allows users to leverage real-time information across any stage of an automated workflow! Visit Tines.com to learn more. For the...

Microsoft 365 outage, Capita burglary evidence, 3CX attack update Play Episode
Microsoft 365 outage blocks access to web apps and services Capita has 'evidence' customer data was stolen in digital burglary 3CX supply chain attack was the result of a previous supply chain attack Thanks to today's episode sponsor, Pentera This episode of Cyber Security Headlines is made possible in part by Pentera. Today over 60% of cyber attacks involve the use of exposed credentials. Now, for the first time, security teams can address this critical threat head-on. Pentera collects an organization's leaked credentials and automatically tests their exploitability across the external and internal attack surface. Pentera's customers find that leveraging...

Tax Day RAT warning, NCR POS outage, Urgent Chrome fix Play Episode
Microsoft warns of Remcos RAT campaign targeting tax accountants NCR suffers POS outage after BlackCat ransomware attack Google releases urgent Chrome update to fix actively exploited zero-day vulnerability Thanks to today's episode sponsor, Pentera This episode of Cyber Security Headlines is made possible in part by Pentera. Today over 60% of cyber attacks involve the use of exposed credentials. Now, for the first time, security teams can address this critical threat head-on. Pentera collects an organization's leaked credentials and automatically tests their exploitability across the external and internal attack surface. Pentera's customers find that leveraging the Pentera automated security validation...

Week in Review: Pentagon papers leak, keeping breaches quiet, Cisco air-gaps Webex Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, April 10-14, is hosted byRich Stroffolinowith our guest,Dmitriy Sokolovskiy, CISO,Avid Thanks to our show sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salesforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk.With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. VisitAppOmni.comtoday...

Google Cloud's weak passwords, pressure on breach disclosure, Discord cooperating on Pentagon leak Play Episode
Weak passwords targeted on Google Cloud Potential IT snitches warned about employment stitches Discord cooperating with leaked document investigation And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salseforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted....

Windows Nokoyawa ransomware, LinkedIn pushes verification, Russia's Ukraine cyberwar Play Episode
Windows zero-day exploited in Nokoyawa ransomware attacks LinkedIn and Microsoft Entra introduce a new way to verify professional contacts Russian places Ukraine internet infrastructure clearly in its sights, both high tech and low And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salseforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which...

Microsoft warns of Azure shared key abuse, Attackers hide stealer behind AI Facebook ads, OpenAI bug bounty program Play Episode
Microsoft warns of Azure shared key authorization abuse Attackers hide stealer behind AI chatbot Facebook ads OpenAI to launch bug bounty program And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salseforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access...

Netherlands adopting RPKI, WordPress backdoor, tracing the Pentagon leak Play Episode
Netherlands to adopt RPKI Widespread backdoor installed on WordPress sites Tracing leaked Pentagon documents And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salseforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com today to request...

Apple zero-day updates, Flipper Zero ban, China Micron probe Play Episode
Apple releases updates to address zero-day flaws Flipper Zero banned by Amazon for being a 'card skimming device' China to probe Micron over cybersecurity, in chip war's latest battle And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms, like Salseforce, Microsoft 365, or Google Workspace? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled...

3CX supply chain attack, Vulkan files leaked, Bing hijacked Play Episode
Supply-chain attack on business phone provider 3CX could impact thousands of companies Vulkan files leak reveals Putin's global and domestic cyberwarfare tactics Bing search results hijacked via misconfigured Microsoft app Thanks to today's episode sponsor, Trend Micro Cybersecurity is not just about protection, it's about foresight, agility, and resilience. Navigating a new era of cyber risk demands evolved strategies, new frameworks, and integrated tools to equip security teams to anticipate and defend against even the most advanced attacks. Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities around the world in...

Microsoft unveils OpenAI-based cyber tools, Google accused of destroying antitrust evidence, A million pen tests show security is getting worse Play Episode
Microsoft unveils OpenAI-based chat tools to combat cyberattacks Google accused of willfully destroying evidence in antitrust battle A million pen tests show companies' security postures are getting worse Thanks to today's episode sponsor, Trend Micro Cybersecurity is not just about protection, it's about foresight, agility, and resilience. Navigating a new era of cyber risk demands evolved strategies, new frameworks, and integrated tools to equip security teams to anticipate and defend against even the most advanced attacks. Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities around the world in their latest...

UK bans TikTok, Windows Snipping patch, Puerto Rico hack Play Episode
UK bans TikTok from government mobile phones Microsoft pushes OOB security updates for Windows Snipping tool flaw Vice Society claims attack on Puerto Rico Aqueduct and Sewer Authority Thanks to today's episode sponsor, Trend Micro Cybersecurity is not just about protection, it's about foresight, agility, and resilience. Navigating a new era of cyber risk demands evolved strategies, new frameworks, and integrated tools to equip security teams to anticipate and defend against even the most advanced attacks. Trend Micro, the global leader in cybersecurity is bringing the cyber risk conversation to more than 120 cities around the world in their latest...

NBA data breach, Emotet in OneNote, Dutch shipping ransomware Play Episode
NBA is warning fans of a data breach after a third-party newsletter service hack Emotet malware now distributed in Microsoft OneNote files to evade defenses Dutch shipping giant Royal Dirkzwager confirms Play ransomware attack Thanks to this week's episode sponsor, Conveyor Love security questionnaires? Then you're going to hate Conveyor: the end-to-end trust platform built to eliminate questionnaires. Infosec teams have reduced questionnaires by 80% by giving their customers access to our self-serve trust portal to download docs and answers. For any remaining questionnaires that do come in, use our GPT-Questionnaire Eliminator response tool or white-glove questionnaire completion service to...

Telerik breaches Government, Critical Outlook bug, LockBit threatens SpaceX Play Episode
US Government IIS server breached via Telerik software flaw Critical Microsoft Outlook bug PoC shows how easy it is to exploit LockBit threatens release of thousands of SpaceX blueprints Brought to you by the CISO Series. For the stories behind the headlines, head to CISOseries.com.

Microsoft phishing warning, Amazon Ring hacked, CISA's vulnerability program Play Episode
Microsoft warns of large-scale use of phishing kits to send millions of emails daily Ransomware group claims hack of Amazon's Ring CISA creates new ransomware vulnerability warning program Brought to you by the CISO Series. For the stories behind the headlines, head to CISOseries.com.

Hackers backdoor Microsoft IIS, Twitter limits SMS 2FA, Fortinet issues patches Play Episode
Hackers backdoor Microsoft IIS servers with new Frebniis malware Twitter limits SMS-based 2-factor authentication to Blue subscribers only Fortinet issues patches for 40 flaws Thanks to this week's episode sponsor, Barricade Cyber Solutions Have you fallen victim to a ransomware attack? Don't worry! Barricade Cyber Solutions has helped thousands of customers in situations just like yours. Our proprietary ransomware recovery services are designed to quickly get your business back on track. Our team of experts will identify the source of the attack and provide a comprehensive solution to prevent it from happening again. You can count on us to the...

Microsoft Outlook outage, UK/US ransomware sanctions, Killnet IPs published Play Episode
Microsoft Outlook outage prevents users from sending, receiving emails Britain and US make major move against ransomware gangs by sanctioning seven individuals Experts publish a list of proxy IPs used by the pro-Russia group Killnet Thanks to today's episode sponsor, us, yes, CISO Series "If it is important it will likely be in the Cyber Security Headlines update in the morning And it allows me and my team to dig in a little more on aspects that might affect our technology stack," said Shawn Bowen, CISO for World Fuel Services. Security leaders listen and make decisions based on what they...

Tech firms race to integrate AI, FAA needs until 2030 to fix safety system, Biden addresses children's online safety Play Episode
ARMO, Microsoft, Google race to integrate AI into their products FAA needs until 2030 to fix its safety system Biden's State of the Union addresses children's online safety and privacy again Thanks to today's episode sponsor, US, yes, CISO Series "I value Cyber Security Headlines early every morning as it provides me advance notice of what I might need to explore first thing at the start of the day." That's active listener David Cross, SVP, CISO of Oracle SaaS Cloud. And for sponsors of Cyber Security Headlines what you get are the ears and eyes of avid security leaders. Sponsorship...

Cyber insurance predictions, British steel supplier cyber attack, Microsoft pins Charliue Hebdo attack Play Episode
Cyber insurer predicts a rise in critical CVEs British steel supplier hit by "cyber incident" Microsoft pins recent attack on Charlie Hebdo Thanks to today's episode sponsor, US, yes, CISO Series "Those cyber security headlines are fantastic. It's the first thing I look at in the am." That's a quote from active listener Jared Mendenhall, head of information security at Impossible Foods. Cyber Security Headlines is our fastest growing show on the CISO Series network. It's grown 20-fold since we launched. And it did so during the pandemic while other shows started to slide. That's because at only 6-7 minutes...

Week in Review: Charter Communications breach, ChatGPT grows stronger, Microsoft verifies phishers Play Episode
Link to Blog Post This week's Cyber Security Headlines - Week in Review, January 30-February 3, is hosted by Rich Stroffolino with our guest, David Nolan, VP, Enterprise Risk & Chief Information Security Officer Aaron's Thanks to our show sponsor, Hunters Hunters is a complete SOC platform, purpose built for your Security Operations team. Hunters' brand new IOC Search is a game-changing search tool that determines if a known 'Indicator of Compromise' has been in your organization's environment - without needing to write a single line of code. Type an IOC into the search bar, hit 'enter' and get results...

Microsoft phishers are 'Verified' Cloud Partners, DocuSign brand impersonation attack, Google Fi data breach Play Episode
Microsoft grants phishers 'Verified' Cloud Partner status DocuSign brand impersonation attack targets thousands of users Google Fi says hackers accessed customer information Thanks to this week's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for your Security Operations team. Solaris Group, a leading German FinTech, implemented Hunters SOC Platform to eliminate the burden of threat detection and correlation allowing SOC analysts to focus on higher-value tasks. It's time to move beyond SIEM. Visithunters.aito learn more. For the stories behind the headlines, visit CISOseries.com

FBI seizes Hive, Layoffs at IBM, Microsoft outage over Play Episode
FBI seizes Hive ransomware group infrastructure after lurking in servers for months Layoffs come to IBM - Kyndryl, Watson and Russia to blame Microsoft says services have recovered after widespread outage Thanks to this week's episode sponsor, SafeBase If a prospective customer asked about your trust program or security policies, where would you send them? Chances are, you'd need to send an NDA, hunt down documentation, go back and forth via email, and answer a litany of questions. SafeBase is the better way. SafeBase's Smart Trust Center allows you to send *one link* to customers or buyers, so they can...

Ransomware impacts 1,000 ships, Crypto influencer victimized by malware, Microsoft patches Azure flaws Play Episode
Ransomware attack impacts 1,000 ships Crypto influencer victimized by malware pushed by ads on Google Microsoft patches flaws in Azure cloud services Thanks to today's episode sponsor, Cerby Did you know that over 60% of the cloud applications used by your company don't support identity standards like single sign-on? And that these applications are the leading cause of breaches? Cerby can help. Cerby discovers new applications, eliminates manual security tasks like offboarding, and addresses misconfigurations like disabled 2FA while increasing employee productivity. Wait. A security tool that increases productivity? Yup. Learn more at cerby.com. For the stories behind the headlines,...

Week in Review: FAA system failure delays flights, LastPass hit with lawsuit, Writing malware with ChatGPT Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, January 9-13, is hosted byRich Stroffolinowith our guest,Shaun Marion, CISO,McDonald's Thanks to our show sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salesforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk.With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. VisitAppOmni.comto request a free...

Chromium browser flaw, Twitter leak developments, IcedID strikes again Play Episode
Experts detail Chromium browser security flaw putting confidential data at risk Twitter says 200 million-user leak not obtained from its systems, others disagree IcedID malware strikes again: Active Directory domain compromised in under 24 hours Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have...

FAA system failure, Royal Mail cyber incident, police app leaks ops data Play Episode
FAA system failure delays flights Royal Mail hit by "cyber incident" Police app leaked operations data Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment.

Iowa schools closed by cyberattack, TikTok CEO questioned by EU, OIG cracks fed agency passwords Play Episode
Iowa school district cancels classes due to cyberattack TikTok CEO questioned by EU about its data practices Government watchdog cracks federal agency's passwords Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. Visit...

Car API flaws, Experian bypass, ChatGPT malware Play Episode
API vulnerabilities found across car brands Bypassing Experian Security Trying to write malware with ChatGPT Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment.

Turla hackers return, LastPass faces lawsuit, Windows reporter hacked Play Episode
Russian Turla hackers hijack decade-old malware infrastructure to deploy new backdoors LastPass hit with lawsuit over August breach Hackers abuse Windows error reporting tool to deploy malware Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised 3rd party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps and SaaS-to-SaaS connections including which end users have enabled them, and the level of data access...

EU drafts new US-data sharing agreement, Microsoft signed malicious drivers, InfraGard data leak Play Episode
EU gets closer to US-data sharing agreement Microsoft signed malicious drivers InfraGard data for sale on dark web Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com.

Week in Review: The fall of FTX, Australia Medibank fallout, supply chain failures Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, November 14-18, is hosted byRich Stroffolinowith our guest,John Scrimsher, CISO,Kontoor Brands Thanks to today's episode sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like SalesForce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk.With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of data access they've been granted. VisitAppOmni.comto request a free risk assessment....

Musk's ultimatum, Iran breaches government using Log4Shell, Amazon RDS data leak Play Episode
Musk's ultimatum to employees leaves Twitter at risk Iranian APT breaches government agency using Log4Shell Hundreds of Amazon RDS snapshots discovered leaking user data And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of data access they've been granted. Visit...

Disneyland phishing, Ukraine's IT army in action, NSA goes low-key with private researchers Play Episode
Disneyland phishes with Punycode The effectiveness of Ukraine's IT army NSA seeks to lower barriers to work with private sector And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a...

Amazon cuts 10,000, FIFA apps warning, Breach impact 98% Play Episode
Amazon to cut 10,000 employees in tech and corporate roles Privacy experts cautious about FIFA World Cup Apps 98% of organizations have been severely impacted by cyber supply chain breach And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of...

Australia ransom ban, scourge of brand impersonation sites, GitHub gets private reporting Play Episode
Australia considers ban on ransomware payments Thousands of sites used for brand impersonation GitHub gets private reporting And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of data access they've been granted. Visit AppOmni.com to request a free risk assessment.

Android lockscreen bypass, Lockbit hits Thales, FTX funds disappear Play Episode
Android phone owner accidentally finds a way to bypass lock screen Thales hit by Lockbit 3.0 again At least $1 billion of client funds missing at FTX And now a word from our sponsor, AppOmni Can you name all the third party apps connected to your major SaaS platforms like Salseforce and Microsoft? What about the data these apps can access? After all, one compromised third party app could put your entire SaaS ecosystem at risk. With AppOmni, you get visibility to all third party apps, including which end users have enabled them, and the level of data access they've...

Submarine cables severed, Microsoft's BlueBleed problem, Health system breach Play Episode
Internet connectivity worldwide impacted by severed EU subsea cables Microsoft BlueBleed customer data leak claimed to be 'one of the largest' in years Health system data breach due to Meta Pixel hits 3 million patients Thanks to this week's episode sponsor, SafeBase Security questionnaires are a pain, and sharing sensitive documents takes too much back and forth. As a result, security can be wrongly viewed as a roadblock rather than a sales enabler.That's where SafeBase comes in. Our Smart Trust Center makes it easy to showcase your security program, share sensitive documents, and streamline security reviews. It's the missing piece...

Ukraine novel ransomware, Drones drop pineapple, Tata Power attacked Play Episode
Microsoft says Ukraine, Poland targeted with novel ransomware attack Wi-Fi spy drones snoop on financial firm Indian power generation giant Tata Power hit by a cyber attack Thanks to this week's episode sponsor, SafeBase Security questionnaires. If those two words sent a shiver down your spine, you need to check out SafeBase.SafeBase's Smart Trust Center is a centralized source of truth for your organization's security and compliance information. After implementing SafeBase, many companies see a 90% reduction in custom questionnaires. Imagine how much time you'd save. Visit safebase.com to find out more. For the stories behind the headlines, head to...

Microsoft Zero days, Lazarus attacks Dell, NSA employee caught Play Episode
Microsoft confirms two Exchange Server zero days are being used in cyberattacks Lazarus hackers abuse Dell driver bug using new FudModule rootkit Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets Thanks to today's episode sponsor, Hunters Hunters is a SaaS platform, purpose built for Security Operation teams. Providing unlimited dataingestion and normalization at a predictable cost, Hunters helps SOC teams mitigate real threats faster and more reliably than SIEM. Visit Hunters.ai to learn more. For the stories behind the headlines, head to CISOseries.com.

Week in Review: Uber hacker arrested, cyberattacks deluge organizations, Lazarus hacks Macs Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, September 26-30, is hosted byRich Stroffolinowith our guest,Sara Lazarus, VP and head of trust and security,Stavvy Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more atVotiro.com. All links and the video of this episode can be...

Russia's cyber winter, military contractor attack, IRS smishing warning Play Episode
Finnish intelligence warns Russia 'highly likely' to turn to cyber in winter Researchers uncover covert attack campaign targeting military contractors IRS warns of "industrial scale" smishing surge Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines, head to CISOseries.com.

Leaked ransomware used in attack, Cloudflare Turnstile, Fast Company hit with cyber attack Play Episode
Leaked ransomware builder used in attacks Cloudflare hopes Turnstile can replace CAPTCHAs Fast Company goes dark after cyber attack Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

Lazarus targets macOS, Geopolitical DDoS, Meta takes down influence networks Play Episode
Lazarus Group targets macOS users Geopolitics behind recent DDoS surge Meta takes on influence networks Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

Jamf buys ZecOps, porn phishing DDoS, Cloudflare Zero Trust SIM Play Episode
Jamf buys ZecOps Porn phishing scam turns into a DDoS Cloudflare announced secure eSIM offering Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

Uber hacker arrested, Microsoft SQL hacked, CircleCI GitHub hack Play Episode
London Police arrest 17-year-old hacker suspected of Uber and GTA 6 breaches Microsoft SQL servers hacked in TargetCompany ransomware attacks Attackers impersonate CircleCI platform to compromise GitHub accounts Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines, head to...

Log4Shell Hits Israel, Russian cyberattacks on Montenegro, AlphaBay Turns 1 Play Episode
Microsoft warns Iranians using Log4Shell Montenegro hit with Russian cyberattacks AlphaBay Turns 1 Thanks to this week's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from "watchdog" to "guide dog" and everyone wins. Learn more at Code42.com/showme.

Nobelium's MagicWeb, pro-Western influence campaigns, $100 million in NFTs stolen Play Episode
Microsoft reveals Nobelium's MagicWeb Details emerge on large-scale pro-Western influence campaigns Stolen NFTs prove big business Thanks to today's episode sponsor, Code42 Surprise! Surprise! Five years from now, Jamie, who's resigning today, will ring the NASDAQ bell officially launching her company on the public market. And what you'll soon realize is that Jamie stole your most valuable data to start her new company. Learn how Code42 Incydr can stop data theft and protect your organizations' most valuable assets. Visit Code42.com/showme to learn more.

State-backed attacks not insured, LockBit hit with DDoS, Cozy Bear gets around MFA Play Episode
State-backed attacks excluded from cyber insurance LockBit hit with DDoS Cozy Bear using Microsoft accounts to bypass MFA Thanks to today's episode sponsor, Code42 Have you been thinking about launching an Insider Risk Management program? You don't need to be Big Brother to effectively address Insider Risk. Code42 believes that the Three Es should define any IRM program: expertise, education, and enforcement. Shift your security culture from "watchdog" to "guide dog" and everyone wins. Learn more at Code42.com/showme.

Hackers dodge macros, 365 down again, 22M health record breach Play Episode
Hackers opting for new attack methods after Microsoft blocked macros by default Microsoft 365 outage knocks down admin center in North America 22 million US health records breached thus far in 2022 Thanks to today's episode sponsor, Snyk Developers want to code fast and security wants to ship securely. And that's why they both choose Snyk. Backed by industry-leading security intelligence, Snyk provides real-time scanning with automated fixes and remediation advice right from the tools and workflows developers use. Code, dependencies, containers, cloud infrastructure... all of it. And while developers are building securely, Snyk gives security teams a bird's eye...

Subzero malware, JusTalk logs leak, average data breach cost Play Episode
Microsoft warns of Subzero malware JusTalk logs leak The cost of an average data breach Thanks to today's episode sponsor, Snyk Developers want to code fast and security wants to ship securely. And that's why they both choose Snyk. Backed by industry-leading security intelligence, Snyk provides real-time scanning with automated fixes and remediation advice right from the tools and workflows developers use. Code, dependencies, containers, cloud infrastructure... all of it. And while developers are building securely, Snyk gives security teams a bird's eye view of all of their projects, so they can prioritize and focus their efforts in the right...

FBI nabs Huawei, Android leaks Twitterers, Microsoft's printer warning Play Episode
FBI uncovers Chinese and Huawei misdeeds 5.4 million Twitter accounts available for sale Microsoft warns that new Windows updates may break printing Thanks to today's episode sponsor, Snyk Developers want to code fast and security wants to ship securely. And that's why they both choose Snyk. Backed by industry-leading security intelligence, Snyk provides real-time scanning with automated fixes and remediation advice right from the tools and workflows developers use. Code, dependencies, containers, cloud infrastructure... all of it. And while developers are building securely, Snyk gives security teams a bird's eye view of all of their projects, so they can prioritize...

Microsoft Teams outage, heatwave melts Oracle, hiring cyber mercenaries Play Episode
Microsoft Teams outage also takes down Microsoft 365 services Heatwave forced Google and Oracle to shut down in London Hackers for hire: adversaries employ "cyber mercenaries" Thanks to today's episode sponsor, 6clicks Experience the magic of Hailey, the 6clicks artificial intelligence engine for risk and compliance. With Hailey, organizations can automatically show cross-compliance between regulations or identify gaps to external compliance requirements in their policies. Eliminate manual and costly risk and compliance processes by joining the hundreds of businesses that trust 6clicks. For more information visit 6clicks.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

Microsoft security job cuts, Neopet data leak, Russia malware trickery Play Episode
Microsoft cuts security jobs amidst weakening economy Is your cute little Neopet leaking your personal data? Russia disguises malware as Ukrainian app for hacking Russia Thanks to today's episode sponsor, 6clicks The 6clicks GRC solution comes with a fully integrated content library full of hundreds of standards, assessment templates, libraries, playbooks, and more. With the content library included in every 6clicks license, organizations can get started on their GRC implementation faster than ever before. For more information visit 6clicks.com/content. For the stories behind the headlines, head over to CISOseries.com

Week in Review: Microsoft phishing warning, Callback phishing scams, Log4J forever Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, June 6-10, is hosted byRich Stroffolinowith our guest,Carla Sweeney, VP Information SecurityRed Ventures Thanks to our episode sponsor, Edgescan Edgescansimplifies Vulnerability Management by delivering a single full-stack solution (SaaS) integrated with world-class security professionals. Instead of managing a plethora of point scanning tools for each layer of the attack surface and squandering precious staff resources manually removing false positives,Edgescanoffers automated and accurate contextualized alerts across the entire attack surface into a single source of truth. All links and the video of this episode can be found on CISO Series.com

Massive phishing operation, Android malware gets millions of millions, Spectre-like x86 attack Play Episode
Microsoft warns of massive phishing operation Android malware downloaded over 3 million times More speculative-execution attacks found for x86 Thanks to today's episode sponsor, Edgescan Scalable automated and continuous Attack Surface Management (ASM) and vulnerability detection integrated with a world-class cyber security team provide 100% false-positive-free alerts and expert remediation guidance.

Week in Review July 4-8, 202 Play Episode
Link to Blog Post Cyber Security Headlines Week in Review July 4-8, 2022 This week'sCyber Security Headlines Week in Review, June 6-10, is hosted byRich Stroffolinowith our guest,David Cross, SVP/CISOOracle SaaS Cloud Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? WithVotiroyou can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more atVotiro.com. All links and the video of this...

July 8, 2022 Play Episode
Cisco and Fortinet release security patches for multiple products Canada's RCMP have been using powerful malware to snoop on people's communications Online programming IDEs can be used to launch remote cyberattacks Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the...

July 7, 2022 Play Episode
Attackers moving off Cobalt Strike Cyberattacks against law enforcement on the rise Apple announces lockdown mode Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

July 6, 2022 Play Episode
Hacker may have stolen personal data of 1 billion Chinese citizens Ukrainian police take down phishing gang behind payments scam NIST unveils 'quantum-proof' cryptography algorithms Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines, head to CISOseries.com

July 5, 2022 Play Episode
Jenkins discloses dozens of zero-day bugs in multiple plugins Rogue HackerOne employee steals bug reports to sell on the side Patchable and preventable security issues lead causes of Q1 attacks Thanks to today's episode sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines,...

June 27, 2022 Play Episode
New phishing method bypasses MFA using Microsoft WebView2 apps Russian threat actors may be behind the explosion at Texas liquefied natural gas plant Google reveals sophisticated Italian spyware campaign targeting victims in Italy, Kazakhstan Thanks to today's episode sponsor, Optiv The modern enterprise needs a solution as unique as its business. Optiv's Advanced Detection and Response (ADR) works with your organization to comb through the D&R clutter and find the ideal security solutions for your business. ADR delivers tailored detection and response backed by technology, real-time intel and deep expertise applied at touch. Bottom line: ADR finds and neutralizes threats...

Week in Review June 20-24, 2022 Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, June 6-10, is hosted byRich Stroffolinowith our guest,Marnie Wilking, CISO,Wayfair Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group forOptiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more atwww.optiv.com/IAM-Microsoft. All links and the video of this episode can be found on CISO Series.com

June 24, 2022 Play Episode
Cloud email threats soar 101% in a year NHS warns of scam COVID-19 text messages Fancy Bear uses nuke threat lure to exploit 1-click bug Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more at www.optiv.com/IAM-Microsoft. For the stories behind the headlines, head to CISOseries.com.

June 23, 2022 Play Episode
Daycare apps found insecure Encryption flaws found in Mega Microsoft retires cloud facial recognition Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more at www.optiv.com/IAM-Microsoft.

June 22, 2022 Play Episode
Cloudflare outage impacts crypto exchanges Biden signs a pair of cybersecurity bills 7-zip now supports Windows 'Mark-of-the-Web' security feature Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more at www.optiv.com/IAM-Microsoft. For the stories behind the headlines, head to CISOseries.com

June 21, 2022 Play Episode
Windows downloads blocked in Russia The importance of receipts Chrome extensions can be used for fingerprinting Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more at www.optiv.com/IAM-Microsoft.

June 20, 2022 Play Episode
US DoJ announces shut down of Russian RSOCKS Botnet Experts warn of a new eCh0raix ransomware campaign targeting QNAP NAS Mixed results for Russia's aggressive Ukraine information war, experts say Thanks to today's episode sponsor, Optiv Modernizing your identity control plane from AD to the cloud is complex. Ralph Martino, who is leading the identity and access management (IAM) group for Optiv, discusses what challenges CISOs are facing in today's ever-changing climate: Increasing security Decreasing risk Lowering cost Learn more at www.optiv.com/IAM-Microsoft. For the stories behind the headlines, head to CISOseries.com.

June 17, 2022 Play Episode
House Armed Services chair calls national security software, systems 'too vulnerable' Microsoft Office 365 AutoSave can assist cloud ransomware attacks OMIGOD! There's more to OMIGOD Thanks to today's episode sponsor, Datadog Watch Datadog's on-demand webinar for a 30-minute discussion on driving DevSecOps best practices in the enterprise with CTO Cormac Brady. Over the course of his 20+ year career at Thomson Reuters, Cormac consistently built bridges between technical teamsand in the process helped teams achieve superior results and earned himself senior leadership positions. Cormac shares stories and leadership lessons that are applicable to any enterprise technical leader looking to help...

May 30, 2022 Play Episode
Pro-Russian hacker group KillNet plans to attack Italy today Microsoft warns that hackers are using more advanced techniques to steal credit card data China makes offer to ten nations help to run their cyber-defenses Thanks to today's episode sponsor, Feroot Feroot secures client-side web applications so that businesses can deliver a flawless and safe digital user experience to their customers. Inspector and Pageguard, Feroot's automated data protection solutions, increase code visibility, facilitate threat analysis, and detect and protect from dangerous client-side attacks, such as Magecart, cross-site scripting, e-skimming, and other threats focused on front-end JavaScript and web applications. Learn more...

May 26, 2022 Play Episode
Popular open source libraries leaked keys for "research" DuckDuckGo gives Microsoft a pass on trackers Microsoft weathers the vulnerability storm Thanks to today's episode sponsor, Optiv Need a guide on your Zero Trust journey? Jerry Chapman, Engineering Fellow at Optiv and author of "Zero Trust Security: An Enterprise Guide" shares the following takeaways: - The key elements of Zero Trust - How to visualize your Zero Trust journey and place it in the proper context - Integrated technologies to drive adaptive processes and a mature security model Learn more at www.optiv.com/zerotrust.

May 19, 2022 Play Episode
VMware bugs abused to deliver Mirai malware Microsoft to debut of zero trust GDAP tool Bank of Zambia refuses to pay ransom to cyberattack group Hive And now let's thank today's sponsor, Torq Myth 4: Automation Will Replace Skilled Security Professionals Not true. Any business that attempts to automate security will quickly find that most high-stakes security issues are far too complex to be detected and remediated by automation tools alone. Human security professionals need to take the lead delivering nuanced insight about the business impact of a large-scale breach. To learn more about the realities of automation, head to...

May 16, 2022 Play Episode
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT Microsoft fixes new PetitPotam Windows NTLM relay attack vector Hackers are exploiting critical bug in Zyxel firewalls and VPNs And now let's thank today's sponsor, Torq Myth 1: Automation Is Only a Reactive Part of SecOps Incorrect. Proactive management of security incidents is just as important, like automatically scanning IaC configurations to detect vulnerabilities, automating collaboration between devs, IT ops and SecOps to prevent risks before they're threats. To learn more about the realities of automation, head to torq.io. For the stories behind the headlines, head to CISOseries.com.

May 10, 2022 Play Episode
Ransomware state of emergency in Costa Rica Microsoft launches service to fill the cyber skills gap College closes permanently due to ransomware Thanks to our episode sponsor, Datadog Break down silos between DevOps and Security teams to enable collaboration and strengthen the security of your environment. In this on-demand webinar, hear from one of Datadog's engineers on how teams can speed up investigations by assessing security and observability data using Datadog's unified platform to reduce security threats by detecting vulnerabilities. Watch the on-demand webinar now to learn how to get full-stack security for your production environment at datadoghq.com/ciso/

April 22, 2022 Play Episode
Critical chipset bugs open millions of Android devices to remote spying New Five Eyes alert warns of Russian threats targeting critical infrastructure Machine-learning models vulnerable to undetectable backdoors And here's a word from our sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines,...

April 21, 2022 Play Episode
Okta reports on Lapsus$ breach Popular VPNs use risky certificates Project Zero disclosed a new vulnerability record And here's a word from our sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

April 20, 2022 Play Episode
LinkedIn is now the most popular phish bait Lenovo patches firmware vulnerabilities impacting millions of users Ukraine war stokes internet connectivity concerns in Taiwan And here's a word from our sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com. For the stories behind the headlines, head to CISOseries.com

April 19, 2022 Play Episode
Catalan leaders targeted by NSO spyware Researchers share a deep dive into PYSA ransomware operations Most security teams feeling the talent shortage And here's a word from our sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at Votiro.com.

April 18, 2022 Play Episode
Microsoft: Office 2013 will reach end of support in April 2023 Stolen OAuth tokens used to download data from dozens of organizations, GitHub warns Mute button in conferencing apps may not actually mute your mic And here's a word from our sponsor, Votiro Can you trust that your content and data is free of malware and ransomware? With Votiro you can. Votiro removes evasive and unknown malware from content in milliseconds, without impacting file fidelity or usability. It even works on password-protected and zipped files. Plus, it's an API, so it integrates with everything including Microsoft 365. Learn more at...

April 14, 2022 Play Episode
Industrial cybersecurity companies form coalition Microsoft disrupts ZLoader T-Mobile hired someone to get their data back Thanks to our episode sponsor, Code42 It's not just about the data leaving your company - what about the data coming in? Along with departing employees, new talent is also actively joining your organization. This poses cybersecurity challenges since they could be knowingly or unknowingly bringing data from their former company into your network. Code42 Incydr is an Insider Risk Management SaaS that provides a comprehensive understanding of your data exposure and shows which activities require security intervention. Learn more at Code42.com/showme.

March 24, 2022 Play Episode
Microsoft expands program to fill cyber skills gap Cyber Crime Losses Up 64% in 2021 Microsoft confirms Lapsus$ breach Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average employee can access 17 million files they don't need, and only a handful live on their laptop. Protect your data from the inside out and detect early signs of ransomware automatically with Varonis. Visit www.varonis.com/cisoseries.

March 23, 2022 Play Episode
Ransomware attack on Okta leads to data breach Lapsus$ leaks 37GB of Microsoft source code Anonymous hacks Nestl for operating in Russia Thanks to our episode sponsor, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats, and streamline privacy and compliance. Visit www.varonis.com/cisoseries for a demo of Varonis' leading data security platform. For the stories behind the headlines, visit CISOseries.com

March 17, 2022 Play Episode
Phony Instagram 'support staff' emails hit insurance company Facebook hit with $18.6 million GDPR fine over 12 data breaches in 2018 Microsoft Defender tags Office updates as ransomware activity Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average employee can access 17 million files they don't need, and only a handful live on their laptop. Protect your data from the inside out and detect early signs of ransomware automatically with Varonis. Visit www.varonis.com/cisoseries. For the stories behind the headlines, head to CISOseries.com.

March 1, 2022 Play Episode
Toyota suspends Japanese production due to cyberattack Microsoft providing threat intelligence to Ukraine Twitter to label tweets from state-owned media There are many misconceptions about security automation, so Torq is debunking a security automation myth each day this week. Myth 2: Security Automation Is Just a New Term for Automated Security Testing Wrong. While scanning and testing may be one example of a security automation use case, it's hardly the only one. Automation can be used to do things like help manage complex security workflows and optimize collaboration between different stakeholders. These are tasks that were not traditionally automated. To...

February 24, 2022 Play Episode
Samsung shipped devices with flawed encryption New York state gets cybersecurity center Microsoft Defender adds support for GCP Thanks to our episode sponsor, Tines Tines is hosting a virtual game show in conjunction with Lacework on March 8. It's free to attend, with security trivia, fun prizes, and donations going to good causes like Women in Cybersecurity. Places are limited, so head over to tines.com/gameshow to register.

February 18, 2022 Play Episode
DOJ beefs up efforts to combat criminal use of cryptocurrencies Canada's major banks go offline in mysterious hours-long outage Hackers slip into Microsoft Teams chats to distribute malware Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, and pentest automation to improve communication and collaboration. PlexTrac upgrades your program's capabilities by making the most of every team member and tool. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to...

February 10, 2022 Play Episode
Ukraine takes down social media bot farm Federal use of cell siphoning tech on the rise Microsoft expands security business Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified platform, download...

February 8, 2022 Play Episode
Stolen crypto used to fund North Korean missile program Microsoft disables protocol used by malware Meta may pull out of the EU Thanks to our episode sponsor, Datadog Datadog's Cloud Security Platform delivers real-time threat detection and continuous configuration audits across your entire production environment, so you can bring speed and scale to your security organization. The Cloud Security Platform is built on top of Datadog's observability platform, which breaks down silos between Security and DevOps teams and aligns them to shared organizational goals. To learn more about how Datadog Security Monitoring can solve cloud complexity challenges with a unified...

January 28, 2022 Play Episode
US says national water supply 'absolutely' vulnerable to hackers Microsoft mitigated a record 3.47 Tbps DDoS attack on Azure users BotenaGo Mirai botnet code leaked to GitHub Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind...

January 21, 2022 Play Episode
NATO and Ukraine sign deal to boost cybersecurity Microsoft Sees Log4j attacks exploiting SolarWinds Serv-U bug Large-scale cyberattack hits the Red Cross Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. For the stories behind the headlines, head to CISOseries.com.

January 17, 2022 Play Episode
Microsoft discloses malware attack on Ukraine government networks New unpatched Apple Safari browser bug allows cross-site user tracking Now you can get your vulnerability alerts by phone Thanks to our episode sponsor, Datadog Join Datadog in their upcoming webinar to learn how to dissect the anatomy of an attack vector in the cloud with the use of their unified Cloud Security Platform. Visit datadoghq.com/ciso to register for the webinar in the time zone most convenient for you and attendees will also get a chance to win a Datadog t-shirt. For the stories behind the headlines, head to CISOseries.com.

January 14, 2022 Play Episode
New undetected backdoor runs across three OS platforms Microsoft RDP bug enables data theft, smart-card hijacking Ukrainian police arrests ransomware gang that hit over 50 firms Thanks to our episode sponsor, BlackBerry CISO'sListen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intelligence cybersecurity platform with 24x7 support from award winning responders and prevention experts. Spend time on key security initiatives, instead of the fallout from breaches. Learn more at BlackBerry.com For...

January 11, 2022 Play Episode
Open source developer poisons his own well Hacker group self-pwns Microsoft finds TCC bypass vulnerability in macOS Thanks to our episode sponsor, BlackBerry CISO'sListen Up. Is your team challenged with distinguishing threat signal from noise, reducing cyber costs and finding security talent? We're here to help. BlackBerry Guard is a Managed Extended Detection & Response(XDR) service that merges the Cylance artificial intelligence cybersecurity platform with 24x7 support from award winning responders and prevention experts. Spend time on key security initiatives, instead of the fallout from breaches. Learn more at BlackBerry.com

January 6, 2022 Play Episode
Microsoft's digital signature verification exploited New York AG warns of credential stuffing attacks Google acquires Siemplify Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together.

January 3, 2022 Play Episode
Microsoft Exchange year 2022 bug breaks email delivery Uber email breach allows anyone to email as Uber Crypto security breaches cause $4.25 billion in losses in 2021 Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind...

December 30, 2021 Play Episode
Defense bill includes cybersecurity provisions for private-sector Server firmware rootkit discovered Microsoft Defender showing Log4j false positives Thanks to our episode sponsor, Lookout Complexity is the enemy of security. With an integrated Zero Trust platform, Lookout makes things simple. Whether data is on employees' smartphones or in the cloud, Lookout enables organizations to protect sensitive information no matter where it goes. Discover why IDC named the Lookout CASB a major player in its latest MarketScape at lookout.com/idc.

December 24, 2021 Play Episode
CISA releases free scanner to spot Log4j exposure Researchers disclose unpatched vulnerabilities in Microsoft Teams software Microsoft Office patch bypassed for malware distribution in apparent 'dry run' Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions. For the stories behind the headlines, head to...

December 23, 2021 Play Episode
Five Eyes issues Log4Shell advisory NSO Group deal with Uganda spurred backlash Microsoft PhotoDNA inverted to reveal images Thanks to our episode sponsor, Lookout Is 2022 the beginning of the end for on-prem security? Two years after remote work became the norm, we're at an inflection point for both threats and security solutions. Just as you wouldn't bring a sword to a gunfight, organizations need to take advantage of integrated cloud solutions to tackle emerging challenges. Check out Lookout's 2022 predictions at lookout.com/predictions.

December 15, 2021 Play Episode
Kronos ransomware outage drives widespread payroll chaos Log4j vulnerability update Microsoft Patch Tuesday addresses zero-day exploited to spread Emotet malware Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines everything from phishing response to employee onboarding. To learn more, visit tines.com. For the stories behind the headlines, head to CISOseries.com

December 8, 2021 Play Episode
AWS outage impacts Ring, Netflix, and Amazon deliveries Google announces lawsuit against Glupteba blockchain botnet Microsoft seized domains used by cyberespionage group Thanks to our episode sponsor, Tines Tines was founded by experienced security practitioners who cared about their teams. When they couldn't find an automation platform that delivered, they founded a company and built their own. A few years later, customers like Coinbase, McKesson, and GitLab run their most important security workflows on Tines everything from phishing response to employee onboarding. To learn more, visit tines.com. For the stories behind the headlines, head to CISOseries.com

November 23, 2021 Play Episode
GoDaddy data breach impacts millions Microsoft looks at brute-force attacks Printers used to bypass fingerprint authentication Thanks to our episode sponsor, deepwatch What is the value of good security? Can you quantify what mature detection and response means for your organization? A recent Forrester study found that a deepwatch MDR customer achieved 432% ROI and over 10 million dollars in benefits and savings from their solution over a 3 year period. Visit deepwatch.com/tei-report for the full report and to learn how your team could see the same success.

November 22, 2021 Play Episode
US banks will be required to report cyberattacks within 36 hours Microsoft Exchange malware campaign uses stolen internal reply-chain emails Conti ransomware group suffers a data breach Thanks to our episode sponsor, deepwatch Increasing ransomware attacks and their evolving sophistication have been putting more pressure on security teams than ever before. Luckily, managed detection and response (or MDR) has emerged as a critical component for improving security operations, reducing ransomware risk, and minimizing the overall impact an attack can have. Visit deepwatch.com to see how we help to prevent breaches for our customers, by working together. For the stories behind...

November 16, 2021 Play Episode
DHS launches program to close cyber talent gap China expands cybersecurity review requirements Microsoft blocks Edge redirects Thanks to our episode sponsor, Vulcan Cyber Ryan Gurney spent years as CSO and security exec for companies like Google Looker, Zendesk, Engine Yard, and eBay. Ryan has seen a few things and is done pretending cyber security is something it isn't. Attend the Vulcan Cyber virtual summit on December 9th to get Ryan's take on the difference between negligent and effective cyber security. It's a fine line. Go to vulcan.io and click the button at the top of the screen to register...

November 12, 2021 Play Episode
EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms Gmail accounts are used in 91% of all baiting email attacks Microsoft warns of uptick in HTML smuggling Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive "Known Exploited Vulnerabilities Catalog" recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io...

October 28, 2021 Play Episode
Chinese surveillance tech pulled from US retailers Microsoft warns of rise in password spraying attacks The FTC is looking into the Facebook Files And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes VPNs, bastion hosts, and gateways with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere"...

October 26, 2021 Play Episode
Microsoft report on Nobelium Healthcare organizations struggle with breaches ProtonMail wins appeal on surveillance data And now a word from our sponsor, Banyan Security Today, 75% of enterprises are using some form of hybrid-cloud deployment. Unfortunately, traditional network-centric security solutions like VPNs are not designed to meet the scale, performance, and usability needs of modern organizations, especially those with dynamic hybrid- and multi-cloud environments. Replace your traditional network access boxes VPNs, bastion hosts, and gateways with a cloud-based zero trust remote access solution and enable a safe and reliable "work from anywhere" environment. Visit banyansecurity.io for more information.

October 21, 2021 Play Episode
Russian firms see DDoS spike Sinclair hack linked to Russian organization Microsoft expires old Windows updates Thanks to our episode sponsor, Tessian and the Human Layer Security Summit Want to get the latest security insights from Cisco, Forrester, Intercontinental Exchange and Knowbe4? At Tessian's Human Layer Security Summit you'll get fresh insights and actionable advice to help you build an effective, future proof security strategy. Hear from top CISOs and InfoSec Leaders who will speak on the HOTTEST topics in cyber today. Join thousands of your peers by registering now at tessian.com/summit

October 13, 2021 Play Episode
Olympus suffers second cyberattack in 2021 Microsoft's Patch Tuesday squashes four zero-day vulns White House directs federal agencies to step up EDR Thanks to our episode sponsor, Bitsight In spite of all the recent attacks, did you know that only 17% of organizations continuously monitor their third party vendors? From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody's, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com For the...

October 12, 2021 Play Episode
Microsoft report details the changing cybercrime landscape LibreOffice issues fix for signed document spoofing You got nuclear secrets in my peanut butter! Thanks to our episode sponsor, Bitsight Did you know that 1-in-10 organizations are now creating cybersecurity-specific committees at the board level? From managing third party supply chain risk, to quantifying financial exposure, to reducing the likelihood of ransomware, BitSight helps security and risk professionals create more effective cybersecurity programs with cybersecurity ratings and analytics. Learn why Moody's, the Department of Defense, and other leading institutions partner with BitSight at www.bitsight.com

September 29, 2021 Play Episode
Microsoft 365 MFA outage locks users out of their accounts Exploit released for VMware vulnerability after CISA warning Crypto developer pleads guilty to North Korean plot Thanks to our episode sponsor, VMware PREPARE FOR THE POST-PANDEMIC THREAT LANDSCAPE. At VMworld 2021, you'll gain fresh insight and actionable knowledge to help keep your focus on building resilient, cyber-vigilant teams that can proactively detect, prevent, mitigate, and remediate these attacks. The Security Track has 150+ breakout sessions with hands-on labs, demos, and interactive experiences. Join thousands of your peers by registering now at vmware.com/vmworld For the stories behind the headlines, head to...

September 27, 2021 Play Episode
Researcher drops three iOS zero-days that Apple refused to fix Microsoft releases rollback fix for updates New Cooperative ransomware negotiations get hijacked Thanks to our episode sponsor, VMware DO YOU KNOW ANYONE ON THE DEVELOPMENT TEAM WHO'D SAY, 'SECURITY SHOULD BE EVERYONE'S RESPONSIBILITY? Probably not. That's why Forrester and VMware have done some new research that dives into how the Development team perceives Security and what Security teams can do to make the right thing easy. We are hosting a VMworld 2021 session on this report titled "Security is Important, Said No Developer Ever." Join in on our conversation to...

September 16, 2021 Play Episode
Travis CI security vulnerability is bad news for open source Ransomware accounts for a quarter of cyber insurance claims Microsoft goes passwordless Thanks to our episode sponsor, Sonrai Sonrai is changing Public Cloud Security by focusing on protecting data from over-privileged human and non-human identities. Sonrai provides a single pane of glass built on an analytic platform that protects organizations by leveraging CSPM, CIEM, and cloud DLP at the confidence level required by your environment. Learn more about Sonrai Cloud Security at www.sonrai.com

August 30, 2021 Play Episode
"Worst cloud vulnerability you can imagine" discovered in Microsoft Azure Work from home increased worldwide phishing attacks T-Mobile hacker brute-forced his way through the network Thanks to our episode sponsor, Semperis Do you know your Active Directory security vulnerabilities? Cybercriminals love to exploit Active Directory: It has dozens of security gaps because of misconfigurations and new sophisticated hacking tools. But hang on, help is on the way: Download Purple Knight, a free Active Directory security assessment tool from Semperis that scans your environment for 70-plus indicators of exposure and compromise. Check it out at Purple-Knight.com. For the stories behind the...

August 27, 2021 Play Episode
21-year-old claims responsibility for massive T-Mobile hack Microsoft and Google to invest billions to bolster US cybersecurity Ragnarok ransomware releases master decryptor after shutdown Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for...

August 23, 2021 Play Episode
Microsoft Exchange under attack with ProxyShell flaws Australians hit by 'Flubot' malware that arrives by text message Cyberattack hits State Department Thanks to our episode sponsor, Privacy.com Privacy.com lets you buy things online using virtual cards instead of having to use your real ones, protecting your identity and bank information on the internet. For example, when you're shopping online and ready to check out, simply generate a Privacy Card that will enter in random variables. Should the merchant ever get hacked, the fraudsters will never have access to your real information. Privacy Cards are also great for monitoring subscriptions and...

August 6, 2021 Play Episode
US partners with Amazon, Google, and Microsoft to help fight cyber threats Conti ransomware gang falls victim to insider data leak Microsoft announces new 'Super Duper' browser security feature Thanks to our episode sponsor, PlexTrac PlexTrac is the Purple Teaming Platform. Use the Runbooks Module to facilitate your tabletop exercises, red team engagements, breach and attack simulations, adversary emulation, and pentest automation to improve communication and collaboration. PlexTrac provides the platform to measure real progress and demonstrate real results. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind the headlines, head to...

August 3, 2021 Play Episode
APT targeting Microsoft IIS servers Pegasus spyware confirmed on journalist phones Someone is spoofing military ship locations Thanks to our episode sponsor, PlexTrac Gain a real-time view of security posture with PlexTrac by consolidating scanner findings, assessments, and bug bounty tools. Visualize your posture in the Analytics Module to quickly assess and prioritize, creating a more effective workflow. Robust filtering allows for effortless options in viewing and communicating your data. Track your signal through the noise with PlexTrac. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

July 28, 2021 Play Episode
Microsoft rushes fix for PetitPotam attack PoC Apple releases urgent zero day bug patch for Mac, iPhone and iPad devices Google launches new Bug Hunters vulnerability rewards platform Thanks to our episode sponsor, Varonis The first time we got hit with ransomware it took us weeks to recover. The second time we got hit, it took us two hours. Why? Because we had Varonis. Varonis reduces the ransomware blast radius and monitors our most important data, automatically. Hear more at varonis.com/risk For the stories behind the headlines, head to CISOseries.com.

July 26, 2021 Play Episode
French president pushes for Israeli inquiry into NSO spyware concerns Microsoft shares mitigations for new PetitPotam NTLM relay attack Fake Windows 11 installers already distributing malware Thanks to our episode sponsor, Varonis Still in the news is REvil's ransomware attack on Kaseya VSA servers. Varonis is here to help mitigate the blast radius of such attacks. Want a step-by-step guide on what you should be looking for? Visit varonis.com/risk to help make sure your data is protected. For the stories behind the headlines, head to CISOseries.com.

July 20, 2021 Play Episode
Leaked NSO group data hints at widespread Pegasus spyware infections UK and White House blame China for Microsoft Exchange Server hack Saudi Aramco data breach sees 1TB of stolen data for sale Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days, not years. Combined with advanced detection that monitors every file touch, ransomware doesn't stand a chance. Learn more at varonis.com/risk For the stories behind the headlines, head to CISOseries.com.

July 15, 2021 Play Episode
China issues new zero-day rules Google discloses four zero-days tied to Russian APT Microsoft announces Windows 365 at Inspire 2021 Thanks to our episode sponsor, Varonis Varonis will help you get meaningful data security results faster than you thought possible. Protect sensitive data, detect sophisticated threats and streamline privacy and compliance. Visit varonis.com/risk for a demo of Varonis' leading data security platform.

July 13, 2021 Play Episode
Ransomwhere site hopes to provide transparency Microsoft to buy RiskIQ The scope of China's Great Firewall internet censorship Thanks to our episode sponsor, Varonis What is your ransomware blast radius? The average user can access 17 million files. Varonis reduces your blast radius in days, not years. Combined with advanced detection that monitors every file touch, ransomware doesn't stand a chance. Learn more at varonis.com/risk

July 7, 2021 Play Episode
Kaseya patches imminent after zero-day exploits REvil lowers ransom for universal decryptor Pentagon cancels $10 billion JEDI cloud contract that Amazon and Microsoft were fighting over Thanks to our episode sponsor, Viakoo Did you know IP cameras are responsible for 1/3rd of all IoT cyber breaches? And that 7 out of 10 cameras are running out of date firmware? Viakoo has proven solutions to automate cyber hygiene on cameras and other IoT devices. Sign up for a personalized demo at Viakoo.com. And come visit us at Black Hat this year. For the stories behind the headlines, head to CISOseries.com.

July 2, 2021 Play Episode
Russian military cyber-unit behind large-scale brute-force attacks Authorities seize DoubleVPN service used by cybercriminals Microsoft research team reveals critical vulns in Netgear routers Thanks to our episode sponsor, Keyavi Cyber criminals who attack healthcare systems know medical record information has tremendous value for stealing identities. If you infuse personally identifiable information with geographical awareness and intelligence, you dramatically reduce the risk of patient identity theft. Join a live demo session on www.keyavi.com/sessions to learn more.

July 1, 2021 Play Episode
Secrecy orders abound in Microsoft's government data requests When proof of concepts go wrong Maine passes strong facial recognition ban Thanks to our episode sponsor, Keyavi Worried about being the next ransomware victim, like Colonial Pipeline? Cyber criminals stole gigabytes of data before their first extortion attempt, demanding payment to decrypt Colonial's information. Despite a multi-million-dollar ransom payment, the pipeline's stolen data is in the hands of these attackers forever. Head to www.keyavi.com/sessions to learn more about protecting data from extortion attempts.

June 28, 2021 Play Episode
Microsoft admits to signing rootkit malware in supply-chain fiasco Senate fails to confirm new CISA director before two-week break, drawing criticism Hackers release free games laced with cryptomining malware Thanks to our episode sponsor, Keyavi Google Security VP Royal Hansen said recently that the biggest security challenge over the next 10 years will be "shifting the focus of security from the technical hygiene of code and configuration to self-defending data." Guess what? Self-protecting data isn't 10 years away it's here now! Visit www.keyavi.com/sessions to see how the previously impossible is now possible. For the stories behind the headlines, head to...

June 11, 2021 Play Episode
JBS paid $11 million ransom to cybercriminals Electronic Arts' gaming source code stolen in hack Largest stolen creds market seized by law enforcement Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. VisitTrendMicro.com/Perspectivestoday to register. For the stories behind the headlines, head toCISOseries.com

Week in Review - June 7-11, 2021 Play Episode
Link to Blog Post This week'sCyber Security Headlines Week in Review, June 7-11, 2021, is hosted bySteve Prentice(@stevenprentice) with our guest,Robert Wood, CISO,Centers for Medicare & Medicaid Services Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. All links and the video of this episode can...

June 10, 2021 Play Episode
Cyber-attack disrupts NYC Law Department Amazon successfully presses to omit consumer protections from Senate China bill Intel fixes high severity vulnerabilities with June 2021 platform update Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. VisitTrendMicro.com/Perspectivestoday to register. For the stories behind the headlines, head toCISOseries.com

June 9, 2021 Play Episode
StackOverflow, Twitch, Reddit, others down in Fastly CDN outage Hundreds arrested in massive global crime sting using messaging app Capitol Hill tech vendor is the latest ransomware victim Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For the stories behind the headlines, head to CISOseries.com.

June 8, 2021 Play Episode
US recovers millions in cryptocurrency paid to Colonial Pipeline ransomware hackers Energy chief cites risk of cyberattacks crippling power grid Researchers discover first known malware targeting Windows containers Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For the stories behind the headlines, head to CISOseries.com.

June 7, 2021 Play Episode
VMware vulnerability with 9.8 severity rating is under attack GitHub updates policy to remove exploit code when used in active attacks Colonial Pipeline breached via single compromised password Thanks to our sponsor: Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For the stories behind the headlines, head to CISOseries.com.

May 31, 2021 Play Episode
Two new attacks allow alteration of certified PDF documents US says agencies fended off latest Russian hack involving four new malware families New Epsilon Red ransomware hunts unpatched Microsoft Exchange servers Thanks to our episode sponsor, ReversingLabs Recent supply chain attacks and executive orders have left 1000's scrambling for guidance. Join ReversingLabs as they take their exclusive supply chain roadshow to your local region virtually. Hear from app sec specialists and security execs, as they discuss lessons learned, and innovative approaches, that will move your supply chain security and compliance program forward. For more information, visit reversinglabs.com. For the stories...

May 21, 2021 Play Episode
Millions of Android users' data exposed due to cloud authentication failures UK regulator fines AmEx for spamming violations Russian hacker sentenced to 5 years for $1.5 million tax fraud Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For the stories behind the headlines, head...

May 20, 2021 Play Episode
Colonial Pipeline confirms it paid the ransom Qlocker ransomware operators shut down SolarWinds CEO speaks about supply chain attack Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register.

Week in Review - May 17-21, 2021 Play Episode
Link to Blog Post This week's Cyber Security Headlines - Week in Review, May 17-21, 2021, is hosted by Steve Prentice (@stevenprentice) with our guest, Ty Sbano, CISO, Sisense Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. All links and the video of this...

May 19, 2021 Play Episode
DDoS attacks are back, stronger than ever Proof of concept exploit released for wormable Windows vulnerability Tech audit of Colonial Pipeline found 'glaring' problems in 2018 Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For the stories behind the headlines, head to CISOseries.com.

May 18, 2021 Play Episode
Double encryption ransomware attacks on the rise The UK seeks advice on defending against supply-chain attacks Eufy leaks customer camera feeds to strangers Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register.

May 17, 2021 Play Episode
Insurer AXA hit by ransomware after dropping support for ransom payments Darkside says it lost control of servers and money a day after Biden threat CEOs could face jail time for IoT attacks by 2024 Thanks to our episode sponsor, Trend Micro Want to discover new ways to simplify and strengthen your security? Join Trend Micro Perspectives on June 16, where industry experts and practitioners will share deep insights and real-world examples on how security can play a pivotal role in accelerating your digital transformation. Featuring speakers from Gartner, Forrester, ESG, AWS, and Microsoft. Visit TrendMicro.com/Perspectives today to register. For...

May 12, 2021 Play Episode
U.S. declares emergency in 17 states over fuel pipeline cyber attack Japanese manufacturer Yamabiko targeted by Babuk ransomware Microsoft May 2021 Patch Tuesday fixes 55 flaws, 3 zero-days Thanks to our episode sponsor, Altitude Networks Imagine an employee just left and went to a competitor: did they take proprietary documents or critical roadmaps with them? Did they add a backdoor access via personal accounts to documents? You're a cloud-forward company on G Suite, how would you know your data is at risk? Altitude Networks can automatically tell you who is trying to steal your critical cloud data from G Suite...

May 10, 2021 Play Episode
Colonial hackers stole data ahead of pipeline shutdown Microsoft pulls Windows 10 AMD driver causing PCs not to boot New TsuNAME flaw could let attackers take down authoritative DNS servers Thanks to our episode sponsor, Altitude Networks Uh oh, Johnny left the company 6 months ago, but still has access to numerous files in Google Drive via his personal account! Do you know how many other former employees and contractors still have access to our documents? It's a lot more than you might think. Altitude Networks automatically discovers sharing to personal accounts and can eliminate it with one click. Altitude...

May 6, 2021 Play Episode
Facebook's Oversight Board upholds Trump suspension Phishing for workplace credentials Report looks at third-party SDKs in school apps Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption "Made in Germany" for OneDrive, Dropbox, Google Drive, and Co. as well as for Microsoft Teams. For more information visit Boxcryptor.com.

May 4, 2021 Play Episode
A look at the Project Signal ransomware campaign Moscow facial recognition system used against protestors Facebook Oversight Board to release Trump decision Wednesday Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption "Made in Germany" for OneDrive, Dropbox, Google Drive, and Co. as well as for Microsoft Teams. For more information visit Boxcryptor.com.

May 3, 2021 Play Episode
New Spectre exploits beat AMD and Intel mitigations Microsoft finds critical code execution bugs in IoT, OT devices New ransomware group uses SonicWall zero-day to breach networks Thanks to our episode sponsor, Boxcryptor We think CISOs also have a right to sleep peacefully at night. Therefore, we recommend encrypting your sensitive business data for an extra layer of protection. Now in its 10th year, Boxcryptor offers strong end-to-end encryption for more than 30 cloud providers, NAS, file servers, and local data to organizations of all sizes. Start your free trial now at Boxcryptor.com. For the stories behind the headlines, head...

April 29, 2021 Play Episode
Linux malware used to backdoor systems for years Intel and Microsoft partner to detect cryptojacking Android contact tracing logs exposed to preinstalled apps Thanks to our episode sponsor, Aptible Remember this? It's the end of the quarter which means urgent sales requests for security documentation. Well, thanks to Aptible Comply those days are over. Comply Rooms is a completely free, sales enablement tool built specifically for compliance teams to provide immediate, self-serve, and secure access to trust packets. With Rooms you just upload your security docs and NDA, then input your customer's emails to invite them where they download automatically...

April 23, 2021 Play Episode
Prometei botnet exploits Exchange server bugs Facebook wants to 'normalize' the mass scraping of personal data Microsoft 365 outage affects email delivery Thanks to our episode sponsor, Palo Alto Networks In 1666, Sir Isaac Newton famously used a prism to disperse white light into colors. Today, cloud security professionals use Prisma Cloud from Palo Alto Networks to disperse full lifecycle security and full stack protection across their multi- and hybrid-cloud environments. We think Sir Isaac would approve. Learn more about Prisma Cloud at paltoaltonetworks.com/Prisma For the stories behind the headlines, head to CISOseries.com.

March 23, 2021 Play Episode
SCOTUS: Facebook's still on the hook for nonconsensual user tracking Democrats prepare swarm of antitrust bills targeting Big Tech Microsoft Exchange servers flooded with ransomware Thanks to our episode sponsor, Trend Micro Threat actors want what you're storing in the cloud. Trend Micro's Cloud One platform provides cloud security from a single console, keeping you at your most resilient. Let what happens in the cloud, stay in the cloud.

March 17, 2021 Play Episode
Microsoft shares one-click ProxyLogon mitigation tool for Exchange servers Microsoft Teams, Exchange and more went down for four hours on Monday Signal is down in China after 100 million reported downloads Thanks to our episode sponsor, Trend Micro The conversation between you and your board of directors is not always a walk in the park. With more cloud projects coming your way, it's time to change the conversation to speak their language and start paving the way for a secure future. For more, go to http://trendmicro.com/CISO For the stories behind the headlines, head to CISOseries.com.

March 10, 2021 Play Episode
Microsoft March Patch Tuesday fixes 82 flaws, 2 zero-days Hackers access surveillance cameras at Tesla, Cloudflare, banks, more CISA urges people get serious about Exchange Server exploitation Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info. For the stories behind the...

March 8, 2021 Play Episode
REvil ransomware gang uses extended voice calls to pressure victims New Microsoft tool checks Exchange Servers for ProxyLogon hacks Ongoing phishing attacks target US brokers with fake FINRA audits Thanks to our episode sponsor, Trend Micro With organizations rapidly migrating to the cloud, CISOs have new challenges to address. Trend Micro Cloud One is a connected SaaS platform comprised of six solutions that address all your cybersecurity needs from workloads, to file storage, containers and more. Empower your IT teams to do more with less with Trend Micro Cloud One. Visit us at Trendmicro.com for more info. For the stories...

March 3, 2021 Play Episode
Microsoft announces end-to-end encryption support for Teams, plus passwordless logins U.S. unprepared for AI competition with China, commission finds Tom Cruise deepfake videos rattle security experts Thanks to our episode sponsor, TrustMAPP Are you a vCISO? Building your practice and client base is hard enough don't waste time building the tools you need to operate. TrustMAPP's turnkey SaaS platform gets you up and running quickly, so you can focus on your business. For the stories behind the headlines, head to CISOseries.com.

February 25, 2021 Play Episode
Microsoft and FireEye push for breach reporting rules US Federal Reserve hit with massive IT outage Path cleared for California's net neutrality law Thanks to our episode sponsor, PlexTrac Solve your talent shortage with PlexTrac. Use PlexTrac to automate security tasks and workflows to keep your red, blue, and purple teams focused on the real security work. Gain precious time back in your team's day and improve their morale by making them more effective with PlexTrac. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs!

February 22, 2021 Play Episode
Silver Sparrow malware found on 30,000 Macs has security pros stumped SolarWinds hackers stole source code for Microsoft Azure, Exchange, Intune New hack lets attackers bypass MasterCard PIN by using it as Visa card Thanks to our episode sponsor, PlexTrac PlexTrac is a powerful, yet simple, cybersecurity platform that centralizes all security assessments, pentest reports, audit findings, and vulnerabilities. PlexTrac transforms the risk management lifecycle, allowing security professionals to generate better reports faster, aggregate and visualize analytics, and collaborate on remediation in real-time. Check out PlexTrac.com/CISOSeries to learn why PlexTrac is the perfect platform for CISOs! For the stories behind...

February 19, 2021 Play Episode
Dating-app video calls could have been spied on Microsoft pulls buggy Windows update that blocked security updates Windows, Linux servers targeted by new WatchDog botnet Thanks to our episode sponsor, Kenna Security Ready to shift gears to risk-based vulnerability management? Now's the time. Through Kenna Security's on-demand educational series Kenna Katalyst, you can learn the six steps needed to start your own risk-based vulnerability management program and make vulnerability management well, more manageable. And you can earn 1 CPE credit through (ISC). Learn more at kennasecurity.com/katalyst.

February 16, 2021 Play Episode
France links Russian Sandworm hackers to hosting provider attacks Privacy problems with Azure and Canonical Microsoft estimates thousands of developers touched SolarWinds malware Thanks to our episode sponsor, Kenna Security Kenna Katalyst is Kenna Security's newest on-demand educational series designed to help you shift gears to risk-based vulnerability management. Get the six key steps you need to go risk-based along with actionable tips to help your team focus on the risks that matter most. Participants can earn 1 CPE credit through (ISC). Learn more at kennasecurity.com/katalyst.

February 9, 2021 Play Episode
A look at Iranian spyware operations Florida water treatment plant hacked to distribute harmful chemicals Microsoft to add 'nation-state activity alerts' to Defender Thanks to our episode sponsor Altitude Networks Remember that time when someone at work accidentally shared a Google document to your personal email? Well, that happens a lot and it leaves a backdoor to cloud data for former employees or contracts. Altitude Networks is the only solution that will protect you from this and many other data leak risks on G Suite and Office 365! Check it out at AltitudeNetworks.com and be sure your sensitive data isn't...

February 4, 2021 Play Episode
Microsoft sees a rise in business email compromise attacks on schools Facebook takes a proactive content stance after Myanmar coup SolarWinds CEO says its email systems were compromised for months Thanks to our episode sponsor HID Global: Evolving organizations need strong MFA.With the broadest selection of authentication options in the industry, HID Global's advanced multi-factor authentication solution is capable of building a frictionless user experience that blends convenience and protection. Learn more atwww.hidglobal.com/mfa

February 3, 2021 Play Episode
Another SolarWinds vulnerability used to hack National Finance Center SonicWall confirms actively exploited zero-day Microsoft Defender now detects macOS vulnerabilities Thanks to today's sponsors, HID Global: Evolving organizations need strong MFA.With the broadest selection of authentication options in the industry, HID Global's advanced multi-factor authentication solution is capable of building a frictionless user experience that blends convenience and protection. Learn more atwww.hidglobal.com/mfa

January 28, 2021 Play Episode
10-year old sudo bug patched Mass Emotet uninstall planned for March 25th Microsoft's security business exceeds $10 billion in revenue And now our sponsor Nucleus Security brings you "The Top 5 Antipatterns in Vulnerability Management": Antipattern #4: "Homegrown Vulnerability Management Tools":Large enterprises are full of homegrown vulnerability management tools that were abandoned due to complexity or cumbersome builds. See how Nucleus automates your vulnerability management workflows, replacing the need for custom tools completely, atnucleussec.com/demo

January 25, 2021 Play Episode
President Biden takes on cybersecurity on day one SonicWall firewall maker hacked using zero-day in its VPN device Intel probes reports of quarterly earnings hack And now our sponsor Nucleus Security brings you "The Top 5 Antipatterns in Vulnerability Management": Antipattern No. 1: "Spreadsheet Hell": Relying on Microsoft Excel to track risks and answer questions about your vulnerability data is inefficient and insecure. Learn how Nucleus can rescue you from spreadsheet hell and provide the data insights you need with a demo-on-demand at nucleussec.com/demo.

January 19, 2021 Play Episode
Parler resurfaces online Darknet forum Joker's Stash shutting down Microsoft Defender to enable auto-remediation by default Thanks to our episode sponsor Armis All cybersecurity programs start with gaining full visibility into all the assets in the environment. Yet security teams continue to struggle to see every thing they have. This asset blind spot means security teams don't have an accurate picture of what needs to be managed and secured. Head over to armis.com to see how Armis Asset Management helps you overcome this Cybersecurity Asset Management challenge. For more on any of these stories, head to cisoseries.com

January 5, 2021 Play Episode
Microsoft source code accessed by SolarWinds attackers Slack suffers massive outage UK judge denies Assange extradition to US Our sponsor, Omada's identity governance tip of the day Well-tested process frameworks are great starting points. No need to reinvent. Just tweak processes that have already proven effective such as automating identity management, access requests, cross-application segregation of duties, and least privilege access. Head over to omada.net to see how Omada can help you get two steps ahead with your identity management. For links to the full stories, head over to CISOseries.com.

December 29, 2020 Play Episode
Defending the COVID-19 vaccine supply chain Cellular aggregation tool detailed in police records CISA releases malware detection tool for Azure and Microsoft 365 Thanks to our sponsor ReversingLabs The SolarWinds attack has highlighted the need to scan "gold" software images prior to their release or consumption, and look for software tampering, invalid digital signing, and build quality issues. Do you have the right controls in place to assess these risks? Learn more about how ReversingLabs can help your security and release teams today and watch an on-demand demo at reversinglabs.com/demo. For the stories behind the headlines, head to CISOseries.com.

December 28, 2020 Play Episode
Microsoft resellers seen as Russian cyberattack mules GoDaddy employees fail holiday bonus phishing test SolarWinds releases updated advisory for new SUPERNOVA malware Thanks to our sponsor ReversingLabs Less than thirty percent of organizations have a formal threat hunting program, yet threat hunting has shown to improve overall security postures by over ten percent. What actions are you taking to upskill your security staff and bring threat hunting practices into your daily security practices? Learn more about how ReversingLabs can help your security teams today and watch an on-demand demo at reversinglabs.com/demo. For the stories behind the headlines, head to CISOseries.com.

December 16, 2020 Play Episode
Microsoft seizes SolarWinds domain quarantine starts today Twitter will use Amazon Web Services to power user feeds Data breach at Canadian financial services firm highlights perils of insider threats Thanks to our sponsor ReversingLabs 96% of commercial applications include open source components. Is open source software putting your supply chain at risk? Learn more about how ReversingLabs can inspect your new software packages and open source components today, and watch an on-demand demo at reversinglabs.com/demo. For the stories behind the headlines, head to CISOseries.com.

December 9, 2020 Play Episode
Microsoft's December 2020 Patch Tuesday fixes 58 vulnerabilities Unpatched bugs open GE radiological devices to remote code execution Cloudflare and Apple design a new privacy-friendly internet protocol Thanks to our sponsor, Code42. Tomorrow Code42 will release its annual Data Exposure Report on Insider Risk. Last year's report revealed that 63% of new hires who admit to taking data with them to a new job are repeat offenders. Tune in tomorrow for highlights from this year's report. For the stories behind the headlines, go to CISOseries.com.

November 17, 2020 Play Episode
Apple responds to macOS privacy concerns The ransomware landscape is increasingly crowded Microsoft pauses Windows 10 updates in December Thanks to our sponsor, Dtex Reliance on 'person of interest' identification and potential analyst bias have put first-generation insider threat solutions on the shelf. DTEX InTERCEPT offers IT and SecOps teams a new approach. Only DTEX InTERCEPT collects and analyzes user behavior, history, trends, and context answering the Who, What, When and How leading up to, and following, any potential Insider Threat event. Learn more at dtexsystems.com. For more on any of the stories, head to cisoseries.com.

November 16, 2020 Play Episode
Qualcomm receives U.S. permission to sell 4G chips to Huawei Microsoft says three APTs have targeted seven COVID-19 vaccine makers Cobalt Strike 4.0 toolkit shared online Thanks to our sponsor, Dtex Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on any of the stories, head to cisoseries.com.

October 27, 2020 Play Episode
Twitter to "pre-bunk" voter misinformation Microsoft to force load some webpages in Edge Google removed three apps for violating data collection policies Thanks to our sponsor, F5. Join experts across F5, a leader in the app security space, on November 10th, to gain valuable, innovative insights into enabling advanced application security, sophisticated cyber-attacks, trends in online fraud and how to manage risks in the cloud. Sign up now to join this must-attend virtual security event For more on this week's stories, head toCISOseries.com.

October 26, 2020 Play Episode
New Emotet attacks urges recipients to upgrade Microsoft Word Windows 10 now hides the SYSTEM control panel Samsung Group titan Lee Kun-hee dies aged 78 Thanks to our sponsor, F5. 58% of organizations say maintaining security and compliance when managing apps in a multi-cloud environment is their biggest challenge. Be sure to attend the premier virtual security summit on November 10th where F5, an expert in app security, will cover how to protect your applications from today's advanced attacks and tomorrow's emerging threats. Register now. For more on this week's stories, head to CISOseries.com.

October 21, 2020 Play Episode
Justice Department charges Google in antitrust lawsuit Microsoft partners with SpaceX to launch Azure Space initiative Twitter is temporarily changing how you retweet Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for organizations. A platform where existing, and prospective vulnerability threats can be identified and mitigated through their pentests within set time slots. SecureLayer7, the cybersecurity solution for your organization. Discover SecureLayer7.net For the stories behind the headlines, go to CISOseries.com.

October 20, 2020 Play Episode
US files charges against high profile attackers A new browser wants to look at social media algorithms Microsoft Exchange and OWA are increasingly malware targets Thanks to our episode sponsor, SecureLayer7. Getting rid of vulnerabilities within the systems can be quite an intricate task. But why bother with anything else when there is an all in one cybersecurity package for organizations. A platform where existing, and prospective vulnerability threats can be identified and mitigated through their pentests within set time slots. SecureLayer7, the cybersecurity solution for your organization. Discover SecureLayer7.net For the stories behind the headlines, head to CISOseries.com.

October 16, 2020 Play Episode
US DOJ unseals charges against malware money laundering ring Microsoft launches the Zero Trust Deployment Center Hack disrupts Barnes & Noble brick and mortar Thanks to this week's sponsor, Trusona. Trusonaenables enterprises to secure and simplify user access by removing passwords from the Windows 10 login experience. With a single desktop sign-in using Trusona's passwordless MFA, employees are automatically authenticated into Office 365 or their SSO, giving them secure access to all of their corporate applications. Give your workforce a solution they don't have to work around. For more, head toCISOSeries.com

October 7, 2020 Play Episode
Paying ransomware ransom is now illegal, according to the Treasury Department Cisco ordered to pay $1.9 billion for security patent infringement Covid tracking in Microsoft Excel loses 16,000 test results in England Thanks to our sponsor, Detectify. Detectify is where security engineers and developers come to collaborate and build safer web apps using ethical hacker knowledge. Using payload-based testing, Detectify checks for 2000+ known vulnerabilities and helps you stay on top of emerging threats. Start a free 2-week trial today! More available at CISOseries.com.

September 28, 2020 Play Episode
China's biggest chip maker hit by US sanctions Elon Musk unhappy over Microsoft's exclusive licensing of OpenAI Google removes 17 Android apps doing WAP billing fraud from the Play Store Thanks to our sponsor ReversingLabs ReversingLabs is the leading provider of explainable threat intelligence. In only milliseconds, ReversingLabs elastic threat infrastructure automatically analyzes the world's most complex files and detects the most advanced threats. ReversingLabs gives modern security and threat hunting teams the transparent insights and trusted input required to take fast and confident defensive action--all with zero interruption to business critical systems. Learn more by watching an on-demand demo...

September 16, 2020 Play Episode
Senator calls for US to reject Oracle's TikTok deal MFA bypass bugs opened Microsoft 365 to attack Ex-Facebook employee reveals extent of bot manipulation intended for political gain Thanks to our sponsor, Dtex Systems Forget projects, get answers. Start preventing insider threats, stopping data loss, and monitoring remote employees in minutes, not days. And do it all without invading user privacy. DTEX Systems helps enterprises run safer and smarter with a first-of-its-kind human-centric approach to enterprise operational intelligence. Learn more and start a free 30-day trial at dtexsystems.com. For more on CISO Series, go to cisoseries.com.

September 11, 2020 Play Episode
Portland passes bans on facial recognition technology. Bluetooth SIG publishes details on Blurtooth vulnerability. Microsoft detects attempted cyberattacks against US presidential campaigns. Thanks to our sponsor, Remediant Remediantis a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

Cybersecurity Today

---

FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today Play Episode
FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack; Apple iPhone Exploit Patch; North Korean Fake IT Workers Grow Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst The episode reports that the FBI has seized the data leak site used by the Iran-linked hacktivist group Handala, which has been widely linked to the Stryker attack where attackers compromised admin accounts, stole data, and used Microsoft...

Coruna iOS Exploit Kit Goes Mass-Market: Cybersecurity Today for March 9, 2026 with David Shipley Play Episode
Coruna iOS Exploit Kit Goes Mass-Market, FBI Wiretap Platform Breach Probe, Windows Terminal ClickFix, and Iran-War Cyber Escalation This episode covers several major cybersecurity developments: Google's Threat Intelligence Group details Coruna, a sophisticated iOS exploit kit with 23 exploits and multiple chains affecting iOS 1317.2.1, shifting from targeted surveillance use to cryptocurrency-scam distribution and a PlasmaLoader payload aimed at stealing wallet data. The FBI is investigating suspicious activity involving its Digital Collection System Network used to support wiretaps and surveillance, with concerns about third-party vendor exposure and broader federal agency targeting. Microsoft reports a new ClickFix variation that abuses Windows...

BeyondTrust Zero-Day Exploited, Play Episode
This episode covers multiple active threats and security changes. It warns of an actively exploited critical BeyondTrust remote access vulnerability (CVE-2026-1731, CVSS 9.9) enabling pre-authentication remote code execution in Remote Support and Privileged Remote Access, noting SaaS was patched while on-prem deployments require urgent manual updates and may already be compromised. Microsoft details an evolution of the ClickFix social engineering technique where victims are tricked into running NSLookup commands that use attacker-controlled DNS responses as a malware staging channel, leading to payload delivery (including a Python-based RAT) and persistence via startup shortcuts, alongside increased Lumma Stealer activity. Cybersecurity Today would...

Exploited Microsoft Vulnerabilities, Phishing Tactics & Romance Scams: Cybersecurity Today Play Episode
In this episode of Cybersecurity Today with host Jim Love, we discuss six critical exploited Microsoft vulnerabilities, new phishing tactics using your own servers, and a zero-click vulnerability in Claude's code desktop extensions. We also explore trends in modern romance scams highlighting the younger, tech-savvy adult targets. Tune in for expert insights and practical tips to stay secure. Special thanks to Meter for their support. Hashtag Trending would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale....

Unsupported Edge Devices Present Global Threat, OpenClaw Threats Continue - Cybersecurity Today Play Episode
In this episode of Cybersecurity Today, host Jim Love discusses the increasing risks posed by unsupported edge devices in global infrastructure. Highlighted by a recent cyber incident in Poland's energy sector, edge devices are becoming critical vulnerabilities due to their role in network security. The Cybersecurity and Infrastructure Security Agency (CISA) has issued new advisories urging immediate action to update or remove unsupported edge devices. The episode also covers issues with Microsoft Exchange online wrongly flagging legitimate emails as phishing, Google's warning on post-quantum cybersecurity preparedness, and continuing exposures tied to the Open Claw security incident. Meter, a full-stack networking...

Cybersecurity Today: Month In Review - Microsoft Patch Fails, Fortinet Issues, and AI Risks Play Episode
Welcome to Cybersecurity Today's Month In Review Join host Jim Love, alongside cybersecurity experts David Shipley, Laura Payne, and Mike Puglia, as they dive into last month's major topics in the cybersecurity world. This episode covers ongoing issues with Microsoft patches, continuous security concerns with Fortinet, and the risks and ramifications of AI activities. They also discuss the implications of poor software quality and the persistent threats in the cyber world. Plus, hear the latest on Mage Cart scams and the debate over local admin rights. Don't miss this packed episode full of insights and expert analysis. Cybersecurity Today would...

The First Wave Of Sophisticated AI Generated Malware Play Episode
Critical Cybersecurity Updates: Microsoft, Goot Loader, Anthropic, and AI-Generated Malware In this episode of Cybersecurity Today, host Jim Love discusses the latest security patches and threats in the industry. Topics include Microsoft's recent patch for a Windows Admin Center flaw, the resurgence and evolution of Goot Loader malware, Anthropic's quiet patching of key vulnerabilities in their Git MCP server, and the emergence of Void Link, an advanced AI-generated malware targeting Linux-based servers. Tune in to learn about the implications of these updates and what steps you can take to protect your systems. Cybersecurity Today would like to thank Meter for...

Staples Slips Up On Data Removal Play Episode
Cybersecurity Challenges: Data Privacy Failures, AI Risks, and New Malware Threats In this episode of Cybersecurity Today, host David Shipley covers a range of pressing issues. The discussion kicks off with Staples Canada reselling laptops without wiping customer data, highlighting loopholes in Canada's privacy laws. Next, David delves into a new class of attacks known as 'Reprompt' that target Microsoft Co-pilot, exposing vulnerabilities in large language models. The episode also explores a critical flaw in ServiceNow's virtual agent that allowed attackers to impersonate legitimate users, emphasizing the importance of robust identity verification. Lastly, a newly discovered advanced Linux malware framework...

Arrests In 0365 Scheme: Cybersecurity Today With David Shipley Play Episode
Global Cybercrime Crackdowns and Rising Threats This episode of 'Cybersecurity Today' hosted by David Shipley covers significant cybersecurity news. Nigerian police arrested three suspects linked to a Microsoft 365 phishing platform known as Raccoon O365. U.S. prosecutors charged 54 individuals in an ATM malware scheme tied to a Venezuelan criminal organization. Two incident responders pleaded guilty to conducting ransomware attacks while employed to help victims of such attacks. Denmark officially blamed Russia for a cyber attack on a water utility, exacerbating geopolitical tensions. Each segment highlights the intricate and international nature of modern cybercrime and the ongoing challenges in cybersecurity....

React2Shell Vulnerability, Black Force Phishing Kit, Microsoft OAuth Attacks, and PornHub Data Breach Play Episode
In this episode of Cybersecurity Today, host Jim Love discusses a range of pressing cybersecurity threats. The show covers the escalating React2Shell vulnerability, which has led to widespread automated exploitation campaigns involving crypto miners and back doors. Additionally, Jim reports on the Black Force phishing kit, which bypasses multifactor authentication and is gaining traction among cybercriminals. Microsoft OAuth consent attacks are also highlighted, with users being tricked into granting access to their accounts. Finally, the episode touches on PornHub's data breach involving the Shiny Hunters cybercrime group and the importance of patching vulnerabilities and being cautious during the holiday season....

Shady Panda Hides For Years In Legitimate Browser Extensions: Cybersecurity Today Play Episode
In this episode of 'Cybersecurity Today,' host Jim Love discusses several significant cybersecurity issues. Highlights include a maximum severity vulnerability in React Server Components dubbed React2Shell (CVE-2025-55182), a recently patched Windows shortcut flaw by Microsoft, and new attacks using the Evilginx phishing platform in schools. Additionally, the show explores a long-running campaign by 'Shady Panda,' which used browser extensions to harvest data, and an unexpected failure by Google's AI tool that led to the deletion of a developer's hard drive. The episode also thanks Meter for their continued support. 00:00 Introduction and Sponsor Message 00:48 React Vulnerability: React2Shell 03:13 Microsoft's...

Living off the Land Attacks and Emerging Cyber Threats Play Episode
This episode of Cybersecurity Today, hosted by Jim Love, delves into various cybersecurity threats and latest news. Topics include 'living off the land' attacks using Microsoft's native utilities, spoofing Calendly invites for phishing Google and Meta credentials, a significant breach at the University of Pennsylvania linked to Oracle E-Business Suite vulnerabilities, and findings on AI jailbreaks tied to syntactic patterns by researchers from MIT, Northeastern University, and Meta. The episode emphasizes the ongoing challenges and evolving strategies in cybersecurity. 00:00 Introduction and Sponsor Message 00:43 Living Off the Land Attacks Explained 03:41 Fake Calendly Invites and Phishing Campaigns 05:47 Oracle...

Cybersecurity Today: QR Code Parking Scams, Evil Twin WiFi Attacks & Microsoft's Teams Flaw Play Episode
In this episode of Cybersecurity Today, host David Shipley discusses a range of pressing cybersecurity issues. Topics include the surge in QR code parking scams, with recent cases in Monaco, Ottawa, and across Europe; an Australian man sentenced for evil twin WiFi attacks targeting travelers; the shutdown of the Code Red emergency notification system due to ransomware; and critical vulnerabilities in Microsoft Teams' guest access feature. Shipley also examines the newly launched hacklore.org website aiming to debunk cybersecurity myths, while critiquing its dismissal of real-world threats. Stay informed on how criminals exploit simple deception, human assumptions, and technology lapses to...

Cybersecurity Update: Incorrect Company Naming, Major Breaches, and New Malware Campaigns Play Episode
In this episode, the host addresses a previous mistake in naming a company involved in a breach, correcting SitusAMC for Ascensus, and extends apologies. Key topics include US banks assessing a breach fallout from financial tech vendor SitusAMC, ransomware group CioP targeting Broadcom through Oracle's vulnerabilities, a new malware campaign hiding in Blender 3D models named SteelC, supply chain attacks in the JavaScript ecosystem through NPM packages with Shai-Hulud malware, and a phishing scam using lookalike domains to deceive Microsoft account holders. Listeners are reminded to manually type URLs to avoid phishing scams, and are informed about the Thanksgiving weekend...

Major US Bank Data Linked Through Breach At SitusAMC Play Episode
In today's episode of Cybersecurity Today, hosted by Jim Love, several major cybersecurity incidents are discussed. US banks are assessing the impact of a security breach at SitusAMC, where the ALFV ransomware group claimed to have stolen three terabytes of data. CIOP has targeted Broadcom through Oracle's E-Business Suite vulnerabilities. A new malware campaign hides inside Blender 3D models, exploiting the auto-run feature to deploy Steel C malware. The JavaScript ecosystem faces a supply chain attack from the Shai-Hulud malware compromising 500 NPM packages. Additionally, a phishing campaign leveraging visual deception with look-alike domains is targeting Microsoft account holders. The...

Major CloudFlare Outages, Black Friday Phishing Surge, AI Privacy Breach at Ontario Hospital, and Salesforce Data Theft Investigation Play Episode
In this episode of Cybersecurity Today, host Jim Love discusses several major cybersecurity events. CloudFlare faced significant outages affecting major platforms like Amazon and YouTube, along with continued issues for Microsoft 365 users. NordVPN warned of a surge in fake shopping websites as Black Friday approaches, with phishing attempts climbing 36% between August and October. An AI transcription tool caused a privacy breach at an Ontario hospital, leading to a privacy probe. Finally, Salesforce is investigating a data theft wave linked to Gainsight, illustrating the risks of OAuth token misuse. The episode is supported by Meter, a network infrastructure provider....

Cybersecurity Today: CloudFlare Outage, Microsoft's AI Risk, New Red Team Tool, and More! Play Episode
In this episode of 'Cybersecurity Today,' host Jim Love covers multiple pressing topics: CloudFlare's major outage affecting services like OpenAI and Discord, Microsoft's new AI feature in Windows 11 and its potential malware risks, a new red team tool that exploits cloud-based EDR systems, and a new tactic using calendar invites as a stealth attack vector. Additionally, a critical SAP vulnerability scoring a perfect 10 on the CVSS scale is discussed alongside a peculiar event where Anthropic's AI mistakenly tried to report a cybercrime to the FBI. The episode wraps up with a mention of the book 'Alyssa, A Tale...

Industrial Phishing Kit QRR Discovered: New Cyber Threats Unveiled | Cybersecurity Today Play Episode
In this episode of Cybersecurity Today, host David Shipley covers the latest threats in the cybersecurity landscape. Highlights include the emergence of the quantum root redirect (QRR) phishing kit, a sophisticated automated phishing platform targeting Microsoft 365 credentials across 90 countries. The hospitality industry is also being hit with a new 'click fix' phishing campaign, compromising booking systems and targeting hotel guests. Researchers discover new vulnerabilities in ChatGPT, exposing private data via indirect prompt injection attacks. Additionally, the University of Pennsylvania confirms a massive data breach, highlighting the risks of not implementing comprehensive MFA protocols. Stay informed with the latest...

US Congressional Budget Office Breach, AI in Cyber Attacks & Veterans Defend Canada Play Episode
Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst In today's episode, we cover the breach at the US Congressional Budget Office and its implications on national security, Microsoft Teams' chat feature being exploited for phishing attacks, and the increasing use of AI in cyber attacks. We also highlight how Canadian veterans are being retrained for careers in cybersecurity through the Coding for Veterans program. Hosted by Jim...

Alarm Bells in Ivy League School Play Episode
In this episode, host David Shipley discusses a significant cybersecurity breach at the University of Pennsylvania, which involved offensive emails sent from legitimate university addresses. The attackers claim to have accessed sensitive data, though their statements remain unverified. Shipley emphasizes the importance of vigilant communication and rapid response systems in mitigating damage. The episode also covers urgent cybersecurity alerts issued by Western agencies for Microsoft Exchange and WSUS servers, highlighting the necessity of continuous system updates and robust security measures. Lastly, Australia's cybersecurity agency warns against ongoing attacks on unpatched Cisco devices, urging immediate action. The episode underscores the theme...

Cybersecurity Today: October Recap - Addressing AI, DNS Failures, and Security Vulnerabilities Play Episode
In this episode of 'Cybersecurity Today,' the panel, including Laura Payne from White TOK and David Shipley from Boer on Securities, reviews the major cybersecurity events of October. Key topics include DNS failures at AWS and Microsoft, the rise of AI and its associated security concerns, and several severe cloud and on-premises vulnerabilities in platforms like SharePoint and WSUS. The discussion highlights a surge in sophisticated phishing threats, the integration of AI in cyber attacks, and the critical importance of multifactor authentication. The panel also examines the implications of recent security breaches affecting critical infrastructure and the broader impact of...

Pwn2Own Ireland 2025: Major Cybersecurity Revelations & Critical Vulnerabilities Play Episode
In this episode of Cybersecurity Today, host David Shipley covers the latest updates from the Pwn2Own 2025 event in Ireland, where top hackers earned over $1 million for uncovering 73 zero-day vulnerabilities. Despite significant hype, AI's impact on cybersecurity remains limited. We also dive into a critical Microsoft WSUS flaw under active exploitation and its implications for U.S. government cyber defenses amid a federal shutdown. Lastly, ESET reports reveal North Korea's increased cyber espionage targeting European drone manufacturers. Stay informed on the ever-evolving landscape of cybersecurity threats and defenses. 00:00 Introduction and Headlines 00:29 Pwn to Own 2025 Highlights 02:35...

Ransomware Dominates Cyber Attacks & AI Tools for Cybersecurity | Tech News Update Play Episode
In this episode of Cybersecurity Today, your host Jim Love discusses Microsoft's latest findings on how ransomware and extortion account for over half of all cyber attacks globally, highlighting the shift toward financially driven crimes. Learn about the breach at the Kansas City National Security Campus due to a SharePoint vulnerability and how Anthropic's new open-source sandbox aims to make AI coding safer. Additionally, discover how AI tools can help spot scams as Jim shares his personal experience and practical tips. Stay informed on the latest cybersecurity trends and essential defense strategies. 00:00 Introduction and Headlines 00:26 Ransomware Dominates Cyber...

Critical Security Alerts: TikTok Malware & Europol's SIM Farm Takedown Play Episode
In this episode of Cybersecurity Today, host David Shipley covers the latest developments in cyber threats and law enforcement victories. Topics include: cybercriminals using TikTok videos to disseminate malware through click-fix attacks, Europol shutting down a massive SIM farm powering 49 million fake online accounts, and Microsoft's emergency patch release for a critical ASP.NET Core vulnerability rated 9.9 in severity. The episode also highlights community efforts in raising cybersecurity awareness. 00:00 Introduction and Headlines 00:23 TikTok Malware Campaign 03:43 Europol's Major SIM Farm Bust 07:45 Microsoft's Critical ASP.NET Core Vulnerability 11:55 Community Shoutouts and Conclusion

CyberWire Daily

---

Watch out for cybercrime frequent flyers. Play Episode
Drone strikes hit a key chip supply chain. China-linked hackers target Southeast Asian militaries. Attackers race ahead with AI. ShinyHunters claim a massive Telus breach. Microsoft issues a hotpatch. Malware turns up on Steam. Fileless attacks grow. Airline miles become cybercrime currency. Monday business breakdown. Tim Starks from CyberScoop unpacks the Stryker attack and the nebulous nature of Iranian cyber activity. AI playmates puzzle preschoolers. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll never miss a beat. And be sure to...

AI as Tradecraft: How Threat Actors Are Operationalizing AI [Microsoft Threat Intelligence Podcast] Play Episode
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippois joined by Greg Schlomer and VladHonyanyyto discuss new research on Jasper Sleet, a North Koreanaligned threat actor incorporating AI into active operations. The conversation examines how AI is being integrated across the attack lifecycle from highly tailored phishing lures and fabricated job applicant personas to accelerating malware development and refining operational workflows. Rather than treating AI as a novelty, Jasper Sleet is using it to increase speed, scale, and adaptability while reducing many of the friction points that once slowed campaigns. They also explore what this shift means...

AI as Tradecraft: How Threat Actors Are Operationalizing AI [Microsoft Threat Intelligence Podcast] Play Episode
In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippois joined by Greg Schlomer and VladH.to discuss new research on Jasper Sleet, a North Koreanaligned threat actor incorporating AI into active operations. The conversation examines how AI is being integrated across the attack lifecycle from highly tailored phishing lures and fabricated job applicant personas to accelerating malware development and refining operational workflows. Rather than treating AI as a novelty, Jasper Sleet is using it to increase speed, scale, and adaptability while reducing many of the friction points that once slowed campaigns. They also explore what this shift means...

The parallel war online. Play Episode
Cyberwar shadows the US Israel attack on Iran. Hackers hijack Pakistani news broadcasts. President Trump orders all federal agencies to stop using AI technology from Anthropic. The Health Care Cybersecurity and Resiliency Act clears a hurdle. A new RAT streamlines double extortion attacks against Windows systems. CISA updates warnings on a zero-day targeting Ivanti Connect Secure devices. A North Korea-linked group targets air-gapped systems. Monday business breakdown. On our Afternoon Cyber Tea segment from Microsoft Security, host Ann Johnson speaks with Rob Surez, Vice President and Chief Information Security Officer at CareFirst BlueCross BlueShield, about cybersecurity in healthcare. Tim Starks...

Rooted and patient. Play Episode
A China-linked group exploits a critical Dell zero-day for 18 months. A Microsoft 365 Copilot bug risks sensitive email oversharing. A new Linux botnet leans on old-school IRC for command and control. Switzerland tightens critical infrastructure rules with mandatory cyber reporting. AstarionRAT emerges as a custom post-exploitation implant. Researchers find serious flaws in popular PDF platforms. A suspected Iranian-aligned campaign targets protest supporters. Notepad++ rolls out a double-lock update fix. And a Spanish court orders NordVPN and ProtonVPN to block illegal football streams. Our guest is Keith Mularski, Former FBI Special Agent and Chief Global Ambassador at Qintel, reflecting on...

Total defense meets total threat. Play Episode
Global leaders call for collaboration at the Munich Cyber Security Conference. Phishing campaigns exploit fake video conference invitations. Italian authorities say cyber attacks on the Winter Olympics have met overall mitigation. AI reshapes the economics of ransomware attacks. CISA tags a critical Microsoft Configuration Manager vulnerability. Foxveil is a new malware loader targeting legitimate platforms. Researchers examine macOS infostealers. California fines Disney $2.75 million for violating the Consumer Privacy Act. Maria Varmazis, host of T-Minus space daily and CyberWire Producer Liz Stokes preview their coverage of the NATO Cyber Coalition 2025 Cyber Exercise in Tallinn, Estonia. When pull requests get...

Wind and solar take a cyber hit. Play Episode
Poland says weak security left parts of its power grid exposed. A Russian-linked hacker alliance threatens Denmark with a promised cyber offensive. Fancy Bear moves fast on a new Microsoft Office flaw, hitting Ukrainian and EU targets. Researchers find a sprawling supply chain attack buried in the ClawdBot AI ecosystem. A new report looks at how threats are shaping the work of journalists and security researchers. A stealthy Windows malware campaign blends Pulsar RAT with Stealerv37. A former Google engineer is convicted of stealing AI trade secrets for China. The latest cybersecurity funding and deal news. On our Afternoon Cyber...

The hackers made me do it, or did they? Play Episode
Microsoft rushes an emergency fix for an actively exploited Office zero-day. A suspected cyberattack halts rail service in Spain. The FBI probes Signal chats in Minnesota. The UK moves to overhaul policing for the cyber age. Romania investigates a hitman-for-hire site. A UK court awards $4.1 million in a Saudi spyware case. Google agrees to a voice assistant settlement. CISA maps post-quantum crypto readiness. Prosecutors charge an Illinois man over a Snapchat hacking scheme targeting hundreds of women. Our guest today is Cynthia Kaiser, SVP of the Ransomware Research Center at Halcyon, sharing some insight into the AI and quantum...

When encryption meets enforcement. Play Episode
Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Groks creation of sexually explicit images. Glimmers of access pierce Irans internet blackout. Koi Security warns npm fixes fall short against PackageGate exploits. Some Windows 11 devices fail to boot after installing the January Patch Tuesday updates. CISA warns of active exploitation of multiple vulnerabilities across widely used enterprise and developer software. ESET researchers have attributed the cyberattack on Polands energy sector to Russias Sandworm. This week's business breakdown. Brandon Karpf joins us to talk space and cyber. CISA sits out RSAC. Remember to...

A long day without bars. Play Episode
Verizon hit by a major wireless outage. Poland blocks an attack on its power grid. A massive database of French citizens exposed. Microsoft shuts down a cybercrime-as-a-service operation. The UK backs away from digital ID plans. California probes Grok deepfakes. The FTC settles with GM over location data. Palo Alto Networks patches a serious firewall flaw. Plus, John Serafini of HawkEye on modern signals intelligence, and federal agents seize devices from a Washington Post reporter. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing,...

America goes solo on cyber. Play Episode
The US withdraws from global cybersecurity institutions. A maximum-severity vulnerability called Ni8mare allows full compromise of a workflow automation platform. Cisco patches ISE. Researchers uncover a sophisticated multi-stage malware campaign targeting manufacturing and government organizations in Italy, Finland, and Saudi Arabia. The growing rift of defining AI risk. Microsoft gives 365 admins a one-month deadline to enable MFA. The Illinois Department of Human Services inadvertently exposed personal and protected health information of more than 700,000 residents. An Illinois man is charged with hacking Snapchat accounts to steal nudes. Our guest is Caitlin Clarke, Senior Director for Cybersecurity Services at Venable,...

Dont trust that app! Play Episode
While our team is out on winter break, please enjoy this episode of Research Saturday. Today we are joined by Selena Larson, co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens,...

Lorrie Cranor: Why Security Fails Real People [Afternoon Cyber Tea] Play Episode
While our team is out on winter break, please enjoy this episode of Afternoon Cyber Tea with Ann Johnson from our partners at Microsoft Security. Dr. Lorrie Cranor, Director of theCyLabSecurity and Privacy Institute at Carnegie Mellon Universityjoins AnnJohnson, Corporate Vice President, Microsoft,on this week's episode of Afternoon Cyber Tea to discuss the critical gap between security design and real-world usability. They explore why security tools oftenfailusers, the ongoing challenges with passwords andpassword lessauthentication, and how privacy expectations have evolved in an era of constant data collection. Dr. Cranor emphasizes the importance of user-centered design, practical research, behavioral insights, and...

The New Frontlines of Cybersecurity: Lessons from the 2025 Digital Defense Report [Microsoft Threat Intelligence Podcast] Play Episode
While our team is out on winter break, please enjoy this episode of The Microsoft Threat Intelligence Podcast from our partners at Microsoft. In this episode of theMicrosoft Threat Intelligence Podcast, host SherrodDeGrippois joined by ChloMessdaghiand Crane Hassold to unpack the key findings of the 2025 Microsoft Digital Defense Report; a comprehensive look at how the cyber threat landscape is accelerating through AI, automation, and industrialized criminal networks. They explore how nation-state operations and cybercrime have fused into a continuous cycle of attack and adaptation, with actors sharing tooling, infrastructure, and even business models. The conversation also examines AIs growing...

Another day, another emergency patch. Play Episode
Apple and Google issue emergency updates to patch zero-days. Google links five additional Chinese state-backed hacking groups to React2Shell. Frances Ministry of the Interior was hit by a cyberattack. Atlassian patches roughly 30 third-party vulnerabilities. Microsoft says its December 2025 Patch Tuesday updates are breaking Message Queuing. Researchers uncovered a massive exposed database with nearly 4.3 billion professional records openly accessible online. Britains new MI6 chief warns of an aggressive, expansionist, and revisionist Russia. Monday Business Brief. On todays Threat Vector, Michael Heller from Unit 42 chats with security leaders Greg Conti and Tom Cross to unpack the hacker mindset...

Pay cuts and a personnel freefall. Play Episode
CISA staff may see pay cuts in 2026. Threat actors advertise a full chain zero-day exploit for iOS. A US-led international coalition releases joint guidance on integrating AI into operational technology. Microsoft lowers sales growth targets for its agentic AI products. A major fintech provider suffers a ransomware-linked breach. Arizonas Attorney General sues Temo over data collection practices. Lessons learned from Capitas handling of Black Basta. The UK sanctions Russias GRU. My guest is Dave Baggett, co-founder and CEO of INKY (recently acquired by Kaseya), about the challenges of email security. A U.S. Bankruptcy Court insists on AI transparency. Remember...

From cryptomixers to recipe mixers. Play Episode
European authorities take down an illegal cryptomixer. An Australian man is sentenced for running an airport evil twin WiFi campaign. Researchers unmask a Scattered LAPSUS$ Hunters impresario. CISA flags a cross-site scripting flaw in OpenPLC ScadaBR. A major South Korean retailer suffers a data breach affecting over 33 million customers. Threat actors abuse digital calendar subscription features. New Yorks new hospital cybersecurity mandates may raise the bar nationwide. Scammers target Cyber Monday shoppers. Monday business brief. Ann Johnson speaks with Microsofts Amy Hogan-Burney on the Afternoon Cyber Tea segment. Google gets caught reheating someone elses holiday recipe. Remember to leave...

Inside Jingle Thief Cloud Fraud Unwrapped [Threat Vector] Play Episode
In this special episode of Threat Vector, host David Moulton, Senior Director of Thought Leadership for Unit 42, sits down with Stav Setty, Principal Researcher at Palo Alto Networks, to unpack Jingle Thief a cloud-only, identity-driven campaign that turned Microsoft 365 into a gift card printing press. Stav explains how the Morocco based group known as Atlas Lion lived off the land inside M365 for months at a time, using tailored phishing and smishing pages, URL tricks, and internal phishing to compromise one user and quietly pivot to dozens more. Together, David and Stav walk through how the attackers abused...

404: Cybercrime not found. Play Episode
Operation Endgame expands global takedowns. The U.S. is creating a Scam Center Strike Force. Microsoft rolls out its delayed Prevent screen capture feature for Teams. Proton Pass patches a clickjacking flaw. Researchers uncover previously undisclosed zero-day flaws in both Citrix and Cisco Identity Services Engine. Android-based digital picture frames contain multiple critical vulnerabilities. Lumma Stealer rebounds after last months doxxing campaign. Our guest is Garrett Hoffman, Senior Manager of Cloud Security Engineering from Adobe, talking about achieving cloud security at scale. X marks the spot where your passkey stops working. Remember to leave us a 5-star rating and review in...

From small charges to big busts. Play Episode
Operation Chargeback takes down global fraud networks. An investigation reveals the dangers of ADINT. M&S profits plunge after a cyberattack. Google patches a critical Android flaw. Asian prosecutors seize millions from an accused Cambodian scam kingpin. Ohio residents are still guessing water bills months after a cyberattack. Houston firefighters deny blame in city data breach. Nikkei reports a slack breach exposing 17,000 records.The GoogleWiz deal clears DOJ review. Ann Johnson welcomes her Microsoft colleague Frank X. Shaw to Afternoon Cyber Tea. Norway parks its Chinese Bus in a cave, just in case. Remember to leave us a 5-star rating and...

Dial M for malware. Play Episode
A Texas telecom confirms a nation-state attack. A global outage disrupts Azure and Microsoft 365 services. Malicious npm packages steal sensitive data from Windows, Linux, and macOS systems. Hacktivists have breached multiple critical infrastructure systems across Canada. Major chipmakers spill the TEE. TP-Link home routers fall under federal scrutiny. Cloud Atlas targets Russias agricultural sector. Israels cloud computing deal with Google and Amazon allegedly includes a secret winking mechanism.The FCC tamps down on overseas robocalls. Mike Anderson, from Netskope, discusses why CIOs should think like HR leaders when considering Agentic AI. Danes Draw the line at digital doppelgngers. Remember to...

Logging off in Myawaddy. Play Episode
Explosions rock a shuttered Myanmar cybercrime hub. The Aisuru botnet shifts from DDoS to residential proxies. Dentsu confirms data theft at Merkle. Boston bans biometrics. Proton restores journalists email accounts after backlash. Memento labs admits Dante spyware is theirs. Australia accuses Microsoft of improperly forcing users into AI upgrades. CISA warns of active exploitation targeting manufacturing management software. A covert cyberattack during Trumps first term disabled Venezuelas intelligence network. Our guest is Ben Seri, Co-Founder and CTO of Zafran, discussing the trend of AI native attacks. New glasses deliver fashionable paranoia. Remember to leave us a 5-star rating and review...

The spy who sold out. Play Episode
A former defense contractor is charged with attempting to sell trade secrets to Russia. Researchers uncover critical vulnerabilities in TP-Link routers. Microsoft patches a critical Windows Server Update Service flaw. CISA issues eight new ICS advisories. Shadow Escape targets LLMs database connections. Halloween-themed scams spike. Our guest is Chris Inglis, first National Cyber Director, speaking on cybercrime and the upcoming documentary on cyber war, "Midnight in the War Room". WhatsApps missing million-dollar exploit. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll...

Hackers peek behind the nuclear curtain. Play Episode
A foreign threat actor breached a key U.S. nuclear weapons manufacturing site. The cyberattack on Jaguar Land Rover is the most financially damaging cyber incident in UK history. A new report from Microsoft warns that AI is reshaping cybersecurity at an unprecedented pace. The ToolShell vulnerability fuels Chinese cyber operations across four continents. Fake browser updates are spreading RansomHub, LockBit, and data-stealing malware. Hackers deface LA Metro bus stop displays. A Spyware developer is warned by Apple of a mercenary spyware attack. Pwn2Own payouts proceed. Ben Yelin from University of Maryland Center for Cyber Health and Hazard Strategies on a...

The SMB slip-up. Play Episode
CISA warns a Windows SMB privilege escalation flaw is under Active exploitation. Microsoft issues an out of band fix for a WinRE USB input failure. Nation state hackers had long term access to F5. Envoy Air confirms it was hit by the zero-day in Oracles E-Business Suite. A nonprofit hospital system in Massachusetts suffers a cyberattack. Russians COLDRiver group rapidly retools its malware arsenal. GlassWorm malware hides malicious logic with invisible Unicode characters. European authorities dismantle a large-scale Latvian SIM farm operation. Myanmars military raids a notorious cybercrime hub. Josh Kamdjou, from Sublime Security discusses how teams should get ahead...

Prospers not so prosperous week. Play Episode
Prosper data breach reportedly affected more than 17 million accounts. Microsoft revokes certificates used in Rhysida ransomware operation. Threat actors exploit Cisco flaw to deploy Linux rootkits. Europol disrupts cybercrime-as-a-service operation. BeaverTail and OtterCookie merge and display new functionality. Singapore cracks down on social media. On our Industry Voices segment, we are joined by Danny Jenkins who is talking about defending against AI. And who let the bots out? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll never miss a beat....

Chinese hackers serve up espionage. Play Episode
Chinese hackers infiltrate a major U.S. law firm. The EU Commission President warns Russia is waging a hybrid war against Europe. Researchers say LoJax is the latest malware from Russias Fancy Bear. Salesforce refuses ransom demands. London Police arrest two teens over an alleged ransomware attack on a preschool. Microsoft tightens Windows 11 setup restrictions. SINET and DataTribe spotlight 2025 cybersecurity innovators. On our Industry Voices segment, we are joined by Sean Deuby, Semperis Principal Technologist, discussing identity system security and the growth of the HIP Conference. Employees overshare with ChatGPT. Remember to leave us a 5-star rating and review...

Critical GoAnywhere bug fuels ransomware wave. Play Episode
Microsoft tags a critical vulnerability in Fortras GoAnywhere software. A critical Redis vulnerability could allow remote code execution. Researchers tie BIETA to Chinas MSS technology enablement. Competing narratives cloud the Oracle E-Business Suite breach. An Ohio-based vision care firm will pay $5 million to settle phishing-related data breach claims. Trinity of Chaos claims to be a new ransomware collective. LinkedIn files a lawsuit against an alleged data scraper. This years Nobel Prize in Physics recognizes pioneering research into quantum mechanical tunneling. On todays Industry Voices segment, we are joined by Alastair Paterson from Harmonic Security, discussing shadow AI and the...

One flaw to rule the root. Play Episode
CISA issues an urgent warning about active exploitation of a critical vulnerability in the sudo utility. Broadcom patches two high-severity vulnerabilities in VMware NSX. South Korea raises its national cyber threat level after a datacenter fire. Formbricks patches a critical token validation flaw. Microsoft blocks a credential phishing campaign that made use of malicious SVG files. Landlords are accused of scraping sensitive payroll data. Cybercriminals lay the groundwork for large-scale FIFA fraud. Burnout takes a heavy toll on cybersecurity professionals. On our Threat Vector segment, host David Moulton is joined by Kyle Wilhoit talking about the evolution of hacker culture...

CISA sounds the alarm on Cisco flaws. Play Episode
CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Koreas hybrid playbook of cybercrime and insider threats. An old Hikvision security camera vulnerability rears its ugly head. Dan Trujillo from the Air Force Research Laboratorys Space Vehicles Directorate joins...

Code beneath the sand. Play Episode
A new self-replicating malware infects the NPM repository. Microsoft and Cloudflare disrupt a Phishing-as-a-Service platform. Researchers uncover a new Fancy Bear backdoor campaign. The VoidProxy phishing-as-a-service (PhaaS) platform targets Microsoft 365 and Google accounts. A British telecom says its ransomware recovery may stretch into November. A new Rowhammer attack variant targets DDR5 memory. Democrats warn proposed budget cuts could slash the FBIs cyber division staff by half at a heated Senate Judiciary Committee hearing. On our Industry Voices segment, we are joined by Abhishek Agrawal from Material security discussing challenges of securing the Google Workspace. Pompompurin heads to prison. Remember...

WhatsAppened to Samsung? Play Episode
Samsung patches a critical Android zero-day vulnerability. Microsoft resolves a global Exchange Online outage. CISA reaffirms its commitment to the CVE program. California passes a bill requiring web browsers to let users automatically send opt-out signals. Apple issues spyware attack warnings. The FTC opens an investigation into AI chatbots on how they protect children and teens. A hacker convicted of attempting to extort more than 20,000 psychotherapy patients is free on appeal. Our guest is Dave Lewis, Global Advisory CISO at 1Password, discussing how security leaders can protect M&A deal value and integrity. Schools face insider threats from students. Remember...

Cyber and AI take center stage. Play Episode
The House passes a defense policy bill that includes new provisions on cybersecurity and artificial intelligence. Senator Wyden accuses Microsoft of gross cybersecurity negligence after a 2024 ransomware attack crippled healthcare giant Ascension. The White House shelves plans to split U.S. Cyber Command and the NSA. The Pentagon finalizes its long-awaited Cybersecurity Maturity Model Certification (CMMC 2.0) rule. Akira ransomware group targets SonicWall devices. Officials warn solar-powered highway infrastructure should be checked for hidden radios. The Atlantic Council maps the global spyware market. Researchers uncover serious flaws in Apples AirPlay. A European DDoS mitigation provider thwarts a record-breaking attack. My...

Chalk one up for defenders. Play Episode
The open source community heads off a major npm supply chain attack. The Treasury Department sanctions cyber scam centers in Myanmar and Cambodia. Scammers abuse iCloud Calendar invites to send callback phishing emails. Researchers discover a new malware variant exploiting exposed Docker APIs. Phishing attacks abuse the Axios user agent and Microsofts Direct Send feature. Plex warns users of a data breach. Researchers flag a surge in scans targeting Cisco ASA devices. CISA delays finalizing its incident reporting rule. The GAO says federal cyber workforce figures are incomplete and unreliable. Our guest is Kevin Magee, Global Director of Cybersecurity Startups...

Dont trust that app! [Research Saturday] Play Episode
Today we are joined by Selena Larson, co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint, sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, mainly Tycoon. These attacks redirect users to fake Microsoft login pages to capture credentials, 2FA tokens, and session cookies, targeting nearly 3,000 Microsoft 365 accounts across 900 environments in 2025. Microsofts...

Live from Black Hat: Ransomware, Responsible Disclosure, and the Rise of AI [Microsoft Threat Intelligence Podcast] Play Episode
While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday. In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers. First, Sherrod sits down with Tom Gallagher, VP of Engineering and head of the Microsoft Security Response Center (MSRC). Tom shares how his team works with researchers worldwide, why responsible disclosure matters, and how programs...

Undoing the undo bug. Play Episode
Microsoft releases emergency out-of-band (OOB) Windows updates. Trump targets NSAs leading AI and cyber expert in clearance revocations. A breach may have compromised the privacy of Ohio medical marijuana patients. Cybercriminals exploit an AI website builder to rapidly create phishing sites. Warlock ransomware operators target Microsofts SharePoint ToolShell vulnerability. Google and Mozilla patch Chrome and Firefox. European officials report two cyber incidents targeting water infrastructure. A federal appeals court has upheld fines against T-Mobile and Sprint for illegally selling customer location data. Authorities dismantle DDoS powerhouse Rapper Bot. On our Industry Voices segment, we are joined by Matt Radolec, VP...

When spies get spied on. Play Episode
Patch Tuesday. The Matrix Foundation patches high-severity vulnerabilities in its open-source communications protocol. The Curly COMrades Russian-aligned APT targets critical infrastructure. Microsoft tells users to ignore new CertificateServicesClient (CertEnroll) errors. Researchers uncover a malware campaign hiding the NjRat Remote Access Trojan in a fake Minecraft clone. Motorcycle manufacturer Royal Enfield suffers a ransomware attack. The DOJ details a major operation against the BlackSuit ransomware group. Our guest is Jack Jones, father of Factor Analysis of Information Risk (FAIR) and the FAIR Controls Analytics Model (FAIR-CAM), sharing insights on cyber risk quantification. Data Brokers digital hide-and-seek. Remember to leave us a...

Deadlines in the cloud. Play Episode
CISA issues an Emergency Directive to urgently patch a critical vulnerability in Microsoft Exchange hybrid configurations. SoupDealer malware proves highly evasive. Google patches a Gemini calendar flaw. A North Korean espionage group pivots to financial crime. Russias RomCom exploits a WinRAR zero-day. Researchers turn Linux-based webcams into persistent threats. The Franklin Project enlists volunteer hackers to strengthen cybersecurity at U.S. water utilities. DoD announces the winner of DARPAs two-year AI Cyber Challenge. The U.S. extradites Ghanaian nationals for their roles in a massive fraud ring. Our guest is Steve Deitz, President of MANTECH's Federal Civilian Sector, with a look at...

Exchange hybrid flaw raises cloud alarm. Play Episode
Microsoft warns of a high-severity vulnerability in Exchange Server hybrid deployments. A Dutch airline and a French telecom report data breaches. Researchers reveal new HTTP request smuggling variants. An Israeli spyware maker may have rebranded to evade U.S. sanctions. CyberArk patches critical vulnerabilities in its secrets management platform. The Akira gang use a legit Intel CPU tuning driver to disable Microsoft Defender. ChatGPT Connectors are shown vulnerable to indirect prompt injection. Researchers expose new details about the VexTrio cybercrime network. SonicWall says a recent SSLVPN-related cyber activity is not due to a zero-day. Ryan Whelan from Accenture is our man...

Chasing Silicon shadows. Play Episode
Two Chinese nationals are arrested for allegedly exporting sensitive Nvidia AI chips. A critical security flaw has been discovered in Microsofts new NLWeb protocol. Vulnerabilities in Dell laptop firmware could let attackers bypass Windows logins and install malware. Trend Micro warns of an actively exploited remote code execution flaw in its endpoint security platform. Google confirms a data breach involving one of its Salesforce databases. A lack of MFA leaves a Canadian city on the hook for ransomware recovery costs. Nvidias CSO denies the need for backdoors or kill switches in the companys GPUs. CISA flags multiple critical vulnerabilities in...

Hello, hacker speaking. Play Episode
Cisco reveals a phishing related data breach. SonicWall warns users to disable SSLVPN services after reports of ransomware gangs exploiting a likely zero-day. Researchers uncover a stealthy Linux backdoor and new vulnerabilities in Nvidias Triton Inference Server. A new malware campaign targets Microsoft 365 users with fake OneDrive emails. The U.S. Treasury warns of rising criminal activity involving cryptocurrency ATMs. Cloudflare accuses an AI startup of using stealthy methods to bypass restrictions on web scraping. A global infostealer campaign compromises over 4,000 victims across 62 countries. Marty Momdjian, General Manager of Ready1 by Semperis, tells us about Operation Blindspot, a...

New sheriff in cyber town. Play Episode
The Senate confirms a new national cyber director. A new commission explores the establishment of a separate Cyber Force. Cybercriminals exploit link wrapping to launch sophisticated phishing attacks. AI agents are hijacked, cameras cracked, and devs phished. Gene sequencers and period trackers settle allegations of oversharing personal data and inadequate security. Today we are joined by Tim Starks from CyberScoop discussing how China accuses the US of exploiting Microsoft zero-day in a cyberattack. OpenAI scrambles after a chat leak fiasco. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our...

nOAuth-ing to see here. [Research Saturday] Play Episode
This week, we are joined by Eric Woodruff, Chief Identity Architect at Semperis, discussing "nOAuth Abuse Alert: Full Account Takeover of Entra Cross-Tenant SaaS Applications". Semperis researchers identified a critical authentication flaw known as nOAuth in 9 out of 104 tested SaaS applications integrated with Microsoft Entra ID. This low-complexity but severe vulnerability allows attackers with just a users email address and access to an Entra tenant to impersonate users, exfiltrate data, and move laterally within affected appswith no viable defense or detection available to customers. The findings spotlight ongoing risks tied to improper use of email claims in authentication...

A dark web titan falls. Play Episode
International law enforcement arrest the suspected operator of a major Russian dark web cybercrime forum. DHS is said to be among the agencies hit by the Microsoft SharePoint zero-day. The Fire Ant cyberespionage group targets global enterprise infrastructure. A Steam game is compromised to distribute info-stealing malware. Mitel Networks issues security patches for MiVoice MX-ONE communications platform. CISA nominee Sean Plankey faces tough questions at his Senate confirmation hearing. A malicious prompt was hiding in Amazons Q Developer extension for VS Code. Our guest is Brandon Karpf, friend of the show, cybersecurity expert, and founder of T-Minus Space Daily, joining...

Powering AI with politics. Play Episode
The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Educations grants portal. The FBI issues a warning about The Com cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are exploiting misconfigured point-of-sale terminals. Japanese police release a free decryption tool for Phobos ransomware. AI takes the wheel and drives right off a cliff. Remember...

SharePoint springs a leak. Play Episode
The National Nuclear Security Administration was among the organizations impacted by the SharePoint zero-day. Experts testify before congress that OT security still lags.The FBI warns healthcare and critical infrastructure providers about Interlock ransomware. New York proposes new cybersecurity regulations for water and wastewater systems along with grants to fund them. Researchers uncover an active cryptomining campaign targeting cloud environments. A new variant of the Coyote banking trojan exploits Microsofts Windows UI Automation (UIA) framework for credential theft. The DoD pilots an agentic AI project aimed at helping military planners critique and enhance war plans. Clorox sues its former IT service...

The SharePoint siege goes strategic. Play Episode
Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australias financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state portal cyberattack. Hungarian police arrest a man accused of launching DDoS attacks on independent media outlets. On our Threat Vector segment guest host Michael Sikorski and Michael Daniel of the...

Microsoft flaws fuel global breaches. Play Episode
Microsoft issues emergency updates for zero-day SharePoint flaws. Alaska Airlines resumes operations following an IT outage. The UK government reconsiders demands for Apple iCloud backdoors. A French Senate report raises concerns over digital sovereignty. Meta declines to sign the EUs new voluntary AI code of practice. A new report claims last years CrowdStrike outage disrupted over 750 hospitals. The World Leaks extortion group has breached Dells Customer Solution Centers. Hewlett-Packard Enterprise (HPE) issues a critical warning about two severe security flaws in Aruba Instant On Access Points. A single compromised password leads to a UK transport companys demise. An AI...

Chromes high-risk bug gets squashed. Play Episode
Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say theyve disrupted Chinese cyber campaigns targeting U.S. critical infrastructure. A UK data breach puts Afghan soldiers and their families at risk. Researchers find malware hiding in DNS records. A former U.S. Army soldier pleads guilty to charges of hacking and extortion. Ben Yelin joins us with insights on the Senate...

Cybercrime has a hefty price tag. Play Episode
UK police make multiple arrests in the retail cyberattack case. French authorities arrest a Russian basketball player at the request of the U.S. A German court declares open season on Metas tracking pixels. The European Union unveils new rules to regulate artificial intelligence. Londons Iran International news confirms cyberattacks from Banished Kitten. Treasury sanctions a North Korean hacker over fake IT worker schemes. Microsoft confirms a widespread issue preventing organizations from deploying the latest Windows updates. Agreements over AI help end a year-long Hollywood strike. Researchers take an in-depth look at ClickFix. Im joined by Ben Yelin and Ethan Cook...

The bug that let anyone in. Play Episode
Sudo patch your Linux systems. Cisco has removed a critical backdoor account that gave remote attackers root privileges. The Hunters International ransomware group rebrands and closes up shop. The Centers for Medicare and Medicaid Services (CMS) notifies 103,000 people that their personal data was compromised. NimDoor is a sophisticated North Korean cyber campaign targeting macOS. Researchers uncover a massive phishing campaign using thousands of fake retail websites. The FBIs top cyber official says Salt Typhoon is largely contained. Microsoft tells customers to ignore Windows Firewall error warnings. A California jury orders Google to pay $314 million for collecting Android user...

Turbulence in the cloud. Play Episode
Hawaiian Airlines reports a cybersecurity incident. Microsoft updates its Windows Resiliency Initiative after the 2024 CrowdStrike crash. CitrixBleed2 is under active exploitation in the wild. Researchers disclose a critical vulnerability in Open VSX. Malware uses prompt injection to evade AI analysis. A new report claims Cambodia turns a blind eye to scam compounds. Senators propose a ban on AI tools from foreign adversaries. An NSA veteran is named top civilian at U.S. Cyber Command. Maria Varmazis speaks with Ian Itz from Iridium Communications on allowing IoT devices to communicate directly with satellites. One Kansas City hackers bold marketing campaign ends...

Signed, sealed, exploitable. [Research Saturday] Play Episode
Dustin Childs, Head of Threat Awareness at Trend Micro Zero Day Initiative, joins to discuss their work on "ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains." The research explores two critical vulnerabilities (ZDI-23-1527 and ZDI-23-1528) that could have enabled attackers to hijack the Microsoft PC Manager supply chain via overly permissive SAS tokens in WinGet and official Microsoft domains. While the issues have since been resolved, the findings highlight how misconfigured cloud storage access can put trusted software distribution at risk. The post also includes detection strategies to help defenders identify and...

Typhoon on the line. Play Episode
Viasat confirms it was breached by Salt Typhoon. Microsofts June 2025 security update giveth, and Microsofts June 2025 security update taketh away. Local privilege escalation flaws grant root access on major Linux distributions. BeyondTrust patches a critical remote code execution flaw. SMS low cost routing exposes users to serious risks. Erie Insurance says their ongoing outage isnt ransomware. Backups are no good if you cant find them. Veeam patches a critical vulnerability in its Backup software. SuperCard malware steals payment card data for ATM fraud and direct bank transfers. We preview our Juneteenth special edition. Backing up humanity. Remember to...

Cant DOGE the inquiry. Play Episode
A House oversight committee requests DOGE documents from Microsoft. Predatory Sparrow claims a cyberattack on an Iranian bank. Microsoft says data that happens in Europe will stay in Europe. A complex malware campaign is using heavily obfuscated Visual Basic files to deploy RATs. A widely used CMS platform suffers potential RCE bugs. North Koreas Kimsuky targets academic institutions using password-protected research documents. Asus patches a high-severity vulnerability in its Armoury Crate software. CISAs new leader remains in confirmation limbo. Our guest is Brian Downey, VP of Product Management from Barracuda, talking about how security sprawl increases risk. Operation Fluffy Narwhal...

Cloudflares cloudy day resolved. Play Episode
Cloudflare says yesterdays widespread outage was not caused by a cyberattack. Predator mobile spyware remains highly active. Microsoft is investigating ongoing Microsoft 365 authentication services issues. An account takeover campaign targets Entra ID users by abusing a popular pen testing tool. Palo Alto Networks documents a JavaScript obfuscation method dubbed JSFireTruck. Trend Micro and Mitel patch multiple high-severity vulnerabilities. CISA issues multiple advisories. My Hacking Humans cohost Joe Carrigan joins us to discuss linkless recruiting scams. Uncle Sam wants an AI chatbot. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up...

Scam operations disrupted across Asia. Play Episode
Interpols Operation Secure dismantles a major cybercrime network, and Singapore takes down scam centers. GitLab patches multiple vulnerabilities in its DevSecOps platform. Researchers unveil a covert method for exfiltrating data using smartwatches. EchoLeak allows for data exfiltration from Microsoft Copilot. Journalists are confirmed targets of Paragons Graphite spyware. France calls for comments on tracking pixels. Fog ransomware operators deploy an unusual mix of tools. Skeleton Spider targets recruiters by posing as job seekers on LinkedIn and Indeed. Erie Insurance suffers ongoing outages following a cyberattack. Our N2K Lead Analyst Ethan Cook shares insights on Trumps antitrust policies. DNS neglect leads...

Chinas largest data leak exposes billions. Play Episode
Researchers discover what may be Chinas largest ever data leak. CrowdStrike cooperates with federal authorities following last years major software bug. A researcher discovers over half a million sensitive insurance documents exposed online. Microsoft offers free cybersecurity programs to European governments. The FBI chronicles the Play ransomware gang. Google warns a threat group is targeting Salesforce customers. A former Biden cybersecurity official warns that U.S. critical infrastructure remains highly vulnerable to cyberattacks. The State Department offers up to $10 million for information on the RedLine infostealer malware. Our guest is Anneka Gupta, Chief Product Officer at Rubrik, on the challenges...

AVCheck goes dark in Operation Endgame. Play Episode
An international law enforcement operation dismantles AVCheck. Trumps 2026 budget looks to cut over one thousand positions from CISA. Cyber Commands defensive wing gains sub-unified command status. A critical vBulletin vulnerability is actively exploited. Acreed takes over Russian markets as credential theft kingpin. Qualcomm patches three actively exploited zero-days in its Adreno GPU drivers. Researchers unveil details of a Cisco IOS XE Zero-Day. Microsoft warns a memory corruption flaw in the legacy JScript engine is under active exploitation. A closer look at the stealthy Lactrodectus loader. On todays Afternoon Cyber Tea, Ann Johnson speaks with Hugh Thompson, RSAC program committee...

Hugh Thompson on Building the RSA Conference [Afternoon Cyber Tea] Play Episode
While our team is observing Memorial Day in the United States, please enjoy this episode from the N2K CyberWire network partner, Microsoft Security. You can hear new episodes of Ann Johnson's Afternoon Cyber Tea podcast every other Tuesday. Dr. Hugh Thompson, Executive Chairman of RSA Conference and Managing Partner at Crosspoint Capital joins Ann on this week's episode of Afternoon Cyber Tea. They discuss what goes into planning the worlds largest cybersecurity conferencefrom theme selection to llama-related surprises on the expo floorand how the RSA community continues to evolve. Hugh also shares how his background in applied math led him...

No quick fix for a ClickFix attack. Play Episode
A major student engagement platform falls victim to the ClickFix social engineering attack. Google settles privacy allegations with Texas for over one point three billion dollars. Stores across the UK face empty shelves due to an ongoing cyberattack. Ascension Health reports that over 437,000 patients were affected by a third-party data breach. A critical zero-day vulnerability in SAP NetWeaver is being actively exploited. Researchers uncover two major cybersecurity threats targeting IT admins and cloud systems. U.S. prosecutors charge three Russians and one Kazakhstani in connection with the takedown of two major botnets. A new tool disables Microsoft Defender by tricking...

When spyware backfires. Play Episode
A jury orders NSO Group to pay $167 millions dollars to Meta over spyware allegations. CISA warns of hacktivists targeting U.S. ICS and SCADA systems. Researcher Micah Lee documents serious privacy risks in the TM SGNL app used by high level Trump officials. The NSA plans significant workforce cuts. Nations look for alternatives to U.S. cloud providers. A medical device provider discloses a cyberattack disrupting its ability to ship customer orders. The Panda Shop smishing kit impersonates trusted brands. Accentures CFO thwarts a deepfake attempt. Our temporary intern Kevin Magee from Microsoft wraps up his reporting from the RSAC show...

Wired, but not fired. Play Episode
RSAC 2025 comes to an end. Canadian power company hit by cyberattack. Ascension Health discloses another breach. UK luxury department store Harrods discloses attempted cyberattack. Microsoft fixes bug flagging Gmail as spam. An unofficial version of the Signal app shared in photo. EU fines TikTok for violating GDPR with China data transfer. US Treasury to cut off Southeast Asian cybercrime key player. Passwordless by default coming your way. Our guest is Kevin Magee, from Microsoft, sharing a medley of interviews he gathered on the show floor of RSAC 2025. Remember to leave us a 5-star rating and review in your...

Microsoft for Startups: The benefits of the cyber startup ecosystem. [Special Edition] Play Episode
Welcome to the Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft. In this episode, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub. Along with Microsofts Kevin Magee, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas. Dave and Kevin...

States struggle with cyber shift. Play Episode
The White Houses shift of cybersecurity responsibilities to the states is met with skepticism. Baltimore City Public Schools suffer a ransomware attack. Russian state-backed hackers target Dutch critical infrastructure. Microsoft resolves multiple Remote Desktop issues. A new malware campaign is targeting Docker environments for cryptojacking. A new phishing campaign uses weaponized Word documents to steal Windows login credentials. Zyxel Networks issues critical patches for two high-severity vulnerabilities. CISA issues five advisories highlighting critical vulnerabilities in ICS systems. Our guest is Deputy Assistant Director Cynthia Kaiser from the FBI Cyber Division, sharing the findings of their latest IC3 report. So long,...

When fake fixes hide real attacks. Play Episode
Adversary nations are using ClickFix in cyber espionage campaigns. Japans Financial Services Agency issues an urgent warning after hundreds of millions in unauthorized trades. The critical Erlang/OTPs SSH vulnerability now has public exploits. A flawed rollout of a new Microsoft Entra app triggers widespread account lockouts. The alleged operator of SmokeLoader malware faces federal hacking charges. A new scam blends social engineering, malware, and NFC tech to drain bank accounts. GSA employees may have been oversharing sensitive documents. Yoni Shohet, Co-Founder and CEO of Valence Security, who cautions financial organizations of coming Chinese open source AI. Crosswalks in the crosshairs...

Microsoft squashes windows server bug. Play Episode
Microsoft issues emergency updates for Windows Server. Apple releases emergency security updates to patch two zero-days. CISA averts a CVE program disruption. Researchers uncover Windows versions of the BrickStorm backdoor. Atlassian and Cisco patch several high-severity vulnerabilities. An Oklahoma cybersecurity CEO is charged with hacking a local hospital. A Fortune 500 financial firm reports an insider data breach. Researchers unmask IP addresses behind the Medusa Ransomware Group. CISA issues a warning following an Oracle data breach. On our Industry Voices segment, we are joined by Rob Allen, Chief Product Officer at ThreatLocker, to discuss a layered approach to zero trust....

CVE program gets last-minute lifeline. Play Episode
The CVE program gets a last-minute reprieve. A federal whistleblower alleges a security breach at the NLRB. Texas votes to spin up their very own Cyber Command. BreachForums suffers another takedown. A watchdog group sues the federal government over SignalGate allegations. The SEC Chair reveals a 2016 hack. ResolverRAT targets the healthcare and pharmaceutical sectors worldwide. Microsoft warns of blue screen crashes following recent updates. On our CertByte segment, Chris Hare is joined by Troy McMillan to break down a question targeting the EC-Council Certified Ethical Hacker (CEH) exam. 4chan gets Soyjacked. Remember to leave us a 5-star rating and...

OCC breach jolts financial sector. Play Episode
Some U.S. banks pause electronic communications with the OCC following a major breach of the agencys email system. Uncertainty spreads at CISA. China accuses three alleged U.S. operatives of conducting cyberattacks during Februarys Asian Games. Microsoft Teams suffers filesharing issues. Fraudsters use ChatGPT to create fake passports. Car rental giant Hertz confirms data stolen in last years Cleo breach. Researchers describe a novel process injection method called Waiting Thread Hijacking. A new macOS malware-as-a-service threat is being sold on underground forums. A UK man is sentenced to over eight years for masterminding the LabHost phishing platform. Kim Jones joins us...

AI ambitions clash with cyber caution. Play Episode
The Department of the Interior removes top cybersecurity and tech officials. The DOJ looks to block foreign adversaries from acquiring sensitive personal data of U.S. citizens. Microsoft issues emergency updates to fix an Active Directory bug. Hackers are installing stealth backdoors on FortiGate devices. Researchers warn of a rise in Dangling DNS attacks. A pair of class action lawsuits allege a major adtech firm secretly tracks users online without consent. Google is fixing a 20-year-old Chrome privacy flaw. The Tycoon2FA phishing-as-a-service platform continues to evolve. My guest is Tim Starks from CyberScoop, discussing the latest from CISA and Chris Krebs....

Major breach at the US Treasurys OCC. Play Episode
Treasurys OCC reports a major email breach. Patch Tuesday updates. A critical vulnerability in AWS Systems Manager (SSM) Agent allowed attackers to execute arbitrary code with root privileges. Experts urge Congress to keep strict export controls to help slow Chinas progress in AI. A critical bug in WhatsApp for Windows allows malicious code execution.CISA adds multiple advisories on actively exploited vulnerabilities. Insider threat allegations rock a major Maryland medical center. Microsofts Ann Johnson from Afternoon Cyber Tea is joined by Jack Rhysider, the creator and host of the acclaimed podcast Darknet Diaries. Feds Aim to Rewrite Social Security Code in...

Hackers beware, fines are in the air. Play Episode
The UK unveils the full scope of its upcoming Cyber Security and Resilience Bill. Apple warns of critical zero-day vulnerabilities under active exploitation. The InterLock ransomware group claims responsibility for a cyberattack on National Presto Industries. Microsoft flags a critical vulnerability in Canon printer drivers. Check Point Software confirms a data breach. The FTC warns 23andMes bankruptcy trustees to uphold their privacy obligations. A Canadian hacker has been arrested and charged for allegedly breaching systems tied to the Texas Republican Party. A GCHQ intern pleads guilty to stealing top-secret data. On our Threat Vector segment, host David Moulton from Palo...

Remote hijacking at your fingertips. Play Episode
A critical vulnerability could let attackers hijack and potentially disable vulnerable servers. Europol warns of a shadow alliance between state-backed threat actors and cybercriminals. Sekoia examines ClearFake. A critical PHP vulnerability is under active exploitation. A sophisticated scareware phishing campaign has shifted its focus to macOS users. Phishing as a service attacks are on the rise. A new jailbreak technique bypasses security controls in popular LLMs. Microsoft has uncovered StilachiRAT. CISA confirms active exploitation of a critical Fortinet vulnerability. On our CertByte segment, Chris Hare is joined by Troy McMillan to break down a question targeting the ISACA Certified Information...

Balancing budget cuts and cybersecurity. Play Episode
The White House is urging federal agencies not to lay off cybersecurity teams. Google doesnt deny receiving a secret legal order from the UK government. Microsoft researchers identify a simple method to bypass AI safety guardrails. Scammers are impersonating the Clop ransomware gang. Cisco issues security advisories for multiple IOS XR vulnerabilities. CISA warns of multiple ICS security issues. A LockBit ransomware developer has been extradited to the U.S. GCHQs former director calls for stronger cybersecurity collaboration. Rick Howard and Kim Jones pass the mic for the CISO Perspectives podcast. Sniffing out Stingrays. Remember to leave us a 5-star rating...

US Treasury targets darknet kingpin. Play Episode
US Treasury Department sanctions Iranian national accused of running the Nemesis criminal marketplace. Hunters International threatens to leak data stolen from Tata Technologies. Apple challenges U.K.s iCloud encryption backdoor order. UK competition regulator says no investigation into Microsoft's OpenAI partnership. Stealthy malware campaign targets the UAE's aviation and satellite industry. This week on our CertByte segment, N2Ks Chris Hare is joined by Troy McMillan to break down a question targeting the Cisco Certified Network Associate (CCNA) exam. And hackers hit the books. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up...

Is it cyber peace or just a buffer? Play Episode
Cyber Command ordered to halt offensive operations against Russia during Ukraine negotiations. Ransomware actors exploit Paragon Partition Manager vulnerability. Amnesty International publishes analysis of Cellebrite exploit chain. California orders data broker to shut down for violating the Delete Act. On our Afternoon Cyber Tea segment with host Ann Johnson of Microsoft Security, Ann speaks with Igor Tsyganskiy, Microsoft's Global Chief Information Security Officer, about "The Power of Partnership in Cyber Defense." And its the end of an era. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence...

Pay the ransom or risk data carnage. Play Episode
Qilin ransomware gang claims responsibility for attack against Lee Enterprises. Thai police arrest suspected hacker behind more than 90 data leaks. JavaGhost uses compromised AWS environments to launch phishing campaigns. LotusBlossum cyberespionage campaigns target Southeast Asia. Malware abuses Microsoft dev tunnels for C2 communication. Protecting the food supply. Todays guest is Keith Mularski, Chief Global Ambassador at Qintel and former FBI Special Agent, discussing crypto being the target of the cyber underground. And an interview with Iron Man? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence...

Hacked in plain sight. Play Episode
A major employee screening provider discloses a data breach affecting over 3.3 million people. Signal considers exiting Sweden over a proposed law that would give police access to encrypted messages. House Democrats call out DOGEs negligent cybersecurity practices. Critical vulnerabilities in Rsync allow attackers to execute remote code. A class action lawsuit claims Amazon violates Washington States privacy laws. CISA warns that attackers are exploiting Microsofts Partner Center platform. A researcher discovers a critical remote code execution vulnerability in MITREs Caldera security training platform. An analysis of CISAs JCDC AI Cybersecurity Collaboration Playbook. Ben Yelin explains Apple pulling iCloud end-to-end...

Orange you glad you didn't fall for this? Play Episode
A hacker claims to have stolen internal documents from a major French telecommunications company. A security breach hits Russias financial sector. Cyberattacks targeting ICS and OT surged dramatically last year. Chinese group Silver Fox is spoofing medical software. The UK Home Offices new vulnerability reporting policy risks prosecuting ethical hackers. Ransomware actors are shifting away from encryption. A sophisticated macOS malware campaign is distributing Poseidon Stealer. The LightSpy surveillance framework evolves into a cross-platform espionage tool. A Chinese botnet is targeting Microsoft 365 accounts using password spraying attacks. Our guest today is Lauren Buitta, Founder and CEO at Girl Security,...

The political shake-up at the FBI. Play Episode
The Senate confirms Kash Patel as FBI director. The SEC rebrands its Crypto Assets and Cyber Unit. Microsoft's quantum chip signals an urgent need for post-quantum security. Chat log leaks reveal the inner workings of BlackBasta. CISA advisories highlight Craft CMS and ICS devices. Researchers release proof-of-concepts for Ivanti Endpoint Manager vulnerabilities. Warby Parker gets a $1.5 million HIPAA fine. Our guest is Steve Schmidt, Amazon CSO, with a behind the scenes look at securing a major event. Researchers explore the massive, mysterious YouTube wormhole. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss...

No rest for the patched. Play Episode
The CISA and FBI warn that Ghost ransomware has breached organizations in over 70 countries. President Trump announces his pick to lead the DOJs National Security Division. A new ransomware strain targets European healthcare organizations. Researchers uncover four critical vulnerabilities in Ivanti Endpoint Manager. Microsoft has patched a critical improper access control vulnerability in Power Pages. The NSA updates its Ghidra reverse engineering tool. A former U.S. Army soldier admits to leaking private call records. Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. The pentesters breach was...

Read all about itor maybe not. Play Episode
A cyberattack disrupts newspaper publishing. A major AI summit takes place in Paris this week. A federal judge restricts DOGE from accessing Treasury Department systems. Cybersecurity cooperation between Canada and the U.S. remains strong. The Kraken ransomware group leaks credentials allegedly linked to Cisco. Europol urges banks to start preparing for quantum-safe cryptography. Microsoft expands its Copilot bug bounty program. The PlayStation Network (PSN) experienced a major outage over the weekend. Indiana man sentenced to 20 years for $37m cryptocurrency fraud. Our guest is Mike Woodard, VP of Product Management for App Security at Digital.ai, sharing strategies to minimize risk...

DOGE-eat-DOGE world. Play Episode
Security concerns grow over DOGEs use of AI. The British government demands access to encrypted iCloud accounts. Researchers identify critical vulnerabilities in the DeepSeek iOS app. Microsoft Edge uses AI to block scareware. A phishing campaign targets Facebook users with fake copyright infringement notices. Researchers discover malicious machine learning models on Hugging Face. A major data broker faces yet-another data breach lawsuit. CISA warns of a critical Microsoft Outlook vulnerability under active exploitation. Guest John Anthony Smith, Founder and Chief Security Officer at Fenix24, shares insights into why backups are the most important security control. The UKs cyber weather report...

Trumps opening moves. Play Episode
President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraines CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a dozen vulnerabilities in a Mercedes-Benz infotainment system. Tim Starks from CyberScoop discusses executive orders on cybersecurity and the future of CISA. We preview coming episodes of Threat Vector. Honesty isnt always the...

Bolstering the digital shield. Play Episode
President Biden issues a comprehensive cybersecurity executive order. Updates on Silk Typhoons US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis brand Stiiizy suffers a data breach. North Koreas Lazarus Group lures freelance developers. The FTC highlights major security failures at web hosting giant GoDaddy. Veeam patches a critical vulnerability in their Backup for Microsoft Azure product. Hackers leak sensitive data from over 15,000 Fortinet firewalls. Our guest today is Oren Koren, Veriti's Co-founder and CPO, sharing insights about the state of healthcare...

National security in the digital age. Play Episode
A draft cybersecurity executive order from the Biden administration seeks to bolster defenses. Researchers identify a mass exploitation campaign targeting Fortinet firewalls. A Chinese-language illicit online marketplace is growing at an alarming rate. CISA urges patching of a second BeyondTrust vulnerability. The UK proposes banning ransomware payments by public sector and critical infrastructure organizations. A critical flaw in Googles authentication flow exposes millions to unauthorized access.OWASP releases its first Non-Human Identities (NHI) Top 10. A Microsoft lawsuit targets individuals accused of bypassing safety controls in its Azure OpenAI tools. Our guest is Chris Pierson, Founder and CEO of BlackCloak, discussing...

Multi-factor frustration. Play Episode
An MFA outage affects Microsoft 365 Office apps. The Biden administration introduces new export controls to block adversaries from accessing advanced AI chips. A Dutch university cancels lectures after a cyberattack. Three Russian nationals have been indicted for operating cryptocurrency mixers. Juniper Networks releases security updates for Junos OS. Spains largest telecommunications company confirms a data breach. The Banshee infostealer leverages a stolen Apple encryption algorithm. Researchers uncover a novel ransomware campaign targeting Amazon S3 buckets. A major data broker suffers a major data breach. Our guest Philippe Humeau, CEO and Founder of CrowdSec, shares the biggest issues currently facing...

Bidens final cyber order tackles digital weaknesses. Play Episode
The Biden administration is finalizing an executive order to bolster U.S. cybersecurity. Ivanti releases emergency updates to address a critical zero-day vulnerability. A critical vulnerability is discovered in Kerio Control firewall software. Palo Alto Networks patches multiple vulnerabilities in its retired migration tool. Fake exploits for Microsoft vulnerabilities lure security researchers. A medical billing company data breach affects over 360,000. A cyberattack disrupts the city of Winston-Salem. CrowdStrike identifies a phishing campaign exploiting its recruitment branding. Our guest is Danny Allen, CTO from Snyk, sharing how a balanced approach between AI and human oversight can strengthen cybersecurity. The worst of...

Disrupting Cracked Cobalt Strike [The Microsoft Threat Intelligence Podcast] Play Episode
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show,The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025! On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development...

Navigating AI Safety and Security Challenges with Yonatan Zunger [The BlueHat Podcast] Play Episode
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show,The BlueHat Podcast by Microsoft and MSRC. See you in 2025! Yonatan Zunger, CVP of AI Safety & Security at Microsoft joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Yonatan explains the distinction between generative and predictive AI, noting that while predictive AI excels in classification and recommendation, generative AI focuses on summarizing and role-playing. He highlights how generative AI's ability to process natural language and role-play has vast potential, though its applications are still emerging. He...

Quishing for trouble. [Research Saturday] Play Episode
Adam Khan, VP of Security Operations at Barracuda, joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or quishing, into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials. Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code...

Hackers in handcuffs. Play Episode
The U.S. dismantles the Rydox criminal marketplace. File-sharing provider Cleo urges customers to immediately patch a critical vulnerability. A Japanese media giant reportedly paid nearly $3 million to a Russia-linked ransomware group. The largest Bitcoin ATM operator in the U.S. confirms a data breach. Microsoft quietly patches two potentially critical vulnerabilities. Researchers at Claroty describe a malware tool used by nation-state actors to target critical IoT and OT systems. Dell releases patches for a pair of critical vulnerabilities. A federal court indicts 14 North Korean nationals for a scheme funding North Koreas weapons programs. Texas accuses a data broker of...

When AI goes offline. Play Episode
ChatGPT and Meta face widespread outages. Trump advisors explore splitting NSA and CyberCom leadership roles. A critical vulnerability in Apache Struts 2 has been disclosed. AuthQuake allowed attackers to bypass Microsoft MFA protections. Researchers identify Nova, a sophisticated variant of the Snake Keylogger malware. Adobe addresses critical vulnerabilities across their product line. Chinese law enforcement has been using spyware to collect data from Android devices since 2017. A new report highlights the gaps in hardware and firmware security management. A Krispy Kreme cyberattack creates a sticky situation. N2Ks Executive Editor Brandon Karpf speaks with guest Mike Silverman, Chief Strategy and...

When exploits go wild and patches race the clock. Play Episode
Microsoft confirms a critical Windows zero-day vulnerability. Global law enforcement agencies dismantle 27 DDoS platforms. Researchers compromise memory in AMD virtual machines. Ivanti reports multiple critical vulnerabilities in its Cloud Services Application. Group-IB researchers expose a sophisticated global phishing campaign. A zero-day vulnerability in Cleos managed file transfer software is under active exploitation. The U.S. sanctions a Chinese firm for a 2020 firewall exploit. Congress looks to require the FCC to regulate telecom cybersecurity. Our guest is Malachi Walker, Security Strategist at DomainTools, discussing their role in ODNI's newly established Sentinel Horizon Program. SpartanWarriorz dodge a Telegram crackdown. Remember to...

The NTLM bug that sees and steals. Play Episode
Researchers uncover a critical Windows zero-day. An alleged Ukrainian cyberattack targets one of Russias largest banks. Russian group BlueAlpha exploits CloudFlare services. Microsoft flags Chinese hacking group Storm-0227 for targeting critical infrastructure and U.S. government agencies. SonicWall patches high-severity vulnerabilities in its secure access gateway. Atrium Health reports a data breach affecting over half a million individuals. Rockwell Automation discloses four critical vulnerabilities in its Arena software. U.S. authorities arrest an alleged member of the Scattered Spider gang. Our guest is Hugh Thompson, RSAC program committee chair, discussing the 2025 Innovation Sandbox Contest and its new investment component. C3PO gets...

The international effort making digital spaces safer. Play Episode
A major cybercrime crackdown by Interpol nabs hundreds of suspects and millions in stolen funds. Zabbix has disclosed a critical SQL injection vulnerability. A novel phishing campaign exploits Microsoft Words file recovery feature. Researchers track the Rockstar 2FA phishing toolkit. Critical vulnerabilities are found in Advantechs industrial wireless access points. North Koreas Kimsuky hacking group shifts their tactics. The U.N. forms an advisory body to address growing threats to critical undersea cable infrastructure.The U.K. is laser-focused on AI security research. Russian authorities arrest the Wazawaka ransomware affiliate. Our guest is Marshall Heilman, CEO of DTEX Systems, sharing his experience with...

A not so BASIC farewell. Play Episode
META details its efforts against pig butchering. The Salt Typhoon attack on major U.S. telecoms sparks interest from Congress. Microsoft dismantles 240 domains linked to the ONNX phishing-as-a-service platform. A major U.S. gambling and lottery provider suffers a cyberattack. Hackers exploit newly patched zero-days in Palo Alto Networks firewalls. Researchers say Fortinet VPN servers lack sufficient logging. A pilot program looks to improve security for small U.S. water utilities. Bitdefender warns of scammers using Black Friday-themed spam emails. Our guest is DataDomes CEO and Co-founder, Benjamin Fabre, discussing how "Fake Accounts Threaten Black Friday Gaming Sales." A fond farewell for...

A new era for CISA under Trump? Play Episode
CISAs Director Easterly plans to step down in the coming year. DHS issues recommendations for AI in critical infrastructure.Palo Alto Networks confirms active exploitation of a critical zero-day vulnerability in its firewalls. Threat actors exploit Microsofts 365 Admin Portal to send sextortion emails. A China-based APT targets a zero-day in Fortinets Windows VPN. The EPA reports on vulnerabilities in drinking water systems. A critical authentication bypass vulnerability affects a popular WordPress plugin. Researchers track a rise in the ClickFix social engineering technique. An 18 year old faces up to twenty years behind bars for swatting. Our guest is Rob Boyce,...

One tap, total access: Pegasus exploits unveiled. Play Episode
Unredacted court filings from WhatsApps 2019 lawsuit against NSO Group reveal the scope of spyware infections. Glove Stealer can bypass App-Bound Encryption in Chromium-based browsers. Researchers uncover a new zero-day vulnerability in Fortinets FortiManager. Rapid7 detects an updated version of LodaRAT. CISA warns of active exploitation of Palo Alto Networks Expedition tool. Misconfigured Microsoft Power Pages accounts expose sensitive data. Iranian state hackers mimic North Koreans in fake job scams. Australia warns its critical infrastructure providers about state sponsored embedded malware. An especially cruel cybercriminal gets ten years in the slammer. Guest Ambuj Kumar, Co-founder and CEO of Simbian, joins...

Kevin Magee: Focus on the archer. [CSO] [Career Notes] Play Episode
Enjoy this special encore episode where we are joined by Chief Security Officer of Microsoft Canada Kevin Magee, he's sharing his background as a historian and how it applies to his work in cybersecurity.Likening himself to a dashing Indiana Jones, Kevin talks about how he sees history unfolding and the most interesting things right now are happening in security. Spending time tinkering with things in the university's computer room under the stairs gave way to Kevin's love affair with technology. As Chief Security Officer, Kevin says he uses an analogy: "I think we focus on the arrows, not the the...

FBI fights fake news. Play Episode
The FBI flags fake videos claiming to be from the agency. Okta patches an authentication bypass vulnerability. Microsoft confirms Windows Server 2025 Blue Screen of Death issues. Scammers exploit DocuSigns APIs to send fake invoices that bypass spam filters. Hackers use smart contracts for command and control. ICS suppliers face challenges convincing customers to secure their environments. Barracuda tracks a phishing campaign impersonating OpenAI. X-Twitter makes controversial changes to its block feature. A Nigerian man gets 26 years in prison for email fraud. On our Solution Spotlight, N2K's Simone Petrella interviews Alex Stamos, CISO at SentinelOne, at the ISC2 Security...

A push to debunk election disinformation. Play Episode
Georgias Secretary of State Pushes Social Media to Remove Russian Disinformation. CISA introduces its first international strategic plan. Microsoft issues a warning about the Quad7 botnet. Researchers uncover a zero-click vulnerability in Synology devices. CISA warns of critical ICS vulnerabilities. The U.S.and Israel outline the latest cyber activities of an Iranian threat group. Researchers track an online shopping scam operation called Phish n Ships. A Colorado Pathology lab notifies 1.8 million patients of a data breach. Our guest is Gary Barlet, Public Sector CTO at Illumio, with a timely look at election security. Packing a custom PC full of meth....

Guarding the Vote Play Episode
CISA spins up an election operations war room. Microsoft neglected to restrict access to gender-detecting AI. Yahoo uncovers vulnerabilities in OpenTexts NetIQ iManager. QNAP issues urgent patches for its NAS devices. Sysdig uncovers Emerald Whale. A malvertising campaign exploits Metas ad platform to spread the SYS01 infostealer. Senator Ron Wyden wants to tighten rules aimed at preventing U.S. technologies from reaching repressive regimes. Researchers use AI to uncover an IoT zero-day. Sophos reveals a five year battle with firewall hackers. Our guest is Frederico Hakamine, Technology Evangelist from Axonius, talking about how threats both overlap and differ across individuals and...

Password snafu sparks election security questions. Play Episode
Colorado election officials downplay a partial password leak. Over 22,000 CyberPanel instances were targeted in a ransomware attack. Google issues a critical security update for Chrome. Microsoft says Russias SVR is conducting a wide-ranging phishing campaign. The FakeCall Android banking trojan gains advanced evasion and espionage capabilities. A New 0patch Fix Blocks Malicious Theme Files. iOS malware LightSpy adds destructive features. LinkedIn faces class-action lawsuits over alleged privacy violations. The U.S. charges a Russian national as part of Operation Magnus. On this weeks CertByte segment, Chris Hare is joined by Dan Neville to break down a question targeting the Certified...

A giant FortiJump for cybercriminals. Play Episode
Fortinet confirms a recently rumored zero-day. Officials investigate how restricted chips ended up in products from Huawei. The White House unveils a coordinated AI strategy for national security. Researchers jailbreak LLMs with Deceptive Delight. A new ransomware group exploits vulnerable device drivers. Sensitive documents from a UN trust fund are leaked online. Penn State pays over a millions dollars to settle allegations of inadequate security in government contracts. CISA adds a SharePoint vulnerability to its Known Exploited Vulnerabilities Catalog. A Microsoft report warns of growing election disinformation. On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity...

No more cyber Snorlax naps. Play Episode
Microsoft describes a macOS vulnerability. A trio of healthcare organizations reveal data breaches affecting nearly three quarters a million patients. Group-IB infiltrates a ransomware as a service operation. Instagram rolls out new measures to combat sextortion schemes. Updates from Bitdfender address Man-in-the-Middle attacks. An Alabama man is arrested for allegedly hacking the SEC. In our Industry Voices segment, Gerry Gebel, VP of Strata Identity, describes how to ensure identity continuity during IDP disrupted, disconnected and diminished environments. CISOs want to see their role split into two positions. Game Freaks Servers Take Critical Hit. Remember to leave us a 5-star rating...

Sri Lanka says no more to financial fakers! Play Episode
Authorities arrest over 200 Chinese nationals in Sri Lanka over financial scams. Officials in Finland take down an online drug market. Cisco investigates an alleged data breach. A major apparel provider suffers a data breach. Oracles latest patch update includes 35 critical issues. Microsoft has patched several high-severity vulnerabilities. The NCSCs new boss calls for global collaboration to fight cybercrime. CISA warns of critical vulnerabilities affecting software from Microsoft, Mozilla, and SolarWinds.Hackers steal data from Verizons push-to-talk (PTT) system. On our CertByte segment, Chris Hare is joined by resident Microsoft SME George Monsalvatge to break down a question from N2K's...

Attacks amidst anniversaries. Play Episode
Hackers target Russias court information system. Patch Tuesday rundown. GoldenJackal targets government and diplomatic entities in Europe, the Middle East, and South Asia.Cybercriminals are exploiting Floridas disaster relief efforts. Australia introduced its first standalone cybersecurity law. CISA and the FBI issue guidance against Iranian threat actors. Mamba 2FA targets Microsoft 365 accounts. Casio reports a data breach. On our Solution Spotlight, Simone Petrella speaks with Andy Woolnough from ISC2's about their 2024 Cybersecurity Workforce Study. Keeping the AI slop off Wikipedia. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for...

Caught red-handed. Play Episode
Interpol arrests eight in an international cybercrime crackdown. A MedusaLocker variant targets financial organizations. Cloudflare mitigates a record DDoS attempt. Insights from the Counter Ransomware Initiative summit. Fin7 uses deepnudes as a lure for malware. Researchers discovered critical vulnerabilities in DrayTek routers. CISA issues urgent alerts for products from Synacor and Ivanti. A former election official gets nine years in prison for a voting system data breach. Microsoft and the DOJ seize domains used by Russias ColdRiver hacking group. On our Industry Voices segment, we are joined by Eric Olden, Founder and CEO of Strata Identity. to learn how the...

Beyond the permissions wall. [Research Saturday] Play Episode
We are joined by Yves Younan, Senior Manager, Talos Vulnerability Discovery and Research from Cisco, discussing their work on "How multiple vulnerabilities in Microsoft apps for macOS pave the way to stealing permissions." Cisco Talos has uncovered eight vulnerabilities in Microsoft applications for macOS that could allow attackers to exploit the system's permission model by injecting malicious libraries. By leveraging permissions already granted to these apps, attackers could gain access to sensitive resources like the microphone, camera, and screen recording without user consent. While Microsoft considers these issues low risk and has declined to fix them, the vulnerabilities pose a...

Blue screen blues. Play Episode
CrowdStrikes Adam Meyers testifies before congress. The State Department is set to provide nearly $35 million in foreign aid to strengthen global cybersecurity. Foreign adversaries claim ongoing access to presidential campaign documents. Researchers warn of critical vulnerabilities in fuel tank monitoring systems. Hackers claim a Chrome 2FA feature bypass takes less than ten minutes. Exploiting ChatGPTs long-term memory. Politicians and staffers find personal data exposed on the dark web. A critical vulnerability in Ivantis Virtual Traffic Manager is being actively exploited. On our CertByte segment, Chris Hare is joined by resident Microsoft SME George Monsalvatge to break down a question...

PIVOTT Act drafts the next wave of digital defenders. Play Episode
The House Homeland Security Chair introduces a major cyber workforce bill. Google rolls out new Gmail security tools. Telegram makes a big shift in its privacy policy. Microsoft doubles down on cybersecurity. A Kansas water treatment facility suffers a suspected cyberattack. MoneyGram reports network outages. Kaspersky antivirus users get an automatic upgrade, maybe. North Korean IT workers infiltrate Fortune 100 companies. Gartner analysts urge cybersecurity leaders to focus on prevention, response, and recovery. In this weeks Threat Vector, host David Moulton is joined by Daniel Kendzior, Global Data & AI Security Practice Lead at Accenture, to explore the seismic shifts...

High-stakes sabotage. Play Episode
Exploding pagers in Lebanon are not a cyberattack. Europol leads an international effort to shut down the encrypted communications app Ghost. Microsoft IDs Russian propaganda groups disinformation campaigns. Californias Governor signs bills regulating AI in political ads. A multi-step zero-click macOS Calendar vulnerability is documented. A new phishing campaign targets Apple ID credentials.The US Cyber Ambassador emphasizes deterrence. Our guest is Linda Betz, Executive Vice President of Global Community Engagement at the FS-ISAC, sharing their work on maintaining security support at all levels of cyber maturity. AI tries to out-Buffett Warren Buffett. Remember to leave us a 5-star rating and...

Mini-breach, mega-hype. Play Episode
Fortinet reveals a data breach. The feds sanction a Cambodian senator for forced labor scams. UK police arrest a teen linked to the Transport for London cyberattack. New Linux malware targets Oracle WebLogic. Citrix patches critical Workspace app flaws. Microsoft unveils updates to prevent outages like the CrowdStrike incident. U.S. Space Systems invests in secure communications. Illegal gun-conversion sites get taken down. Tim Starks of CyberScoop tracks Russian hackers mimicking spyware vendors. Cybersecurity hiring gaps persist. Hackers use eye-tracking to steal passwords. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up...

A Patch Tuesday overload. Play Episode
Patch Tuesday rundown. Microsoft integrates post-quantum cryptography (PQC) algorithms into its SymCrypt cryptographic library.The FTC finalizes rules to combat fake reviews and testimonials. A payment card thief pleads guilty. On our latest CertByte segment, N2Ks Chris Hare and George Monsalvatge share questions and study tips from the Microsoft Azure Fundamentals (AZ-900) Practice Test. Hard Drive Heaven: How Iconic Music Sessions Are Disappearing. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll never miss a beat. And be sure to follow CyberWire Daily...

Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes] Play Episode
Enjoy this special encore episode where we are joined by, Microsoft's Corporate Vice President of Cybersecurity Business Development Ann Johnson brings us on her career journey from aspiring lawyer to cybersecurityexecutive. After pivoting from studying law, Ann started working with computers and found she had a deep technical aptitude for technology and started earning certifications landing in cybersecurity because she found an interest in PKI. At Microsoft, Ann says she solves some of the hardest problems every day. She recommends getting a mentor and finding your area of expertise. She leaves us with three dimensions she hopes to be her...

Cyber revolt or just digital ruckus? Play Episode
Hacktivists respond to the arrest of Telegrams CEO in France. Stealthy Linux malware stayed undetected for two years. Versa Networks patches a zero-day vulnerability. Google has patched its tenth zero-day vulnerability of 2024. Researchers at Arkose labs document Greasy Opal. A flaw in Microsoft 365 Copilot allowed attackers to exfiltrate sensitive user data. Gafgyt targets crypto mining in cloud native environments. Microsoft investigates an Exchange Online message quarantine issue. Our guest is Bar Kaduri, research team leader at Orca Security talking about AI Goat, the first open source AI security learning environment based on the OWASP top 10 ML risks....

From secret chats to public spats. Play Episode
Telegrams CEO is arrested by French police, presumably over moderation failures. A cyberattack disrupted services at Seattle-Tacoma International Airport and the Port of Seattle. SonicWall has warned customers of a critical vulnerability that could lead to unauthorized access or a firewall crash. Dutch and French regulators fined Uber 290 million for failing to protect the privacy of EU drivers. Microsoft will host a cybersecurity conference next month in response to the disastrous CrowdStrike software update. Radio Free Europe/Radio Liberty looks at Irans active attempts to interfere in the upcoming U.S. presidential election. Our guests are Danielle Ruderman, Senior Manager for...

Cyberattack cripples major American chipmaker. Play Episode
A major American chipmaker discloses a cyberattack. Cybercriminals exploit Progressive Web Applications (PWAs) to bypass iOS and Android defenses. Mandiant uncovers a privilege escalation vulnerability in Microsoft Azure Kubernetes Services. ALBeast hits ALB. Microsofts latest security update has caused significant issues for dual-boot systems. The DOEs new SolarSnitch program aims to sure up solar panel security. Researchers uncover LLM poisoning techniques. An Iranian-linked group uses a fake podcast to lure a target. Our guest is Parya Lotfi, CEO of DuckDuckGoose, discussing the increasing problem of deepfakes in the cybersecurity landscape. Return to sender - AirTag edition. Miss an episode? Sign-up...

Mic, camera, and more at risk. Play Episode
Cisco Talos discovers vulnerabilities in Microsoft applications for macOS. OpenAI disrupts an Iranian influence campaign. Jewish Home Lifecare discloses a data breach affecting over 100,000. Google tests an auto-redaction feature in Chrome for Android. Unicoin informs the SEC that it was locked out of G-Suite for four days. House lawmakers raise concerns over China-made WiFi routers. Moodys likens the switch to post-quantum cryptography to the Y2K bug. Diversity focused tech nonprofits grapple with flagging support. Tim Starks of CyberScoop is back to discuss his investigation of a Russian hacking group targeting human rights groups. Smart phones get some street smarts....

Demo-lition derby: iVerify and Google clash over pixel app pitfalls. Play Episode
Google and iVerify clash over the security implications of an Android app. CISA has issued a warning about a critical vulnerability in SolarWinds Web Help Desk. Ransomware attacks targeting industrial sectors surge. Microsoft is rolling out mandatory MFA for Azure. Banshee Stealer is a new macOS-targeted malware developed by Russian threat actors. A popular flight tracking website exposes users personal and professional information. San Francisco goes after websites generating deepfake nudes. Daniel Blackford, Director of Threat Research at Proofpoint, joins us to discuss emerging tactics used by threat actors and trends in e-crime tied to nation states. Scammers Use Google...

Weeding out 'worms' for Window's users. Play Episode
Microsoft urges users to patch a critical TCP/IP remote code execution vulnerability. Texas sues GM over the privacy of location and driving data. Google says Irans APT42 is responsible for recent phishing attacks targeting presidential campaigns. Doppelgnger struggles to sustain its operations. Sophos X-Ops examines the Mad Liberator extortion gang. Fortra researchers document a potential Blue Screen of Death vulnerability on Windows. Chinas Green Cicada Network creates over 5,000 AI-controlled inauthentic X(Twitter) accounts. Kim Dotcom is being extradited to the United States. Our guest is Rui Ribeiro, CEO at JScrambler, to discuss how the extensive use of first and third-party...

A health bots security slip-up. Play Episode
Researchers at Tenable uncovered severe vulnerabilities in Microsofts Azure Health Bot Service. Scammers use deepfakes on Facebook and Instagram. Foreign influence operations target the Harris presidential campaign. An Idaho not-for-profit healthcare provider discloses a data breach. Research reveals a troubling trend of delayed and non-disclosure of ransomware attacks by organizations. Patch Tuesday roundup. Palo Alto Networks Unit 42 revealed a significant security risk in open-source GitHub projects. Enzo Biochem will pay $4.5 million to settle charges of inadequate security protocols. Our guest is Stephanie Schneider, Cyber Threat Intelligence Analyst at LastPass, joins us to discuss the ongoing Snowflake account attacks...

When updates attack. Play Episode
Crowdstrike releases a postmortem. LoanDepot puts a multimillion dollar price tag on their ransomware incident. RHADAMANTHYS info stealer targets Israelis. Zola ransomware is an advanced evolution of the Proton family. Firefox fixes several high-severity vulnerabilities. Researchers at Certitude uncover a vulnerability in Microsoft 365s anti-phishing measures. Threat actors exploit legitimate anti-virus software for malicious purposes. Samsungs new bug bounty program offers rewards up to a million dollars. Guest Adam Marr, CISO at Arctic Wolf, joining us to share his observations on the ground at Black Hat USA 2024. Ransomware gangs turn the screws and keep up with the times. Miss...

Cyberattack calls for an early dismissal. Play Episode
Thousands of education sector devices have been maliciously wiped after an attack on a UK MDM firm. A perceived design flaw in Microsoft Authenticator leaves users locked out of accounts. SharpRino charges ahead to deploy ransomware. North Koreas Stressed Pungsan provides initial access points for malware distribution. Magniber ransomware targets home users and SMBs. Google patches an Android zero-day. A new Senate bill aims to treat ransomware as terrorism. Microsoft ties security to employee compensation. Guest Kim Kischel, Director of Cybersecurity Product Marketing at Microsoft, discusses how AI is impacting the unified security operations center. A victim of business email...

When DDoS and defense collide. Play Episode
A global Microsoft outage takes down Outlook and Minecraft. The US Senate passes The Kids Online Safety and Privacy Act. Lame Duck domain names are targets for takeovers. A GeoServer vulnerability exposes thousands to remote code execution. China proposes a national internet ID. Email attacks surge dramatically in 2024. Columbus Ohio thwarts a ransomware attack. When it comes to invading your privacy, the Paris 2024 Olympics app goes for the gold. Our guest is Rakesh Nair, Senior Vice President of Engineering and Product at Devo, discussing the issues that security teams face when dealing with data control and data orchestration....

Ghost accounts haunt GitHub. Play Episode
Stargazer Goblin hosts malicious code repositories on GitHub. Crowdstrike blames buggy validations checks for last weeks major incident. The Breachforums database reveals threat actor OPSEC. Windows Hello for Business (WHfB) was found vulnerable to downgrade attacks. A medical center in the U.S. Virgin Islands is hit with ransomware. Interisle analyzes the phishing landscape. The FTC orders eight companies to explain algorithmic pricing. Meta cracks down on the Nigerian Yahoo Boys. A fake IT worker gets caught in the act. My conversation with Nic Fillingham and Wendy Zenone, co-hosts of Microsoft Security's "The Bluehat Podcast. Researchers wonder if proving youre human...

CrowdStrike and Microsoft battle blue screens across the globe. Play Episode
Mitigation continues on the global CrowdStrike outage. UK police arrest a suspected member of Scattered Spider. A scathing report from DHS says CISA ignored a directive to cut ties with a faulty contractor. Huntress finds SocGholish distributing AsyncRAT. Ransomware takes down the largest trial court in the U.S. A US regulator finds many major banks inadequately manage cyber risk. CISA adds three critical vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Australian police forces combat SMS phishing attacks. Our guest Chris Grove, Director of Cybersecurity Strategy at Nozomi Networks, shares insights on the challenges of protecting the upcoming Summer Olympics....

Squarespace's square off with hijacked domains. Play Episode
Some Squarespace users see their domains hijacked. Kaspersky Lab is shutting down US operations. BackPack APKs break malware analysis tools. Hackers use 7zip files to deliver Poco RAT malware. CISAs red-teaming reveals security failings at an unnamed federal agency. Microsoft fixes an Outlook bug triggering false security alerts. Switzerland mandates open source software in the public sector. On our Industry Voices segment, N2Ks Rick Howard speaks with Alex Lawrence and Matt Stamper from Sysdig about their 555 Cloud Security Benchmark. Bellingcat sleuths pinpoint an alleged cartel member. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll...

AT&T's not so LOL hack. Play Episode
AT&T wireless announces a massive data breach. NATO will build a cyber defense center in Belgium. The White House outlines cybersecurity budget priorities.A popular phone spyware app suffers a major data breach.Some Linksys routers are sending user credentials in the clear. Sysdig describes Crystalray malware. A massive phishing campaign is exploiting Microsoft SharePoint servers. Germany strips Huawei and ZTE from 5G infrastructure. Our guest is Brigid Johnson, Director of AWS Identity, on the importance of identity management. The EU tells X-Twitter to clean up its act or pay the price. Miss an episode? Sign-up for our daily intelligence roundup, Daily...

Old school, new threat. Play Episode
Blast-RADIUS targets a network authentication protocol. The US disrupts a Russian disinformation campaign. Anonymous messaging app NGL is slapped with fines and user restrictions. The NEA addresses AI use in classrooms. Gay Furry Hackers release data from a conservative think tank. Microsoft and Apple change course on OpenAI board seats. Australia initiates a nationwide technology security review. A Patch Tuesday rundown. Guest Jack Cable, Senior Technical Advisor at CISA, with the latest from CISA's Secure by Design Alert series. Our friend Graham Cluley ties the knot. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll never...

The age old battle between iPhone and Android. Play Episode
Microsoft is phasing out Android use for employees in China. Mastodon patches a security flaw exposing private posts. OpenAI kept a previous breach close to the vest. Nearly 10 billion passwords are leaked online. A Republican senator presses CISA for more information about a January hack. A breach of the Egyptian Health Department impacts 122,000 individuals. South Africa's National Health Laboratory Service (NHLS) suffers a ransomware attack. Eldorado is a new ransomware-as-a-service offering. CISA adds a Cisco command injection vulnerability to its Known Exploited Vulnerabilities catalog. N2Ks CSO Rick Howard catches up with AWS Vice President of Global Services Security...

TeamViewer and APT29 go toe to toe. Play Episode
TeamViewer tackles APT29 intrusion. Microsoft widens email breach alerts. Uncovering a malware epidemic. Google's distrust on Entrust. Safeguarding critical systems. FTC vs. MGM. Dont forget to backup your data. Polyfill's accidental expos. Our guest is Caitlyn Shim, Director of AWS Cloud Governance, and she recently joined N2Ks Rick Howard at AWS re:Inforce event. They're discussing cloud governance, the growth and development of AWS, and diversity. And a telecom titan becomes telecom terror. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a $100 Amazon gift card. Remember to leave us a...

E-commerce or E-spying? Play Episode
Arkansas sues Temu over privacy issues. Polyfil returns and says they were wronged. An NYPD database was found vulnerable to manipulation. Google slays the DRAGONBRIDGE. Malwarebytes flags a new Mac stealer campaign. Patch your gas chromatographs. Microsoft warns of an AI jailbreak called Skeleton Key. CISA tracks exploited vulnerabilities in GeoServer, the Linux kernel, and Roundcube Webmail. In our 'Threat Vector' segment, host David Moulton speaks with Jim Foote, CEO of First Ascent Biomedical, about his transition from Chief Information Security Officer (CISO) to leading a biotech company utilizing AI to personalize cancer treatments. Metallica is not hawking metal crypto....

A hacking keeps you humble. Play Episode
Microsofts President admits security failures in congressional testimony. Paul Nakasone joins OpenAIs board. The feds hold their first AI tabletop exercise. CISA reports on the integration of space-based infrastructure. Cleveland city hall remains closed after a cyber attack. Truist commercial bank confirms a data breach. Rockwell Automation patches three high-severity vulnerabilities. University of Illinois researchers develop autonomous AI hacking agents. Arynn Crow, Sr Manager of AWS User Authentication Products, talks with N2Ks Brandon Karpf about security through MFA and FIDO Alliance passkeys, and her work on the Digital Identity Advancement Foundation. Can an AI run for mayor? Our 2024 N2K...

Whistleblower warns of profit over protection. Play Episode
A whistleblower claims that Microsoft prioritized profit over security. U.S. warnings of global election interference continue to rise. Cyber insurance claims hit record levels. Location tracking firm Tile suffers a data breach. A new phishing kit creates Progressive Web Apps. Questioning the governments cyber silence. On todays Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, is joined by Data Privacy Attorney Daniel Rosenzweig. Together, they unravel the complexities of aligning data privacy and cybersecurity laws with technological advancements. AI powered cheating lands one student in hot water. Our 2024 N2K CyberWire Audience Survey is underway,...

Rethinking recalls. Play Episode
Microsoft makes Recall opt-in. The Senate holds hearings on federal cybersecurity standards. Snowflakes scrutiny snowballs. New York Times source code is leaked online. Ransomware leads to British hospitals' desperate need for blood donors. Cisco Talos finds 15 serious vulnerabilities in PLCs. Sticky Werewolf targets Russia and Belarus. Frontier Communications warns 750,000 customers of a data breach. Chinese nationals get prison time in Zambia for cybercrimes. N2Ks CSO Rick Howard speaks with Danielle Ruderman, Security GTM Leader, AWS about what keeps CISOs up at night. DIY cell towers can land you in hot water. Our 2024 N2K CyberWire Audience Survey is...

A snapshot of security woes. Play Episode
Microsoft's recall raises red flags. Ukraine's CERT sounds alarm. Russian hacktivists cause trouble in EU elections. DEVCORE uncovers critical code execution flaw. LastPass leaves users locked out. Apple commits to five years of iPhone security. An AI mail fail. Inside the FCC's plan to strengthen BGP protocol. Dave sits down with our guest Camille Stewart Gloster, Former Deputy National Cyber Director at the White House, as she shares a retrospective of her public service career. And lets all Cheers to cybersecurity. Our 2024 N2K CyberWire Audience Survey is underway, make your voice heard and get in the running for a...

New cybersecurity bill aims to untangle federal regulations. Play Episode
Draft legislation looks to streamline federal cybersecurity regulations. Clarity.fm exposed personal information of business leaders and celebrities. Researchers find european politicians personal info for sale on the dark web. The BBCs pension scheme suffers a breach. OpenAI disrupts covert influence operations making use of their platform. Hackers brick over 600,000 routers. Cracked copies of Microsoft office deliver a malware mix. A senator calls for accountability in the Change Healthcare ransomware attack. On our Industry Voices segment, we hear from SpyClouds Chip Witt, on navigating the threat of digital identity exposure. Florida man becomes Moscows fake-news puppet. Our 2024 N2K CyberWire...

Alleged leaked files expose a dirty secret. Play Episode
An alleged leak of Googles search algorithm contradicts the companys public statements. German researchers discover a critical vulnerability in a TP-Link router. Breachforums is backmaybe. The Seattle Public Library suffers a ransomware attack. A Georgia man gets ten years for money laundering and romance scams, and the Treasury department sanctions a group of botnet operators. 44,000 individuals are affected by the breach of a major U.S. title insurance company. Microsoft describes North Koreas Moonstone Sleet. Advocating for a more architectural approach to cybersecurity. Maria Varmazis speaks with WiCyS Executive Director Lynn Dohm and a panel of N2K experts about the...

Checkmate at check in. Play Episode
Spyware is discovered on U.S. hotel check in systems. A Microsoft outage affects multiple services. Bitdefender uncovers Unfading Sea Haze. University of Maryland researchers find flaws in Apples Wi-Fi positioning system. Scotlands NRS reveals a sensitive data leak. Rapid7 tracks the rise in zero-day exploits and mass compromise events. The SEC hits the operator of the New York Stock Exchange with a ten million dollar fine. Operation Diplomatic Specter targets political entities in the Middle East, Africa, and Asia. The FCC considers AI disclosure rules for political ads. N2K T-Minus Space Daily podcast host Maria Varmazis speaks with guests Brianna...

Privacy nightmare or useful tool? Play Episode
Some say Microsofts Recall should be. A breach of a Texas healthcare provided affects over four hundred thousand. Police in the Philippines shut down services following a breach. Ivanti patches multiple products. GitHub fixes a critical authentication bypass vulnerability. Researchers discover critical vulnerabilities in Honeywells ControlEdge Unit Operations Controller. The DoD releases their Cybersecurity Reciprocity Playbook. Hackers leak a database with millions of Americans criminal records. Mastercard speeds fraud detection with AI. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's ISC2 CISSP certification journey, diving into Domain 5: Identity and Access Management....

Double key encryption debate. Play Episode
Germanys BSI sues Microsoft for more information on recent security incidents. Julian Assange can appeal his U.S. extradition. AI chatbots may have itchy trigger fingers. CISA warns of vulnerabilities affecting Google Chrome and D-Link routers. Ham Radios association suffers a data breach. New underground marketplaces pop up to replace BreachForums. An updated banking trojan targets users in Central and South America. Cybercoms founders share its origin story. Examining gender bias in open source software contributors. For our Industry Voices segment, guest Chris Pierson, CEO at BlackCloak, met up with N2Ks Brandon Karpf at the 2024 RSA Conference to discuss personal...

A bipartisan blueprint for American leadership. Play Episode
U.S. Senators look to enhance American leadership in AI. Federal Agencies Warn of Rising Cyberattacks on Civil Society. The Pentagon says theyre satisfied with Microsofts post-breach security pivots. Patch Tuesday updates. A Mississippi health system alerts users of a post-ransomware data breach. The FTC cautions automakers over data collection. CISOs feel pressure to understate cyber risks. On the Learning Layer, Sam and Joe continue their certification journey. Guest Sarah Powazek of UC Berkeley's Center for Long-Term Cybersecurity (CLTC) speaks with N2Ks Brandon Karpf about cyber civil defense clinics. A crypto mixing service developer finds himself behind bars. Our 2024 N2K...

The double-edged sword of cyber espionage. [Research Saturday] Play Episode
Dick O'Brien from Symantec Threat Hunter team is discussing their research on Graph: Growing number of threats leveraging Microsoft API. The team observed an increasing number of threats that have begun to leverage the MicrosoftGraph API, usually to facilitate communications with command-and-control (C&C) infrastructure hosted on Microsoft cloud services. The research states "the technique was most recently used in an attack against an organization in Ukraine, where a previously undocumented piece of malware used the Graph API to leverage Microsoft OneDrive for C&C purposes." The research can be found here: Graph: Growing number of threats leveraging Microsoft API Learn more...

Charting the course: Biden's blueprint for global cybersecurity. Play Episode
Secretary of State Antony Blinken is set to unveil a new international cybersecurity strategy at the RSA Conference in San Francisco. Paris prepares for Olympic-sized cybersecurity threats. Wichita, Kansas is recovering from a ransomware attack. A massive data breach hits citizens of El Salvador. Researchers steal cookies to bypass authentication. Cuckoo malware targets macOS systems. Iranian threat actors pose as journalists to infiltrate network targets. A former Microsoft insider analyzes the companys recommitment to cybersecurity. Guest Mark Terenzoni, Director of Risk Management at AWS, joins N2Ks Rick Howard to discuss the benefits of security lakes in a post-AI world. Ukrainian...

Ransomware attack turns legal attack. Play Episode
A Texas operator of rehab facilities faces multiple lawsuits after a ransomware attack. Microsoft warns Android developers to steer clear of the Dirty Stream. The Feds warn of North Korean social engineering. A flaw in the R programming language has been patched. Zloader borrows stealthiness from ZeuS. The GAO highlights gaps in NASAs cybersecurity measures. Indonesia is a spyware hot-spot. Germany summons a top Russian envoy to address cyber-attacks linked to Russian military intelligence. An Israeli PI is arrested in London following allegations of a cyberespionage campaign. In our Industry Voices segment, Allison Ritter, Senior Product Manager from Cyberbit shares...

Dropbox sign breach exposes secrets. Play Episode
Dropboxs secure signature service suffers a breach. CISA is set to announce a voluntary pledge toward enhanced security. Five Eyes partners issue security recommendations for critical infrastructure. Microsoft acknowledges VPN issues after recent security updates. LockBit releases data from a hospital in France. One of REvils leaders gets 14 years in prison. An Phishing-as-a-Service provider gets taken down by international law enforcement. China limits Teslas over security concerns. In our Threat Vector segment, David Moulton from Unit 42 explores Adversarial AI and Deepfakes with two expert guests, Billy Hewlett, and Tony Huynh. NightDragon founder and CEO Dave Dewalt joins us...

Kaiser Permanente's privacy predicament. Play Episode
Healthcare providers report breaches affecting millions. PlugX malware is found in over 170 countries. Hackers exploit an old vulnerability to launch Cobalt Strike. A popular Wordpress plugin is under active exploitation. Developing nations may serve as a test bed for malware developers. German authorities question Microsoft over Russian hacks. CISA celebrates the success of their ransomware warning program. Our guest is Eric Goldstein, Executive Assistant Director for Cybersecurity at CISA, discussing open source software. Password trends are a mixed bag. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our...

The shadowy adversary in Cisco's crosshairs. Play Episode
Cisco releases urgent patches for their Adaptive Security Appliances. Android powered smart TVs could expose Gmail inboxes. The FTC refunds millions to Amazon Ring customers. The DOJ charges crypto-mixers with money laundering. A critical vulnerability has been disclosed in the Flowmon network monitoring tool. A Swiss blood donation company reopens following a ransomware attack. Multiple vulnerabilities are discovered in the Brocade SANnav storage area network management application. Brokewell is a new Android banking trojan. Metas ad business continues to face scrutiny in the EU. Ann Johnson, host of Microsoft Securitys Afternoon Cyber Tea podcast speaks with LinkedIn's CISO Geoff Belknap....

Visa crackdown against spyware swindlers. Play Episode
The State Department puts visa restrictions on spyware developers. UnitedHealth says its recent breach could affect tens of millions of Americans. LockBit leaks data allegedly stolen from the DC government. Microsoft says APT28 has hatched a GooseEgg. The White House and HHS update HIPAA rules to protect private medical data. Keyboard apps prove vulnerable. A New Hampshire hospital suffers a data breach. Microsofts DRM may be vulnerable to compromise. On our Industry Voices segment, Ian Leatherman, Security Strategist at Microsoft, discusses raising the bar for security in the software supply chain. GoogleTeller just cant keep quiet. Remember to leave us...

Privacy, power, and the path forward. Play Episode
Section 702 edges closer to a vote. CISA provides guidance on Sisense and Microsoft breaches. A major conservative think tank reports a breach. Obsolete D-Link devices are under active exploitation, and Palo Alto warns of a zero-day. Raspberry Robin grows more stealthy. A lastpass employee thwarts a deepfake phishing attempt. Are AI models growing more persuasive? Our guest Kevin Magee from Microsoft Canada joins us to talk about cross domain prompt injection and AI. Floppies keep the trains running on time. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for...

From deadlock to debate on a revised Section 702 bill. Play Episode
The House moves forward on Section 702 reauthorization. Ukraine suspends a top cybersecurity official. A Wisconsin health coop suffers a data breach. Sophos uncovers a malicious backdoor. Fortinet issues patches for critical and high severity vulnerabilities. A Microsoft server exposed employee passwords, keys, and credentials. LG releases patches to secure smart TVs. The IMF warns of cyberattacks potential to trigger bank runs. It was a busy patch Tuesday. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and how to avoid frustration when you get a practice question wrong. X...

Unraveling a healthcare ransomware web. Play Episode
Change Healthcare gets hit with another ransom demand. A French football team warns fans of a cyberattack. The Home Depot breach is chalked up to a misconfigured SaaS application. The FCC looks to sure up car connectivity security to protect survivors of domestic violence. Targus reports a disruptive cyberattack. A massive doxxing event hits El Salvador. India's top audio and wearables brand investigates a customer data breach. The Israeli military jams GPS. Microsoft Securitys Ann Johnson, host of Afternoon Cyber Tea podcast, shares a segment of her latest episode featuring Jason Healey, founding scholar and director for cyber efforts at...

Deciphering the Acuity cybersecurity incident. Play Episode
Acuity downplays its recent breach. IcedID gives way to a new malware strain. Russia arrests alleged credit card thieves. Wiz uncovers security flaws in Hugging Face AI models. NERC and the E-ISAC review lessons learned from simulated attacks on the electrical grid. UK police track honey traps targeting MPs. Microsoft says China is actively trying to influence US elections. A major global lens maker suffers a cyber attack. Guest Dick O'Brien from the Symantec Threat Hunter Team shares how ransomware operators adapt to disruption. And SEO under threat of legal action. Remember to leave us a 5-star rating and review...

Biden administration brings down the hammer. Play Episode
The Cyber Safety Review Board hands Microsoft a scathing report. Jackson County, Missouri declares a state of emergency following a ransomware attack. The concerning growth of Chinese brands in U.S. critical infrastructure. Malware campaigns make use of YouTube. OWASP issues a data breach warning. Trend Micro tracks LockBits faltering rebound. Indias government cloud service leaks personal data. ChatGPT jailbreaks spread on popular hacker forums. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1. And you can no longer...

A battle against malware. Play Episode
PyPI puts a temporary hold on operations. OMB outlines federal AI governance. Germany sounds the alarm on Microsoft Exchange server updates. Cisco patches potential denial of service vulnerabilities. The US puts a big bounty on BlackCat. Darcula and Tycoon are sophisticated phishing as a service platforms. Dont dilly-dally on the latest Chrome update. On our Threat Vector segment, host David Moulton has guest Sam Rubin, VP and Global Head of Operations at Unit 42, to discuss Sam's testimony to the US Congress on the multifaceted landscape of ransomware attacks, AI, and automation, the need for more cybersecurity education. And Data...

If there's something strange in your neighborhood, don't call Facebook. Play Episode
Facebook's Secret Mission to Unmask Snapchat. The White House wants AI audits. Hackers exploit the open-source Ray AI framework. Finnish Police ID those responsible for the 2021 parliament breach. Operation FlightNight targets Indian government and energy sectors. Chinese APT groups target ASEAN entities. A notorious robocaller is rung up for nearly ten million dollars. In our latest Learning Layer, join Sam Meisenberg as he unpacks the intricacies of the CISSP diagnostic with Joe Carrigan from Johns Hopkins University. And Ann Johnson from Microsoft's Afternoon Cyber Tea visits the world of Smashing Security with Graham Cluley and Carole Theriault . And...

Safeguarding American data from foreign hands. Play Episode
The House Unanimously Passes a Bill to Halt Sale of American Data to Foreign Foes. The U.S. Sanctions Russian Individuals and Entities for a Global Disinformation Campaign. China warns of cyber threats from foreign hacking groups. A logistics firm isolates its Canadian division after a cyber attack. Ivanti warns of another critical vulnerability. Researchers find hundreds of vulnerable Firebase instances. Microsoft phases out weaker encryption. Formula One fans fight phishing in the fast lane. Glassdoor is accused of adding real names to profiles without user consent. Our guest is Adam Meyers, SVP of Counter Adversary Operations at CrowdStrike, discussing how...

Biden's cyber splash in protecting the nation's water systems. Play Episode
The White House Mobilizes a National Effort to Shield Water Systems from Cyber Threats and Announces Major Investment in U.S. Chip Manufacturing. The U.S. and Allies Issue Fresh Warnings on China's Volt Typhoon Cyber Threats to Critical Infrastructure. Microsoft Streamlines 365 Services with a Unified Cloud Domain. Ukrainian authorities take down a credential theft operation. LockBit claims another pharmaceutical company. A popular Wordpress plugin puts tens of thousands of websites at risk. A breach at Mintlify compromises GitHub tokens. An Idaho man pleads guilty to online extortion. The SEC fines firms for AI washing. Weve got part two of our...

The hot pursuit of Volt Typhoon. Play Episode
Volt Typhoon retains the attention of US investigators. The IMF reports a cyber breach. Fujitsu finds malware on internal systems. Securonix researchers describe DEEP#GOSU targeting South Korea. Subsea cable breaks leave West and Central Africa offline. Health care groups oppose enhanced cyber security regulations. A Pennsylvania school district grapples with a ransomware attack. AT&T denies a data leak. Our guest Kevin Magee of Microsoft Canada shared his experiments with board reporting. And Apex Legends eSports competitors get some unexpected upgrades. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our...

From breach to battle: The escalating threat of Midnight Blizzard. Play Episode
Russian hackers persist against Microsofts internal systems. Change Healthcare systems are slowly coming back online. Russian propaganda sites masquerade as local news. Swiss government info is leaked on the darknet. Krebs on Security turns the tables on the Radaris online data broker. The NSA highlights the fundamentals of Zero Trust. The British Library publishes lessons learned from their ransomware attack. Researchers run a global prompt hacking competition. CheckPoint looks at Magnet Goblin. Experts highlight the need for psychological safety in cyber security. Our guest is Dinah Davis, Founder and Editor-In-Chief of Code Like A Girl, sharing the work they do...

A secret scheme resulting in stolen secrets. Play Episode
A former Google software engineer is charged with stealing AI tech for China. State attorneys general from forty-one states call out Meta over account takeover issues. Researchers demonstrate a Stuxnet-like attack using PLCs. Buyer beware - A miniPC comes equipped with pre installed malware. A Microsoft engineer wants the FTC to take a closer look at Copilot Designer. Theres a snake in Facebooks walled garden. Bruce Schneier wonders if AI can strengthen democracy. On our Industry Voices segment, guest Jason Lamar, Senior Vice President of Product at Cobalt, joins us to discuss offensive security strategy. And NIST works hard to...

Crackdown on privacy leads to a multi-million dollar fine. Play Episode
The FTC fines Avast over privacy violations. ConnectWise's ScreenConnect is under active exploitation. AT&T restores services nationwide. An Australian telecom provider suffers a data breach. EU Member States publish a cybersecurity and resilience report. Microsoft unleashes a PyRIT. A new infostealer targets the oil and gas sector. A cyberattack cripples a major US healthcare provider. Our guest is Kevin Magee from Microsoft Canada with insights on why cybersecurity startups in Ireland are having so much success building new companies there. And a USB device is buzzing with malware. Remember to leave us a 5-star rating and review in your favorite...

An AI arms race. Play Episode
Microsoft highlights adversaries experiments with AI LLMs. A misconfiguration exposes a decades worth of emails. SentinelOne describes Kryptina ransomware as a service. The European Court of Human Rights rules against backdoors. Senator Wyden calls out a location data broker. GoldFactory steals facial scans to bypass bank security. The Glow fertility app exposes the data of twenty five million users. Qakbot returns. Our Guest Rob Boyce from Accenture talks about tailored extortion. And hacking the airport taxi line leads to prison. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our...

Its always DNS, but that may just be FUD. Play Episode
Its always DNS, but that may just be FUD. The DoD notifies victims of a cloud email server leak. New Jersey cops sue online data brokers. Crooks use WiFi jammers to thwart security systems. A copyright case against OpenAI is partially dismissed. Patch Tuesday includes two actively exploited zero days. CharmingCypress gathers political intelligence. Ann Johnson from Microsoft Securitys Afternoon Cyber Tea podcast talks with Frank Cilluffo, Director for Cyber and Critical Infrastructure Security at the McCrary Institute of Auburn University, about cyber and critical infrastructure. And beware Cupids misleading arrow. Remember to leave us a 5-star rating and review...

VPN compromise causes concerns. Play Episode
Global Affairs Canada investigates a major data breach. New York sues Citibank over inadequate online security. Alpha ransomware launches a dedicated leak site on the dark web. A leaked database with 50 million records may or may not be real. CISA and the FBI provide guidance for SOHO routers.Patch em if ya got em. Krustyloader exploits Ivanti weaknesses. Unit 42 tracks a large-scale scareware campaign. Alex Stamos calls Microsofts security strategies morally indefensible. Our guests are Gianna Whitver and Maria Velasquez from the Cybersecurity Marketing Society to talk about their new podcast "Breaking Through in Cybersecurity Marketing." And do you...

A Typhoon counter. Play Episode
The U.S. counters a Chinese hacking campaign. Juniper issues out of band patches. Schneider Electric suffers a ransomware attack. Over a million and a half individuals are affected by an insurance consulting firm breach. AT&T finds DarkGate malware leveraging Microsoft teams. The White House is set to require AI developers to share safety test results. Resecurity finds high level credentials posted online. Zscaler says Zloader malware is back. The Georgia county prosecuting former President Trump got hit with a cyberattack. Microsofts Ann Johnson speaks with guest Deneen DeFiore, Vice President and Chief Information Security Officer at United Airlines, about cybersecurity...

Midnight Blizzard brings the storm. Play Episode
Russian state hackers breach Microsoft. LockBit claims Subway restaurants hack. A Swedish datacenter is hit with ransomware. VMware patches a vulnerability targeted by Chinese espionage groups. Sentinel Labs warns of North Korean APTs focus on cybersecurity pros. FTC order another data broker to restrict location data. US Feds release security guidance for water and wastewater sectors. Senators question the DOJ on facial recognition technology.Ukraines Monobank gets DDoSed. N2Ks CSO Rick Howard joins us to share some insight into what he and the Hash Table are cooking up for the upcoming season of his CSO Perspectives podcast. The passing of a...

New malware, new threats. Play Episode
Microsoft warns of an Iranian cyberespionage group. The CyberSafety Review Board receives critical reviews of its own. VMWare warns of active product exploitation. Tax info gets leaked in accounting firm breach. Kansas State University reports a cyber incident. CISA adds Citrix Netscaler vulnerabilities to its Known Exploited Vulnerabilities catalog. Councils in the UK suffer online disruptions. Cyber insurance can be a double edged sword. More email security breaches lead to firings. In our Solution Spotlight, N2K President Simone Petrella speaks with Michelle Amante of the Partnership for Public Service With an update on the Cybersecurity Talent Initiative. And its shields...

Apple's clickless exploit. Play Episode
A zero-click exploit affects iPhones belonging to Kaspersky employees. A GRU cyber campaign incorporates novel malware. The Indian government targets Apple over hacking attempts. Microsoft disables App Installer. Australian courts AV is compromised. A BlackBasta decryptor is released. Cyber Toufan claims attacks against Israeli targets. Patients in Oklahoma face online extortion. LoanCare customers data is at risk. Google settles a private browsing lawsuit. Barracuda patches a zero-day. That Chinese spy balloon was making a local call. And then Caleb Barlow, a friend of our show, shares password security tips you should know. Remember to leave us a 5-star rating and...

Microsoft EVP Charlie Bell on the Future of Security [Afternoon Cyber Tea] Play Episode
Microsoft Security EVP Charlie Bell joins Ann on this week's episode of Afternoon Cyber Tea. Charlie has over four decades in the tech industry, from developing space shuttle software to leading the creation of Amazon Web Services' decentralized engineering system and now leading Microsofts effort to makethe digital worldsafe and secure for everyone on the planet. Ann and Charlie discuss AI, the Security ecosystem, and why he thinks speed and acceleration of problem-solving are so relevant today. Resources: View Charlie Bell on LinkedIn View Ann Johnson on LinkedIn Related Microsoft Podcasts: Listen to: Uncovering Hidden Risks Listen to: Security Unlocked...

A dark web take down. Play Episode
The FBI takes down ALPHV/BlackCat. Comcast reveals breach of nearly 36 million Xfinity customers. Microsoft and Cyberspace Solarium Commission release water sector security report. Malware increasingly uses public infrastructure. Iran's Seedworm and its telco targets. QR code scams. Feds release joint analysis of 2022 election integrity. Joint advisory on Play ransomware group. In todays Mr Security Answer Person, John Pescatore considers the risks of AI. Rick Howard talks with Lauren Brennan of GuidePoint Security about evaluating and maturing your SOC. Iranian gas stations running on empty. Remember to leave us a 5-star rating and review in your favorite podcast app....

14 million customers and stolen data. Play Episode
A US mortgage company reveals major data breach. Updates from CISA. NSA provides guidance on SBOMs. MongoDB warns customers of a breach. BlackCat/ALPHV is still a market leader, but feeling competitive pressure. Reassessing the effects of Log4shell. The International Committee of the Red Cross calls for restraint in cyber warfare. Ransomware hits a cancer center. Ann Johnson, host of Microsoft Securitys Afternoon Cyber Tea podcast goes beyond basics with her guest Tanya Janca, founder of WeHackPurple. And what can I do to make you take home this chatbot today? Remember to leave us a 5-star rating and review in your...

Shedding light on fighting Ursa. [Research Saturday] Play Episode
Host of the CyberWire Daily podcast segment Threat Vector, David Moulton sits down with Mike "Siko" Sikorski from Palo Alto Networks Unit 42 to discuss their research on "Fighting Ursa Aka APT28: Illuminating a Covert Campaign." Unit 42 just published new threat intelligence on Fighting Ursa (aka APT28), a group associated with Russia's military intelligence, on how they are exploiting a Microsoft Outlook vulnerability (CVE-2023-23397) to target organizations in NATO member countries, Ukraine, Jordan, and the UAE. These organizations are of strategic importance in defense, foreign affairs, economy, energy, transportation, and telecommunications. The research can be found here: Fighting Ursa...

Remapping privacy. Play Episode
Google boosts Maps privacy, a court shields password disclosure, feds foil a massive scam operation, Iran-Israel cyber tensions escalate, Idaho National Labs reports a significant data breach, a security engineer's cybercrime confession. N2Ks Rick Howard reports from the recent MITRE ATT&CK con, speaking with Blake Strom of Microsoft about 10 years of the MITRE ATT&CK Framework. And Brian Krebs' relentless investigation into the Target breach. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and youll never miss a beat. And be sure to...

Taking down the storm. Play Episode
Microsoft takes down the Storm-1152 cybercrime operation. GambleForce is a newly discovered threat actor. The SVR exploits a JetBrains TeamCity vulnerability. US Postal Service impersonation. Malicious ads associated with Zoom. An update on the cyberattack against Kyivstar. Apache issues a Struts 2 security advisory. The FCC adopts new data breach rules. In our latest Threat Vector segment, David Moulton and Palo Alto Networks Madeline Sedgwick discuss the skills and methods necessary for understanding threat actor intent and behaviors. And the State Department's Global Engagement Center is under fire. Remember to leave us a 5-star rating and review in your favorite...

The United Kingdom's catastrophic ransomware attack. Play Episode
The UK faces a looming threat of a catastrophic ransomware attack. The Senate confirms a new National Cyber Director. The rivalry between malware groups BatLoader and FakeBat. BazarCall phishing attack and its unusual use of Google Forms. A serious vulnerability threatens K-12 student data. Spiderman game developer Insomniac Games becomes the latest ransomware victim. Todays guest is Tim Starks from the Washington Posts Cybersecurity 202 with Chinas influence operations in Taiwan, along with a look back at 2023. We'll touch on Microsoft's Patch Tuesday and why outdated password policies are still a problem. Remember to leave us a 5-star rating...

On the hunt for popping up kernel drives. [Research Saturday] Play Episode
Dana Behling, researcher from Carbon Black, sharing their work on "Hunting Vulnerable Kernel Drivers." The Carbon Black Threat Analysis Unit (TAU) discovered 34 unique vulnerable drivers, six of which allow kernel memory access, accepting firmware access. TAU reported the issues to the vendors whose drivers had valid signatures at the time of discovery, but only two vendors fixed the vulnerabilities. TAU is calling for more comprehensive approaches in the future than the current banned-list method used by Microsoft. The research states "By exploiting the vulnerable drivers, an attacker without the system privilege may erase/alter firmware, and/or elevate privileges." The research...

Iran behind attacks on PLCs. Play Episode
The US and Israel attribute attacks on PLCs to Iran. Agent Raccoon backdoors organizations on three continents. XDSpy is reported to be phishing the Russian defense sector. Trends in digital banking fraud. Repojacking Go module repositories. Ann Johnson from Afternoon Cyber Tea speaks with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. And when it comes to security, don't look to the stars. CyberWire Guest Guest is Ann Johnson from Afternoon Cyber Tea talking with Lynn Dohm, executive director of WiCyS, about the power of diverse perspectives. Tune in to Microsoft Securitys Afternoon Cyber Tea podcast...

Wyden blocks the senate vote. Play Episode
Senator Wyden blocks the Senate vote on the new NSA and Cyber Command lead. GPS interference is attributed to Iran. Meta identifies and removes Chinese and Russian accounts and groups for coordinated inauthenticity. The EU Council president proposes European cyber force with offensive capabilities. Twisted Spider is observed conducting new ransomware campaigns. Staples sustains a cyberattack. Apple releases security updates for two actively exploited zero-days. On todays Mr. Security Answer Person segment, John Pescatore joins us to talk about Microsoft's Secure Future Initiative. And how can you tell if your bot is involved in insider trading? CyberWire Guests On todays...

Threat actors with mixed motives: from the political to the financial. Play Episode
OpenAI's continuing turmoil. Crypto firm sustains API attack. Konni campaign phishes with a Russian document as bait. LockBit's third-party compromise of Canadian government personnel data. Ukraine removes senior security officials under suspicion of graft. Dave Bittner sits down with Steve Winterfeld from Akamai to discuss emerging threats in the financial services sector. And Idaho National Laboratory sustains data breach. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/222 Selected reading. Company that created ChatGPT is thrown into turmoil after Microsoft hires its ousted CEO (AP News) The Doomed Mission Behind Sam Altmans Shock Ouster...

Cybercriminals at the service of the state, and an array of new underworld tools. Play Episode
Data brokers offer information on active US military personnel. Current BlueNoroff activity. A new Gootloader variant is active in the wild. Atlassian vulnerabilities actively exploited. The prevalence of breaches. Update on a Barracuda vulnerability. Hacktivism and the cyber course of the Hamas-Israel war. Bot-hunting in Ukraine. Microsofts Ann Johnson from Afternoon Cyber Tea speaks with Sharon Barber, Chief Information Officer at Lloyds Banking Group, about cyber trends in financial services. Ben Yelin looks at the ease of purchasing US military personnel data from data brokersAnd election security is in the newsan off-year election is an election nonetheless. For links to...

In the offense-defense see-saw, the defense seems to be rising. Play Episode
An Apache vulnerability is being used to install ransomware. Exploitation of Citrix vulnerability in the wild. AP sustains DDoS attack. HHS reaches settlement in HIPAA data breach incident. More evidence of OSINT's reach. On the Solution Spotlight: Simone Petrella and Rick Howard speak with Ben Rothke about his article and thoughts on "Is there really an information security jobs crisis?" Andrea Little Limbago from Interos joins us to discuss SEC and the disclosure rules. And, Microsoft draws a lesson from Russia's war: cyber defense now has the advantage over cyber offense. For links to all of today's stories check out...

Social engineering as a blunt instrumentalmost like swatting without the middleman. Play Episode
Eastern European gangs overcome their reservations about working with anglophone criminals. Mirth Connect is vulnerable to a critical flaw. A look at a mercenary spyware strain. PepsiCo as phishbait. Ben Yelin explains the FCCs renewed interest in Net Neutrality. Our guest is Wade Baker from the Cyentia Institute with insights on measuring risk. And Europol thinks police should take a good look at quantum computing and law enforcement. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/206 Selected reading. Octo Tempest crosses boundaries to facilitate extortion, encryption, and destruction (Microsoft Security) MGM Resorts hackers...

AI aint misbehavin, except when it does. Also, privateers and hacktivist auxiliaries get busy. Play Episode
Teaching AI to misbehave. Ransomware's effect on healthcare downtime. Two reports on the state of cybersecurity in the financial services sector. Possible connections between Hamas and Quds Force. Ukrainian cyber authorities report a rise in privateering Smokeloader attacks. Russian hacktivist auxiliaries strike Czech targets. My conversation with Sherrod DeGrippo, host of The Microsoft Threat Intelligence Podcast. Jay Bhalodia from Microsoft Federal shares insights on multi-cloud security. And Winter Vivern exploits a mail service 0-day. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/204 Selected reading. AI vs. human deceit: Unravelling the new age of...

Downloading cracked software. [Research Saturday] Play Episode
David Liebenberg from Cisco Talos joins to discussing Talos' discovery of cracked Microsoft Windows software being downloaded by enterprise users across the globe. Downloading and running this compromised software not only serves as an entry point for threat actors, but can serve as a gateway to access control systems and establish backdoors. Talos identified additional malware, including RATs, on endpoints running this cracked software, which allows an attacker to gain unauthorized remote access to the compromised system, providing the attacker with various capabilities, such as controlling the system, capturing screenshots, recording keystrokes and exfiltrating sensitive information. This research article was...

Peach Sandstorm cyberespionage. Criminal attacks against a Colombian telco and two major US casino firms. A thief in the browser. And the Greater Manchester Police are on a virtual manhunt. Play Episode
"Peach Sandstorm" is an Iranian cyberespionage campaign. A Cyberattack against a telecom provider affects government and corporate online operations in Colombia. Python NodeStealer takes browser credentials. Caesars Entertainment files its 8-K. Some MGM Entertainment systems remain down. Betsy Carmelite from Booz Allen talking about how to leverage cyber psychology. Ron Reiter of Sentra outlines the threats for connected cars. And a third-party incident exposes personal data of the Manchester police. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/177 Selected reading. Peach Sandstorm password spray campaigns enable intelligence collection at high-value targets (Microsoft) Hackers...

How one access broker gets its initial access (its through novel phishing). Be alert for deepfakes, US authorities say. The Pentagons new cyber strategy. And a reminder: yesterday was Patch Tuesday. Play Episode
An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense publishes its 2023 Cyber Strategy. Ann Johnson from the Afternoon Cyber Tea podcast speaks with with Jenny Radcliffe about the rise in social engineering. Deepen Desai from Zscaler shares a technical analysis of Bandit Stealer. And a quick reminder: yesterday was Patch Tuesday. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/175 Selected reading. Malware distributor Storm-0324 facilitates ransomware access (Microsoft Security) 3AM:...

Microsoft releases results of investigation into cloud email compromise. A buggy booking service. Adversary emulation for OT networks. Identity protection trends. Notes from the hybrid war. Play Episode
Microsoft releases results of their investigation into cloud email compromise. A vulnerability affects a resort booking service. Adversary emulation for OT networks. Identity protection and identity attack surfaces. Sanctioning privateers (with a bonus on vacation ideas). Rob Boyce from Accenture Security tracks new trends in ransomware. Our Threat Vector segment features Mastering IR Sniping A Deliberate Approach to Cybersecurity Investigations with Chris Brewer. And Estonia warns of ongoing cyber threats. On this segment of Threat Vector, Chris Brewer, a Director at Unit 42 and expert in digital forensics and incident response, joins host David Moulton discussing Mastering IR Sniping: A...

An international hunt bags Qakbots infrastructure. Anticipating remediation. Adversaries in the middle. More effective phishbait. Air travel disruption was a glitch, not an attack. Hybrid war update. Play Episode
An international operation takes down Qakbot. Chinese threat actors anticipated Barracuda remediations. A look at adversary-in-the-middle attacks, making phishbait more effective and the emergence of a new ransomware threat. Narrative themes in Russian influence operations. My conversation with Natasha Eastman from (CISA), Bill Newhouse from (NIST), and Troy Lange from (NSA) to discuss their recent joint advisory on post-quantum readiness. Microsofts Ann Johnson from Afternoon Cyber Tea speaks with Cyber Threat Alliance President and CEO Michael Daniel about the current state of cybercrime. And when toilet bowls are outlawed, only outlaws will have toilet bowls. Listen to the full conversation...

Investigating Chinas Storm-0558. Monti ransomware is back. Evasive phishing. Realtors MLS taken down in ransomware incident. News from Russias hybrid war. And in-game scams. Play Episode
New targets of Chinese cyberespionage are uncovered. Monti ransomware is back. An evasive phishing campaign exposed. A Realtors' network taken down by cyberattack. A closer look at NoName057(16). Perspective on cyberwar - remember Pearl Harbor, but dont see it everywhere. Ben Yelin on the Consumer Financial Protection Bureaus plans to regulate surveillance tech. Microsofts Ann Johnson and Charlie Bell ponder the future of security. And scammers are targeting kids playing Fortnite and Roblox. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/155 Selected reading. Chinese spies who read State Dept. email also hacked GOP...

Attacks on industrial systems in Europe and Africa. LolekHosted arrests. Notes from the hybrid war. The CSRB will investigate the cyberespionage campaign that exploited Microsoft Exchange. Play Episode
An African power generator has been targeted by ransomware. The APT31 group is believed to be responsible for attacks on industrial systems in Eastern Europe. There have been arrests related to the takedown of LolekHosted. Ukraine's SBU has alleged that Russia's GRU is using specialized malware to attack Starlink. Microsoft has decided not to extend licenses for its products in Russia. Rick Howard opens his toolbox on DDOS. In our Solution Spotlight: Simone Petrella and Camille Stewart Gloster discuss the White House release of its cybersecurity workforce and education strategy. And the Cyber Safety Review Board will be investigating cases...

2022s top exploited vulnerabilities are still a risk. Rilide in the wild. Abusing a legitimate tool. Malicious PyPi packages. A brief update on the cyber aspects of Russias hybrid war. Play Episode
The Five Eyes warn against top exploited vulnerabilities. The Rilide info stealer in the wild. Malicious PyPI packages. Valerie Abend, Global Cyber Strategy Lead from Accenture, unpacks the Securities and Exchange Commissions recently announced cyber regulations. In our Solution spotlight: Our own Simone Patrella speaks with Microsofts Ann Johnson on how Microsoft is attracting and retaining top cyber talent. And cyber attacks continue to gutter on both sides of Russia's war against Ukraine. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/148 Selected reading. CISA, NSA, FBI, and International Partners Release Joint CSA on...

Phishing for leeches. [Research Saturday] Play Episode
Ashlee Benge from ReversingLabs discussing their research titled "Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks." Researchers recently discovered over a dozen malicious packages published to the npm open source repository. These packages are targeting Microsoft 365 users and appear to target application end users while also supporting email phishing campaigns. Research supports that the malicious campaign encompassed more than a dozen files designed to steal sensitive user credentials. The research states "This most recent campaign caught our attention because of a number of features and characteristics in related npm packages that correlate with malicious intent." The...

Mirai hits the honeypots. Medical device telemetry attacked. More on infostealers in the C2C market. Third-party risk management practices. Cyber skills gaps in the UK. SiegedSec hits NATO sites Play Episode
The Mirai botnet afflicts Tomcat. CardioComm services are downed by cyberattack. Uptycs calls infostealers organization killers" as related security incidents double in a year. Legacy third-party risk management practices meet with dissatisfaction. Cyber skill gaps reported in the UK's workforce. Our guest is George Prichici of OPSWAT with a look at a Microsoft Teams vulnerability. Our new Threat Vector segment features a conversation with David Moulton and Michael Sikorski on the potential threats from LLMs and AI.And SiegedSec hits NATO sites. On this first segment of Threat Vector, Michael "Siko" Sikorski, CTO & VP of Engineering for Unit 42, joins...

Taking steps to stop a Chinese APT. Implementing the US National Cybersecurity Strategy. LokiBot is back. Malware masquerading as a proof-of-concept. Swapping cyber ops in a hybrid war. Play Episode
CISA and the FBI issue a joint Cybersecurity Advisory on exploitation of Microsoft Exchange Online. Implementing the US National Cybersecurity Strategy. FortiGuard discovers a new LokiBot campaign. Training code turns out to be malicious in a new proof-of-concept attack discovered on GitHub. Russia resumes its pursuit of a "sovereign Internet." The GRU's offensive cyber tactics. Chris Novak from Verizon discusses business email compromise and the 2023 DBIR. Our guest is Joy Beland of Summit 7 on the role of Managed Service Providers in the supply chain to the Defense Industrial Base. And a probable Ukrainian false-flag operation. For links to...

Cyberespionage and used car salesmen. Email extortion through embarrassment, not encryption. The personal is the professional. And a look back at Patch Tuesday. Play Episode
A Chinese threat actor hits US organizations with a Microsoft cloud exploit. Open source tools allow threat actors to exploit a loophole in Microsoft's kernel driver authentication procedures. A RomCom update. Beamer phishbait, email extortion attacks and digital blackmail. A new report concludes companies allowing personal employee devices onto their network are opening themselves to attack. Tim Starks from the Washington Post looks at Microsofts recent woes. Our guest is Eyal Benishti from IRONSCALES with insights on business email compromise. And a July Patch Tuesday retrospective. For links to all of today's stories check out our CyberWire daily news briefing:...

New phishing campaigns hit Microsoft 365 and Adobe users. Big Head ransomware. Multichain bridge compromised. CISA adds a KEV. Progress patches MOVEit. Telegram's role in Russia's war. Play Episode
New phishing campaigns afflict users of Microsoft 365 and Adobe. An analysis of Big Head ransomware. Multichain reports a crypto heist with over $100 million stolen. CISA makes an addition to the Known Exploited Vulnerability Catalog. Progress Software issues additional MOVEit patches. The FBIs Deputy Assistant Director for Cyber Cynthia Kaiser joins us with examples of the agencys technical disruption operations. Our guest is Scott Piper Principal Cloud Security Researcher at Wiz sharing findings of their State of the Cloud 2023 report. And Telegram's role in news about Russia's war. For links to all of today's stories check out our...

Cyberespionage, extortion, and DDoS as instruments of state policy. Ransomware continues to trouble a wide range of targets across many sectors. Play Episode
Chinese cyberespionage campaign against European governments. The Port of Nagoya closes over ransomware attack. BlackCat and SEO poisoning. LockBit seeks to extort a semiconductor manufacturer. Professionals in the cyber underworld. CISA issued a DDoS alert for US companies and government agencies. Microsoft debunks claims of data theft by Anonymous Sudan. Matt O'Neill from the US Secret Service speaks with Dave Bittner about sextortion. Rick Howard sits down with Michael Fuller of AWS to talk about the kill chain. And Avast releases a free decryptor for Akira. For links to all of today's stories check out our CyberWire daily news briefing:...

Anatsa Trojan's new capabilities. Third-party breach hits airlines. Gas station blues. Whats up with the Internet Research Agency? Infrastructure threats. And DDoS grows more sophisticated. Play Episode
Anatsa Trojan reveals new capabilities. Airlines report employee data stolen in a third-party breach. Canadian energy company SUNCOR reports a cyberattack. What of the Internet Research Agency? Microsoft warns of a rising threat to infrastructure. Joe Carrigan describes an ill-advised phishing simulation. Mr. Security Answer Person John Pescatore takes on zero days. And DDoS grows more sophisticated. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/122 Selected reading. Anatsa banking Trojan hits UK, US and DACH with new campaign (TreatFabric) Anatsa Android trojan now steals banking info from users in US, UK (BleepingComputer) Thousands...

Cl0p moves their way into the systems of major European companies. Notes from a highly active cyber underworld. And hybrid war updates. Play Episode
The Cl0p gang claims responsibility for the MOVEit file transfer vulnerability. Verizons DBIR is out. Palo Alto Networks takes a snapshot of last years threat trends. A new criminal campaign targets Android users wishing to install modified apps. A smishing campaign is expanding into the Middle East. Cisco observes compromised vendor and contractor accounts as an access point for network penetration. Cyclops ransomware acts as a dual threat. Anonymous Sudan demands $1 million to stop attacks on Microsoft platforms. Ben Yelin explains a groundbreaking decision on border searches. Our guest is Matt Caulfield of Oort with insights on identity security....

CISA Alert AA23-144A People's Republic of China state-sponsored cyber actor living off the land to evade detection. [CISA Cybersecurity Alerts] Play Episode
Cybersecurity authorities are issuing this joint Cybersecurity Advisory to highlight a recent cluster of activity associated with a Peoples Republic of China state-sponsored cyber actor, also known as Volt Typhoon. AA23-144A Alert, Technical Details, and Mitigations Active Directory and domain controller hardening: Best Practices for Securing Active Directory | Microsoft Learn CISA regional cyber threats: China Cyber Threat Overview and Advisories Microsoft Threat Intelligence blog: Volt Typhoon targets US critical infrastructure with living-off-the-land techniques | Microsoft Security Blog No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. U.S. DIB sector organizations may consider signing up for the NSA...

Waging lawfare against criminal infrastructure. Notes from the cyber underworld. Hybrid war, and cyber ops across the spectrum of conflict. And what do the bots want? (Hint: kicks.) Play Episode
Google targets CryptBot malware infrastructure. FIN7 attacked Veeam servers to steal credentials. Ransomware-as-a-service offering threatens Linux systems. Evasive Panda targets NGOs in China. Anonymous Sudan is active against targets in Israel. Russian ransomware operations aim at disrupting supply chains into Ukraine. Our guest is Stuart McClure, CEO of Qwiet AI. Microsofts Ann Johnson stops by with her take on the RSA conference. And bots want new kicks. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/81 Selected reading. Continuing our work to hold cybercriminal ecosystems accountable (Google) Google Disrupts Massive CryptBot Malware Operation (Decipher)...

Iranian threat actor exploits N-day vulnerabilities. Subdomain hijacking vulnerabilities. The Discord Papers. An update on Russias NTC Vulkan. And weather reports, not a Periodic Table. Play Episode
An Iranian threat actor exploits N-day vulnerabilities. CSC exposes subdomain hijacking vulnerabilities. More on the Discord Papers. An update on Russias NTC Vulkan. Joe Carrigan on the aftermath of a $98M online investment fraud. Our guest is Blake Sobczak from Synack , host of the podcast WE'RE IN! And threat actor nomenclature: a scorecard, and a Periodic Table no more. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/74 Selected reading. Nation-state threat actor Mint Sandstorm refines tradecraft to attack high-value targets (Microsoft Security) An Iranian hacking group went on the offensive against U.S....

IAM trends. RagnarLocker as a critical infrastructure threat. AI hype as phishbait. Updates on the hybrid war: leaks and hacks. Play Episode
Key trends in Identity Access Management. RagnarLocker and critical infrastructure. Cyber criminals capitalize on the AI hype. Updates on the leaked US classified documents, and speculation of whether Russian hackers compromised a Canadian gas pipeline. Ben Yelin describes a multimillion dollar settlement over biometric data. Microsofts Ann Johnson from Afternoon Cyber Tea talking about cyber paradigm shifts with Samir Kapuria. And a welcome to GCHQ's new boss. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/69 Selected reading. 4 key trends from the Gartner IAM Summit 2023 (Venture Beat) Threat Actor Spotlight: Ragnarlocker Ransomware...

A look at Irans MERCURY APT. Updates on Russia's hybrid war, including some apparent leaks and some apparent doxing. And notes on cloud security trends. Play Episode
An Iranian APT MERCURY exploits known vulnerabilities. The US investigates apparent leaks of classified information about Russia's war against Ukraine. KillNet claims it has paralyzed NATO websites. More apparent doxing of the GRU. Britta Glade and Monica Koshgarian of RSA Conference talking about content curation. Grayson Milbourne from OpenText Cybersecurity hopes to remove shame from cyber attacks. And, finally, some notes on cloud security trends. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/68 Selected reading. MERCURY and DEV-1084: Destructive attack on hybrid environment (Microsoft Threat Intelligence) Leaked US battlefield intelligence on Ukraine is...

Tools, alerts, and advisories from CISA. Reply phishing scams. Cl0p goes everywhere with GoAnywhere. EW in the hybrid war, and shields stay up. Play Episode
A CISA tool helps secure Microsoft clouds.JCDC and pre-ransomware notification. CISA releases six ICS advisories. Reply phishing. Cl0p goes everywhere exploiting GoAnywhere. Russian electronic warfare units show the ability to locate Starlink terminals. Betsy Carmelite from Booz Allen Hamilton on the DoD's zero trust journey. Analysis of the National Cybersecurity strategy from our special guests, Adam Isles, Principal at the Chertoff Group and Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology with the National Security Council. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/57 Selected reading....

CISA warns of Telerik vulnerability exploitation. Cloud storage re-up attacks. Phishing tackle so convincing it will deceive the many. Cyber developments in Russia's hybrid war. Play Episode
Telerik exploited, for carding (probably) and other purposes. Cloud storage re-up attacks. Cybercriminals use new measures to avoid detection of phishing campaigns. "Winter Vivern" seems aligned with Russian objectives. Microsoft warns of a possible surge in Russian cyber operations. Boss Sandworm. Johannes Ullrich from SANS talking about malware spread through Google Ads. Our guest is David Anteliz from Skybox Security with thoughts on federal government cybersecurity directives. And don't fear the Reaper. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/51 Selected reading. Threat Actors Exploited Progress Telerik Vulnerability in U.S. Government IIS Server...

CISA Alert AA23-074A Threat actors exploit progress telerik vulnerability in U.S. government IIS server. [CISA Cybersecurity Alerts] Play Episode
CISA, FBI, and the Multi-State Information Sharing and Analysis Center are releasing this joint Cybersecurity Advisory to provide IT infrastructure defenders with TTPs, IOCs, and methods to detect and protect against recent exploitation against Microsoft Internet Information Services web servers. AA23-074A Alert, Technical Details, and Mitigations AA23-074A STIX XML MAR-10413062-1.v1 Telerik Vulnerability in U.S. Government IIS Server Telerik: Exploiting .NET JavaScriptSerializer Deserialization (CVE-2019-18935) ACSC Advisory 2020-004 Bishop Fox CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI Volexity Threat Research: XE Group GitHub: Proof-of-Concept Exploit for CVE-2019-18935 Microsoft: Configure Logging in IIS GitHub: CVE-2019-18935 No-cost cyber hygiene services: Cyber...

Patch Tuesday notes. SVB's and the cybersecurity sector. SVR's APT29 is phishing for access to information. Trends in the Russo-Ukraine cyberwar. LockBit counts coup (says LockBit). Play Episode
Patch Tuesday notes. Silicon Valley Bank's collapse and its effects on the cybersecurity sector. SVR's APT29 used a Polish state visit to the US as phishbait. Regularizing hacktivist auxiliaries. Our guest is Crane Hassold from Abnormal Security with a look at threats to email. Grayson Milbourne from OpenText Cybersecurity addresses chaos within the supply chain. And LockBit claims to have compromised an aerospace supply chain. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/50 Selected reading. March 2023 Patch Tuesday: Updates and Analysis (CrowdStrike) Microsoft Releases March 2023 Security Updates (Cybersecurity and Infrastructure Security...

A new threat to routers. DoppelPaymer hoods collared. Ransomware hits a Barcelona hospital. Phishing in productivity suites. Espionage, hacktiism, and prank phone calls. Play Episode
HiatusRAT exploits business-grade routers. International law enforcement action against the DoppelPaymer gang. Ransomware hits a major Barcelona hospital. Productivity suites are increasingly attractive as phishing grounds. Transparent Tribes romance scams. Cyberattacks briefly disrupt Russian websites and media outlets. Ashley Leonard, CEO of Syxsense, sits down with Dave to discuss their "Advancing Zero Trust Priorities'' report. Joe Carrigan on a warning from Microsoft about a surge in token theft. And trolling for disinfo raw material. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/44 Selected reading. Black Lotus Labs uncovers another new malware that targets...

CISA Alert AA23-061A #StopRansomware: Royal ransomware. Play Episode
CISA and FBI are releasing this joint advisory to disseminate known Royal ransomware IOCs and TTPs identified through recent FBI threat response activities. AA23-061A Alert, Technical Details, and Mitigations AA23-061A STIX XML Royal Rumble: Analysis of Royal Ransomware (cybereason.com) DEV-0569 finds new ways to deliver Royal ransomware, various payloads - Microsoft Security Blog 2023-01: ACSC Ransomware Profile - Royal | Cyber.gov.au See Stopransomware.gov, a whole-of-government approach, for ransomware resources and alerts. No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening...

FBI Investigates a network incident. Developments in cybercrime. DDoS against German airports. US forms a Disruptive Technology Strike Force. CISA releases 15 ICS advisories. Play Episode
The FBI is investigating incidents on its networks. Frebniis backdoors Microsoft servers. ProxyShell vulnerabilities are used to install a cryptominer. Havoc's post-exploitation framework. Atlassian discloses a data breach. German airports sustain a cyber incident. An Aspen Institute report concludes that cyber assistance benefits Ukraine. US announces "Disruptive Technology Strike Force." Robert M. Lee from Dragos on the value of capture the flag events. Our guests are Commander Brandon Campbell of US Navy Cyber Defense Operations Command and Captain Steve Correia, Commanding Officer of Naval Network Warfare Command. And CISA releases fifteen ICS advisories. For links to all of today's stories...

How the C2C market sustains ransomware gangs. In Russias war, intelligence services deploy wipers, and hacktivist auxiliaries handle the DDoS. And a look into other corners of the cyber underworld. Play Episode
Microsoft tallies more than a hundred ransomware gangs. Sandworm's NikoWiper hits Ukraine's energy sector. Mobilizing cybercriminals in a hybrid war. Firebrick Ostrich and business email compromise. Telegram is used for sharing stolen data and selling malware. Crypto scams find their way into app stores. Bryan Vorndran of the FBI Cyber Division outlines the services the FBI provides during an incident response. Ann Johnson from Afternoon Cyber Tea speaks with actor producer Tim Murck about the intersection of cyber awareness and storytelling. And we are shocked - shocked! - that there are fraudulent cyber professional credentials circulating online. For links to...

CISA Alert AA23-025A Protecting against malicious use of remote monitoring and management software. [CISA Cybersecurity Alerts] Play Episode
CISA, NSA, and the MS-ISAC are releasing this alert to warn network defenders about malicious use of legitimate remote monitoring and management software. AA23-025A Alert, Technical Details, and Mitigations For a downloadable copy of IOCs, see AA23-025.stix Silent Push uncovers a large trojan operation featuring Amazon, Microsoft, Geek Squad, McAfee, Norton, and Paypal domains No-cost cyber hygiene services: Cyber Hygiene Services and Ransomware Readiness Assessment. See CISA Insights Mitigations and Hardening Guidance for MSPs and Small- and Mid-sized Businesses for guidance on hardening MSP and customer infrastructure. U.S. DIB sector organizations may consider signing up for the NSA Cybersecurity Collaboration...

Disentangling cybercrime from cyberespionage. A threat to the IoT supply chain. What do you do with the hacktivists when they stop being hacktivists? A retired FBI Special Agent is indicted. Play Episode
DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds an entry to its Known Exploited Vulnerabilities Catalog. A Cisco study finds organizations see positive returns from investment in privacy. What's the hacktivist's postwar future? Joe Carrigan tracks a romance scam targeting seniors. Our guest is Pete Lund of OPSWAT to discuss the security of removable media devices. And a retired G-Man is indicted on multiple charges. For links to all of today's stories check out our CyberWire daily...

Phishing campaigns (one uses mobilization as phishbait). Credential-stuffing attack affects Norton LifeLock users. Trends in security. Azure SSRF issues fixed. Calls for a digital UN. Play Episode
A Phishing campaign impersonates DHL. Conscription and mobilization provide criminals with phishbait for Russian victims. Norton LifeLock advises customers that their accounts may have been compromised. Trends in data protection. Veracode's report on the state of software application security. Ben Yelin looks at NSO groups attempt at state sovereignty. Ann Johnson from Afternoon Cyber Tea speaks with Microsofts Chris Young about the importance of the security ecosystem. And Ukraine calls for a "digital United Nations." For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/10 Selected reading. Cloud 9: Top Cloud Penetration Testing Tools (Bishop...

Warnings on SentinelSneak. The rise of malicious XLLs. Updates from Russias hybrid war. An unusually loathsome campaign targets children. Play Episode
SentinelSneak is out in the wild. XLLs for malware delivery. CERT-UA warns of attacks against the DELTA situational awareness system. FSB cyber operations against Ukraine. Trends in the cyber phases of Russia's hybrid war. Mr. Security Answer Person John Pescatore offers his sage wisdom. Microsofts Ann Johnson from Afternoon Cyber Tea speaks with Dr. Chenxi Wang from Rain Capital. And an unusually unpleasant sextortion campaign. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/242 Selected reading. SentinelSneak is not a legitimate SDK. (CyberWire) SentinelSneak: Malicious PyPI module poses as security software development kit (ReversingLabs)...

Malicious apps do more than extort predatory loans. A Facebook account recovery scam. Notes from the hybrid war. Goodbye SHA-1, hello Leviathans. Play Episode
A predatory loan app is discovered embedded in mobile apps. Facebook phishing. GPS disruptions are reported in Russian cities. NSA warns against dismissing Russian offensive cyber capabilities. Farewell, SHA-1. Kevin Magee from Microsoft looks at cyber signals. Our guest is Jason Witty of USAA to discuss the growing risk from quantum computing. And welcome to the world, Leviathans. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/240 Selected reading. Zimperium teams discover new malware in Flutter developed apps (SecurityBrief Asia) Meta-Phish: Facebook Infrastructure Used in Phishing Attack Chain (Trustwave) GPS Signals Are Being Disrupted...

Ransomware, third-party risk, cyberespionage, social engineering, and a software supply-chain threat.. Play Episode
Rackspace reacts to ransomware. Third-party incidents in New Zealand and the Netherlands. Russian intelligence goes phishing. Mustang Panda uses Russia's war as phishbait. A Malicious package is found in PyPi. Kevin Magee from Microsoft Canada shares thoughts on cybersecurity startups in an economic downturn. Our guest is IDology's Christina Luttrell to discuss how consumers feel about digital identity, fraud, security and data privacy. And a French-speaking investment scam. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/233 Selected reading. Rackspace Technology Hosted Exchange Environment Update (Rackspace Technology) Multiple government departments in New Zealand affected...

Swapping cyberattacks in a hybrid war. Privateers or just a side-hustle? US CSRB will investigate Lapsu$ Group. Notes on the cyber underworld. Play Episode
Wiper malware hits Russian targets. Microsoft sees an intensification of Russian cyber operations against Ukraine. State policy, privateering, or an APT side-hustle? The US Cyber Safety Review Board will investigate the Lapsu$ Group. Rackspace works to remediate a security incident. The Schoolyard Bully Trojan harvests credentials. Grayson Milbourne of OpenText Security Solutions on attacks on common open source dev libraries. Rick Howard looks at CISO career paths. And trends in ransomware: cybercrime succeeds when the gang runs like a business. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/231 Selected reading. CryWiper: fake ransomware...

Encore: The secrets behind Docker. Play Episode
Alon Zahavi from CyberArk, joins Dave Bittner on this episode to discuss CyberArk's work in conjunction with Patch Tuesday. CyberArk published about how Docker inadvertently created a new vulnerability and what happens when it's exploited. CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsofts Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system...

Government security advisories, and the difficulty of recovering from ransomware attacks. Authority for offensive cyber under deliberation. Google wins Glupteba suit. Play Episode
CISA and its partners issue a Joint Advisory on the Hive ransomware-as-a-service operation. Ransomware continues to trouble governments, internationally and at all levels. The US Defense Department may see enhanced authority to conduct offensive cyber operations. Russian attacks on Ukrainian infrastructure remain kinetic, as missiles show up, but cyberattacks dont. Kevin Magee from Microsoft about leveraging cybersecurity apprentices. Our guest is Paul Giorgi from XM Cyber describing creative attack path in enterprise networks.And, hey, glupost [GLUE-post]dont mess with Googles lawyers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/222 Selected reading. CISA Alert AA22-321A...

Election security on the eve of the US midterms. US FBI rates the hacktivist threat. Microsoft says China uses disclosure laws to develop zero-days. Remember SIlk Road? The Feds do. Play Episode
Election security on the eve of the US midterms. US FBI rates hacktivist contributions to Russia's war as unimportant. Microsoft accuses China of using vulnerability disclosure to develop zero-days. Andrea Little Limbago from Interos addresses accountability for breaches. Our guest is Michelle Amante from the Partnership for Public Service on their Cybersecurity Talent Initiative. And, finally, remember SIlk Road? The Feds do. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/214 Selected reading. Hacktivists Use of DDoS Activity Causes Minor Impacts (FBI) The government says it wont flag election disinformation on Twitter and other...

Static expressway tactics in credential harvesting. Emotet is back. Black Basta linked to Fin7. RomCom hits Ukrainian targets and warms up against the Anglo-Saxons. Cyber cooperation? Play Episode
Leveraging Microsoft Dynamics 365 Customer Voice for credential harvesting. Emotet is back. Black Basta ransomware linked to Fin7. A Russophone gang increases activity against Ukrainian targets. Betsy Carmelite from Booz Allen Hamilton on adversary-informed defense. Our guest is Tom Gorup of Alert Logic with a view on cybersecurity from a combat veteran. And Russia regrets that old US lack of cooperation in cyberspacethings would be so much better if the Anglo-Saxons didnt think cyberspace was the property of the East India Company. Or something like that. For links to all of today's stories check out our CyberWire daily news briefing:...

Megan Doherty: Conquer barriers in the workforce. [Technical Specialist] [Career Notes] Play Episode
Megan Doherty, a Technical Specialist from Microsoft Canada sits down to share her story of overcoming barriers in the workforce to get to where she is today in her career. Megan started out being a mechanical engineer before making the switch to do something with more creativity and problem solving. She shares about her passion of working with a group Microsoft created called "DigiGirlz." As well as just being able to work with her team who she says helps her face the world of adversity in her career. Megan said "There's so many barriers, just even mentally that we put...

Notes and lessons on the hybrid war. Update on Zimbra exploitation. Microsoft fixes misconfigured storage. The state of the cyber workforce. Trends in phishing and ransomware. Play Episode
DDoS as misdirection. NSA shares lessons learned from cyber operations observed in Russia's war against Ukraine. Advice from CISA on Zimbra.. A misconfigured Microsoft storage endpoint has been secured. Notes from a study on the Cybersecurity Workforce . The cost to businesses of phishing. Betsy Carmelite from Booz Allen Hamilton on managing mental health in the cyber workforce. Our guest is Ismael Valenzuela of Blackberry with insights on "The Cyber Insurance Gap". And updates to the ransomware leaderboard. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/202 Selected reading. Bulgarian cyberattack: Sabotage as a...

What the cybercriminals are up to: improving their tools and carrying out the same old dreary social engineering. Budworm APT sightings. And the state of Russias hybrid war. Play Episode
Emotet ups its game. COVID-19 small business grants as phishbait. Google Translate is spoofed for credential harvesting. Research on the Budworm espionage group. Kevin Magee from Microsoft shares why cybersecurity professionals should join company boards. Our guest is Chris Niggel from Okta with a look at identity shortfalls. And Internet outages during missile strikes, and the prospects of Russias hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/197 Selected reading. Emototes evolution. (ESET) Fresh Phish: Small Business COVID-19 Grants Designed for Disaster (INKY) Spoofing Google Translate to Steal Credentials (Avanan) Budworm: Espionage...

Payal Chakravarty: Overcoming bias in the workplace. [Security and Risk] [Career Notes] Play Episode
Payal Chakravarty, Head of Product for Security and Risk from Coalition, sits down to share her story of working at several different organizations, including interning for IBM and Microsoft. After obtaining her master's degree, she worked with IBM a bit more closely and fell in love with one of the projects she was working on. Payal had a very interesting career path going from physical to virtual, virtual to cloud now, cloud to containers. She says that there is still some bias she has dealt with as a woman in her field, she says, "I think the way you handle...

Updated mitigations for ProxyNotShell. Lloyds investigates cyber incident. Killnet hits US state government sites. Election security. Credential theft. Verdict in Uber breach case. Play Episode
Microsoft updates mitigations for ProxyNotShell. Lloyd's of London investigates a suspected cyberattack. Killnet hits networks of US state governments. The FBI and CISA weigh in on election security. Credential theft in the name of Zoom. Tim Eades from Cyber Mentor Fund on the move to early-stage investing in times of war and recession. Our guest is Nick Lumsden of Tenacity Cloud on cloud infrastructure sprawl. The former security chiefat Uber was found guilty in a case involving data breach cover-up. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/193 Selected reading. Customer Guidance for...

Microsoft Exchange zero-days exploited. Supply chain attack reported. New Lazarus activity. Mexican government falls victim to hacktivism. Hacking partial mobilization. Former insider threat. Play Episode
Two Microsoft Exchange zero-days exploited in the wild. A supply chain attack, possibly from Chinese intelligence services. Theres new Lazarus activity: bring-your-own-vulnerable-driver. The Mexican government falls victim to apparent hacktivism. Flying under partial mobilizations radar. Betsy Carmelite from Booz Allen Hamilton talks about addressing the cyber workforce skills gap. Our guest Rachel Tobac from SocialProof Security brings a musical approach to security awareness training. Hows your off-boarding program working out? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/190 Selected reading. Microsoft Releases Guidance on Zero-Day Vulnerabilities in Microsoft Exchange Server (CISA) Customer Guidance...

Hackers support Iranian dissidents. Notes on C2C markets. Cyberespionage campaigns. Intercepted mobile calls from Russian troops expose morale problems. Play Episode
Gray-hat support for Iranian dissidents. Selling access wholesale in the C2C market. Novel malwares discovered targeting VMware hypervisors. The Witchetty espionage group uses an updated toolkit. Deepen Desai from Zscaler has aTechnical Analysis of Industrial Spy Ransomware. Ann Johnson of Afternoon Cyber Tea speaks with Michal Braverman-Blumenstyk, CTO for Microsoft Security, about Israel's cyber innovation. And Russian troops phone call revelations. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/188 Selected reading. Hacker Groups take to Telegram, Signal and Darkweb to assist Protestors in Iran (Check Point Software) Hackers Use Telegram and Signal to...

CISA Alert AA22-257A Iranian Islamic Revolutionary Guard Corps-Affiliated Cyber Actors Exploiting Vulnerabilities for Data Extortion and Disk Encryption for Ransom Operations. [CISA Cybersecurity Alerts] Play Episode
This joint Cybersecurity Advisory highlights continued malicious cyber activity by advanced persistent threat actors affiliated with the Iranian Governments Islamic Revolutionary Guard Corps. The IRGC-affiliated actors are actively targeting a broad range of entities, including entities across multiple U.S. critical infrastructure sectors as well as Australian, Canadian, and United Kingdom organizations. AA22-257A Alert, Technical Details, and Mitigations AA22-257A.stix CISAs Iran Cyber Threat Overview and Advisories FBIs Iran Threat webpage. Iranian Government-Sponsored APT Cyber Actors Exploiting Microsoft Exchange and Fortinet Vulnerabilities in Furtherance of Malicious Activities Technical Approaches to Uncovering and Remediating Malicious Activity All organizations should report incidents and anomalous...

Patch Tuesday notes. Mr. Mudge goes to Washington. Joint warning of IRGC cyber activity. No major developments in the cyber phases of Russias hybrid war (but Ukraine is sounding confident). Play Episode
Patch Tuesday notes. The US Senate Judiciary Committee hears from the Twitter whistleblower. Joint warning of IRGC cyber activity. Rob Boyce from Accenture on cybercriminals weaponizing leaked ransomware data. Chris Novak from Verizon describes his participation in the CISA Advisory Board. And Ukraine reiterates confidence in its resiliency. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/177 Selected reading. Adobe Patches 63 Security Flaws in Patch Tuesday Bundle (SecurityWeek) Microsoft Releases September 2022 Security Updates (CISA) Microsoft's September Patch Tuesday fixes five critical bugs (Computing) Microsoft Raises Alert for Under-Attack Windows Flaw (SecurityWeek) SAP...

Bronze President shows both enduring interests and adaptability. Iranian threat actor activity reported. Cybersecurity and small-to-medium businesses. Play Episode
Bronze President shows both enduring interests and adaptability. Iranian threat actor activity is reported. Cybersecurity and small-to-medium businesses. An initial access broker repurposes Conti's old playbook for use against Ukraine. Johannes Ullrich from SANS on Scanning for VoIP Servers. Our guest is Ian Smith from Chronosphere on observability. And Kyivstar as a case study in telco resiliency. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/173 Selected reading. BRONZE PRESIDENT Targets Government Officials (Secureworks) APT42: Crooked Charms, Cons, and Compromises (Mandiant) Profiling DEV-0270: PHOSPHORUS ransomware operations (Microsoft) Albania cuts diplomatic ties with Iran over...

A Black Basta update. Okta talks Scatter Swine. Nobelium's MagicWeb. Wartime stress in the cyber underworld. LastPass security incident. CISA adds to its Known Exploited Vulnerabilities Catalog. Play Episode
Palo Alto describes the Black Basta ransomware-as-a-service operation. Okta on Scatter Swine, the threat actor that compromised Twilio. Microsoft describes Nobelium's new approach to establishing persistence. Russia's war against Ukraine has induced stresses in the cyber underworld. LastPass discloses a security incident. Josh Ray from Accenture on cyber crime and the cost-of-living crisis. Our own Dave Bittner sits down with Chris Handman from TerraTrue to discuss how he works to transform legal teams into advocates and collaborators that can ensure privacy is baked in every step of the way. And CISA adds ten entries to its Known Exploited Vulnerabilities Catalog....

Russian cyberespionage and influence op disrupted. RedAlpha versus Chinese minorities and (of course) Taiwan. Evil PLC proof-of-concept. Cl0p takes a poke at a water utility. Play Episode
Microsoft identifies and disrupts Russian cyberespionage activity. An update on RedAlpha. An evil PLC proof-of-concept shows how programmable logic controllers could be "weaponized." Ben Yelin has an update on right to repair. Our guest is Arthur Lozinski of Oomnitza with a look at attack surface management maturity.And the Cl0p gang hits an English water utility (but tries to extort the wrong onestuff happens, yknow?). For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/157 Selected reading. Disrupting SEABORGIUMs ongoing phishing operations (Microsoft Security Microsoft disrupts Russian-linked hackers targeting NATO countries (Breaking Defense) Microsoft Announces Disruption...

Cyberespionage against belligerents' industry. Tornado Cash sanctions. Data breaches at Twilio and Klayvio. Intercept tools and policies in Canada. Play Episode
Tracking apparent Chinese industrial cyberespionage. Tornado Cash sanctions. Twilio discloses a breach. Social engineering exposes data at Klaviyo. Microsofts Ann Johnson previews the latest season of Afternoon Cyber Tea. Joe Carrigan tracks the growth in cryptojacking. And what might the Mounties be monitoring? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/152 Selected reading. Cyberspying Aimed at Industrial Enterprises in Russia and Ukraine Linked to China (SecurityWeek) China-linked spies used six backdoors to steal defense info (Register) U.S. Treasury Sanctions Notorious Virtual Currency Mixer Tornado Cash (U.S. Department of the Treasury) Twilio hacked by...

Nomad cryptocurrency bridge looted. BlackCat ransomware hits Europenan energy company. DSIRF disputes Microsoft's report on cyber mercenaries. Are there spies under Mr. Putins long table? Play Episode
Nomad cryptocurrency bridge is looted. The BlackCat ransomware gang hits a Luxembourgeois energy company. DSIRF disputes Microsoft's characterization of the Austrian firm as cyber mercenaries. Ben Yelin looks at privacy concerns in the education software market. Our guest is PJ Kirner from Illumio to discuss Zero Trust Segmentation. And, finally, are there spies under Mr. Putins very very long table? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/147 Selected reading. Crypto Firm Nomad Loses Nearly $200 Million in Bridge Hack (Bloomberg) Crypto Bridge Nomad Drained of Nearly $200M in Exploit (CoinDesk) Nomad token...

KillNet threatens hack-and-leak op against HIMARS maker. Online investment scams hit Europe. Microsoft associates Raspberry Robin with EvilCorp. Play Episode
KillNet threatens hack-and-leak op against HIMARS maker. Online investment scams hit Europe. Microsoft associates Raspberry Robin with EvilCorp. Rick Howard previews season ten of the CSO Perspectives podcast. Our guest is Nate Kharrl of SpecTrust on deploying fraud detection at the gateway. And a heartfelt farewell to a woman whos inspiration lives on. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/146 Selected reading. Cyberactivist Group Killnet Declares War on Lockheed Martin (Sputnik) Russian Hackers Target U.S. HIMARS Maker in 'New Type of Attack': Report (Newsweek) Founder of pro-Russian hacktivist Killnet quitting group (SC...

AiTM sets up BEC. Silent validation bots. Smishing attempt at the European Central Bank. Shields up in Berlin. Hacktivism in a hybrid war. Patch notes. Play Episode
Adversary-in-the-middle sites support business email compromise. Silent validation carding bot discovered. Attempted social engineering at the European Central Bank. Germany puts its shields up. Carole Theriault speaks with Jen Caltrider about Mozilla's *Privacy Not Included initiative. Our guest is Lucia Milica on ProofpointsVoice of the CISO report. And Hacktivism in a hybrid war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/133 Selected reading. From cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraud (Microsoft Security Blog) PerimeterX Discovers New Silent Validation Carding Bot (PerimeterX) Hackers posing...

Notes on cyber conflict. Lazarus Group blamed for the Harmony cryptocurrency heist. MedusaLocker warning. Observation of the C2C market. The Crypto Queen cracks the FBIs Ten Most Wanted. Play Episode
An update on the DDoS attack against Norway. NATO's resolutions on cyber security. North Korea seems to be behind the Harmony cryptocurrency heist. MedusaLocker warninga. Microsoft sees improvements in a gang's technique. Google blocks underworld domains. The Israeli-Iranian conflict in cyberspace. Chris Novak from Verizon with his take on this years DBIR. Our guest is Jason Clark of Netskope on the dynamic challenges of a remote workforce.And Now among the FBIs Ten Most Wanted: one Crypto Queen. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/126 Selected reading. Pro-Russian hackers launched a massive DDoS...

Lithuania warns of DDoS. Some limited Russian success in cyber phases of its hybrid war. Spyware infestations in Italy and Kazakstan. Tabletop exercises. Ransomware as misdirection Play Episode
Lithuania's NKSC warns of increased DDoS threat. Limited Russian success in the cyber phases of its hybrid war. Another warning of spyware in use against targets in Italy and Kazakhstan. Hey, critical infrastructure operators: CISAs got tabletop exercises for you. Kevin Magee from Microsoft has advice for recent grads. A look back the year since Colonial Pipeline with Padraic O'Reilly of CyberSaint. And sometimes ransomware is just a spys way of saying, nothing up my sleeve For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/121 Selected reading. Lithuania warns of rise in DDoS attacks...

Reviewing Russian cyber campaigns in the war against Ukraine. Ukraine's IT Army is a complex phenomenon. Take ICEFALL seriously. CISA has updated its cloud security guidance. Play Episode
Reviewing Russian cyber campaigns in the war against Ukraine, and the complexity of Ukraine's IT Army. ICEFALL advice and reactions. Carole Theriault looks at Hollywoods relationship with VPNs. Podcast partner Robert M. Lee from Dragos provides a rundown on Pipedream. And CISA updates its Cloud Security Technical Reference Architecture. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/120 Selected reading. [Blog] Defending Ukraine: Early Lessons from the Cyber War (Microsoft On the Issues) [Report] Defending Ukraine: Early Lessons from the Cyber War (Microsoft) Russian cyber spies attack Ukraine's allies, Microsoft says (Reuters) Research questions...

Updates on the hybrid war: hacktivism and hunting forward. Election security. Trends in phishing. The return of Emotet. Play Episode
Another hacked broadcast in a hybrid war. Hunting forward as an exercise in threat intelligence collection and sharing. Cyber threats to the US midterm elections. Phishing for cryptocurrency. FakeCrack delivers a malicious payload to the unwary. Vacations are back. So is travel-themed phishbait. Ann Johnson from Microsoft shares insights on the trends shes tracking here at RSA. Johannes Ullrich brings highlights from his RSA conference panel discussion. And Emotet returns, in the company of some old familiar criminal collaborators. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/111 Selected reading. Hacked Russian radio station...

Cyber operations in the hybrid war. Karakurt extortion group warning. Clipminer is out in the wild. GootLoader expands its payloads and targeting. Leak brokers and booters shut down. Play Episode
Russian government agencies are buying VPNs. CISA and its partners warn about the Karakurt extortion group. Clipminer is out in the wild. GootLoader expands its payloads and targeting. Carole Theriault has the latest on fraudsters imitating law enforcement. Kevin Magee from Microsoft on security incentives by way of insurance. And leak brokers and booters shut down. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/106 Selected reading. White House: cyber activity not against Russia policy (Reuters) Some see cyberwar in Ukraine. Others see just thwarted attacks. (Washington Post) ESET Threat Report details targeted attacks...

Potential cyber threats to agriculture. Cyber phases of Russias hybrid war. REvil prosecution at a stand (and its the Americans fault, say Russian sources). Microsoft mitigates Follima. Play Episode
Sanctions, blockades, and their effects on the world economy. Western nations remain on alert for Russian cyber attacks. REvil prosecution has reached a dead end. Microsoft issues mitigations for a recent zero-day. John Pescatores Mr. Security Answer Person is back, looking at authentication. Joe Carrigan looks at new browser vulnerabilities. Notes from the underworld. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/104 Selected reading. In big bid to punish Moscow, EU bans most Russia oil imports (AP NEWS) EU, resolving a deadlock, in deal to cut most Russia oil imports (Reuters The E.U.s...

More cyberespionage in Russia. Advice on conducting propaganda. Iranian group conducts DDoS against Port of London Authority. News from the underworld. CISA alerts. Operation Delilah. Play Episode
More cyberespionage targets Russian networks. Lincoln Project veterans visit Ukraine with advice on conducting an influence campaign against President Putin. A politically motivated DDoS attack hits the Port of London Authority website. Is REvil back and looking into new criminal techniques, or is a recent DDoS campaign the work of impostors? RansomHouse may be operated by frustrated bounty hunters. Kevin Magee from Microsoft sets his security sights toward space. Our guest is Mathieu Gorge of VigiTrust to discuss the threat of printer hacks. Operation Delilah trims SilverTerriers locks. For links to all of today's stories check out our CyberWire daily...

AutoWarp bug leads to Automation headaches. [Research Saturday] Play Episode
Yanir Tsarimi from Orca Security, joins Dave to discuss how researchers have discovered a critical Azure Automation service vulnerability calledAutoWarp. The security flaw was discovered this past March causing Yanir to leap into action announcing the issue to Microsoft who helped to swiftly resolve the cross-account vulnerability. The research shows how this serious flaw would allow attackers unauthorized access to other customer accounts and potentially full control over resources and data belonging to those accounts, as well as put multiple Fortune 500 companies and billions of dollars at risk. The research shares the crucial time line that the vulnerability was...

Hybrid war and disinfo from the swamp. Stormous hacks on behalf of Russia. DNS poisoning risk. Updates on Chinese cyberespionage campaigns. Notes on ransomware operations. Play Episode
Russia reroutes Internet traffic in occupied regions of Ukraine through Russian services. The Stormous gang, hacking on behalf of Russia. DNS poisoning risk. Updates on Chinese cyberespionage campaigns. Our guest Chetan Mathur of Next Pathway finds similarities between the cloud industry and the 1849 California Gold Rush. Eldan Ben-Haim of Apiiro on why cybersecurity is largely a culture issue. Notes on ransomware operations. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/85 Selected reading. Microsoft sees Russian cyberattacks on Ukraine 'getting more and more disruptive' (Inside Defense) Sergey Lavrov claims Hitler had 'Jewish blood'...

Russia and Ukraine trade cyberattacks. Chinese intelligence services look at Russian targets. Five Eyes advise on routinely exploited vulnerabilities. Physical sabotage as cyberattack. Name that mascot. Play Episode
Microsoft summarizes the scale of Russian cyberattacks against Ukraine. Russian cyber capabilities should be neither overestimated nor underestimated. Russia has also come under cyberattack during its hybrid war. Chinese intelligence services are paying close attention to Russian targets. The Five Eyes advise us on routinely exploited vulnerabilities. Physical sabotage as cyberattack. Linda Gray-Martin and Britta Glade from RSA discuss whats new at RSAC and cybersecurity trends. Marc van Zadelhoff of Devo talks about their new podcast Cyber CEOs Decoded coming to the CyberWire network. And, hey kids, name that mascot. For links to all of today's stories check out our...

The secrets behind Docker. [Research Saturday] Play Episode
Alon Zahavi from CyberArk, joins Dave Bittner on this episode to discuss CyberArk's work in conjunction with Patch Tuesday. CyberArk published about how Docker inadvertently created a new vulnerability and what happens when it's exploited. CyberArk's research concluded that an attacker may execute files with capabilities or setuid files in order to escalate its privileges up to root level. CyberArk found the new vuln in some of Microsofts Docker images, caused by misuse of Linux capabilities, a powerful additional layer of security that gives admins the ability to assign capabilities and privileges to processes and files in the Linux system...

Disinformation in Russias war of aggression. Correlating overhead imagery and radio intercepts. Taking down state-sponsored cyber ops. Threats to power grids. Play Episode
Russian disinformation in its war against Ukraine. Overhead imagery and electronic intercepts suggest that Russian atrocities are matters of policy and strategy. Microsoft disrupts GRU cyber operations. Facebook takes down Iranian coordinated inauthenticity. Indias Power Ministry says it stopped a Chinese cyberattack. Dave Dufour from Webroot on evolving attack mechanisms. Our guest is Dan Petro of Bishop Fox with a warning for document redaction. Grid security and the value of exercises. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/68 Selected reading. Putins probably given up on Kyiv as Ukraine war enters new phase...

British-American warnings of a Russian cyber threat, and Russias response. More on the Lapsus$ gang incidents at Microsoft and Okta. And Secureworks looks at Conti and sees a criminal ecosystem. Play Episode
The US and the UK warn of impending Russian cyberattacks, and Russia responds with warnings against banditry, crime, and bad manners. CISA issues two new ICS advisories. Microsoft confirms a Lapsus$ gang incident, and so does Okta, but Oktas case is more complicated. Josh Ray from Accenture on the cyber workforce. Our guest is Tom Gaffney from F-Secure with some ways to reduce digital anxietySecureworks takes a look at the criminal ecosystem around Conti. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/56 Selected reading. Ukraine war has put our relationship with US at...

White House adds its voice to CISAs Shields Up, warning of the possibility of Russian cyberattacks. New malware strains described, new criminal attack techniques observed. Play Episode
White House warns of large-scale Russian cyberattacks. Browser-in-the-Browser attacks. New Conti affiliate described. Android malware Facestealer described. Android malware Facestealer described. Microsoft and Okta investigate possible Lapsus$ attacks. Arid Gopher is out in the wild. Our guest is Swathi West of Barr Advisory on opportunities for the underrepresented in cybersecurity. Joe Carrigan wonders if we cant just get rid of passwords once and for all. And advancing censorship by finding extremism and Russophobia in Metas platforms. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/55 Selected reading. Russia's hybrid war with Ukraine: strategy, norms,...

Hacktivism, protestware, and information operations in a hybrid war. Brazi-based cyber gangs active in extortion. Steganography opens a backdoor. A free decryptor for Diavol ransomware. Play Episode
The widely expected, intense Russian cyber campaign has yet to appear. "Protestware" as a dangerous turn in hacktivism. Information operations and the persistence of independent channels of news. Social media as an opsec problem.Lapsus$ may have hit Microsoft. A second Brazilian gang tries its hand at extortion. A snakey backdoor afflicts French organizations. AD Bryan Vorndran of the FBI Cyber Division on what the agency brings to the table in the cyberspace. Rick Howard considers infrastructure as code. Emsisoft offers a free decryptor for Diavol ransomware. For links to all of today's stories check out our CyberWire daily news briefing:...

Bonus: Afternoon Cyber Tea: IoT-Based Infrastructures Play Episode
Afternoon Cyber Tea with Ann Johnson is a CyberWire Network podcast created by Microsoft Security. It's a bi-weekly show that comes out every other Tuesday. We thought you would enjoy this episode in particular and hope you consider subscribing in your favorite podcast app. Diana Kelly, the co-founder, and CTO of SecurityCurve, a cybersecurity consulting firm, joins Ann Johnson on this episode of Afternoon Cyber Tea. Diana is a globally known security expert who donates much of her time volunteering in the cybersecurity community while also serving on the Association for Computing Machinery Ethics and Plagiarism Committee. Diana talks with...

Someones engaged in provocation in the Donbas. Ukraine sees a Russian influence operation in recent DDoS attacks. Ice phishing as a threat made for a decentralized web. Play Episode
Provocation may have begun in Ukraine, and no one but Russia can see any signs of a Russian withdrawal of troops to garrison. Recent DDoS attacks in Ukraine are seen as an influence operation. The compromise of International Red Cross data has been tentatively attributed to an unnamed state actor. Johannes Ullirch from SANs shares a fancy phish. Our guests are Mike Theis and Stacy Hadeka from Hogan Lovells to discuss the cyber aspects of the False Claims Act. And Microsoft describes ice phishing: social engineering for a decentralized web3. For links to all of today's stories check out our...

Russias hybrid war against Ukraine is currently heavier on the cyber than it is on the kinetic. BlackCats connection with DarkSide. An alert on LockBit. And six Indian call centers indicted. Play Episode
The FSB is active against Ukrainian targets as NATO continues to work out the cybersecurity assistance it will provide Kyiv. BlackCat is found to be connected to the DarkSide gang, either as a superseding affiliate or as a simple rebranding of the same old crew. The FBI issues an alert about LockBit. Kevin Magee from Microsoft on their final report on Nobellium and the Solar Winds attack. Rick Howard steers the hash table toward supply chains. And the US has indicted six call centers in India on charges related to some familiar scams. For links to all of today's stories...

Tensions between Russia and Ukraine remain high as NATO offers Ukraine cyber, diplomatic, and other support. DDoS in the DPRK. DazzleSpy in the watering hole. TrickBot ups its game. Play Episode
Tensions between Russia and Ukraine remain high as NATO offers Ukraine cyber, diplomatic, and other support. North Korea gets DDoSed. DazzleSpy hits Hong Kong dissidents drawn to a watering hole. TrickBot ups its game. A quick look at ransomware trends. Microsofts Kevin Magee unpacks a recent World Economic Forum report. Our own Rick Howard speaks with Chriss Knisley from MITRE ATT&CK Defender on certifications. And Dame Fortune teaches Michiganders to throw caution to the winds. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/17 Learn more about your ad choices. Visit megaphone.fm/adchoices

Updates on what Ukraine is now calling BleedingBear. CISA advises organizations to prepare for Russian cyberattacks. Other cyberespionage campaigns, and a new ransomware strain. Play Episode
Ukraine confirms that it was hit by wiper malware last week, as tension between Moscow and Kyiv remains high. It remains high as well between Russia and NATO, as Russia continues marshaling conventional forces around Ukraine. CISA advises organizations to prepare to withstand Russian cyberattacks. Other cyberespionage campaigns are reported, as is a new strain of ransomware. Microsofts Kevin Magee provides friendly counsel for CISOs and boards. Our guest is Clar Rosso from ISC2 on the communication gap between cybersecurity teams and executive leaders when it comes to ransomware. And the natural disaster in Tonga may offer lessons in resilience...

A new member of the Winnti Cluster is described. Cobalt Strike used against unpatched VMware Horizon servers. Ukraine blames Russia for what seems to be a destructive supply chain attack. Play Episode
A new Chinese cyberespionage group is described. Cobalt Strike implants are observed hitting unpatched VMware Horizon servers. Ukraine attributes last weeks cyberattacks to Russia (with some possibility of Belarusian involvement as well). Microsoft doesnt offer attribution, but it suggests that the incidents were more destructive than ransomware or simple defacements. The US warns of possible provocations. Ben Yelin looks at a bipartisan TLDR bill. Our guest is Lisa Plaggemier from the National Cybersecurity Alliance on the ongoing threat of phishing. And the REvil arrests in Russia may have been for leverage. For links to all of today's stories check out...

Log4j updates, including an Aquatic Panda sighting. Cyberattacks hit news services in Norway, Israel, and Portugal. Addressing Y2K22. Play Episode
Aquatic Panda has been found working Log4shell exploits against an academic institution. Apache fixes new Log4j issues reported last week, and Microsoft also updates Windows Defender to address Log4j risks. Cyberattacks, criminal or hacktivist in motivation, hit news outlets around the new year. Microsoft works on fixing a Y2K22 bug in on-premise Exchange Server. Andrea Little Limbago from Interos on technology spheres of influence. Our guest is Mark Dehus from Lumens Black Lotus Labs with DDoS insights. And CISA issues some ICS security advisories. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/11/1 Learn...

Cybersecurity predictions for 2022. [CyberWire-X] Play Episode
Industry experts discuss their cybersecurity predictions for 2022, what trends and attacks will be most prevalentin the year ahead, and how organizations should be preparing for the new year. In this show, we cover what they think the industry might see in 2022 (and some we probably won't see).The CyberWire's Rick Howard speaks with Hash Table member Kevin Magee, Chief Security Officer at Microsoft Canada, and show sponsor Keeper Security's CTO & Co-Founder Craig Lurey joins The CyberWire's Dave Bittner on this CyberWire-X and shares his insights on the topic. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Russo-US summit is expected to take up tension over Ukraine and tensions in cyberspace. Microsoft disrupts APT15. Google disrupts Glupteba. Satoshi Nakamoto is...out there still? Play Episode
Notes on todays Russo-America summit. Microsoft seizes websites used by the Chinese threat actor Nickel. Google takes technical and legal action against a Russian botnet. Ben Yelin unpacks Australias aim to uncover online trolls. Our guest is Ed Amorosa from TAG Cyber. And the real Satoshi Nakamoto has yet to stand up--just ask a Florida jury. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/233 Learn more about your ad choices. Visit megaphone.fm/adchoices

Trends among the APTs. Imaginary times and imaginary places. Flubot in Finland. Emotet false alarms in Office. Smishing for Iranian Android users. CISAs ICS advisories. Moscow on cybercrime. Play Episode
RTF template injection is newly favored by APTs. Malware hides in February 31st. Milords and miladies, the Principality of Sealand hath been hacked. Finland's National Cyber Security Center warns of a large-scale Flubot campaign in progress. False alarms are flagging Emotet where it isnt found. Iranians victimized by a smishing campaign. CISA issues industrial control system advisories. Kevin Magee from Microsoft is really trying to rid the world of passwords. Our guest is Mike Hendrickson of Skillsoft to discuss turning the tide in this fight against cybercrime. And Mr. Putin says Russias in favor of international cooperation against cybercrime. For...

Phishing in the Iranian diaspora. Not your grandma and grandpas crytper. Malware-as-a-service. Proofs-of-concept (one is a zero-day). Apple sues NSO Group. Play Episode
An apparent cyberespionage campaign targets the Iranian diaspora. Babadeda is an emerging crypter seeing use against alt-coin and NFt speculators. RATDispenser is out in the wild, a malware-as-a-service operation. Proofs-of-concept published for Microsoft exploits. Apple sues NSO Group. Group-IBs founder asks President Putin for clemency. Caleb Barlow on the difference between working for a company that is funded by VCs, PEs, angels or is public. Our guest today is Karl Sigler from Trustwave on the results of the 2021 Trustwave SpiderLabs Telemetry Report. And theres a guilty plea in the Wolf of Sophia case. For links to all of today's...

Developments in cyber gangland, and the increasingly complicated entanglement of crooks and spies. Selling confiscated alt-coin to compensate fraud victims. Play Episode
Red Curl is a Russophone gang with an unusual target list. North Koreas TA406 is having a busy year, hacking for intelligence and for profit. Wicked Pandas getting good at code-signing, and software supply chain attacks are in Beijings long-term plans. A spearphishing campaign abuses legitimate collaboration tools. Kevin Magee from Microsoft has an insiders look at Windows 11 security. Our guest is Kevin Bocek of Venafi to discuss Security Software Build Environments. And selling confiscated cryptocurrency to compensate victims of scams. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/222 Learn more about...

CISA and its partners warn of Iranian cyber ops. Cyberespionage in the Middle East with Candiru tools. Belarus connected to Ghostwriter. Facebook boots SideCopy. RAMP recruits members. Play Episode
CISA, the FBI, the ACSC, and the NCSC issue a joint advisory warning of an Iranian cyber campaign exploiting known vulnerabilities in Fortinet and Microsoft Exchange. A Belarusian connection to Ghostwriter. Candiru tools reported in watering holes. SideCopys interest in Afghanistan. RAMP shows an interest in attracting Chinese operators. Josh Ray from Accenture Security digs into the CONTI playbook leak. Our guest is Matt Keeley from Bishop Fox on fuzzing. And Pompompurin wants to sell you leaked Robinhood data. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/221 Learn more about your ad choices....

Britains Labour Party sustains a data incident. CERT-FR describes a new affiliate gang, Lockean. US, Russian intelligence chiefs discuss cybersecurity. Gas is flowing in Iran again. Start-ups honored. Play Episode
Britains Labour Party is affected by a ransomware incident a third-party provider sustained. ANSSI identifies a new ransomware affiliate gang, Lockean. Notes on how and why BlackMatter and REvil went on the lam. Russo-American talks discussed cybercrime and cybersecurity. Irans gas stations are fully back in business, following the cyber sabotage they sustained. Kevin Magee from Microsoft has highlights from their 2021 Digital Defence Report. Our guest is Ofer Ben Noon of Talon Cyber Security addressing browser vulnerabilities.And DataTribe has announced the winners of its fourth annual Cybersecurity Start-up Challenge. For links to all of today's stories check out our...

Facebooks back up, and the outage was due to an error, not an attack. A look at AvosLocker and Atom Silo ransomware. The case of the Kyiv ransomware gangsters. Thoughts on the Pandora Papers. Play Episode
Facebook restores service after dealing with an accidental BGP configuration issue. Theres now a data auction site for AvosLocker ransomware. Atom Silo ransomware is quiet, patient, and stealthy. The state of investigation into those two guys collared on a ransomware beef in Kyiv last week. Ben Yelin is skeptical of data privacy poll results. Our guest is Microsofts Ann Johnson, host of the newest show to join the CyberWire network, Afternoon Cyber Tea. And what would they have thought of the Pandora Papers in Deadwood, back in the day? For links to all of today's stories check out our CyberWire...

Homecomings, happy and not so happy. A backdoor for espionage, a Trojan for cybercrime. DDoS techniques, those iPhone zero-days, and indictments. And one guilty plea. Play Episode
The triumphant homecoming of Huaweis CFO. Microsoft describes the FoggyWeb backdoor, a significant cyberespionage tool. Kaspersky looks at the BloodyStealer Trojan and finds it especially risky to gamers. A novel approach to distributed denial-of-service. Apple looks into those iPhone zero-days.Joe Carrigan looks at the latest offerings in passwordless authentication. Our guest is Mathieu Gorge of VigiTrust on how law enforcement and executives can work together to fight cyber threats. And a look at doings in cybercrime: the US arrests more than thirty members of the Black Axe gang, a Russian convict is deported back to face Russian justice, and a...

Vulnerabilities in the public cloud. [Research Saturday] Play Episode
Guest Ariel Zelivansky, Senior Manager of Security Research at Palo Alto Networks, joins Dave to discuss Unit 42's work on the first cross-account container takeover in the public cloud. The Unit 42 Threat Intelligence team has identified the first known vulnerability that could enable one user of a public cloud service to break out of their environment and execute code on environments belonging to other users in the same public cloud service. This unprecedented cross-account takeover affected Microsoft's Azure Container-as-a-Service (CaaS) platform. Researchers named the finding Azurescape because the attack started from a container escape a technique that enables privilege...

BladeHawk Android cyberespionage campaign in progress. Labor Day was quiet, but the gangs are now back at it. REvils remnant stirs. Bulletproof hosting. Phishing keywords. Play Episode
BladeHawk cyberespionage campaign in progress. Microsoft warns of targeted attacks in progress. Hey--the hoods took a breather over Labor Day, but the straw hats are off now, and theyre back at work. Someone is rummaging in REvils unquiet grave. Bulletproof hosting services and the criminal marketplace. Mike Benjamin from Black Lotus Labs on ReverseRAT 2.0. Rick Howard checks in with Philip Reiner from the Ransomware Taskforce. And does a New Urgent Message Require Action? Maybe not. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/173 Learn more about your ad choices. Visit megaphone.fm/adchoices

The T-Mobile hacker speaks (we think). SparklingGoblin enters the cyberespionage ring. Is someone stealing data to train AI? Cellebrites availability. Ragnarok ransomware says its going out of business. Play Episode
A young man claiming responsibility for the T-Mobile breach talks to the Wall Street Journal. A new cyberespionage group, SparklingGoblin, seems particularly interested in educational institutions, especially in Southeast and East Asia. Are governments training AI with stolen data? Mitigations for Microsoft issues. Cellebrite tools may still be available to Chinese police. Kevin Magee from Microsoft wonders if leaders have over pivoted toward technical skill. Our guest is Bill Wright of Splunk on the ongoing geopolitical ransomware trend. And another ransomware gang says its going out of business...well wait and see. For links to all of today's stories check out...

Notes on the fall of Afghanistan, with its cyber and kinetic implications. US State Department hack reported. ShinyHunters resurface. Further incentive to patch Microsoft Exchange Server. Play Episode
The Taliban consolidates control over Afghanistan, and its doing so online as well as on the ground. Reports say the US State Department has come under cyberattack; State says that any such incident was without significant effect. The ShinyHunters say theyve obtained a great deal of PII from AT&T, but AT&T says that, whatever the crooks have, it didnt come from AT&T. Rick Howard on orchestration. Carole Theriault on women in cybersecurity - are thing getting any better? And exploitation gives organizations even more incentive to patch Microsoft Exchange server instances. For links to all of today's stories check out...

You can add new features, just secure the old stuff first. [Research Saturday] Play Episode
Guests Will Schroeder and Lee Christensen from SpecterOps join Dave to share the research they recently presented at Black Hat USA on the security of Microsoft's Active Directory Certificate Services. Their abstract: Microsofts Active Directory Public Key Infrastructure (PKI) implementation, known as Active Directory Certificate Services (AD CS), has largely flown under the radar of both the offensive and defensive communities. AD CS is widely deployed, and provides attackers opportunities for credential theft, machine persistence, domain escalation, and subtle domain persistence. We present relevant background on certificates in Active Directory, detail the abuse of AD CS through certificate theft and...

Espionage phishing in unfamiliar places. OT vulnerabilities. LemonDucks rising fortunes. Data exposure. Kubernetes advice from NSA and CISA. Meng Wanzhous extradition. Play Episode
APT31 casts its net into some waters that arent yet phished out. Vulnerabilities in the NicheStack TCP/IP stack are reported. LemonDuck may be outgrowing its beginnings as a cryptojacking botnet. A large marketing database is found exposed. NSA and CISA offer advice on securing Kubernetes clusters. Adam Darrah from ZeroFox checks in from the floor at BlackHat. Our guests are Nic Fillingham and Natalia Godyla from Microsofts Security Unlocked podcast. David Dufour from Webroot on the hidden costs of ransomware. And Huaweis CFO returns to court as her extradition hearings enter their endgame. For links to all of today's stories...

SVR was reading the US Attorneys emails. Deliveries still lag as South African ports reopen. EA hackers dump game source code. Another look at criminal markets. And Mr. Hushpuppi cops a plea. Play Episode
SVR may have compromised twenty-seven US Attorneys offices. Ransomware disruptions of a physical supply chain continue as South African ports reopen. EA hackers give up, and dump the source code they stole. Double extortion may not be paying off. A look at initial access brokers. Operation Top Dog yields indictments in an international fraud case. Rick Howard tackles enterprise backup strategies. Kevin Magee from Microsoft with lessons learned hiring multiple team members during COVID. And a decryptor for Prometheus ransomware is released. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/147 Learn more about...

Microsoft Exchange Server hacks officially attributed to China. Indictment in industrial espionage case. Entities List expands. Abuse of NSO Groups Pegasus tool reported. Play Episode
Allied governments formally attribute exploitation of Microsoft Exchange Server to Chinas Ministry of State Security. A US Federal indictment names four MSS officers in conjunction with another, long-running cyberespionage campaign. The US Department of Commerce adds six Russian organizations to the Entities List. The Pegasus Project outlines alleged abuse of NSO Groups intercept tool. Thomas Etheridge from CrowdStrike on the importance of real-time response, continuous monitoring and remediation. Our guest is Neha Joshi from Accenture on solving the cybersecurity staffing gap and how to stand up a successful, diverse security team. And theres hacktivism in Southeast Asia. For links to...

DDoS at Russias MoD. Facebook disrupts Iranian catphishing operation. An intercept tool vendors activities are exposed. No signs of the US softening on Huawei bans. Play Episode
Russias Ministry of Defense says its website sustained a distributed denial-of-service attack this morning. Facebook disrupts a complex Iranian catphishing operation aimed at military personnel and employees of defense and aerospace companies. Microsoft and Citizen Lab describe the recent operations of an Israeli intercept tool vendor. The US shows no signs of relenting on Huawei. Johannes Ullrich from the SANS technology institute has been Hunting Phishing Sites with Shodan. Our guest is Rick Van Galen from 1Password with insights from their Hiding in Plain Sight report. And theres nothing new on the REvil front--the gang is as much in the...

Cyber conflict sputters in Ukraine? Kaseya delays VSA patch, offers assistance to REvils victims. US mulls retaliation for privateering. PrintNightmare patch. Another extradition run at Julian Assange. Play Episode
Ukrainian government websites may have come under an unspecified cyberattack early this week. Kaseya delays its VSA patch until Sunday, and offers assistance to victims of VSA exploitation by REvil. The US continues to mull its response to Russia over REvil and Cozy Bear. A small electric utilitys business systems go offline after a ransomware attack. Microsoft continues to grapple with PrintNightmare. Caleb Barlow from CynergisTek on the changing Cyber Insurance landscape. Our guest is Kwame Yamgnane from Qwasar on how he seeks to inspire minority kids to code. And the US will try again to get Julian Assange extradited....

Kaseya works on patching VSA as Washington mulls retaliation and Moscow says it has nothing to do with it. Microsoft patches PrintNightmare. The Lazarus Group is back. Play Episode
Kaseya continues to work on patching its VSA products. The US mulls retaliation for the Kaseya ransomware campaign, as well as for Cozy Bears attempt on the Republican National Committee and Fancy Bears brute-forcing efforts. (Russia denies any wrongdoing.) Current events phishbait. Microsoft patches PrintNightmare. Joe Carrigan looks at recent updates to Googles Scorecards tool. Our guest Umesh Sachdev of Uniphore describes his entrepreneurial journey. And the Lazarus Group is back, phishing for defense workers. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/129 Learn more about your ad choices. Visit megaphone.fm/adchoices

Mitigating PrintNightmare. New ransomware strains in circulation. Router firmware patched. Russia denies brute-forcing anyone. What the reinsurance rates tell us. Play Episode
Mitigations for the PrintNightmare vulnerability are suggested. Wizard Spider has a new strain of ransomware in its toolkit. A new RagnarLocker strain is in circulation. NETGEAR patches router firmware. Russia reacts to US and US reports of a GRU brute-forcing campaign: Moscow says it didnt do it. Kevin Magee from Microsoft shares some of the tools he uses to keep himself and his team up to date. Our guest is Andrew Patel from F-Secure on how to prepare security teams for AI-powered malware. And a quick look at the true costs of cybercrime. For links to all of today's stories...

A look at some threats to ICS endpoints. EternalBlue remains a problem. US preparing attribution of the Microsoft Exchange Server hack. DoubleVPN seized. An arrest in the Gozi case. Play Episode
A report on threats to industrial control systems is out, and it focuses on ransomware, coinjacking, and legacy malware. EternalBlue remains a problem. The US is preparing a formal attribution in the case of the Microsoft Exchange Server campaign. An international police operation has taken down DoubleVPN, and the authorities seem pretty pleased with their work. Joe Carrigan examines vulnerabilities in systems from Dell. Our guest is Vikram Thakur from Symantec on Multi-Factor Authentication evasion. And the guy who allegedly provided the Gozi banking malware with its bulletproof hosting has been collared in Bogota. For links to all of today's...

Introducing Security Unlocked: CISO Series with Bret ArsenaultLeading an Inclusive Workforce: Emma Smith, Vodafone Play Episode
Theres truth in the sentiment,teamwork makes the dream work.When team members dont feel includedorheard in their environment, theyre not going to do their best work,so itsup to managers, supervisors, and evenglobal security directorsto foster a workplace and culture that doesntallowanyonetobe silenced. On this episode,MicrosoftsCISO,Bret Arsenault,sits with his friend and peer, Emma Smith,Director ofGlobalCybersecurity for Vodafone. Throughout the conversation, theydiscussreturning to in-person work after over a year of being remote and some of the inherent difficulties that come withthe change,especially as they relate to inclusivity. In This Episode You Will Learn: How focusing on digital society, inclusion for all, and the...

Exhibiting advanced APT-like behavior. [Research Saturday] Play Episode
Guest Yonatan Striem-Amit joins Dave to talk about Cybereason's research "Prometei Botnet Exploiting Microsoft Exchange Vulnerabilities." The Cybereason Nocturnus Team responded to several incident response (IR) cases involving infections of the Prometei Botnet against companies in North America, observing that the attackers exploited recently published Microsoft Exchange vulnerabilities (CVE-2021-27065 and CVE-2021-26858) in order to penetrate the network and install malware. Yonatan shares his team's findings of the investigation of the attacks, including the initial foothold sequence of the attackers, the functionality of the different components of the malware, the threat actors origin and the bots infrastructure. The research can be...

Disruption of a major BEC campaign. Scope of cyberespionage expands in Pulse Secure exploitation. What the Hades? Russo-US summitry. A more secure workforce. Reality Winner is out, sort of. Play Episode
Microsoft disrupts a major BEC campaign. The scope of cyberespionage undertaken via exploitation of vulnerable Pulse Secure instances seems wider than previously believed. Secureworks offers an account of Hades ransomware, and differs with others on attribution. Final notes during the run-up to tomorrows US-Russia summit, where cyber will figure prominently. Helping employees stay secure. Carole Theriault wonders if the internet of things is becoming the internet of everything. Ben Yelin weighs in on the Supreme Courts ruling affecting the Computer Fraud and Abuse Act. And Reality Winner has been released to a halfway house. For links to all of today's...

The security industry looks at DarkSide ransomware. CISA offers advice on defense and recovery. A new banking Trojan is out. Deprecated protocols remain in use. A quick look at Patch Tuesday. Play Episode
FireEye provides an overview of the DarkSide ransomware-as-a-service operation. Forcepoint suggests a connection between DarkSide and other ransomware gangs, notably REvil. Colonial Pipeline continues its recovery efforts from the cyber attack it sustained. As ransomware grows more common, CISA offers advice on how to prepare defenses. A new Android banking Trojan is in circulation. Cecelia Marinier from RSA on the RSAC Innovation Sandbox. Bret Arsenault from Microsoft previews his new Microsoft CISO podcast. And yesterday, of course, was Patch Tuesday. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/91 Learn more about your ad...

Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington. Panda Stealer is after crypto wallets. And Peloton deals with a leaky API. Play Episode
Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington (the one sponsored by Beijing developed an iPhone zero-day used against Chinas Uyghurs). Panda Stealer is after crypto wallets. Microsoft's Kevin Magee reflects on lessons learned in the last year. Our own Rick Howard speaks with Todd Neilson from World Wide Technology on Zero Trust. And Peloton deals with a leaky API. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/87 Learn more about your ad choices. Visit megaphone.fm/adchoices

Investigating VPN exploits, and the crooks and spies who use them. BadAlloc afflicts OT. Notes on cyberespionage. The criminal market for deepfakes. Play Episode
The US Government expands its investigation into Pulse Secure VPN compromises. Microsoft discloses its discovery of BadAlloc IoT and OT vulnerabilities. Someones distributing Purple Lambert spyware. Chinese intelligence services seem to be backdooring the Russian defense sector. Financially motivated criminals are exploiting SonicWall VPN vulnerabilities. A look at the emerging criminal market for deepfakes. Josh Ray from Accenture Security on Why Cybersecurity Community Service Matters. Our guest Manish Gupta of ShiftLeft looks at cyber attacks on the CI/CD pipeline. And the World Health Organization attracted impersonators early this month. Again. For links to all of today's stories check out our...

More intelligence on Ghostwriter, and a convergence of hacking and influence operations. Naikon APT has a new backdoor. FluBot returns. MAPP reconsidered. Defense counsel on Cellebrite. Play Episode
Ghostwriter is back, and has moved its chaos troops against fresh targets in Poland and Germany. The Naikon APT has a new secondary backdoor. FluBot, temporarily inhibited by police raids, is back, and expanding its infection of Android devices across Europe. Microsoft is rethinking how much, and with whom, it wants to share vulnerability information. Joe Carrigan examines a phone scam targeting Amazon Prime customers. Our guest is Tzury Bar Yochay of Reblaze on open-source software and scalability. And Signals discovery of Cellebrite issues is finding its way into court. For links to all of today's stories check out our...

VPN users remediate systems. New Supernova infection. Cryptojacking botnet afflicts vulnerable Exchange Servers. Facebook takes down spyware groups. Ransomware. Cellebrite bug found. Play Episode
Agencies continue to respond to the Pulse Secure VPN vulnerabilities. Updates on the SolarWinds compromise show that it remains a threat, and that it was designed to escape detection and, especially, attribution. A cryptojacking botnet is exploiting vulnerable Microsoft Exchange Server instances. Facebook takes down two Palestinian groups distributing spyware. Ransomware draws more attention. Craig Williams from Cisco Talos looks at cheating the cheater. Our guest is Bruno Kurtic from Sumo Logic on their Continuous Intelligence Report. And a Cellebrite vulnerability is exposed. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/77 Learn more...

Codecov supply chain attack update. Babuks victim service. Catphishing in LinkedIn. Sanctioned company responds. SolarWinds, Exchange compromise TFs stand down. 5 Eyes notes. IoT risk. Play Episode
Update on the Codecov supply chain attack. The Babuk gang says theyve debugged their decryptor. MI5 warns of industrial scale catphishing in LinkedIn. Positive Technologies responds to US sanctions. The US stands down the two Unified Coordination Groups it established to deal with the SolarWinds and Exchange Server compromises. Are all Five Eyes seeing eye-to-eye on China? Ben Yelin explains the legal side of the FBI removing webshells following the Microsoft Exchange Server hack. Our guest is May Habib from Writer on how the AI is helping the security industry with outdated and problematicterminology. And, psst: your kitchen appliances are...

International reactions to US sanctions against Russia (positively reviewed in Europe and the UK, but panned by Russia). Continuing threats to the cold chain. Natanz back in business? Data breach notes. Play Episode
The European Union expresses solidarity with the US over the SolarWinds incident. The UK joins the US in attributing the incident to Russia. Russia objects to US sanctions and hints strongly that it intends to retaliate. IBM discloses new cyber threats to the COVID-19 vaccine cold chain. Iran says Natanz is back in business. Kevin Magee from Microsoft looks at the security of startups. Our guest is Brad Ree of ioXt Alliance with results from their Mobile IoT Benchmark report. And data breaches hit people who park and people who read. For links to all of today's stories check out...

The IAEA investigates the Natanz incident (amid conflicting reports on the nature of the sabotage). Mopping up the SolarWinds Exchange Server hacks. Play Episode
Updates on Natanz, where the nature of the sabotage remains unclear--it happened, but there are conflicting explanations of how. Electrical utilities on alert for cyberattack, especially after the SolarWinds incident. The US Government takes extraordinary steps to fix the Microsoft Exchange Server compromise. Joe Carrigan analyses effective phishing campaigns. Our guest is the FBIs Herb Stapleton on their recent IC3 report. And the US Intelligence Communitys Annual Threat Assessment points, in order of diminishing rsk, to China, Russia, Iran, and North Korea. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/71 Learn more about...

Cring ransomware hits manufacturing plants. Distance learning difficulties. Hafniums patient approach to vulnerable Exchange Servers. The Entity List grows. 5G security standards. Play Episode
Cring ransomware afflicts vulnerable Fortigate VPN servers. Distance learning in France stumbles due to sudden high demand, and possibly also because of cyberattacks. Hafniums attack on Microsoft Exchange Servers may have been long in preparation, and may have used data obtained in earlier breaches. Commerce Department adds seven Chinese organizations to its Entity List. 5G security standards in the US are said likely to emphasize zero trust. Atlantic Media discloses a breach of employee data. Caleb Barlow from CynergisTek with a clever way of thinking about ransomware preparedness. Our guest is Amit Kanfer from build.security on authorization, a problem he...

Cyberespionage and influence operations. Reading the US State Departments mail. Risk management and strategic complacency. Volumetric attacks. Keeping suspect hardware out. Play Episode
Charming Kitten is back, and interested in medical researchers credentials. Russian services appear to have been reading some US State Department emails (its thought their access was confined to unclassified systems).Risk management practices and questions about the risks of growing too blas about management. Recognizing the approach of an intelligence officer. Volumetric attacks are up. Joe Carrigan examines a sophisticated Microsoft spoof. Our guest is Donna Grindle from Kardon on updates to the HITECH ACT. More concerns, in India and the US, about Chinese telecom hardware. For links to all of today's stories check out our CyberWire daily news brief:...

Updates on the state of Microsoft Exchange Server vulnerability, patching, and exploitation. Third-party breaches affect Shell and AFCEA. TikToks privacy. A manga site goes down. Play Episode
Exchange Server patching is going well, they say, but they also say that patching isnt enough. Crooks are continuing to look for unpatched instances, and even in the patched systems, youve got to check to make sure the bad actors have been found and ejected. AFCEA and Shell both disclose being affected by third-party breaches. Citizen Lab sees no particular problem with TikTok. Ben Yelin ponders possible US response to the Microsoft Exchange Server attacks. Our guest is Alex Gizis from Connectify using VPNs to thwart government internet restrictions in Myanmar. And a major manga fan site is down. For...

Kevin Magee: Focus on the archer. (CSO) [Career Notes] Play Episode
Chief Security Officer of Microsoft Canada Kevin Magee shares his background as a historian and how it applies to his work in cybersecurity.Likening himself to a dashing Indiana Jones, Kevin talks about how he sees history unfolding and the most interesting things right now are happening in security. Spending time tinkering with things in the university's computer room under the stairs gave way to Kevin's love affair with technology. As Chief Security Officer, Kevin says he uses an analogy: "I think we focus on the arrows, not the the archer" meaning there's too much focus on the attacks rather than...

Looking for leaks in the Microsoft Exchange Server exploitation. International cyber conflict. Sky Global executives indicted in the US. Scammer demands 1000 pounds to go on do-not-call list. Play Episode
Microsoft is looking for a possible leak behind the spread of Exchange Server exploits, and hackers piggyback on webshells placed by other threat actors. The US Government continues to mull how to respond to Holiday Bear and Hafnium. Britains PM calls for greater offensive cyber capabilities. India looks for ways of countering China in cyberspace. Sky Global executives indicted for alleged racketeering. Accentures Josh Ray takes on defending against nation states. Rick Howard aims the hash table at third party cloud security. And what does it cost to be on a do-not-call list? Nothing. Really. For links to all of...

Ransomware enters vulnerable Exchange Servers through the backdoor. REvil is out and active. SolarWinds and control systems. Molson Coors responds to a cyber incident. Play Episode
Microsoft warns that ransomware operators are exploiting vulnerable Exchange Servers. Threat actors continue to look for unpatched instances of Exchange Server. Johannes Ullrich joins us with his thoughts on the incident. REvil ransomware hits a range of fresh targets. Concerns are raised about the effects of the SolarWinds compromise on embedded devices. Our guest is Sally Carson from Cisco making the case that good design can save cybersecurity. And an unspecified cyber incident shuts down Coors Molson. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/48 Learn more about your ad choices. Visit megaphone.fm/adchoices

More Exchange Server exploitation, and security advice. Updates on the SolarWinds compromise, criminal TTPs, and the Verkada hack. And news not you, but your friends might be able to use. Play Episode
Norways parliament is hit with Exchange Server exploitation. CISA and the FBI issue more advice on how to clean up an Exchange Server compromise. CISA hints at more detailed attribution of the SolarWinds compromise soon, and US Cyber Command says military networks were successfully defended. Microsofts Kevin Magee of exporting cyber talent. Our guest is Hanan Hibshi from Carnegie Mellon University on their picoCTF online hacking competition. Notes on some evolving criminal techniques, an update on the security camera hacktivist incident, and some news you wont need, but your friends might. For links to all of today's stories check out...

Patching, with special attention to Hafnium and the rest. Responding to the SolarWinds incident. Hactivists dont like cameras. Dragnet in the Low Countries. Play Episode
Patch Tuesday was a big one this month. Microsoft Exchange Server remains under active attack in the wild, with new threat actors hopping on the opportunity. Russia denies it had anything to do with the SolarWinds incident and says the kinds of US response that the word on the street tells them are under consideration would be nothing more than international crime. Hacktivists strike a blow against cameras and stuff. Joe Carrigan has thoughts on Googles plans for third party cookies. Our guest is Kelvin Coleman from the National Cyber Security Alliance (NCSA) on how educators can better protect students...

Dealing with Hafniums work against Microsoft Exchange Server and Holiday Bears visit to the SolarWinds supply chain. A plea for OSINT, and some wins for the cyber cops. Play Episode
CISA urges everyone to take the Microsoft Exchange Server vulnerabilities seriously. The SolarWinds compromise is also going to prove difficult to mop up. The US is said to be preparing a response to Holiday Bears SolarWinds compromise (some of that response will be visible, but some will not). A plea for more OSINT. Ben Yelin from UMD CHHS ponders face scanning algorithms in the job application process. Our guest is Sam Crowther from Kasada, asking why are we still talking about bots? And dragnets haul in some cybercrooks. For links to all of today's stories check out our CyberWire daily...

Happy Slam the Scam Day. Indian authorities continue to investigate grid incidents. CISA tells US Federal agencies to clean up Exchange bugs by noon tomorrow. Supply chain compromise. Play Episode
Indian authorities say Octobers Mumbai blackout was human error, not cybersabotage. CISA directs US civilian agencies to clean up Microsoft Exchange on-premise vulnerabilities. More effects of the Accellion FTA supply chain compromise. Some trends in social engineering. Andrea Little Limbago brings us up to date on the RSA supply chain sandbox. Our guest is Brittany Allen from Sift on a new Telegram fraud ring. And happy National Slam the Scam Day. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/42 Learn more about your ad choices. Visit megaphone.fm/adchoices

RedEcho under investigation (amid reassurances). Stopping Operation Exchange Marauder. Containing Ursnif. Cyber proliferation. And another round in the Crypto Wars. Play Episode
India continues to investigate the possibility of RedEcho cybersabotage of its power distribution system, but says any hack was stopped and contained. Microsoft issues an out-of-band patch against a Chinese-run Operation Exchange Marauder. The financial sector works to contain an Ursnif outbreak. CISA issues ICS security advisories. Myanmar and the difficulty of stopping cyber proliferation. Joe Carrigan looks at CNAME cloaking. Our guest is author Neil Daswani from Stanford Universitys Advanced Security Certification Program, on his upcoming book Big Breaches - Cybersecurity Lessons for Everyone. And another round in the Crypto Wars seems ready to start. For links to all...

Mopping up Solorigate. Tehrans Lightning and Thunder in Amsterdam. The view from Talinn. Malware designed for Apples new chips. Lessons from the ice, and how hackers broke bad. Play Episode
Microsoft wraps up its internal investigation of Solorigate, which the US Government continues to grapple with, and which has had some effect in Norway. An apparent Iranian APT has been hosting its command-and-control in two Netherlands data centers. Estonias annual intelligence report describes Russian and Chinese ambitions in cyberspace. Threat actors are hard at work against Apples new processors. Kevin Magee on the Canadian National Cyber Threat Assessment for 2020. Our guest is Mark Testoni from SAP National Security Services on the Biden administrations first 100 days. Plus, lessons from the ice, and how hackers became cybercriminals. For links to...

Frances ANSII warns of a longrunning Sandworm campaign. DPRK tried to steal COVID-19 vaccine data. Supermicro is exasperated. Static Kitten phishes in the UAE Play Episode
France finds Sandworms trail in a software supply chain. Microsoft is impressed by the amount of effort Russian intelligence services put into the SolarWinds campaign. Pyongyang is reported to have attempted to steal COVID-19 vaccine information. Supermicro reiterates objections to Bloomberg's report on alleged hardware supply chain compromises. Static Kitten is phishing in the UAE. Updates on the Florida water utility cybersabotage. Ben Yelin examines to what degree the FBI can access Signal app messages. Rick Howard gathers the hash table to discuss AWS. And a new executive director arrives at our state cybersecurity association. For links to all of...

Solorigate: targeting, collateral damage, or staging? The Cyberspace Solarium has some advice for US President Biden. URKI breach. British Mensa thinks over a data exposure. Play Episode
Untangling Solorigate, and distinguishing primary targets from collateral damage (or maybe side benefits, or maybe battlespace preparation). Congress asks NSA for background on an earlier supply chain incident. The Cyberspace Solarium Commission offers the new US Administration some transition advice. Rick Howard hears from the hash table on Microsoft Azure. Andrea Little Limbago from Interos on the intersection of COVID and cyber vulnerabilities. And the week gets off to a rough start for smart Britons. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/20 Learn more about your ad choices. Visit megaphone.fm/adchoices

Pyongyangs social engineering campaign to compromise vulnerability researchers. Anonymous is back? Workforce development. Cyber Force? Why not? Play Episode
Google reports North Korean social engineering of vulnerability researchers. Anonymous resurfaces, maybe, and tells Malaysias government its not happy with them. Notes on false credentialism and workforce development from the National Governors Association cyber summit. Kevin Magee from Microsoft Canada on the launch of the Rogers Cybersecurity Catalyst at Ryerson University to support Canadian Cybersecurity Startups. Our guest is James Stanger from CompTIA on their ultimate DDoS guide. And does America need a Cyber Force? Some think so. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/16 Learn more about your ad choices. Visit...

The FSB warns Russian businesses to up their security game--the Americans are coming. SonicWalls investigation of a possible cyberattack. DIA and commercial data brokers. OPC issues. Robota. Play Episode
Russias FSB warns businesses to be on the lookout for American cyberattacks after the White House says its reserving its right to respond to the Solorigate cyberespionage campaign. SonicWall investigates an apparent compromise of its systems. Senator asks the US DNI for an explanation of DIA purchases of geolocation data from commercial vendors. OPC issues described. Andrea Little Limbago from Interos on the tech "naughty list" of restricted or sanctioned companies. Rick Howard previews his first principles analysis of Microsoft Azure. And a happy birthday to the word robot, now one-hundred years young. For links to all of today's stories...

Solorigates stealthy, careful operators. LuckyBoy malvertising. BEC as reconnaissance? Remote work and leaky sites. And good riddance to the Jokers Stash. Play Episode
Microsoft researchers detail the lengths to which the Solorigate threat actor went to stay undetected and establish persistence. LuckyBoy malvertising is described. Business email compromise as a reconnaissance technique? More reminders about the risks that accompany remote work. Ben Yelin looks at cyber policy issues facing the Biden administration. Rick Howard speaks with Frank Duff from Mitre on their ATT&CK Evaluation Program. And good riddance to the Jokers Stash (we hope). For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/13 Learn more about your ad choices. Visit megaphone.fm/adchoices

More on that Solorigate threat actor, especially its non-SolarWinds activity. Chimeras new target list. Executive Order on reducing IaaS exploitation. The case of the stolen laptop. Play Episode
Another security company discloses a brush with the threat actor behind Solorigate. Advice on hardening Microsoft 365 against that same threat actor. Chimera turns out to be interested in airlines as well as semiconductor manufacturing intellectual property. Former President Trumps last Executive Order addresses foreign exploitation of Infrastructure-as-a-Service products. Joe Carrigan looks at a hardware key vulnerability. Our guest is Chris Eng from Veracode with insights from their State of Software Security report. And investigation of thatlaptop stolen from the Capitol continues. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/12 Learn more about...

Ann Johnson: Trying to make the world safer. [Business Development] [Career Notes] Play Episode
Microsoft's Corporate Vice President of Cybersecurity Business Development Ann Johnson brings us on her career journey from aspiring lawyer to cybersecurityexecutive. After pivoting from studying law, Ann started working with computers and found she had a deep technical aptitude for technology and started earning certifications landing in cybersecurity because she found an interest in PKI. At Microsoft, Ann says she solves some of the hardest problems every day. She recommends getting a mentor and finding your area of expertise. She leaves us with three dimensions she hopes to be her legacy: 1. diversity in more than just gender, 2. bringing...

Its not Kates and Vals over Ford Island, but its not just a tourist under diplomatic cover taking pictures of Battleship Row, either. Another APT side hustle? To delist or not to delist. Play Episode
More assessments of the Solorigate affair, with an excursus on Pearl Harbor. Shareholders open a class action suit against SolarWinds, but no signs of an enforcement action for speculated insider trading. Emissary Panda seems to be working an APT side hustle. Kevin Magee has insights from the Microsoft Digital Defense Report. Our guest is Jason Passwaters from Intel 471 with a look at the growing range of ransomware as a service offerings. And to-ing and fro-ing on Chinese telecoms at the New York Stock Exchange. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/2...

Threat actors were able to see Microsoft source code repositories. Zyxel closes a backdoor. Kawasaki discloses data exposure. Slacks troubles. Julian Assange escapes extradition to the US. Play Episode
Updates on the spreading consequences of Solorigate, including Microsofts disclosure that threat actors gained access to source code repositories. A hard-coded backdoor is found in Zyxel firewalls and VPNs. Kawasaki Heavy Industries says parties unknown accessed sensitive corporate information. Slack has been having troubles today. Andrea Little Limbago from Interos on democracies aligning against global techno-dictators. Our guest is Drew Daniels from Druva with a look at the true value of data. And a British court declines to extradite WikiLeaks Julian Assange to the United States. For links to all of today's stories check out our CyberWire daily news brief:...

SolarWinds breach updates. Microsoft sinkholes Sunburst's C&C domain. Facebook takes down inauthentic networks. Play Episode
SolarWinds breach reportedly affected parts of the Pentagon. Microsoft and partners seize and sinkhole command-and-control domain used by Sunburst malware. The threat actor behind the breach used a novel technique to bypass multi factor authentication at a think tank. Facebook takes down competing inauthentic networks focused on Africa. Joe Carrigan has insights on Amnesia 33. Our guest, Greg Edwards from CryptoStopper, shares his experience getting back online after a Derecho. And the execution of the FCCs rip-and-replace plan will likely fall to the next US administration. For links to all of today's stories check out our CyberWire daily news brief:...

Facebook faces anti-trust suit. COVID-19 vaccine cyberespionage. Emissary Panda spotting. SQL databases for sale. Notes on the FireEye breach, the end of Flash, and the Mirai botnet. Play Episode
Facebook faces a US antitrust suit. Cyberespionage hits the European Medicines Agency, apparently looking for COVID-19 vaccine information. Emissary Panda is out and about. A simple ransomware campaign goes for success through volume. Stolen SQL databases are offered for sale back to their owners. React to the FireEye breach, but dont over-react. We welcome Kevin McGee from Microsoft Canada to the show.Our guest is Liviu Arsene from Bitdefender with insights Business Threat Landscape report for 2020. Flash nears its end-of-life. Predictions for 2020, and another guilty plea in the Mirai case. For links to all of today's stories check out...

TrickBots return is interrupted. Election rumor control. Supply chain security. Securing the Olympics. NSS Labs closes down. Play Episode
TrickBot came back, but so did its nemesis from Redmond--Microsoft and its partners have taken down most of the new infrastructure the gang reestablished. CISA publishes election rumor control. The Cyberspace Solarium Commission has a white paper on supply chain security. Japan says it will take steps to secure next summers Olympics. Joe Carrigan takes issue with Twitter and Facebook limiting the spread of published news stories. Our guest is Carolyn Crandall from Attivo with a look at the market for cyber deception tools. And a familiar name exits the industry. For links to all of today's stories check out...

Suppressing Trickbot: cyber warfare and cyber lawfare. Chaining vulnerabilities. An intergovernmental call for backdoors in the aid of law enforcement. Play Episode
Trickbot gets hit by both US Cyber Command and an industry team led by Microsoft. CISA and the FBI warn that an unnamed threat actor is chaining vulnerabilities, including Zerologon, to gain access to infrastructure and government targets. Ben Yelin shares his thoughts on the US Houses report on monopoly status for some of tech's biggest players. Our guest is David Higgins from CyberArk on how work from home has put a light on privilege access security. And the Five Eyes plus two call for legal access to encrypted communications. For links to all of today's stories check out our...

Opportunistic paydays and soft targets. Crooks use captchas and padlocks, too. Protecting against Zerologon. A microelectronics strategy. Play Episode
Ransomware gangs continue to look for an opportunistic payday. Another exposed database is found, and secured. Captchas and padlock icons have their place, but theyre not a guarantee of security. Microsoft explains how to reduce exposure to Zerologon. The US looks to reduce dependence on foreign microelectronics. Joe Carrigan has thoughts on Facebook running SuperPAC ads. Our guest is Sanjay Gupta from Mitek on how online marketplaces can balance security with biometrics. And theres just one shopping day before National Cybersecurity Month. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/190 Learn more about...

Ransomware versus shipping, hospitals, and schools. Cyberattacks growing sophistication. An interim rule enables implementation of the US Defense Departments CMMC program. Play Episode
Three (count em) three big ransomware attacks are in progress. One of them has moved into its doxing phase. Microsoft resolves authentication problems that briefly disrupted services yesterday. Tracking trends in cyberattacks--the sophistication seems to lie in the execution. The US Defense Department now has an interim rule implementing its CMMC program. Ben Yelin describes the extensive use of facial recognition software by the LAPD. Our guest is Christy Wyatt from Absolute on their Endpoint Resilience report. And why do hackers hack? To a large extent it seems they do so...because they can. For links to all of today's stories...

Will no one rid me of this turbulent newsletter? US court delays TikTok ban. Microsoft takes down cyberespionage operation. Huaweis CFO gets another day in court. REvil recruits. Play Episode
The TikTok ban has been delayed; the November goal for the companys change in ownership still stands, at least for now. Microsoft takes down infrastructure used by a Chinese cyberespionage group. Huaweis CFO returns to court in Vancouver. The UK shows some of its cyber offensive hand. DDoS in Hungary; malware in Texas. The strange and sad case of eBay and a newsletter. Rick Howard shares lessons learned from his CSO Perspectives podcast. Our guest is Thomas Etheridge from CrowdStrike on mitigating the risk of public cloud key compromises. And REvil wants to recruit more criminal affiliates. For links to...

Bing backend exposed, for a bit. CIA thinks Russian influence ops are top-directed. TikTok Global spin-off may not be enough. Destination automation. Hacks that werent, and one big guilty plea. Play Episode
In an unusual lapse, Microsoft briefly left a Bing backend server exposed online--now fixed. Sources say the CIA has concluded that Russian President Putin is personally involved in setting the direction of operations designed to influence the US elections, The deal to spin out TikTok Global to avoid a US ban may not be enough, Europe looks for more control over tech companies. Activisions hack seems to be a mere rumor. Ben Yelin on section 230 of the communications decency act. Our guest is Ramon Pinero from Blackberry on the challenges of coordinating public services during the pandemic. And a...

Turning good words into bad. Crooks push those exploits through aging software while they still can. A big OSINT DB out of Shenzehn. TikToks fate grows narrower but murkier. Wildfire misinformation. Play Episode
Social engineers use text from legitimate recent warnings. Cybercrooks go for whatever they can get from software about to reach the end of its life. A big database filled with individual information is leaked from a Chinese government contractor. In the race to do whatever it is US companies hope to do with TikTok, Microsoft is apparently out, but Oracle is apparently in. Rick Howard looks at red versus blue. Our gust is Colby Prior, Infrastructure Engineer for AusCERT, on running honeypots. And the FBI wants you to know, contrary what you may have seen online, that Oregon wildfires are...

Microsoft considers acquiring TikTok. The US considers other Chinese companies as potential security threats. Charges in the Twiter hack. DDoS turns out to be a glitch. Garmin hack update. Play Episode
Microsoft is in talks to acquire TikTok as the US hints that it may be considering action against other Chinese software companies. Three young men have been charged in the Twitter hack. An apparent distributed denial-of-service attack turns out to have been a glitch. We welcome Verizons Chris Novak to the show. Rick Howard talks incident response. And updates on the Garmin hack suggest shifts in the ransomware threat. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/149 Learn more about your ad choices. Visit megaphone.fm/adchoices

Huawei to be closed out of UKs 5G infrastructure. Spyware, ransomware, and botnets. The odd case of Data Viper. SAP has a major patch out. Play Episode
The British Government decides to ban Huawei. More on the malware associated with Golden Tax software package. The Molerats appear to be behind some spyware misrepresenting itself as a secure chat app. The Porphiex botnet is back distributing a new ransomware strain. The odd case of the Data Viper breach. Ben Yelin tracks a ruling from the DC circuit court on the release of electronic surveillance records. Our guest is Ann Johnson from Microsoft discussing her keynote at RSA APJ, The Rise of Digital Empathy. And SAP has a patch out--if youre a user, CISA advises you to take this...

Traditional sabotage at Natanz. CISAs ICS strategy. DDoSecrets server seized by German police at the request of the US. COVID-19-themed phishing infrastructure taken down. Cyberespionage. Play Episode
The Natanz blast looks like traditional sabotage. CISA releases its strategy for securing industrial control systems. Authorities in Germany seize DDoSecrets server pursuant to a US request. Microsoft takes down COVID-19-themed BEC and phishing infrastructure. FBI Director denounces Chinas cyberespionage. Joe Carrigan helps review personal privacy measures for ios and Android. Rick Howard speaks with Steve Moore from Exabeam with insights from a year spent interviewing CISOs. And some DDoS and ransomware attempts. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/131 Learn more about your ad choices. Visit megaphone.fm/adchoices

EvilQuest ransomware identified. Out-of-band patches. The scope of Chinese surveillance of Uighurs. Hong Kong and the National Security Law. FCC finds against Huawei, ZTE. Play Episode
EvilQuest ransomware found in pirated versions of Little Snitch app. Out-of-band patches from Microsoft and Oracle. Extensive Chinese surveillance of Uighurs described. Hong Kong and the world react to Chinas new National Security Law. The US FCC finds both Huawei and ZTE are threats to national security. Joe Carrigan on password stealers that target gaming. Our guest is Kiersten Todt from the Cyber Readiness Institute on how COVID-19 has changed small business security and what to expect going forward. And Britain rethinks its position on Huawei and 5G infrastructure. For links to all of today's stories check out our CyberWire...

Patch Exchange already, will ya? GoldenSpy lurks in tax software Chinese banks prefer their foreign clients to use. Magecart gets cleverer. Another unsecured AWS S3 bucket, and this ones not funny. Play Episode
Microsoft urges Exchange server patching. Sure it does your taxes, but its got another agenda, too: the GoldenSpy backdoor may be in your tax software if you do business in China. Magecart ups its game. DDoSecrets says theyre not going to roll over for Twitters Nixonian schtick. Camille Stewart from Google and Lauren Zabierek from Harvards Belfer Center on the #Sharethemicincyber event and why systemic racism is a threat to cybersecurity. Rick Howard wraps up cybersecurity canon week with guests Richard Clarke and Robert Knake, authors of The Fifth Domain. And theres another unsecured Amazon S3 bucket, and this exposure...

COVID-19 relief. Data exposure at the SBA. Ransomware gangland. The CTL-Leagues volunteer defenders. Active measures, disinformation, and cyber deterrence. Play Episode
The US Senate authorizes more COVID-19 small business relief. A data exposure at the US Small Business Administration. The CTL-League looks like a model for cyber volunteer organizations. The US Senate reports its evaluation of the Intelligence Communitys look at Russian active measures in 2016. Calls for deterrence amid a converged campaign of disinformation. Joe Carrigan from JHU ISI on Microsoft zero-days, guest is Chris Chiles from OST on what companies need to consider before implementing 5G. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/April/CyberWire_2020_04_22.html Learn more about your ad choices. Visit megaphone.fm/adchoices

The online stresses of the COVID-19 pandemic. APT41s backdoor campaign. Contact-tracking and privacy. Virtual court is now in online session. Zooms fortunes. And tax-season online fraud. Play Episode
Demand for online services during the pandemic stresses government providers. APT41s backdoor campaign aimed at information theft. Contact-tracking apps and privacy. Some courts move to hear cases online. Zooms continuing mixed success. And did you file your tax return? The crooks might have done so for you. Ben Yelin from UMD CHHS on Microsofts reaction to Washington States new facial recognition law, guest is Francis Dinha from OpenVPN on remote working during the COVID-19 pandemic. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/April/CyberWire_2020_04_14.html Learn more about your ad choices. Visit megaphone.fm/adchoices

Advice on secure telework. Magecart infestations. DNS hijacking with a COVID-19 twist and an info-stealer hook. Patch notes. The US 5G security strategy. Play Episode
NIST offers advice on telework, as does Microsoft. Things to do for your professional growth while youre in your bunker. Magecart hits Tupperware, and they wont be the last as e-commerce targeting spikes. DNS hijacking contributes to an info-stealing campaign. Apple and Adobe both patch. The US publishes its 5G security strategy. And some thoughts on the value of work, as brought into relief by a pandemic. Thomas Etheridge from Crowdstrike on their 2020 Cyber Front Lines Report, guest is Michelle Koblas from AppDynamics on third-party risk management. For links to all of today's stories check our our CyberWire daily...

Active ICS threats. TrickBot and TrickMo. RCE vulnerability in Windows. Google ejects click-fraud malware infested apps from Play. Attackers hit WHO, hospitals, and biomedical research. Play Episode
WildPressure APT targets industrial systems in the Middle East. ICS attack tools show increasing commodification. TrickMo works against secure banking. Microsoft warns of RCE vulnerability in the way Windows renders fonts. Click fraud malware found in childrens apps sold in Google Play. DarkHotel attacks the World Health Organization. Ransomware hits Parisian hospitals and a British biomedical research firm. More COVID-19 phishbait. Ben Yelin from UMD CHHS on Coronavirus detecting cameras, guest is Allan Liska from Recorded Future on security in the time of Coronavirus. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_24.html Support...

Coronavirus fraud booms; prosecutors are taking note. Stolen data on the dark net. Software updates affected by pandemic. A new Mirai variant is out. A DDoS that wasnt. Play Episode
US prosecutors begin to follow through on their announced determination to pay close attention to coronavirus fraud. Data stolen from Chinese social network Weibo is now for sale on the black market--at a discount. The pandemic affects scheduled software updates and sunsets at Google and Microsoft. A new Mirai variant is out in the wild. And a DDoS attack in Australia turns out to be just a lot of Australians in need of government services. Mike Benjamin from CenturyLink on threat actors using 3rd party file hosting, guest is Andrew Peterson from Signal Sciences on top application security attacks. For...

COVID-19 as both incentive for remote work and phishbait. Offshored trolling. A list of digital predators. US Senate doesnt extend domestic surveillance authority. Play Episode
COVID-19 significantly increased remote working, and the pandemic is now a favorite lure in the phishing tackle of both intelligence services and criminal gangs. Russian trolling has been off-shored, setting up shop in Ghana and Nigeria for running influence operations against the US. Microsoft issues an out-of-band patch. Reporters Without Borders publishes its list of digital predators. And the Senate doesnt renew US domestic surveillance authorities. Thomas Etheridge from Crowdstrike on the impact of ransomware, guest is Josiah Dykstra from NSA on Cloud Vulnerabilities from an NSA viewpoint. For links to all of today's stories check our our CyberWire daily...

Misconfigured databases, again. Vulnerable subdomains. Dark web search engines. Troll farming. An update on the crypto wars. Play Episode
Virgin Media discloses a data exposure incident, another misconfigured database. Microsoft subdomains are reported vulnerable to takeover. A dark web search engine is gaining popularity, and black market share. Researchers find that Russian disinformation trolls have upped their game. The crypto wars have flared up as the US Senate considers the EARN IT act. Tech companies sign on to voluntary child protection principles. And Huawei talks about backdoors. Thomas Etheridge from Crowdstrike on empowering business leaders to manage cyber risk, guest is Sherri Davidoff on her book, Data Breaches: Crisis and Opportunity. For links to all of today's stories check...

Phishing with a RAT in the Gulf. More on how Jeff Bezos was hacked. Microsoft discloses data exposure. Ransomware continues to dump data. Windows 7, already back from the great beyond. Play Episode
Theres more phishing around the Arabian Gulf, but it doesnt look local. Reactions to Brazils indictment of Glenn Greenwald. The forensic report on Jeff Bezoss smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database, now secured. Ransomware gets even leakier--if it hits you, assume a data breach. And Windows 7 is going to enjoy an afterlife in software Valhalla--you know, around Berlin. Tom Etheridge from CrowdStrike with thoughts on incident response plans. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/January/CyberWire_2020_01_23.html Support our show Learn more about your ad...

The UN takes up a case of spyware; its linked to an extrajudicial killing. Glenn Greenwald indicted on hacking charges in Brazil. NetWire and StarsLord are back. Play Episode
UN rapporteurs say that the Saudi Crown Prince was probably involved in the installation of spyware on Amazon founder Jeff Bezoss personal phone. Brazilian prosecutors have indicted Glenn Greenwald, co-founder of the Intercept, on hacking charges. IBM describes a renewed NetWire campaign, and Microsoft says StarsLord is back, too. And in cyberspace, theres nothing new on the US-Iranian front. Ben Yelin from UMD CHHS on surveillance cameras hidden in gravestones. Guest is Sean Frazier from Cisco Duo on their most recent State of the Auth report. For links to all of today's stories check our our CyberWire daily news brief:...

Curveball proofs-of-concept. CISA warns chemical industry. Military families harassed online. Phishing the UN. Fleeceware in the Play Store. Moscow says there was no Burisma hack. Play Episode
Proof-of-concept exploits for the CryptoAPI vulnerability Microsoft patched this week have been released. CISA warns the chemical industry to look to its security during this period of what the agency calls heightened geopolitical tension. Families of deployed US soldiers receive threats via social media. Someones been phishing in Turtle Bay. More fleeceware turns up in the Play Store. And Moscow heaps scorn on anyone who thinks they hacked Burisma. Craig Williams from Cisco Talos on how adversaries take advantage of politics. Guest is Ron Hayman from AVANT on how companies might leverage Trusted Advisors to proactively prepare their security response....

Disclosure, patching, and warning. Norway takes on out-of-control data sharing by dating apps. Ransomware all-in on doxing. What to do about Huawei. Play Episode
NSA gives Microsoft a heads-up about a Windows vulnerability, and CISA is right behind them with instructions for Federal civilian agencies and advice for everyone else. Norways Consumer Council finds that dating apps are out of control with the way they share data. Ransomware goes all-in for doxing. The US pushes the UK on Huawei as Washington prepares further restrictions on the Chinese companies. And think twice before you book that alt-coin conference in Pyongyang. Johannes Ullrich from SANS Technology on malicious AutoCAD files. Guest is Chris Duvall from Chertoff Group with an overview of the current state of ransomware....

Microsoft patches a vulnerability NSA disclosed. Fronting for APT40 in Hainan. Fancy Bear pawed at Burisma. The NSA Pensacola shooting and the debate over encryption. Play Episode
NSA discloses a vulnerability to Microsoft so it can be patched quickly. Intrusion Truth describes thirteen front companies for Chinas APT40--theyre interested in offensive cyber capabilities. Area 1 reports that Russias GRU conducted a focused phishing campaign against Urkraines Burisma Group, the energy company that figured prominently in the Houses resolution to impeach US President Trump. And the US Justice Department moves for access to encrypted communications. Joe Carrigan from JHU ISI on the security issues of Android bloatware. Guest is Haiyan Song from Splunk with 2020 predictions. For links to all of today's stories check our our CyberWire daily...

Taking down Thallium. Cloud Hopper: bigger (and worse) than thought. US tightens screws on the supply chain. The bite of winter and the scent of plums. Play Episode
Microsoft takes down bogus domains operated by North Koreas Thallium Advanced Persistent Threat. The Cloud Hoppercyber espionage campaign turns out to have been far more extensive than hitherto believed. The US wants Huawei (and ZTE) out of contractor supply chains this year. India will test equipment before allowing it into its 5G networks. And the California Consumer Privacy Act is now in effect. Joe Carrigan from JHU ISI with the story of a financial advisor who payed the price for falling for a phishing scheme. Guest is Dave Burg from EY on the global perspective of cyber security risk. For...

Phishing, cryptojacking, and commodity malware. New supply chain security measures. And have you heard about this Black Friday thing? Play Episode
A Fullz House for Thanksgiving. Google finds that nation-state phishing continues at its customary high levels. DeathRansom, the low-end ransomware that didnt actually encrypt files, has now begun to do so. The Stantinko botnet adds cryptomining functionality. Microsoft reflects on Dexphot, and the sophistication it brings to ordinary malware. Supply chain security rules are coming to the US. A lawsuit in Tel Aviv. And some final notes on Black Friday. Daniel Prince from Lancaster University on business innovation and cyber security. Guest is Francesca Spidalieri from Salve Regina University on the importance of collaboration from all sectors. For links to...

Refined Kitten paws at ICS. Debunking BlueKeep rumors. FBI warns Detroit of cyber threats. The UNs long deliberation over cybercrime. Cryptowars. 5G security and a 5G czar. Ransomware updates. Play Episode
Refined Kitten seems to be up to something, perhaps in the control system world. Microsoft debunks claims about Teams, BlueKeep, and Doppelpaymer ransomware. The FBI warns the auto industry that its attracting attackers attention. A new attack technique, RIPlace, is described. Phineas Fishers bouty, considered. The UN, the AG, and the course of the cryptowars. Does America need a 5G czar? And ransomware from Baton Rouge to Rouen. Michael Sechrist from BAH on third party malware risks. Guest is Bill Connor from SonicWall with results from their Q3 Threat Data Report. For links to all of today's stories check our...

More coordinated inauthenticity taken down. The Westphalian system and cyber conflict. VPNs and an AV company sustain incidents. Assange and extradition. Play Episode
Facebook takes down more coordinated inauthenticity from Iran and Russia, and announces a new transparency policy about news sources. The former NSA Director schools an ICS security audience on the Westphalian system. Three VPNs and one antivirus provider sustain breaches that may be contained, but that may also derive from exploitation of phantom accounts. Microsoft gets more EU scrutiny. And Mr. Assange gets another day in court. Johannes Ullrich from the SANS Technology Institute on phishing targeting the financial industry. Guest is Ori Eisen from Trusona on moving beyond phone numbers, usernames and passwords online. For links to all of...

Riding herd on Mustang Panda. Drupalgeddon2 is out in the wild. VPN warnings and mitigations. Patch notes. An offer to share intelligence about Huawei. Presidential sites get low privacy grades. Play Episode
An update on Mustang Panda, and its pursuit of the goals outlined in the Thirteenth Five Year Plan. Unpatched Drupal instances are being hit as targets of opportunity. NSA adds its warnings to those of CISA and NCSC concering widely used VPNs: if you use them, patch them. (And change your credentials). Five Senators tell Microsoft, nicely, that Redmond is naive about Huawei. Patch Tuesday is here. And US Presidential campaign websites get privacy grades. Johannes Ullrich from the SANS Technology Institute on server side request forging. Guest is Jadee Hanson from Code42 with the results of their 2019 Global...

Piling on sanctions. The disinformation-as-a-service black market. Technological sovereignty through R&D investment? Ransomware continues to rise. NSAs new Cybersecurity Directorate. Play Episode
The oligarch behind the St. Petersburg troll farm is sanctioned, again. Recorded Future looks at disinformation and finds theres a functioning private sector market for it. The European Union seems likely to pursue technological sovereignty, at least to the tune of some R&D investment. Ransomware attacks against US state and local governments have been trending up, and that trend is likely to continue. And NSA has its new Cybersecurity Directorate. Joe Carrigan from JHU ISI on Microsoft no longer trusting built-in encryption on hard drives. Carole Theriault speaks with Simon Rodway from Entersekt about Facebooks Libra and how it may...

US National Security Advisor to be replaced. Stealth Falcons new backdoor. DDoS, social engineering investigations proceed. Exfiltrating an agent. Patch Tuesday notes. Play Episode
John Bolton is out as US National Security Advisor. A new backdoor is attributed to Stealth Falcon. Wikipedias DDoS attack remains under investigation. So does a business email compromise at Toyota Boshoku and a raid on the Oklahoma Law Enforcement Retirement Services. Vulnerable web radios get patches. The US is said to have exfiltrated a HUMINT asset from Russia in 2017. Microsoft patches 79 vulnerabilities, 17 of them rated critical. Michael Sechrist from Booz Allen Hamilton on the spillover of geopolitical issues into cyber security. Guest is Ashish Gupta from Bugcrowd on the economics of hacking and the adoption of...

Hacking the Czech Foreign Ministry. Microsoft patches new wormable bugs. More controversial human review of AI. Insecure links, exposed databases, and a California vanity plate. Play Episode
The Czech Senate wants action on what it describes as a foreign states cyberattack on the countrys Foreign Ministry. Microsoft warns against the wormable DjaBlue set of vulnerabilities. More humans found training AI. Insecure airline check-in links. Exposed databases involve BioStar 2 and Choice Hotels--the latter was held at a third-party vendor. And the LAPD doesnt find a vanity license plate with the letters N-U-L-L particularly funny. David Dufour from Webroot with thoughts on cyber security insurance policies. Guest is Elisa Costante from ForeScout on building automation vulnerabilities. Learn more about your ad choices. Visit megaphone.fm/adchoices

TrickBots new tricks. Poisoning the ad supply chain. Clouds get schooled. Novel phishing tackle, but stale bait. Cyberwar powers. Election interference. FaceApp fears. Bad macro suspect arrested. Play Episode
TrickBot gets some new tricks, and theyre being called Trickbooster. Poisoning the advertising supply chain. Hessian schools will shy away from American cloud services. A novel phishing campaign is technically savvy but gives itself away with broken English phishbait. Congress would like to see Presidential cyberwar instructions. Microsoft warns of foreign attacks on elections. FaceApp looks suspicious. And a suspect is collared in a malicious macro case. Jonathan Katz from UMD on random number issues in YubiKeys. Carole Theriault speaks with Michael Madon from MimeCast on email imposter scams. For links to all of today's stories check our our CyberWire...

Zoom addresses concerns about call joining and cameras. ICS vulnerabilities addressed. Patch Tuesday notes. Tracing a disinformation campaign. Play Episode
Zoom agrees to change what it still sort of regards as a feature and not a bug. Industrial control system vulnerabilities are reported and patched. Microsoft issues seventy-seven fixes on Patch Tuesday. Adobe has a relatively light month for patches. Marriott is hit with a large fine from the UKs Information Commissioners Office. An investigative report traces disinformation about a 2016 Washington murder to Russias SVR foreign intelligence service. Craig Williams from Cisco Talos with info on the Spelevo exploit kit. Tamika Smith speaks with Myke Lyons, CISO for Collibra, on new industry regulations based on GDPR. For links to...

An espionage campaign succeeds without zero-days. Spam serves up old Office exploit. Disinformation makes it into YouTube. The Huawei Affair. Raytheon to be acquired. Play Episode
MuddyWater shows renewed activity--no zero-days and no exotic malware, just clever approaches and determined social engineering. Spam is serving up payloads that exploit an old Microsoft Office vulnerability. Russian-sponsored disinformation has been romping freely through YouTube. Some back-and-forth over Huawei: Washington isnt relenting, but some relief for US companies may be forthcoming. And Beijing rumbles about retaliation. United Technologies has agreed to acquire Raytheon. Joe Carrigan from JHU ISI on Apples newly announced secure sign-in service and its focus on privacy. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/June/CyberWire_2019_06_10.html Support our show Learn...

Malicious misdirection. Found on the subway. A summary of file exposure. Turlas back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update. Play Episode
Malicious misdirection served up from unpatched WordPress sites. A big, big set of dating site records has been found exposed online--its in China, but the records seem to belong to anglophones. Many other files are exposed elsewhere, too, so its not a single problem. Turlas back, and still after diplomats. The International Red Cross proposes rules for cyber conflict. And Baltimore City calculates the cost of not patching. Its a lot higher than the cost of patching. Craig Williams from Cisco Talos with his take on a critical Microsoft vulnerability, CVE-2019-0708. Guest is Matt Aldridge from Webroot on the San...

Malicious misdirection. Found on the subway. A summary of file exposure. Turlas back, and as clever as ever. ICRC proposes rules of cyberwar. Baltimore ransomware update. Play Episode
Malicious misdirection served up from unpatched WordPress sites. A big, big set of dating site records has been found exposed online--its in China, but the records seem to belong to anglophones. Many other files are exposed elsewhere, too, so its not a single problem. Turlas back, and still after diplomats. The International Red Cross proposes rules for cyber conflict. And Baltimore City calculates the cost of not patching. Its a lot higher than the cost of patching. Craig Williams from Cisco Talos with his take on a critical Microsoft vulnerability, CVE-2019-0708. Guest is Matt Aldridge from Webroot on the San...

ISIS inspiration in exile. Facebooks Sunday outage. A Microsoft IE bug, and a web-mail breach. Issues with VPNs. Last minute tax scams. Oculus Easter eggs. Play Episode
An ISIS hard drive suggests the Caliphates plans for inspiration as it enters exile. Facebooks Sunday outage remains unexplained. Microsoft deals with a breach in its consumer web mail products. A researcher drops an Internet Explorer zero-day that may affect you even if you dont use IE. CISA warns of bugs in widely used VPNs. Last minute Tax Day online scams. Security pros advocate poor restroom hygiene. Easter eggs in Oculus. Joe Carrigan from JHU ISI on research from Tenable on Verizon FIOS router vulnerabilities. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/April/CyberWire_2019_04_15.html...

Gustuff is out and after Android devices. Microsoft takes down Phosphorus. Elfin is working for Tehran. Russian cyber troops come to help Venezuelas Chavistas. Guilty plea expected in Martin case. Play Episode
In todays podcast we hear that a young banking Trojan gains criminal marketshare in the Android ecosystem. Microsoft lawyers up and seizes sites Irans Charming Kitten used to stage its attacks. Another Iranian APT, Elfin, is described. A battalions worth of Russian special operators and cyber troops are on the ground in Venezuela. Washington wants them out; Moscow says theyre in for the duration. And accused NSA leaker Hal Martin is expected to take a guilty plea this week. Daniel Prince from Lancaster University on cyber risk management. Guest is Satish Thiagarajan from Tata Consultancy Services on customizing machine learning...

Indonesian election security. Watering hole in Pakistani passport site. RAT hunting. Intelligence brute-forcing. Just-patched zero-day exploited. PoS DGA attack. Operation Sheep. BND advises nein to Huawei. Play Episode
In todays podcast, we hear that Indonesia says its got its voting security under control, and a lot of the problems sound like good old familiar fraud and dirty campaigning. Trustwave warns of a watering hole on a Pakistani government site. Recorded Future goes RAT hunting. Proofpoint offers a look at intelligent brute-forcing. Kaspersky reports on two espionage APTs exploiting a just-patched Microsoft zero-day. Flashpoint describes an unusual point-of-sale attack, and Check Point find Trojanized Android apps. Germanys BND warns against Huawei. Robert M. Lee from Dragos with thoughts on the Venezuelan power outages. Guest is Jeremy Tillman from Ghostery...

Fancy Bear phishes in think tanks. Lazarus Group takes a swipe at Russian organizations. New decryptor for GandCrab. Citizen Lab and Novalpina discuss NSO Group. Ryuks lousy help desk. Play Episode
In todays podcast, we hear that Microsoft has disclosed a Fancy Bear sighting, snuffling aroundAtlanticistthink tanks in Europe. Ukraine says, in effect, see, we told you so. Speaking of bears, it seems that North Koreas Hidden Cobra may be striking at the biggest bear of them all, going after Russian targets. Theres newdecryptoravailable forGandCrabransomware. Citizen Lab and NSO Groups new partial owner exchange notes. A look at a ransomware help desk.Mike Benjamin from CenturyLink with an update on theNecursbotnet. Guest is Tommy McDowell from the R-CISC (the retail ISAC) on the importance of sharing threat data. Learn more about your...

International cyber conflict: India and Pakistan; Australia and China. Rietspoof malware. Microsoft ejects cyptojackers from its store. NCSC may go easy on Huawei. Parliament criticizes Facebook. Play Episode
In todays podcast, we hear of a small flare in cyber conflict between India and Pakistan. Australian political parties as well as Parliament subjected to attempted cyberattacks. A new strain of malware is being distributed through messaging apps. Microsoft pulls cryptojacking Windows 10 apps from its store. Britains NCSC is rumored to have concluded that it can mitigate Huawei risks. Facebook gets a harsh report from Westminster. And a hacker claims a higher motive for his breach (but still wants Bitcoin).Joe Carrigan from JHU ISI on Apple requiring two-factor authentication for developers. Guest is Igal Gofman from XM Cyber on...

Australias Federal Parliament has a cyber incident. DHS warns of third-party spying. Legit privacy app tampered with. Credit Union phishing. Bezos vs. Pecker. FaceTime bounty. Seal scat. Play Episode
In todays podcast, we hear that Australia is investigating an attempted hack of its Federal Parliament. The US Department of Homeland Security warns that spies are working through third parties to get to their targets. Spyware is bundled in alegitimate privacy app. Credit unionsgetspearphished. Mr. Bezos says, No thanks, Mr. Pecker. Apple will pay a FaceTime bug bounty. Microsoft says dont use IE as a browser. And what they found in that seal scat.Justin Harvey from Accenture on credential stuffing. Guest is Sandi Roddy from Johns Hopkins APL on secure key management. For links to all of today's stories check...

US indicts two Stone Panda operators amid ongoing international concern over Chinese IP theft. Suspicious customer support traffic on Twitter. Emergency IE patch. Influence experiment. Play Episode
In todays podcast, we hear that the US has indicted two hackers working for Chinas Ministry of State Security. US and allies are said to be planning a joint response to Chinas industrial espionage. Twitter sees suspicious customer support traffic. Microsoft issues an emergency patch for Internet Explorer. Facebook continues to struggle with transparency. New Knowledge CEO acknowledges a questionable experiment in social media manipulation. And, flash: Russian embassy hack was brutal.Rick Howard from Palo Alto Networks with some holiday reading suggestions. Guest is Sarah Tennant from the Michigan Economic Development Corporation describing new cyber security initiatives at Michigan universities....

This cybersecurity stuff is tougher than it looks, US state election officials learn. Saudi surveillance. Espionage in Iran. New attack varieties. Chinese hardware concerns. US sanctions chipmaker. Play Episode
In today's podcast, we hear that installing cybersecurity tools to protect elections is tougher than it looks. Information operations continue to pose the most prominent foreign threat to US midterm elections, although there are concerns about voting machine security.Cointrackerlooks like a trader's tool with a side order of malware. Video embedded in Microsoft Word documents can carry malicious payloads through detection systems. Hardware worries and sanctions. Competing visions of norms in cyberspace.Robert M. Lee from Dragos with thoughts on the real-world threat of electromagnetic pulses. Guest is RahulKashyappfrom Awake Security on the skills shortage and the importance of mentorship. For...

Terror attack in Iran prompts info skirmishing, and perhaps worse to come. JET bug disclosed. ANSSI open-sources OS. Anglo-American response to Russian cyber ops. Russian elections. Scam notes. Play Episode
In today'sCyberWire, we hear about a terror attack in Iran that has heightened tensions among adversaries: expect a heightened cyberoptempo. A JET vulnerability in Microsoft products is publicly disclosed as Microsoft misses the Zero Day Initiative's 120-day deadline. France will open-source its secure operating system. UK, US attitudes continue to stiffen towards Russia in cyberspace. Russian elections are surprising, by Russian standards. Notes on some current scams.Ben Yelin from UMD CHHS on a ruling on warrantless GPS tracking at the U.S. border. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/September/CyberWire_2018_09_24.html Support our show...

US National Cyber Strategy. New sanctions. GCHQ beefs up Russia unit. Cryptocurrency heist. Hacking Senatorial Gmail. Crime and punishment. Play Episode
In today's podcast, we hear about the US national cyber security strategy, and developing international norms, calling out bad actors, establishing a credible deterrent, and imposing consequences are important parts of it. The State Department blacklists thirty-three Russian bad actors. GCHQ is standing up a 4000-person cyber operations group to counter Russian activity. A cryptocurrency heist in Tokyo.Hacking Senatorial Gmail.And some notes on crime and punishment.Emily Wilson from Terbium Labs on Dark Web exit scamming. Guest is TanyaJancafrom Microsoft on her OWASPDevSlopproject. Extended interview with Tanya Janca - https://www.patreon.com/posts/21559930 OWASP DevSlop show on Twitch - https://www.twitch.tv/videos/307974412 For links to all...

Unpatched Apache Struts installations being exploited in the wild. Windows local privilege escalation flaw. Similarities among spyware. Stalkerware hack. Criminal threats to the grid. Breaches. Play Episode
In today's podcast we hear that the Apache Struts vulnerability, patched last week, is being actively exploited bycryptojackers. Microsoft works on a fix for local privilege escalation flaw in Windows. Trend Micro sees similarities amongUrpage, Confucius, Patchwork, and Bahamut campaigns. Air Canada suffers a breach. Criminal threats to power grids. And searching for search engine optimization in all the wrong places.Jonathan Katz from UMD on flaws in Intel processors secure enclave. Guest is Fred Kneip fromCyberGRXon third party risk. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_29.html Learn more about your ad choices....

Fancy Bear bogus sites taken down. Some in the US Congress think they want hack-back laws. Cyber and sanctions. Operation Red Signature. Doxing Chinese Intelligence. Buggy medical devices. Play Episode
In today's podcast, we hear that Microsoft has sprung its bear trap, again, and caught Fancy Bear. This time the targets are more to the right than the left. The US Senate holds hearings on cybersecurityhacking back is expected to be on the table. The UK wants more sanctions on Russia. US Senators are looking into reducing sanctions' collateral economic damage. Operation Red Signature pokes at South Korean supply chains. Intrusion Truth doxes Chinese intelligence officers. Medical device bugs.Rick Howard from Palo Alto Networks with tips buying cybersecurity products. Guest is Travis Rosiek from BluVector onfilelessattacks. For links to all...

Notes on patching. Foreshadow speculative execution vulnerability. Influence operations. The FBI's new cyber chief. Are stickers a temptation to thieves, hackers, and customs officers? Play Episode
In today's podcast we hear some Patch Tuesday notesboth Microsoft and Adobe were busy yesterday. Foreshadow, a new speculative execution vulnerability, is reported. Malaysia gets attention from Chinese espionage services. Competition for jihadist mindshare. Influence operations as marketing. The US FBI gets a new cyber boss. The Kremlin thinks the BBC is biased in the crypto-wars. And laptop stickers: are they good, bad, or ugly?Zulfikar Ramzan from RSA on SOCs and IoT. Guest is Dimitris Maniatis from Upstream on Android ad fraud malware. For links to all of today's stories check out the CyberWire daily briefing: https://thecyberwire.com/issues/issues2018/August/CyberWire_2018_08_15.html Learn more about...

Warnings of Russian cyber threat to power grids. Phishing rises. Patch gets patched. SingHealth breach. Satori botnet. Bluetooth MitM. Evil maids? Play Episode
In today's podcast, we hear that warnings of Russian prep for an attack on power grids become more pointed. Phishing and impersonation attacks continue to rise. Microsoft patches a patch. TheSingHealthbreach remains under investigation. The Satori botnet may be taking another run at Android devices. Bluetooth vulnerabilities render paired devices susceptible to man-in-the-middle attacks. And evil maid attacks may be less difficult than you thought.Emily Wilson from Terbium Labs, sharing her experience attending a conference for professionals working to fight fraud. Guest is Brian Martin from Risk Based Security with their research on vulnerabilities they discovered with the Click2Gov service....

More Elon Musk impersonators in social media. Cryptocurrency raided. Spearphishing in Palestine. BlackTech espionage group. Apple upgrades. Polar Flow fitness app and oversharing. Play Episode
In today's podcast, we hear that advance fee scams run by Elon Musk impersonatorsare usingthe recentlyrescued boys' soccer team asphishbait. Bancor wallet robbed ofcrytpocurrencies. Palestinian policespearphished.BlackTechespionage group using stolen certificates to sign malware. Apple's upgrades are outone privacy enhancement has a workaround. Microsoft is in the process of patching. And another fitness app, Polar Flow, overshares.Jonathan Katz from UMD on homomorphic encryption standards. Guests are Julie Bernard from Deloitte and John Carlson from the FS-ISAC with results from a recent FS-ISAC survey. Learn more about your ad choices. Visit megaphone.fm/adchoices

Espionage, influence, summits, and elections. What counts as a luxury? An iCloud warrant raises cryptowars speculation. Microsoft's GitHub acquisition. Facebook's coziness with Shanghai? Play Episode
In today's podcast, we hear thatTempTickandTurlaare interested in the US-North Korean summit. That summit might not take up many cybersecurity issues. Where did North Korea get all that digital rope they want to hang the West with? It seems we competed to sell it to them, more-or-less unwittingly. Russian influence ops continue to give lies their bodyguard of truth. The FBI gets a warrant for a high-profile iCloud account. Microsoft outbid Google for GitHubwhat will Redmond do with all that code? Facebook may have a complicated relationship with Shanghai.Johannes Ullrich from the ICSStormcastpodcast on deserialization. Guest is AmeeshDivatiafrom Baffle on...

Microsoft buys GitHub for $7.5 billion. VPNFilter tries to reconstitute itself. Ransomware and DDoS notes. USA Really seems to be latest in Russian disinformation. Play Episode
In today's podcast we hear thatMicrosoftis buyingGitHub for $7.5 billion.VPNFilterseeks to reestablish itself. Financial Trojans are up and ransomware is down, but don't count the ransomware out, not yet. A get-decrypted-for-free card to Russian ransomware victims. The children ofMiraitrouble an unhappy world. USA Really may be the latest incarnation of the Internet Research Agency, complete with rabid Florida squirrels, Wisconsin blood-suckers, and advice on Louisiana's secession.Malek Ben Salem from Accenture Labs on using keyboard biometrics to detect mental disorders. Learn more about your ad choices. Visit megaphone.fm/adchoices

Email client vulnerabilities. Sanctions and trade policy. FinFisher in Turkey. myPersonality data scandal. Patch news. High school phishing. Play Episode
In today's podcast, we hear about reports of email client vulnerabilities. Worries about Russian and Chinese software and hardware vendors. Security and trade policy notes.FinFisherfound used in Turkey. The data scandal that brought down Cambridge Analytica moves to the University of Cambridge, but there the issues seem to be security, anonymization, and possible oversharing. Adobe and Samsung issue patches. A California high school student is accused of phishing for grade books.Ben Yelin from UMD CHHS on the Microsoft overseas data storage case that went to the U.S. Supreme Court. Guest is John Grimm from ThaleseSecurityon their Global Encryption Trends study...

Lojack for Laptops backdoor? World Cup cybersecurity. Schneider Electric patch. Reward points for sale. Medical device vulnerabilities. PPD-20 revision? Play Episode
In today's podcast we look at some indications thatLoJack for Laptopsmight have been compromised toreport back to Moscow.World Cup cybersecurity. Schneider Electric patches developer's tools. Travel and hospitality rewards points are the menhaden of the black market. Medical device vulnerabilities. Taking the gloves off Cyber Command. It's National Password Day, and Microsoft (along with many others) would like to move beyond the password. And a requiem on Press Freedom Day for working journalists murdered by the Taliban.Ben Yelin from UMD CHHS discussing whos responsible when an AI kills someone. Guest is Edna Conway from Cisco on pervasive security architecture andthird...

Multibreach via chat app. OceanLotus notes. Mirai vs. Banks. Energetic Bear vs. Switches. Russia warns Britain against provocation. DataTribe finalists. Play Episode
In today's podcast we hear that abreach in several companies' consumer-facing systems is attributed to a third-party chat vendor. Crooks are tampering with chipped debit cards. Ocean Lotus is back, with a MacOS backdoor. A Mirai variant was used against banks earlier this year. Energetic Bear may be exploiting misconfigured switches. Microsoftlooks intoOffice 360 outages. Russia warns Britain against playing with fire. And threecyber startups areDataTribefinalists.Johannes Ullrich from SANS and the ISCStormcastpodcast, on API security. Guest is JimmyHeschl, head of digital security at Red Bull, discussing the challenges of securing a global brand. Learn more about your ad choices. Visit...

Patchable vulnerabilities in Apache Struts and Exim. CombJack malware. DPRK vs. UN Panel of Experts. Cyberwar and legal limits. Espionage Act prosecution. Infowars turn grimly kinetic. Play Episode
In today's podcast, we hear that spies like Apache Struts exploits. Server vulnerabilities described. A newcryptojackersteals at least four varieties of cryptocurrency. North Korea may have hacked UN sanctions enforcers. Dutch Intelligence (and Microsoft) warn of cyberwar, but it's not a declared war, which makes response harder. Update to the pack rat defense, with considerations ofmensrea. ISIS terror inspiration. And a possible assassination attempt.Chris Poulin from BAH on next generation IoT devices, like security robots. Guest is Sylvain Gil fromExabeamon business by design, and the importance of the design process in security solutions. Learn more about your ad choices. Visit...

Dutch DDoS arrest. Pyongyang is interested in cryptocurrency. So is the US SEC (in a different way). Uber explains its breach disclosure. New wrinkle in the "Microsoft" Help Desk scam. Play Episode
In today's podcast we hear thatDutch policehave madean arrest in last week's financial sector DDoS case: it's a teenager. North Korean interest in stealing cryptocurrency remains high. Adobe patches the zero-day Pyongyang had exploited against Seoul. Hardware wallets found vulnerable to man-in-the-middle attacks.Crytpojackingtrends. US regulators take a hard look at alt-coins and how they're traded. Uber says it regrets not coming clean sooner about its breach.Justin Harvey from Accenture on ransomware, to pay or not to pay. Guest is YassirAbousselhamfromOktaon their 2018 Business at Work report.New trends in an old help desk scam. Learn more about your ad choices. Visit...

ISIS war on families. Cryptomining botnets. The weaponization of Spectre and Meltdown. Phishig with bogus emails spoofing Google, Microsoft. Apps that know too much. Play Episode
In today'spodcast, we hear thatISIS inspiration is increasingly directed at children.Cryptominingbotnets use sameEternalBlueexploit asWannaCry. Criminals experiment to weaponizeSpectreand Meltdown vulnerabilities. Phishing campaigns exploit well-known services including Google Docs and Outlook. Patch notes.Ben Yelin from UMD CHHS on the National Association of Insurance Commissioners adopting a model data cyber security law. Guest is Shashi Kiran from Quali on cyber ranges and cloud sandboxes.Geolocation andotherapp-collected info raise OPSEC concerns. Learn more about your ad choices. Visit megaphone.fm/adchoices

Iranian reconnaissance of critical infrastructure? Leaky banking apps. Microsoft's emergency patch. Ghosts of the Caliphate threaten, but have yet to deliver. New horizons in biometrics. Play Episode
In today's podcast we learn thatFireEyeis warningof patient reconnaissance on the part of the(probably)Iranian APT34. The Electronic Ghosts of the Caliphate have so far failed to say "boo," except maybe in South Jersey. Flaws discovered in mobile banking apps. Bike-sharing service leaked data. Bitcoin's bubble. Microsoft patches its Malware Protection Engine.Chris Poulin from BAH on closing the gap between IT and OT people in ICS.Adam Segal from the Council on Foreign Relations on the rollout of their cyber operations tracker.And biometrics have come to the beagles: your pet door can now recognize Rover or Boots, and let them on in....

Macro-less malware. Metacriminals and botnet herders. Hacking ships and airliners. Cryptocurrency glitch. Congratulations to the SINET 16. Play Episode
In today's podcast, we hear that there's no honor among thieves, or botnet herders, either. Reaper still seems quiet. Macro-less malware is a problem, Microsoft warns. Researchers show you can hack an airliner's avionics. The maritime shipping sector worries thatMaerk'sexperience withNotPetyaisn't just a one-off. Etherthe cryptocurrencyis disappearing into theaether(at least this once).Justin Harvey from Accenture on the importance of not failing the basics. Guest is DavidBarzilaifromKarambaSecurity on the security of embedded systems in automated cars.And we congratulate this year's SINET 16. Learn more about your ad choices. Visit megaphone.fm/adchoices

Whole Foods breached. Illusion gap and Windows Defender. Exposed AWS S3 buckets. Equifax incident response. Reality Winner proceedings. Play Episode
In today's podcast, we hear thatWhole Foods has been breachedif you've been to the taproom, look to your credit cards. An illusion gap could help bypass Windows Defender, says Cyber Ark. Microsoft says don't sweat the small stuff. A Mac firmware issue may be giving users a false sense of security. Equifax is offering a lifetime of free credit freezing, but observers are dubious. A study suggests there are still a lot of improperly secured clouds out there. ISIS and the Taliban resume their inspiration operations online.David DuFour from Webroot on the difference between Artificial Intelligence and Machine Learning. Guest...

Patch Tuesday. Infrastructure hacking and hackers. Industry notes. Influence operations. Jamming a radio station. Play Episode
In today's podcast we share somePatch Tuesday notes: Microsoft and Adobe both offer updates. Kremlinology goes cyber as infrastructure attacks remain under investigation. A cyber company emerges from stealth. The US General Services Administration removes Kaspersky Lab from Schedule 70. Election influence investigations turn to the question of Russian opposition research.Jonathan Katz from the University of Maryland explains a side-channel attack on 1024-bit encryption. Cisco's JennieKay wants to ease your trade show anxiety with a helpful webinar.And, Sheriff of Nottingham, call your office, because Robin Hood was no winker. Learn more about your ad choices. Visit megaphone.fm/adchoices

Brute-forcing Parliament. Election hacking retaliation? Cyberspies hunt IP in East Asia. Microsoft security issues. ISIS hacktivists deface Ohio websites. Play Episode
In today's podcast, we hear that the UK's Parliament recovers from a brute-force attack. Reports on election hacking in the US suggest there was some American cyber retaliation last year against Russian influence operations. BlackTech goes after intellectual property in East Asia. Windows Defender gets a patch, but Windows 10 source code leaks. Fireball malware's extent is disputed. ISIS hacktivists deface websites associated with the government of the State of Ohio. Webroot's David Dufour offers thoughts on phishing.And how much can we count on common sense? Learn more about your ad choices. Visit megaphone.fm/adchoices

Hidden Cobra strikes from Pyongyang. Microsoft patches last of ShadowBrokers' leaked exploits. Sanctions coming over Russian election influence operations. Electrical and natural gas sectors brace for CrashOverride. Play Episode
In today's podcast, we hear that the FBI and the Department of Homeland Security have warned that Hidden Cobra actively pursuing DDoS campaigns. Microsoft patches remaining ShadowBrokers' exploits, even in deprecated systems. The US Congress votes to sanction Russia for election influence operations. Those operations have a long, long history, going back to the 1930s at least. Electrical and natural gas sectors work to protect themselves against CrashOverride. Emily Wilson from Terbium Labs reminds us not to forget the basics. Michael Callahan from Firemonshares survey data suggesting that IT pros spend too much time fixing their coworkers personal devices.Mergers and...

French media recover from DDoS. XaverAd infests Android ecosystem. Zero-days patched, but exploited in the wild. Mother's day giftcard hacking. Telephonic harassment. Play Episode
In today's podcast, we hear that French media sites are recovering from a massive, successful DDoS attack whose source is still under investigation. Android adware harvests and reports PII. Microsoft's quick patching of zero-days included three that are being exploited in the wild by state and criminal actors.Ben Yelin from UMD CHHS reviews the first 100 (cyber) days of President Trump. Ken Spinner from Varonis on their latest data risk report.Advice on Mother's Day gift cards, and some news about skids and harassing phone calls. Learn more about your ad choices. Visit megaphone.fm/adchoices

NSA says it warned France of election influence ops. Deterrence and retaliatory capability. SLocky ransomware rising. Patch Tuesday. FBI Director Comey dismissed. Play Episode
In today's podcast, we hear that NSA says it warned its French counterparts about Russian cyber ops targeting France's elections. Next up for Fancy Bear? Probably German elections, but in the meantime there's also some phishing with zero-days. The NSA Director also advocates calling out Russia for bad behavior in cyberspace, and says that US Cyber Command is ready and able to hold targets at risk, so deterrence and retaliation are available options. Microsoft, Adobe, and Cisco issued significant patches yesterday. Accenture Labs' Malek Ben Salem shares results from their security survey. Rohit Sethi from Security Compass outlines managing application...

Metadata signs point to St. Petersburg in l'affaire Macron. UK, Germany, US expect more Russian election influence ops. New IoT botnet appears. US FCC sustains DDoS. Microsoft fixes MsMpEngine. SS7 weakness and 2FA. Play Episode
In today's podcast, we hear that haste may make for, not exactly waste, but at least brazen and ineffectual influence operations. Metadata evidence of Fancy Bears paws in En Marche! emails. Moscow snorts "false flags," but UK, German, and US officials say the Bears are there and up to no good. ISIS posts another bit of depravity as inspiration. North Korea is thought to be paying for its advanced weapons programs with cyber bank heists. Persirai joins Mirai in the IoT botnet world. The US FCC sustains a DDoS attack. Joe Carrigan from JHU explainsthe benefits of segmenting your home...

Information operations respond to kinetic strikes. Dallas emergency sirens hacked. Alleged spam king arrested. Okta files its IPO. Play Episode
In today's podcast, we hear that US strikes against Syrian targets and harsh words for Assad are followed by apparent Russian information operations as bilateral tensions mount. Both WikiLeaks and the Shadow Brokers resurfaced late last week. A light Patch Tuesday is foreseen, but observers expect a fix for a Microsoft Office zero-day being actively exploited. Okta files its anticipated IPO. Dallas emergency sirens were hacked early Saturday. The Johns Hopkins Universitys Joe Carrigan discusses upcoming updates to the Waze GPS app. Kathleen Smith from cybersecjobs.com and clearedjobs.net joins us from the Women in Cybersecurity Conference. Spanish police collar the...

Operation Cloudhopper. Chrysaor spyware. Microsoft to upgrade Office security. Notes from SeaAirSpace. High school hacking. Play Episode
In today's podcast, we hear about how Operation Cloudhopper gets to its espionage targets via their cloud and managed service providers. Details are out on the Android version of the Pegasus spyware. Microsoft will upgrade Office security. Notes on the annual SeaAirSpace expo, including an excursus on cyber Marines. Ciscos Chief Privacy Officer Michelle Dennedy joins us from the Women in Cybersecurity Conference. Dale Drew from Level 3 describes the security ecosystem disruption. And what is going on in Bedford County, Pennsylvania, a place where the laws of physics may not apply? Learn more about your ad choices. Visit megaphone.fm/adchoices

Hybrid warfare objectives and tactics. Physical threats, lost and found. Vulnerability and threat recap. Play Episode
In today's podcast, we pass on what we've heard at ITSEF about Russian hybrid warfare: it aims, experts say, at redressing the loss of the Cold War. Microsoft Internet Information Services (IIS) 6.0 found vulnerable to a buffer overflow attack. Cerber ransomware evolves to evade detection. Bugs found in Siemens ICS products. VMWare patches vulnerabilities. Laptops with sensitive information lost in Hong Kong and New York. Joe Carrigan from the Johns Hopkins University Information Security Institute reviews a teddy bear who cant keep a secret. Peak10s David Kidd outlines compliance advantages of the cloud. Malicious USB sticks strewn around a...

Alleged BND surveillance of news organizations. Snake Wine in Japan, for disinformation? Singapore military phished. Google discloses more Microsoft unpatched bugs. Cloudbleed update. CloudPets may have privacy issues. Play Episode
In today's podcast, we learn that the BND may have been listening to the BBC, but not in a good way. Cylance reports on Snake Wine, a curiously familiar vintage sniffed in Japanese networks. Singapore's military sustains a phishing campaign without sustaining apparent damage. Google discloses more unpatched Microsoft vulnerabilities, these in IE and Edge browsers. Criminals claim to have exploited Cloudbleed, but the jury's still out. Joe Carrigan from the Johns Hopkins University's Information Security Institute helps us understand Cloudbleed. Steven Grossman from Bay Dynamics reviews New York State's newly enacted cyber regulations.And watch your language around those networked...

A coming surge in North Korean hacking? Middle Eastern cyber espionage campaigns. Microsoft patch issues. Infowar updates. NIST's draft electrical utility cyber guidance. Problematic toys. Play Episode
In today's podcast, we hear that analysts are predicting a surge in North Korean hacking after China embargoes coal. ViperRAT catphishes the IDF. Magic Hound and Shamoon both use malicious macros to infect victim systems. TASS says no one really knows who hacked OSCE. Sputnik teases with a WikiLeaks tease. RSA Security's Zulfikar Ramzan offers insights from the conference. UMD Center for Health and Homeland Security's Markus Rauscheckerexplains how Airbnb might be affecting some foundational elements of the internet.Google shames Microsoft over patching. NIST has cyber advice for power utilities. Some RSA notes, and My Friend Cayla gets the boot...

RSA Updates. Microsoft calls for Geneva Convention for cyber. Phishing. Play Episode
Researchers look into a wave of attacks on financial institutions. Microsoft calls for Geneva Convention for cyberspace. We take a look at phishing. The RSA conference is underway, and weve got news from the innovation sandbox, and venture capitalists. Trevor Hawthorn from Wombat Security shares insights from their State of the Phish report. Emily Wilson from Terbium Labs outlines nationalism on the dark web. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Yahoo's big breachindustry reactions. Spyware circulates in the wild. Investigation of election hacking continues. Hacktivism and "faketivism." The ShadowBrokers are back. Play Episode
In today's podcast, we hear about Yahoo's disclosure of a record-setting breachover a billion customer accounts are affected. CyberWire editor John Petrik collects industry comments on the breach.Microsoft reports finding "FinFisher-like" spyware in the wild. US investigation of Russian election hacking continues. The case for and against Fancy Bear is being made by observers, but the Intelligence Community says it will keep its conclusions to itself until the investigation is complete. ThreatConnect describes "faketivism." And the ShadowBrokers are back, and their broken English hasnt gotten more convincing. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Yahoo! warns Verizon deal may be at risk. More OPM-themed ransomware phishing. Cyber policy advice for, and speculation about, the next US Administration. Play Episode
In today's podcast, we look back at election hacking concerns in the US (most of which didn't happen) and we hear from some people who offer advice for the next administration's first 100 days. Fancy Bear is phishing with Adobe and Microsoft zero-days. Investigation of the Tesco fraud continues. It looks as if the Bangladesh Bank might recover some of its losses in the SWIFT heist. There's an OPM-themed phishing campaign afoot. Server database issues point up the importance of digital hygiene. More Yahoo troubles. Markus Rauschecker from the University of Maryland Center for Health and Homeland Security explains new...

US elections proceeded undisrupted by hacking. Patch Tuesday review. Banking Trojans, Android trigger-malware, and thermostats gone wild. Play Episode
In today's podcast we look at Patch Tuesday: Microsoft closes thirteen vulnerabilities (five of them "critical"), Adobe fixes Flash Player, and Google addresses Android issues. "Trigger-based" mobile malware, and why it's hard to see. Why usability matters to security. Tesco continues to recover from ATM fraud. Canadian police surveillance is scrutinized. Thermostat trouble in Finland. The Johns Hopkins University's Joe Carrigan discusses privacy of medical records. Professor Gene Tsudik from University of California, Irvine, explains a potential vulnerability with typing while Skyping.And, oh, we also hear there was some election or something in the US. Learn more about your ad...

Daily: To disclose or not to disclosein public. A look into the dark web. Chrome and Firefox disallow shaky certificates. Anonymous gets an incomplete. The Shadow Brokers are still after the Wealthy Elite. Play Episode
In today's podcast, we hear about the Microsoft and Google disagreement over public vulnerability disclosure (with a side of Fancy Bear). We also get some industry reactions to the dispute. Terbium takes a good look at the dark web and finds it's not as uniformly sinister as many believe. Google and Mozilla move to reject dodgy certificates. NIST releases a job map. Anonymous gets a grade of incomplete in its trolling of ISIS. Identity Guard's Jerry Thompson describes new technology for protecting your identity online.Ran Yahalom from Ben-Gurion University explainshiding data in USB devices.And the Shadow Brokers' news seems a...

Daily: The Shadow Brokers say trick or treat to the Amerikanski. Are free elections like free beer? Google wants faster patching. The state of Mirai. Play Episode
In today's podcast we hear that the Shadow Brokers are back, and again mangling English like a bad scriptwriter doing Ensign Chekhov fan-fiction. Russian leaders continue to scoff at American elections, and WikiLeaks continues to leak. Microsoft doesn't patch fast enough to suit Google. Researchers consider the scope, threat, and mitigation of the Mirai IoT botnet. We welcome Rick Howard from Palo Alto Networks to the show. Ferruh Matvituna explains how Content Security Policy can protect against cross site scripting.And Furby's back, but this time it's connected. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Info ops as battlespace prep. It's hard to count Australians. Play Episode
In today's podcast, we hear about cyber and information operations in Eastern Europe that look disturbingly like battlespace preparation. The FBI finds that the scope of the Democratic Party hacks is much greater than initially believed. The Bureau seems ready to ask for more authority to unlock devices, but opponents point to Microsoft's inadvertent leak of Secure Boot keys as an object lesson in why that's a bad idea. USENIX proofs-of-concept include Linux and car-hacking exploits. Samsung Pay is criticized as vulnerable to token skimming. Senior Law Analyst Ben Yelinoutlines the FBI's request to expand the reach of National Security...

Daily: US, Russia trading hacks in cyberspace? Brazilian cybercrime ramps up. Play Episode
In todays podcast we give a short update on Black Hat before turning to developments in Syria and Iran. Tension between the US and Russia mounts over alleged Russian hacks of US political campaign networks and more recently alleged US spyware operations in Russian enterprises. ISIS wishes to disrupt the Olympics, and cybercriminals are seeking to profit from the Rio Games. Adware uses steganography, and INTERPOL takes down a Nigerian online scam.Ben Yelin explains a recent court ruling in Microsoft's favor that deals with offshore data privacy, and Sameer Dixit from Spirent outlines emerging threats patterns. Learn more about your...

Daily: Patch Tuesday notes. Pokmon Go (of course), ICS security, energy recon, fansmitters. Play Episode
In today's podcast we go over some of the highlights of this week's patches, including fixes from Microsoft, Abode, Drupal, and Niantic. We discuss the security of the industrial Internet-of-things and critical infrastructure, especially the power grid. We hear about the current state of ransomware play, and note the return of xDedic, the hacker server hawker, to the dark web souk. Industry news includes coming cyber upgrades to SWIFT, VC updates, and notes on the markets.The University of Maryland's Jonathan Katz tells us about "fansmitters", and Booz Allen's Scott Stables shares threat data from their latest ICS report. Learn more...

Daily: xDedic, Guccifer 2.0...but what really knocks us out is those cheap sunglasses. Play Episode
In today's podcast we look at developments in the Panama Papers case. A "lone hacker" going by "Guccifer 2.0" claims the DNC hack, but CrowdStrike stands by its attribution to Russian intelligence. Investigators look at Orlando shooter Mateen's online history. Anonymous hits ISIS in cyberspace, and so does US JTF-Ares. xDedic is the latest black market: it deals in server access. Telegram denies being vulnerable. Admins complain about one of Microsoft's June patches. Quintessence Lab's Vikram Sharma tells us about quantum key encryption.And we hear from Wandera's Michael Covingtonabout the true cost of buying cheap sunglasses online. Learn more about...

Daily: Jihadists continue online inspiration. India worries about China's cyber activity. Symantec buys Blue Coat, Microsoft LinkedIn. Play Episode
In today's podcast we recap what's known publicly about ISIS inspiration of the apparent jihadist massacre at an Orlando gay club, and consider speculation about ISIS's and its rivals' information operations as ISIS loses territory on the ground. Social media security concerns persist, ransomware's criminal market sees some ups and downs, and we learn about encryption keys from Quintessence Labs. M&A activity sees Symantec buy Blue Coat, and Microsoft pick up LinkedIn. India worries about China's cyber activities.John Leiseboer from Quintessense Labs outlines the importance of key management in cryptography. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Ransomware & DDoS combining. Malicious USB chargers. Cyber ops aren't 'bombs? Play Episode
In today's podcast, we hear about the current state of ransomware, why criminals like it, and what can be done about it. Keyloggers are being distributed by malicious USB charging devices. Blue Coat may be headed for an IPO. US cyber operations have been called "cyber bombs," but they may be a lot more like battlespace preparation (and so traditional EW and intelligence). Microsoft Azure Active Directory does something about bad passwords.And Markus Rauschecker from the University of Maryland Center for Health and Homeland Security explains why the FCC and FTC are holding back on IoT regulation. Learn more about...

Daily: LinkedIn may have been breached. Malicious apps, a new Skimmer, and honor among thieves. Play Episode
In today's podcast we discuss a breaking story about what's potentially a very large breach at LinkedIn. Banks' interactions with SWIFT (not SWIFT itself, necessarily) concern observers. Malware and scareware appear in the Play Store. China interrogates Apple, Cisco, and Microsoft about security. We hear about ways in which participants in black markets evolve to function more like legitimate enterprises. University of Maryland professor Jonathan Katz unlocks the secrets of cracking ransomware, and Zimperium's John Michelsensays it's time to be proactive with the defense of our mobile devices. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: New ransomware, along with some golden oldies. Quantifying cyber risk. Play Episode
In today's Daily Podcast we hear about the latest wave of ISIS-sympathizer cyber attackstheyre again low-level defacements of poorly defended targets. Chris Morgan from IKANOW provides tips on quantifying cyber risk. A new strain of ransomware is identified, but it seems connected to some long-familiar criminal actors. Microsoft and Apple both continue to resist US Government requests for data and assistance in criminal investigations. Markus Rauschecker reviews the Compliance with Court Orders Act of 2016. Learn more about your ad choices. Visit megaphone.fm/adchoices

Daily: Dogs still not barking in Panama. (But ransomware bites.) Play Episode
In today's Daily Podcast we continue our follow-up on the Panama Papers' investigation. Ransomware, DDoS, and malvertising continue their win, place, and show finishes in the criminal sweeps. Patch Tuesday addresses Badlock and other vulnerabilities. Some M&A news in the cyber sector. And the FBI may not have used Cellebrite's services to unlock the San Bernardino jihadi's iPhone after all. Plus, Johns Hopkins' Information Security Institute's Joe Carrigan warns us about phony calls claiming to beMicrosoft tech support. Learn more about your ad choices. Visit megaphone.fm/adchoices

Darknet Diaries

---

133: I'm the Real Connor Play Episode
One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days hes ever had.SponsorsSupport for this show comes from Quorum Cyber. Their mantra is: We help good people win. If youre looking for a partner to help you reduce risk and defend against the threats that are targeting your business and especially if you are interested in Microsoft Security reach out to Qurotum Cyber at quorumcyber.com.Skiff is a collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private....

114: HD Play Episode
HD Moore (https://twitter.com/hdmoore) invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? Learn more about what HD does today by visiting rumble.run/.SponsorsSupport for this show comes from Quorum Cyber. They exist to defend organisations against cyber security breaches and attacks. Thats it. No noise. No hard sell. If youre looking for a partner to help you reduce risk and defend against the threats that are targeting your business and specially if you are interested in Microsoft Security - reach out to...

57: MS08-067 Play Episode
Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.GuestThanks to John Lambert for sharing this story with us.SponsorsSupport for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visitwww.procircular.com/to learn more.This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start...

Darknet Diaries

---

133: I'm the Real Connor Play Episode
One day Connor Tumbleson got an email saying his identity has been stolen. And this was one of the strangest days hes ever had.SponsorsSupport for this show comes from Quorum Cyber. Their mantra is: We help good people win. If youre looking for a partner to help you reduce risk and defend against the threats that are targeting your business and especially if you are interested in Microsoft Security reach out to Qurotum Cyber at quorumcyber.com.Skiff is a collaboration platform built for privacy from the ground up. Every document, note, and idea you write is end-to-end encrypted and completely private....

114: HD Play Episode
HD Moore (https://twitter.com/hdmoore) invented a hacking tool called Metasploit. He crammed it with tons of exploits and payloads that can be used to hack into computers. What could possibly go wrong? Learn more about what HD does today by visiting rumble.run/.SponsorsSupport for this show comes from Quorum Cyber. They exist to defend organisations against cyber security breaches and attacks. Thats it. No noise. No hard sell. If youre looking for a partner to help you reduce risk and defend against the threats that are targeting your business and specially if you are interested in Microsoft Security - reach out to...

57: MS08-067 Play Episode
Hear what goes on internally when Microsoft discovers a major vulnerability within Windows.GuestThanks to John Lambert for sharing this story with us.SponsorsSupport for this episode comes from ProCircular. Use the team at ProCircular to conduct security assessments, penetration testing, SIEM monitoring, help with patches, or do incident response. Visitwww.procircular.com/to learn more.This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.Support for this episode comes from Blinkist. They offer thousands of condensed non-fiction books, so you can get through books in about 15 minutes. Check out Blinkist.com/DARKNET to start...

Dateline NBC

---

Kouri Richins' ex-lover gets emotional. Twist in Microsoft employee's murder case. Plus, Josh Mankiewicz. Play Episode
Mom-of-three Kouri Richins stands trial in Utah for the alleged murder of her husband. Prosecutors call her ex-lover to testify and he weeps on the stand. In Florida, the man who confessed to gunning down Microsoft employee Jared Bridegan takes back his confession and guilty plea, potentially upending the case. In Dateline Round Up, a verdict in Dale Warner's trial for murdering his wife, plus new filings in the case of alleged Gilgo Beach serial killer Rex Heuermann. And Josh Mankiewicz gives a sneak peek of his new podcast, "Trace of Suspicion." Find out more about the cases covered each...

Arson and alleged fratricide in New Jersey. New 911 calls in Microsoft employee murder. And sentencing murderers. Play Episode
A New Jersey man accused of murdering his brother and his brother's entire family, then setting fire to both their homes to cover up his crimes, wants out of jail after seven years waiting for trial. In Florida, prosecutors release all-new evidence to the public as they build their case against a couple they say orchestrated a hit on Microsoft employee Jared Bridegan. Updates on Chad Daybell and his jailhouse letters, and the sentencing of Brooks Houck, the convicted killer of Kentucky mom Crystal Rogers. Plus, why sentencing a murderer is harder than you'd think.Find out more about the cases...

Deep Leadership

---

#0414 How Pressure Turns Good Leaders Into Bad Bosses with Sabina Nawaz Play Episode
How Pressure Turns Good Leaders Into Bad Bosses Most leaders dont fail because they lack skill or good intentions. They fail because pressure changes how they show up. In this episode, executive coach Sabina Nawaz explains why pressure, not power, is the real force that corrupts leadership. Drawing from her work with senior leaders at Microsoft and Fortune 500 companies, Sabina breaks down how well-meaning managers slip into micromanaging, rescuing, and controland how those habits quietly damage trust, performance, and culture. Youll learn: Why pressure triggers the worst leadership behaviors The sole provider trap many leaders fall into without realizing...

#0370 Succeeding in a Dysfunctional Workplace with Eric Charran Play Episode
Today, Im joined by Eric Charran, and we're talking about Succeeding in a Dysfunctional Workplace. Eric is a visionary technology executive, author, and thought leader with over 25 years of experience in transforming global enterprises through digital innovations, data-driven strategies, and AI-driven solutions. Known for his ability to bridge the gap between business objectives and complex technology, Eric has spearheaded transformative initiatives at major organizations, including Microsoft and Capital One, where he served as Chief Architect. He is the author of a brand new book, Have You Ever Had a Boss That: Succeeding in a Dysfunctional Workplace. In this book,...

#0341 Overcoming Chaos with Gary Harpst Play Episode
Today, Im joined by Gary Harpst, and we're talking about Overcoming Chaos. Gary is the Founder of LeadFirst, which launched the first ERM (employee relationship management) system for faith-driven leaders. For over four decades as a CEO, his passion has been integrating his faith with business. He has co-founded four businesses, one of which was sold to Microsoft, and recently published his third book, Built to Beat Chaos: Biblical Wisdom for Leading Yourself and Others. Im excited to have him on the show to learn more about Overcoming Chaos. Show resources: Lead First Website Built to Beat Chaos book Sponsors:...

#0288 Mastering Body Language with Linda Clemons Play Episode
Today, Im joined by Linda Clemons, and we're talking about Mastering Body Language. Linda is a charismatic speaker and corporate trainer with more than three decades of experience helping clients boost sales. As a nonverbal communications expert, she provides sales and leadership teams with an awareness of how body language can improve performance and outcomes. She has worked with companies such as Google, Microsoft, Southwest Airlines, Coca-Cola, Spanx, Toyota, Twitter, and many others. She is the author of a new book called Back in Touch: Using the Power of Body Language to Connect Through COVID. Im excited to have her...

#0287 Communicating Powerfully with Gabe Zichermann Play Episode
Today, Im joined by Gabe Zichermann, and we're talking about Communicating Powerfully. Gabe is an entrepreneur, author, investor, and leader whose books, speeches, and workshops focus on gamification and behavioral design. Companies such as Apple, Google, Facebook, Microsoft, and Amazon have adoptedGabes theories and practices, leading to significant revenue increases over time. A frequent keynote speaker and speaking coach, hes helped hundreds of successful entrepreneurs, executives, and celebrities communicate beautifully in all settings. His new book is calledThe A-ha! Method: Communicating Powerfully in a Time of Distraction.Im excited to have him on the show to learn more about Communicating Powerfully....

#0281 - Leadership Storytelling with Karen Eber Play Episode
Today, Im joined by Karen Eber, and we're talking about Leadership Storytelling. Karen is an author, international consultant, and keynote speaker. She has a popular TED talk called How your brain responds to stories and why theyre crucial for leaders. Karen is the CEO and Chief Storyteller of Eber Leadership Group. She helps Fortune 500 companies build leaders, teams, and culture one story at a time. Her clients include General Electric, Microsoft, Kate Spade, US Olympic Association, and universities like MIT and Stanford. She is the author of a new book called The Perfect Story: How to Tell Stories that...

Defense in Depth

---

Do We Want CISOs Dictating How Salespeople Should Engage? Play Episode
All links and images for this episode can be found on CISO Series. Check out this post by Marc Ashworth, CISO at First Bank for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, vp, deputy CISO - Gaming, Microsoft. Joining us is Ken Athanasiou, CISO, VF Corporation. In this episode: Frustration is a two-way street Sales is data driven Give customers the tools they need Start a conversation Thanks to our podcast sponsor, Noma Security Secure your entire Data & AI...

The Lurking Dangers of Neglected Security Tools Play Episode
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, VP and deputy CISO - Gaming, Microsoft. Joining us is Adam Fletcher, CSO, Blackstone. In this episode: Neglected tools drain resources Who's to blame? Technology is the last step Buying tools to solve business problems Thanks to our podcast sponsor, ThreatLocker ThreatLocker is a global leader in Zero Trust endpoint security, offering cybersecurity controls to...

When You Just Can't Take It Anymore in Cyber Play Episode
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Shawn Bowen, VP, Deputy CISO - Gaming, Microsoft. Joining us is Patty Ryan, senior director, CISO, QuidelOrtho. In this episode: Recognizing humanity Death by a thousand meetings What are we looking for? Find your value Thanks to our podcast sponsor, GitGuardian GitGuardian is a Code Security Platform that caters to the needs of the DevOps generation. It...

Dev Questions with Tim Corey

---

262. Discussing Blazor with Dan Roth, PM of ASP.NET and Blazor Play Episode
Get insights into Blazor, ASP.NET Core, and the direction of Microsoft on the web in this special interview at Microsoft Build with Dan Roth, PM of ASP.NET and Blazor at Microsoft in this episode of DevQuestions.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

251. What Microsoft Choosing Go over C# Can Teach Us Play Episode
Microsoft chose Go over C# as the new language for the TypeScript compiler. Why did they make that choice? What does that say about their confidence in C# or lack thereof? Is this a sign of the end for C#? These are the questions we will answer in today's episode of Dev Questions.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

164 What is the Future of Blazor? Play Episode
Should I learn a JavaScript framework or concentrate on mastering Blazor? What is the future of Blazor? Is Microsoft invested in making Blazor great? We will answer these questions in today's Dev Questions episode.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

159 Whats New with .NET MAUI featuring Maddy Montaquila Play Episode
What is new from .NET MAUI? What changes are coming to the platform soon and in .NET 8? In this special episode from the Microsoft Build conference, Tim interviews Maddy Montaquila, Program Manager at Microsoft on the .NET MAUI team.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

157 The State of AI and .NET featuring Amanda Silver Play Episode
Is AI going to replace developers? How does Microsoft think about the human element of software development? In this special episode, Tim interviews Amanda Silver, Corporate Vice President of the Developer Division at Microsoft about all the new content for developers covered at Microsoft Build 2023.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

155 AI is Everywhere, Now What? (Microsoft Build Conference Special) Play Episode
Microsoft has announced AI for basically everything - Windows, Office, Edge, Visual Studio, and more. What should we think about these announcements? Does this signal the beginning of the end for software developers? Not at all! In this special episode of Dev Questions directly from the Microsoft Build Conference 2023, I recap what I saw and give my thoughts on how these changes will be incredibly beneficial for developers.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

143 Why is Microsoft Changing C# Syntax So Much? Play Episode
Why is Microsoft changing things that already work? Top level statements (Program.cs files without a method, class, or namespace), file-scoped namespaces, switch expressions, minimal APIs, and more are all just adjustments to what we already had. So why make these changes? Why is it important? Isn't it just confusing? These are the questions we will answer in today's episode of Dev Questions.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

122 Is This The Next Silverlight? The Silverlight Myth Play Episode
Microsoft abandoned Silverlight, right? Is Blazor the next Silverlight? Isn't Silverlight proof that Microsoft only cares about money and hates developers? These are the questions we are going to answer in today's episode of Dev Questions.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

033 How Do I Become a Microsoft MVP? Play Episode
How do you become a Microsoft MVP? Is becoming an MVP important? What benefit is there to becoming a Microsoft MVP? What are the steps to becoming a Microsoft MVP? These are the questions we will tackle in this episode of Dev Questions.Website: https://www.iamtimcorey.com/ Ask Your Question: https://suggestions.iamtimcorey.com/ Sign Up to Get More Great Developer Content in Your Inbox: https://signup.iamtimcorey.com/

Down the Security Rabbithole Podcast

---

DtSR Episode 546 - Rethinking SecOps Tooling Strategy Play Episode
TL;DR:Mark Simos of Microsoft joins Rafal & James this week to talk about why the 'tools-centric' security operations (SecOps) approach is failing us, and what an 'outcome centric' approach means and more importantly, how we get there. We discuss "vision versus execution", the history of "how we got here" and answer some questions we didn't know we had in the process. Mark's a wealth-spring of information on the topic, and his experience and time with the Open Group is huge for the work he's doing now to make tomorrow better for you all. Check out the podcast, and let us...

DtSR Episode 537 - Sergio Talks Threat Intelligence Play Episode
TL;DR: I'm extremely excited to present to you, dear listeners and friends, a wonderful conversation with Sergio Caltagirone, who is quite the authority on 'threat intelligence' - where others talk tools and limited knowledge, Sergio literally was there at the birth of the cyber dawn of the threat intelligence operations we know (or don't know) today. Sergio has been at an agency, at Microsoft, at Dragos - and he knows threat intelilgence from theory to applications. Listen in, learn a bit, and laugh along as the Chinese spy baloon (that's my story and I'm sticking to it) disrupts our communications...

DtSR Episode 483 - How Not to Screw Up Your Cloud Play Episode
Prologue We have a repeat guest today! Mr. Mark Simos joins me once again to talk about Microsoft's Cloud Adoption Framework (CAF) and it's applicability to not only Azure, but also your other clouds. Building resilient and secure clouds isn't just about security, it's about design and architecture that adheres to good practices. Microsoft's CAF is fantastic place to start - listen here to learn more. Guest Mark Simos LinkedIn: https://www.linkedin.com/in/marksimos/ Twitter: @marksimos Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

DtSR Episode 476 - Securing Public Cloud with Azure ASB v3 Play Episode
Prologue Folks, the video of this episode which was live-streamed to our YouTube channel is here: https://youtu.be/IYVB_LNhURQ - and if you can, watch it. Huge mega-thanks to Microsoft and Lightstream for bringing together Jeff and Mark on this one to deliver some truly phenomenal content. This week is Azure Security Benchmark (not baseline, oops) version 3.0 hot off the presses. We talk about what it is, how to apply it, and where and why it's so useful for keeping not just your Azure public cloud safe, but also the "other" public clouds you use too. Guests Mark Simos LinkedIn: https://www.linkedin.com/in/marksimos/...

DtSR Episode 354 - Pragmatic Azure Security Play Episode
Fans & Listeners! This week we have a treat for you... as this episode is recorded LIVE from Microsoft's Inspire 2019 in Las Vegas (where it was 117F) but the conversation here is way hotter. Highlights from this week's show include... What is Microsoft releasing to help guide secure Azure deployment? Mark and Jeff debate "What exactly is the value of "best practices"?" So much more packed into this extended episode! Links to things you need: Azure security guidance & best practices:https://aka.ms/AzureSecurityArchitecture Microsoft cybersecurity reference strategies:https://aka.ms/CISOWorkshop Things Mark thinks you should have handy:https://aka.ms/MarksList Guests: Mark Simos ( @MarkSimos ) -...

DtSR Episode 351 - Deeper Into the Microsoft Security Ecosystem Play Episode
Thank you to Microsoft for sponsoring this show, and our podcast over the years... Highlights from this week's show include... Rob discusses what "Microsoft Threat Protection" is, isn't, and why it's relevant today Rob gives us some context to "trillions of signals" - what does that mean? Rob provides perspective on the pillars of operational excellence required to make Microsoft's vision a reality in damn-near-real-time Rafal and Rob discuss what the ecosystem looks like, and how it's being released into production Rob answers whether Microsoft consumes its own tools the answer may surprise you Guest: Rob Lefferts - @rob_lefferts -...

DtSR Episode 344 - You've Probably Been Pwned Play Episode
This week, Rafal is joined by the man, the myth, the Aussie legend - Troy Hunt. We basically talk about whatever is on his mind - which, as it turns out is a lot. Take a listen, we may publish an English translation later (joking, Troy!). Highlights from this week's show include... Troy gives a run-down on HaveIBeenPwned We talk through some of the interesting use-cases for HaveIBeenPwned data Troy gives perspective on usernames, passwords, and other important things technology/security related Guest Troy Hunt ( @TroyHunt ) - Troy is aMicrosoft Regional DirectorandMost Valuable Professionalawardee for Developer Security, blogger attroyhunt.com,...

DtSR Episode 341 - Discussing Security Reference Architecture Play Episode
This week, in the final installment of "Live from RSA Conference 2019" Rafal interviews Mark Simos, who is the definitive source for reference architectures at Microsoft. He's the Lead Architect in the Enterprise Security Group and he's doing some amazing things for the community with regards to the Azure cloud and other Microsoft-related security things. Give this episode a listen and share it ...maybe listen again and take good notes! Highlights from this week's show include... Mark discusses security reference architectures (in general) Mark and Raf rap on the shared responsibility model for the cloud...again Mark answers "What's different about...

DtSR Episode 340 - Diana Kelley from RSA 2019 Play Episode
This week, Down the Security RabbitholePodcast is publishing episode 3 of 4 which were recorded LIVE at RSA Conference 2019. This episode features Diana Kelley, of Microsoft, talking about the latest security report and other goodies. Highlights from this week's show include... Diana discusses the highlights from the latest Microsoft Security Intelligence Report Raf provides an opinion on how Microsoft could totally own the endpoint space Rafal & Diana dive back into passwords...apparently, we just can't get away from them Diana tells a really interesting story about Microsoft Windows Hello and twins Guest Diana Kelley - @DianaKelley14 -Microsoft Enterprise Cybersecurity...

DtSR Episode 312 - Ann Johnson on Mental Health Play Episode
This week Down the Security Rabbithole Podcast welcomes two very cool ladies from the InfoSec realm. First Ann Johnson of Microsoft (if you don't know Ann, you're living under a rock, honestly) is here to discuss a tweet she put out a while ago (https://twitter.com/ajohnsocyber/status/1033934334720278528) on mental health in high-pressure jobs in InfoSec. If that wasn't enough, Jennifer Duman from Armor joins us as a guest-host to provide her experienced perspective as a road warrior. Highlights from this week's episode include... Ann discusses the big deal with working from the road, in a high-pressure InfoSec job We discuss the impact...

DtSR Episode 294 - Securing Azure Play Episode
* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements athttps://microsoft.com/rsaand if you really want to check out something amazing where IoT and cloud collide, check outhttps://microsoft.com/azure-sphere. On this second special episode of the podcast live from RSA 2018, Raf sits down at RSA Conference 2018 with a gentleman you may not know but you should, Avi Ben-Menahem. We discuss what it's like in terms of effort, scope, and sheer talent, to take on the...

DtSR Episode 293 - Diana Kelley from RSA 2018 Play Episode
* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at https://microsoft.com/rsaand if you really want to check out something amazing where IoT and cloud collide, check out https://microsoft.com/azure-sphere. On this very special episode of the podcast, Raf sits down at RSA Conference 2018 with the one and only Diana Kelley to talk data integrity, crisis communication, and fear-based selling in security. Again, special thanks to Jessica and the Microsoft. Guest Diana Kelley ( @DianaKelley14...

DtSR Episode 245 - NewsCast for March 16th 2017 Play Episode
Microsoft warns ransomware cyber-attack is a wakeup call As of recording, it is reported that 200,000 computers were infected. Patch for flaw was released in March, 2017 Microsoft has since released a patch for older systems Lots to discuss on this - including Microsoft's letter to the NSA Link: http://www.bbc.com/news/technology-39915440 Link: https://www.infosecurity-magazine.com/news/microsoft-xp-patch-wannacry/ Link: http://www.bbc.com/news/uk-39921479 United flight attendant accidentally leaked door codes online Flight attendant somehow posted the codes online Insider threat? Multiple layers of security needed and additional controls here Link: https://www.infosecurity-magazine.com/news/united-flight-attendant-door-codes/ Link: https://www.wsj.com/articles/uniteds-cockpit-door-security-codes-inadvertently-revealed-1494794444 Keylogger discovered preinstalled on some HP laptops Audio driver inspected keystrokes looking for events like Mute,...

DtSR Episode 219 - NewsCast for Nov 8th 2016 Play Episode
It is election day.. Have you voted? Beware, IPhone Users: Fake retail apps are surging before the holidays The issue of brand protection and knock-off websites, apps and such is real Spilling over into digital world, from physical What is your company doing to protect yourself and your customers? http://www.nytimes.com/2016/11/07/technology/more-iphone-fake-retail-apps-before-holidays.html?_r=0 Moving Beyond EMET EMET is going away in a while Most of the features are now built into Windows 10 This is a great thing (built in vs bolted on security) https://blogs.technet.microsoft.com/srd/2016/11/03/beyond-emet/ Tesco Bank blames systematic sophisticated attack for account losses Fraud system appears to be working - good ~40,000...

DtSR Episode 187 - NewsCast for March 29th, 2016 Play Episode
In this episode...BadLock bug (which now has a website, a graphic, and more hype than Bieber) is out thereIs the bug really worth all this hype?Is this anything more than a PR stunt, and a big marketing opportunity?Everyone has an opinion, but one thing is for certain, this bug is making big waveshttp://www.wired.com/2016/03/hype-around-mysterious-badlock-bug-raises-criticism/Yourwireless mouse is probably a security risk... seriously.RF-based mice typically don't use encryption or mutual authenticationSome do (all of my Microsoft & Logitech mice tell me they mutually authenticate & encrypt... I think)How far up, or down, your risk register is this one; and how much should it...

DtSR Episode 169 - NewsCast for November 16th 2015 Play Episode
In this episode...Is this seriously the FBI suggestion to companies hit with ransomware?http://thehackernews.com/2015/10/fbi-ransomware-malware.htmlSets an awful precedent ... or does it?What other options are there?Would you take this advice?Microsoft is opening a data center in the UK ...why?http://thehill.com/policy/cybersecurity/259656-microsoft-opens-uk-only-data-center-following-eu-rulingHave the US spying revelations finally hit home?What about EU Safe Harbor?What do you think, if you're a multi-national Internet company?Is healthcare really that far behind enterprise security?http://www.cnbc.com/2015/11/11/us-health-care-way-behind-on-data-security-says-forrester.htmlForrester calling out the healthcare sector for being far behind on securityIs there more pressure, less attention, or more legacy? (or all?)How do you fix this situation?Disheartening (but predictable) state of human weaknesshttp://www.scmagazineuk.com/many-uk-workers-willing-to-sell-their-companys-ip-study/article/452428/Are your employees willing to...

DtSR Episode 166 - Cyber Security From Board Room to White House Play Episode
In this episode...Rafsits down with Howard Shmidt to talk about Cyber Security from the public to private sectors and everything in between.Howard & Raf talk through challenges of cyber security in the board roomHoward gives us some of the challenges that government faces, from his experienceDon't miss this episode!GuestHoward A. Schmidt ( @HowardAS ) -Former Supervisory Special Agent,Director of Computer Crime and Information Warfare, AF OSI, Former CSO Microsoft Corp. Former Chairman of White House Critical Infrastructure Protection Board, VP, CISO eBay Inc. Special Agent, US Army CID (Reserves). Law Enforcement Officer Chandler Police Department, AZHave something to say? Let's...

DtSR Episode 127 - NewsCast for January 26th, 2015 Play Episode
** There is a special gift for our listeners in this episode, from our friends at InfoSec World 2015! Listen to find out how you cango for free.We have a promo code!CLD15/RABBIT 15% off for Down the Rabbit Hole listenersTopics CoveredGoogle picks up really big rocks, but lives in a glass house. As Google drops zero-day on Apple and Microsoft they respond with a lame excuse as to why they aren't patching a vulnerability that puts north of 60% of all Android usersat risk.http://m.v3.co.uk/v3-uk/news/2389839/google-puts-60-percent-of-android-users-at-risk-with-webview-security-changeshttp://www.extremetech.com/mobile/197346-google-throws-nearly-a-billion-android-users-under-the-bus-refuses-to-patch-os-vulnerabilityhttp://www.eweek.com/security/google-project-zero-continues-its-microsoft-zero-day-assault.htmlhttp://www.zdnet.com/article/googles-project-zero-reveals-three-apple-os-x-zero-day-vulnerabilities/Marriott reverses its decision to block guests' personal WiFi devices at their propertieshttp://threatpost.com/marriott-agrees-to-stop-blocking-guest-wifi-devices/110441LabMD's request to have an...

DtSR Episode 125 - NewsCast for January 12th, 2015 Play Episode
Welcome to a new year of the Down the Security Rabbithole Podcast! We are kicking off this year with a guest on this morning's program, Phil Beyerjoined us to talk about the last few weeks that have been a wild, wild ride in the security indsutry!Thanks for your support so far, and we promise a fantastic 2015 to come.Topics CoveredSony. Sony. Sony. It's all anyone can talk about! They got hacked. They released a movie. They apparently aren't in dire straits. Fascinating.http://www.cbc.ca/m/news/world/sony-pictures-ceo-michael-lynton-says-hackers-burned-down-the-house-1.2894997http://en.wikipedia.org/wiki/Sony_Pictures_Entertainment_hackhttp://www.washingtonpost.com/world/national-security/fbi-director-offers-new-evidence-to-back-claim-north-korea-hacked-sony/2015/01/07/ce667980-969a-11e4-8005-1924ede3e54a_story.htmlMeanwhile, an iron plant in Germany was attacked (via cyber) and caused some very serious, and real, damagehttp://blogs.wsj.com/cio/2014/12/18/cyberattack-on-german-iron-plant-causes-widespread-damage-report/Microsoft abruptly...

DtR Episode 107 - NewsCast for August 25, 2014 Play Episode
Topics coveredCommunity health systems and UPS Stores breached - an analysis and contrast of the two breaches, the data, and the common messagehttp://regmedia.co.uk/2014/08/18/community_health_systems_8k.pdfhttp://blogs.wsj.com/cio/2014/08/20/the-morning-download-community-health-systems-breach-stirs-up-heartbleed-fears/http://time.com/3151681/ups-hack/The case of the pre-mature declaration of BYOD death, via an over-hyped court case?http://www.cio.com/article/2466010/byod/court-ruling-could-bring-down-byod.html"Shadow clouds" (cloud services consumed by enterprises, not approved by security) are on the rise. No one on the show is shocked, and you aren't either.http://www.computerworld.com/s/article/9250606/Shadow_cloud_services_pose_a_growing_risk_to_enterprisesFaceBook gives the $50,000.00 away for the "Internet Defense Prize" joining Microsoft in trying to make being defensive-minded (and actually solving some security problems, rather than continuing to point them out) sexyhttp://threatpost.com/new-facebook-internet-defense-prize-pays-out-50000-awardHave something to say? Let's hear it.Support the show>>>...

DtR Episode 91 - NewsCast for May 5th, 2014 Play Episode
Topics dicussedMicrosoft has issued a patch for the massive MS IE flaw - forWindowsXP! -http://arstechnica.com/security/2014/05/microsofts-decision-to-patch-windows-xp-is-a-mistake/Is Open Source Software more or less secure than closed-source? (in a post-Heartbleed era)-http://www.telegraph.co.uk/technology/internet-security/10769996/Heartbleed-the-beginning-of-the-end-for-open-source.htmlTarget's CEO has stepped down, but what's the real reason and is there now opportunity for change? -http://www.usatoday.com/story/money/business/2014/05/05/target-ceo-steps-down/8713847/andhttp://www.latimes.com/business/money/la-fi-mo-target-ceo-resigns-20140505,0,4479532.storyBiometrics (specifically fingerprints) aren't as secure or unique as we'd like them to be, so ... paswords? -http://www.telegraph.co.uk/science/science-news/10775477/Why-your-fingerprints-may-not-be-unique.htmlHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

DtR Episode 87 - NewsCast for April 7th, 2014 Play Episode
Topics coveredWindowsXP is officially, for real, definitely end of life -http://windows.microsoft.com/en-us/windows/end-support-helpGoogle Nest pushes update - examining the bigger picture -http://www.theregister.co.uk/2014/04/04/nest_waves_goodbye_to_alarm_switchoff_feature/South Carolina's agencies are still not any better after the massive breaches -http://www.wbtw.com/story/25149085/still-no-consistent-computer-security-plan-at-sc-agenciesNews flash - we trust the government and Internet companies less as a result of leaks -http://www.computerworld.com/s/article/9247441/Snowden_leaks_erode_trust_in_Internet_companies_governmentThe two banks which filed suit against TrustWave & Target have dropped their effort...sanity apparently prevailed but there's a bigger issue here at stake -http://www.securityweek.com/banks-drop-suit-against-target-trustwaveHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

DtR Episode 85 - NewsCast for March 24th, 2014 Play Episode
Topics coveredThe FTC jumps into the breech (pun intended) and may try and levy fines against Target, and future breach victims - http://ww2.cfo.com/technology/2014/03/ftc-urges-data-breach-penalties/http://www.nextgov.com/cybersecurity/2014/03/target-could-face-federal-charges-failing-protect-customer-data-hackers/80824/?oref=ng-channelriverCould the Barclays Bank breach of Feb 2014 have been test data? Richard Bishop thinks so -http://blog.trustiv.co.uk/2014/03/barclays-data-breach-%E2%80%93-could-it-be-test-datahttp://www.theregister.co.uk/2014/02/10/barclays_investigates_gold_mine_client_data_breach/US Commerce Dept not renewing ICANN contract, moving control to ITU -http://www.bloomberg.com/news/2014-03-15/u-s-to-relinquish-control-of-internet-address-system.htmlhttp://www.businessweek.com/articles/2014-03-17/the-u-dot-s-dot-ends-control-of-icann-gives-up-backing-of-the-free-speech-internetWith Microsoft officially, and finally, stopping support for WinXP (after 14yrs!), is there a "breach crisis" around the bend? -http://www.pcmag.com/article2/0,2817,2455206,00.aspMicrosoft can read your Hotmail/webmail ...so can Google, Apple and Yahoo! hype or crisis? -http://www.theverge.com/2014/3/21/5533814/google-yahoo-apple-all-share-microsofts-troubling-email-privacy-policy(bonus) "eGovernment" is something many governments globally and locally are moving ahead with - is this rainbows or...

DtR Episode 81 - NewsCast for February 24th, 2014 Play Episode
Topics coveredApple had a "Goto Fail" failure - yes people at Apple Computer still useGoto statements in 2014 -http://www.computerworld.com/s/article/9246533/Apple_encryption_mistake_puts_many_desktop_applications_at_riskand Adam Langley's awesome blog -https://www.imperialviolet.org/2014/02/22/applebug.htmlLook out Terps, Univ of Maryland has lost 309,000+ staff members, students and faculty worth of personal informationincluding social security numbers ... OUCH -http://www.washingtonpost.com/local/college-park-shady-grove-campuses-affected-by-university-of-maryland-security-breach/2014/02/19/ce438108-99bd-11e3-80ac-63a8ba7f7942_story.htmlICS-CERT has a new report out that bemoans the Industrial Control sector's inability to detect and respond to incidents ...mainly due to inadequate logging -http://www.govinfosecurity.com/report-cyberthreat-detection-lacking-a-6516and the reporthttps://ics-cert.us-cert.gov/sites/default/files/Monitors/ICS-CERT_Monitor_Oct-Dec2013.pdfWebsense has done a massive analysis of Dr. Watson (MS Windows crash files) file and determined there is some new kind of APT, POS attack afoot -http://www.darkreading.com/attacks-breaches/microsoft-windows-crash-reports-reveal-n/240166207Many different...

DtR Episode 77 - NewsCast for January 27th, 2014 Play Episode
Special thanks to Michael Santarcangelo ( @catalyst ) for stopping by the show and guest-hosting with James and I! We had fun, and I think you'll all enjoy Michael's perspective and humor.Topics CoveredNieman Marcus breach - all new, same as before, or is it? -http://www.wired.com/threatlevel/2014/01/neiman-marcus-hack/Coca-Cola loses laptops ... sort of ... but no worries, no evidence of wrongdoing -http://www.ajc.com/news/business/coca-cola-tells-thousands-of-employees-of-security/nc2NB/Breach over at Microsoft, law enforcement documents "likely stolen", but what does that really mean? -http://www.pcworld.com/article/2091480/microsoft-says-law-enforcement-documents-likely-stolen-by-hackers.htmlThe (San Jose) police want to use your home surveillence system cameras, I'm not kidding -http://news.cnet.com/8301-17852_3-57617809-71/police-want-to-use-your-home-security-cameras-for-surveillance/Have something to say? Let's hear it.Support the show>>> Please consider clicking...

DtR Episode 67 - NewsCast for November 18th, 2013 Play Episode
I'm back! Maybe a little sleep-deprived and a tad grumpier than usual, but back to talk news!Topics CoveredMicrosoft unveils the new Digital Crime Unit, and it is quite the statement -http://www.darkreading.com/attacks-breaches/microsoft-unveils-state-of-the-art-cyber/240163924http://www.microsoft.com/en-us/news/presskits/dcu/CME Group hacked, claims platform and trades unaffected ...let's hope so -http://www.businessweek.com/news/2013-11-15/cme-group-says-its-computers-were-hacked-no-trades-affectedJeremy Hammond, Chicago's very own romanticized criminal -http://www.nbcnews.com/technology/hacker-tied-anonymous-gets-10-years-prison-cyberattacks-2D11603760The FBI says there's a "hacking spree" on government webites by Anonymous hackers. You don't say ... -http://arstechnica.com/security/2013/11/fbi-warns-hacking-spree-on-government-agencies-is-a-widespread-problem/There's an apparent zero-day in vBulletin, and it's serious enough that Def-Con's forums were taken down pro-actively ... -http://www.computerworld.com/s/article/9244109/Hackers_use_zero_day_vulnerability_to_breach_vBulletin_support_forumIf you use SnapChat to send questionable selfies hoping they'll just evaporate...you're in for a bad time...

DtR Episode 62 - A Peek Behind the Blue Curtain Play Episode
In this episode...James and I host legitimate Polynesian royalty(a princess....) really!Katie gives us the skinny on Microsoft's 10 year progression to get to a bug bounty programWe discuss the merits of bug bounties and execution in a very large enterpriseKatie gives us as many details as she can about the recent $100,000payoutMuch... much ... more!GuestKatie Moussouris ( @k8em0 ) - Katie runs the Security Community Outreach and Strategy team for Microsoft as part of the Microsoft Security Response Center (MSRC) team to help drive crucial elements of our security community strategy effort. She is a Senior Security Strategist Lead, and...

DtR Episode 47 - NewsCast for July 1st, 2013 Play Episode
*Apologies for this very important episode getting out a bit late ladies and gents, experienced a loss in the family so things were a little slow to re-start, we should be back on track for next week's episode.Topics CoveredPolitical hacktivism is making a big splash in international news -http://www.ilovechile.cl/2013/06/17/chile-democratic-partys-official-site-hacked/87737http://www.kjrh.com/dpp/news/local_news/jenks/jenks-chamber-of-commerce-website-hacked-for-second-time-within-a-monthhttp://www.publicnewshub.com/zimbabwean-hackers-hailed-for-attacking-ancs-website/http://www.bignewsnetwork.com/index.php/sid/215436810/scat/b8de8e630faf3631/ht/South-and-North-Korea-close-website-amid-hacking-alertshttp://www.business-standard.com/article/pti-stories/syria-s-online-troops-wage-counter-revolutionary-cyber-war-113060900065_1.htmlhttp://www.ehackingnews.com/2013/06/turkish-ministry-of-interior-website.htmlGoogle Published their epic Transparency Report datahttp://krebsonsecurity.com/2013/06/web-badness-knows-no-bounds/http://www.google.com/transparencyreport/European Union issues new data breach laws for telecommunications industryhttp://www.infosecurity-magazine.com/view/33109/eu-announces-new-data-breach-rules-for-telecoms/Critical vulnerabilities found in CROWD single sign-on producthttp://www.computerworld.com/s/article/9240487/Critical_vulnerabilities_found_in_Atlassian_Crowd_enterprise_single_sign_on_toolFacebook offers (pays!) $20,000 flaw for brilliant business-logic bughttp://www.eweek.com/security/facebook-patches-mobile-text-vulnerability-rewards-flaw-discoverer/Microsoft launchges a bug boHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the...

DtR Episode 37 - NewsCast for April 22nd 2013 Play Episode
It's Monday April 22nd, 2013, and here are the topics from the last 2 weeks James ( @jardinesoftware ) and I ( @Wh1t3Rabbit ) will be talking about as we Monday-morning-quarterback the last 2 weeks in Information Security... Fair warning, we have way too many topics to fit into 20 minutes... so went a little bit longer but both feel it's well worth your time. Laugh, cry, and be informed.Topics CoveredMicrosoft rolls out 2-factor authentication - James points out that Microsoft has rolled out authenticator-agnostic, robust 2-factor authentication... if only I could figure out how to use it? If you...

Edge of the Web

---

759 | Practical Tips for Utilizing Heat Maps w/ Celeste Gonzalez Play Episode
Curious where your website visitors are really clickingor rage-clicking? On this week's EDGE of the Web, SEO expert Celeste Gonzalez returns to break down how heatmaps and session recordings are transforming the way we analyze user behavior, optimize pages, and (hopefully) keep our clients engaged. We dig into practical tips for choosing the right pages to monitor, interpreting the sometimes confusing world of "dead clicks" versus "rage clicks," and why your mobile hero image might be killing conversions. A/B testing? Internal linking tests for those blog post traffic hogs? On a side note: if you haven't looked at Microsoft Clarity...

757 | User Behavior from Heatmaps w/ Celeste Gonzalez Play Episode
Celeste Gonzalez, Director of Rue Labs at Rickety Roo, joins EDGE to explore how heat maps and user behavior tracking are transforming SEO strategy. She walks through Microsoft Clarity's suite of toolsincluding tap, scroll, attention, and area heat mapsand explains how they reveal real user interactions beyond what traditional metrics can offer. From understanding time-on-page to visualizing content engagement, Celeste shows how these tools help SEOs optimize design, layout, and messaging. She highlights the growing need to "earn the scroll," not just the click, especially as attention spans shrink and SERPs shift. Celeste also addresses common missteps, like overreacting to...

756 | AI/SEO News from the EDGE | Week of 4.21.2025 Play Episode
Advertisers are bailing on TikTok as another U.S. ban looms, shifting dollars to Meta while creators scatter to backup platforms. Meanwhile, Google credits Gemini for nuking 240 million spammy reviews and business edits, but don't expect them to help you get your real reviews back. Big legal moves are underway: The NYT lawsuit against OpenAI and Microsoft will proceed, and Chegg is suing Google for killing traffic via AI Overviews. Sara Taher joins the show to unpack the long-term consequences of AI scraping and shrinking search real estate. We also dive into new AI traffic data showing LLMs are sending...

673 | News from the EDGE | Week of 4.1.2024 Play Episode
Erin Sparks is back behind the Digital News Desk this week to deliver a groundbreaking news flash - Google greenlights Microsoft's 53% acquisition, handing over a majority stake to Bill and the crew. Did we get ya? Happy April Fools from all of us at EDGE of the Web! This week we investigate a new lawsuit against Facebook and Instagram as allegations pile up claiming the social platforms are allegedly delivering ads to bot accounts and inflating ad viewership metrics to their advertisers. Google STILL has not announced a launch date for SGE; here's the scoop. Plus, OpenAI released a...

657 | News from the EDGE | Week of 1.29.2024 Play Episode
SGE in Timeout When will SGE actually come to life on the SERP? It seems the answer is not any time soon, as Google is letting Microsoft and others take the lead in creating a generative experience while SGE remains in the workshop. Keep your eyes peeled; Google announces a plan to restart the official SEO starter guide in the near future. Meta continues its AI push. What's next? Plus, the great Barry Schwartz hints at the next confirmed Google search ranking algorithm coming soon. Stay fresh with all the latest SEO awesomeness every week. Join us on this episode...

653 | News from the EDGE | Week of 1.15.2024 Play Episode
A new transition king has been crowned this week as Erin takes the throne. Shh don't tell Mordy! After a quick week off the team is back in action with some compelling news this week. Don't be fooled, Google author bylines in fact DO NOT influence search rankings despite opposing claims. If you're still confused, good luck reaching Google ad support as reports show they are at an all time low in efficiency. Plus, Microsoft and Google are battling as they each make big moves in the Artificial Intelligence space. We've got plenty of courses on the menu this week...

634 | News from the EDGE | Week of 10.16.2023 Play Episode
Did You Say Synthetic Humans? Welcome back to another episode of News from the EDGE! Google has begun initiating the removal of third-party cookies, with hopes to eventually fully eliminate this tracking capability. YouTube unveils AI-powered campaign, Spotlight Moments, which allows brands to align ads with the most relative cultural content. Plus, you might have an interest in digging into Microsoft AI. Why? A $15,000 cash prize for those who come across a bug is why! Stay connected to the SEO world and up to speed on everything you need to know right here on The EDGE of The Web!...

577 | News from the EDGE | Week of 3.13.2023 Play Episode
Every week there seems to be an unlimited amount of headlines to cover on News from the EDGE about generative AI. TikTok is taking on search giants Google and Microsoft in the paid advertising space, Grammarly gets into the generative AI game, but with a twist, and Mordy Oberstein discusses the future of search and AI. And we also had the Twins versus the Yankees baseball play by play as we literally were recording the show! The AI wars have cometh. . . on this week's episode of EDGE! News from the EDGE: [00:03:51] Step Aside Google and Microsoft Ads,...

496 | News from the EDGE | Week of 5.2.2022 Play Episode
Recording from our home studios this week, EDGE rolled out its review of 4 digital news stories this week from Search Engine Roundtable, Search Engine Land and, yup, Search Engine Journal. All the Searches! We experienced the full immersion into the John Mueller AI - Mueller-bot. We think we should have a dedicated segment just for that. [00:02:46] Ad Revenue growth reported by both Google and Microsoft [00:05:39] EDGE of the Web Title Sponsor: Site Strategics [00:06:26] Would you ask SEO questions to a bot based on John Mueller? It depends. [00:09:04] This Week's Poll [00:09:52] Google stealing content? Or...

462 | News from the EDGE | Week of 11.15.2021 Play Episode
Covering a lot of (Site)Ground here on the show today with Erin Sparks and Mordy Oberstein. Learning about the carbon emission expense of IndexNow, SiteGround sites being deindexed from a 4-day DNS outage and how machine written content may not be so bad in the future. Bonus on this episode: see Erin lose it when Mordy calls our toll-free number for the podcast. That's conversion optimization, baby! [00:06:11] Will Google use Microsoft's new IndexNow protocol? [00:11:30] A four-day outage at SiteGround is over, but still recovering. But Google dropping indexing in that short of time? [00:18:15] So Google has talked...

400 | News from the EDGE | Week of 3.08.2021 Play Episode
[00:06:07] Will Google Pass the Cost of Digital Ad Taxes to US Advertisers? Maryland is the first state to pass a tax on digital advertising. In countries such as the UK, Austria, and Turkey, Google has passed those costs to advertisers. Will it do the same in the US? [00:14:48] Search Results are Being Upgraded at Microsoft Bing The five key Bing features being updated include intuitive highlighting of content, integrated visual search, expandable carousels, infographic-like SERPs, and richer results for local queries. [00:21:44] Why Did My Site's Rich Results Disappear? If a website suddenly loses its rich results on...

News from 378 with Shay Rowbottom Play Episode
High levels of Engagement on LinkedIn: 722 Million Members LinkedIn continues to grow by leaps and bounds, as seen in a recent quarterly report from Microsoft, which purchased LinkedIn back in 2016. Many users are looking for work. The Biggest Loser in the 2020 Election? Social Media There are those who will say social media did too much censoring of Trump's posts while others will say the platforms don't do enough to control misinformation. Social media loses either way. Google Wants to Help Convert Static Website Content into Videos Businesses will be able to easily convert static website content in...

News from 376 with Dixon Jones Play Episode
Got Clarity? Free Website Analytics from Microsoft Microsoft is calling its new free web analytics tool Clarity, and it's meant to reveal what users are doing while visiting your site while also respecting their privacy by being GDPR compliant. Will Apple Leverage Google's Antitrust Troubles to Launch a Search Engine? There have been perennial rumors about Apple developing its own search engine. With Google under the antitrust microscope, now might be the time for Apple to make its move. How Natural Language and Passage Indexing will Impact SEO Taken together, these recent developments at Google indicate a pretty major evolution...

News from 367 with Tim Schmoyer Play Episode
Beta Launch of "Horizon" VR Social Experience by Facebook Horizon is Facebook's sandbox creation tool for virtual reality experiences, which it wants to broaden while also keeping it social as it enters its next phase of development. Will Apple Launch a Search Engine to Compete with Google? The signs include Apple hiring more search engineers, making changes to its Spotlight Search mobile engine to bypass Google results, and is beefing up its webcrawling Applebot. Microsoft and Walmart Team Up in Bid to Acquire TikTok This is a significant move showing how big a deal it is to figure out who...

News from 353 with Bill Sebald Play Episode
Online Meeting Services are Collecting More Data Than You Think An analysis of the privacy policies of Google Meet, Microsoft Teams, and WebEx show that while they're basically "safe" to use, they are collecting call length and IP addresses of all participants. By Chaim Gartenberg Has Google Slowed Web Crawling Because of the Pandemic? This is one story that just won't seem to die. John Mueller of Google has now announced again that crawling has not been slowed down at all because of the COVID-19 outbreak. By Barry Schwartz The Pandemic's Impact on Digital Marketing May Have Bottomed Out The...

News from 338 with Tim Jensen Play Episode
Beta Integration with PromoteIQ Now Available in Microsoft Advertising Microsoft Advertising is making changes to support retailers, including an integration with PromoteIQ now in beta mode, along with Microsoft Bing for Commerce. What Shopping Ad Managers Should Know in 2020 Four things: Smart Shopping Campaign automation with Google, going global with International Shopping Ads, structured markup for feed-free product data, and Microsoft Bing Smart Shopping Ads. Tracking Offline Conversions with Microsoft Advertising When you want to get the full story of revenue attributable beyond website activity, you need to know how to import all kinds of outside data into Microsoft...

News from 337 with George Nguyen Play Episode
Did Google Start the New Year with a Search Algorithm Update? There are always people complaining about drops in traffic and other people happy about traffic increasing. The chatter itself does not necessarily indicate a significant update occurred. Microsoft Advertisers Could Win Great Prizes Enter the Microsoft Advertising Sweepstakes by completing the MS Advertising Certified Professional certification, adding a new MS Advertising account, or enrolling in the MS Advertising Partner Program. How are Headings Really Supposed to be Used for SEO? Google Speaks! Google's John Mueller explained how to use H1, H2, and H3 HTML headers in SEO. The different...

EP 227: Surviving the Machine Revolution w/Jono Alderson Play Episode
"Five years from now, the world is a dark and terrible place. Our lives and our experiences are managed by robots, machines, and artificial intelligence which are owned and operated by international conglomerates." Those words were spoken recently by today's featured guest Jono Alderson at the Friends of Search 2017 conference a few months ago. Jono Alderson is the Principal Consultant for Distilled and he has spent the last two years researching and reading every press release, studying every merger and acquisition, analyzing every movement being made by some of these global companies like Amazon, Apple, Microsoft, Alphabet, Facebook, Uber,...

EP 222: Successful Storytelling for Businesses w/Robert Rose Play Episode
Robert Rose, the Chief Strategy Officer for the Content Advisory, joined us on the podcast this week! Robert has worked with more than 500 companies, including 15 of the Fortune 100 and has provided marketing advice for brands like Capital One, Dell, Hewlett-Packard, Microsoft and others. He is also a co-host of the podcast PNR's This Old Marketing - which is consistently ranked as a top marketing podcast with more than one million downloads a year. Robert has written two books, "Experiences: The 7th Era of Marketing" & "Managing Content Marketing", with a third due out later this year called...

Experts On The Wire (An SEO Podcast!)

---

011: Interview With Everette Taylor Play Episode
Everette is Head Of Growth For New Mobile Products At Microsoft and CEO of Millisense.We talked about a TON in this conversation meeting Jaime Foxx, getting press in places like Fortune and Forbes, how verified Twitter works, diversity in tech, working TWO full time jobs, snapchat and more. I hope you enjoy this in-depth conversation with Everette Taylor.Listen Now!Dont forget to subscribe on iTunes!And were now live on Google Play too!Linkshttp://www.everettetaylor.com/http://www.millisense.co/https://moz.com/rand/the-t-shaped-web-marketer/https://www.stickermule.com/https://www.producthunt.com/https://medium.com/i-m-h-o/why-i-will-never-ask-you-to-share-my-content-5ca71a1e1910#.ogp7yw9wxhttps://www.ted.com/talks/verna_myers_how_to_overcome_our_biases_walk_boldly_toward_them?language=enPeoplehttps://twitter.com/Everettehttps://www.facebook.com/everettetaylorjr/https://twitter.com/morganbhttps://twitter.com/brysontillerhttps://www.linkedin.com/in/devansandersonhttps://twitter.com/iamjamiefoxxhttps://twitter.com/BeyonceAgendaEverettes Day-to-dayThe 16-hour day grindT-shaped marketingEverettes #1 SkillPersistence In Your MarketingDouble-down on whats working firstEmail Marketing At StickermuleQualitative Customer InsightMissed Opportunities of Traditional CompaniesUsing SnapchatBe diverse with your contentGrowing Your...

Feel Better, Live More with Dr. Rangan Chatterjee

---

BITESIZE | Do This Every Morning to Reduce Overwhelm, Boost Your Happiness and Fix Your Focus | Robin Sharma #512 Play Episode
Its what you do each day not what you do every year that makes a difference Robin Sharma. Todays clip is from episode 471 of the podcast with best-selling author and one of the top leadership and personal mastery experts in the world, Robin Sharma. He advises companies such as NASA, Nike, Microsoft, Starbucks, Yale University and the Young Presidents Organization. Robin is probably best known for his thriving 5AM Club community. In this clip, he shares insights on the power of intentional morning routines, including his five-question morning maximiser, the benefits of daily movement, and the lifelong value of...

Freakonomics Radio

---

547. Satya Nadellas Intelligence Is Not Artificial Play Episode
But as C.E.O. of the resurgent Microsoft, he is firmly at the center of the A.I. revolution. We speak with him about the perils and blessings of A.I., Google vs. Bing, the Microsoft succession plan and why his favorite use of ChatGPT is translating poetry. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

324. Extra: Satya Nadella Full Interview Play Episode
Stephen Dubner's conversation with the C.E.O. of Microsoft, recorded for the Freakonomics Radio series The Secret Life of a C.E.O. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

315. How to Become a C.E.O. Play Episode
Mark Zuckerberg's dentist dad was an early adopter of digital x-rays. Jack Welch blew the roof off a factory. Carol Bartz was a Wisconsin farm girl who got into computers. No two C.E.O.'s have the same origin story so we tell them all! How the leaders of Facebook, G.E., Yahoo!, PepsiCo, Microsoft, Virgin, the Carlyle Group, Reddit, and Bridgewater Associates made it to the top. (Part 2 of a special series, "The Secret Life of C.E.O.'s.") Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

287. Hoopers! Hoopers! Hoopers! Play Episode
As CEO of Microsoft, Steve Ballmer was famous for over-the-top enthusiasm. Now he's brought that same passion to the N.B.A. -- and to a pet project called USAFacts, which performs a sort of fiscal colonoscopy on the American government. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Grit w/ Joubin Mirzadegan

---

How Dropbox Beat Big Tech in the Cloud Wars Play Episode
How do you win when your competitors are the biggest companies in the world?This week on Grit, Dropbox co-founder and CEO Drew Houston retraces the path from a bus-stop prototype to competing head-on with Google, Apple, and Microsoft.He explains why grit is learning to run toward discomfort, and the moments he realized founders keep going for the love of the game.Guest: Drew Houston, Co-Founder & CEO of DropboxChapters:00:00 Trailer00:52 Introduction01:35 Towards full autonomy16:20 Coming back to school21:45 Golden ticket to California25:23 No ones born a CEO28:15 Y Combinator and a co-founder37:53 The craft of being a great CEO53:41 Metabolizing the...

How Notion Reimagined Productivity Tools | Ivan Zhao Play Episode
Ivan Zhao joins Joubin Mirzadegan on Grit to break down how the companys minimalist design became a strategic edge in a world overwhelmed by bloated software.He shares why the AI agent still hasnt arrived, and how Notions modular approach might be the closest thing to making it real.Guest: Ivan Zhao, co-founder and CEO of NotionMentioned in this episode: Fuzzy Khosrowshahi, Airbnb, Sequoia Capital, Linear, Figma, Apple, Things, Microsoft, BMW, Lumiere, The Beatles, The Rolling Stones, Eric Clapton, Rippling, Matt MacInnis, Inkling, Steve Jobs, Douglas Engelbart, Alan Kay, Bill Gates, OpenAI ChatGPT, Y Combinator, Andrej Karpathy, Toby Schachman, Simon Last, Spotify,...

#229 Former CEO Activision Blizzard, Bobby Kotick w/ Bing Gordon: Change the Game Play Episode
Guest: Bobby Kotick, former CEO of Activision Blizzard; and Bing Gordon, Advisor at Kleiner PerkinsIn 2020, when President Trump signed the executive order that would ban TikTok in the U.S., Bobby Kotick called his old friend Steven Mnuchin. The former Secretary of the Treasury told him that, if TikToks U.S. operations were to be sold to an American company, Microsoft would be the only bidder.A couple calls later, he reached ByteDance founder and CEO Zhang Yiming, who said hed rather sell to Bobby than Microsoft. Concerned about his ability to get the deal done solo, Bobby called Microsoft CEO Satya...

#148 Former Snowflake CEO, Bob Muglia: The Datapreneurs Play Episode
Guest: Bob Muglia, The Datapreneurs Co-Author and Former Snowflake CEOLongtime Microsoft executive and former Snowflake CEO Bob Muglia was done with his book about using data to drive the digital economy and then ChatGPT came out. The timeline for artificial intelligence moved in by 50 years in my head, he recalls. Bob then told his co-author Steve Hamm that they needed to update The Datapreneurs to focus more on AI. For the first time, we have intelligence in a computer, he says. English has become the primary programming interface of 2023!In this episode, Bob and Joubin discuss weekly meetings, Amazons...

#104 Co-founder of Intuit, Scott Cook: The Power of Paradigms Play Episode
Intuit co-founder Scott Cook still remembers the first line of an email he received in 1994 from billg@microsoft.com: This really is Bill Gates. Intuits personal finance product Quicken had survived being crushed by Microsoft Money, and its new accounting software Quickbooks was thriving as well; instead of competing, Gates wanted to buy Intuit for $1.5 billion and take it worldwide. A deal was struck, hands were shook, but there was just one problem: The U.S. Department of Justice.In this episode, Scott and Joubin discuss finding happiness in your career, who Scott aspired to emulate when he was a young CEO,...

Hacking Humans

---

Spotting social engineering in the shadows. Play Episode
This week, we are joined by Dr. Chris Pierson CEO at Black Cloak, and he is talking about some of the social engineering attacks his team is tracking. Joe's story follows how Microsoft Threat Intelligence has observed the financially motivated cybercriminal group Storm-1811 misusing the client management tool Quick Assist in social engineering attacks. Dave share's the story of the lure of a free baby grand piano to deceive over 125,000 email recipients, mainly targeting North American university students and faculty, earning at least $900,000. Our catch of the day comes from listener Chuck who writes in to share some...

AI: A battle between heroes and villains. Play Episode
Dave Baggett from INKY joins Dave to dive into the latest phishing trends and discuss a broader view of how AI is being used by both the good guys and the bad guys. Joe's story this week dives into the APT with an entirely too cool name, Midnight Blizzard, that has been conducting targeted social engineering towards the popular Microsoft Teams. Dave's story this week follows a Facebook Market user who dodged one scam, just to fall right back into another one. Our catch of the day comes from listener Mauricio who writes in an shares a funny voicemail regarding...

Risky chat applications. Play Episode
Toby Pischl, Head of Information & Email Security at Broadcom, sits down with Dave to discusshowSlack and Microsoft Teams phishing is an open door into businesses. Joe and Dave share some follow up regarding a case of a woman claiming to have cancer to receive over $37,000 from donors on GoFundMe. Joe has the terrible story out of Michigan where a high schooler committed suicide after a sextortion scam. Dave has a story on job seekers around the country and how likely they are to fall for a job scam. Our catch of the day comes from listener Albert, who...

Is there a growing number of public and private partnerships forming? Play Episode
This week Carole Theriault interviews Chuck Everette from Deep Instinct on public and private partnerships. Dave and Joe share some listener follow up from Rodney who writes in about flexible spending cards and chips inside them as well as sharing technology that helps keep the scammers away. Joe's story follows the trend of fake invoicing, specifically through PayPal and the newest string of scammers getting people to call in about a pending charge. Dave shares a story where people are getting sent fake Microsoft products in hopes to steal information after they plug these products into their computers. Our catch...

Combating social engineering. Play Episode
Ann Johnson, Security Executive at Microsoft and host of the afternoon cyber tea podcast, joins Dave to discuss social engineering and ways to help prevent it, as well as the different types of social engineering she's seen from her experience, Dave and Joe share some listener follow up about macros in Office documents, Joe has two stories this week, one is on how Seth Green lost over 300K in NFTs, and the other is on a new scam with Chatbots on phishing emails, Dave's story is on how a California man was arrested for siphoning money, our catch of the...

Cybersecurity awareness should be a year-round activity. Play Episode
Guest Dr. Jessica Barker from Cygenta talks with UK correspondent Carole Theriault about how every month should be cyber awareness month, Joe has a story about password spraying (kind of like a credential stuffing attack), Dave's story is about scams carried out through QR codes, and our COTD comes from listener Wyatt about an award-winning email from Warren Buffett. Links to stories: Microsoft warns over uptick in password spraying attacks Scammers are emailing waves of unsolicited QR codes, aiming to steal Microsoft users' passwords Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com...

They won't ask for sensitive information over the phone. Play Episode
Guest Alex Hinchliffe, Threat Intelligence Analyst from Unit 42 at Palo Alto Networks joins Dave to talk about some of his team's ransomware research, Joe's story is about a new jury duty scam that is out there (hint, they will not call you on the phone), Dave's got a story about Microsoft rolling out passwordless login options, our Catch of the Day comes from a listener named Lucio who shared several social engineering ploys with us. Links to stories: Brand New Jury Duty Scam You Can Now Ditch the Password on Your Microsoft Account Have a Catch of the Day...

Collaboration platforms are a gateway for ransomware attacks. Play Episode
Guest Gil Friedrich from Avanan joins Dave to discuss how collaboration platforms, like Microsoft Teams, Slack and others, opened up a new gateway to ransomware attacks, Joe's story comes from listener Matt shared as a COTD candidate that's a phishing scam, Dave's got a story about China and Russia trying to turn your employees into spies, and our Catch of the Day comes from a listener named Iain with a timely story "from" Afghanistan. Links to stories: Guarding Against the Chinese Domain Name Email Scam The FBIs warning to Silicon Valley: China and Russia are trying to turn your employees...

What are our devices doing to our compassion? Play Episode
GuestDr. Charles Chaffin, author of the book "Numb: How the Information Age Dulls Our Senses and How We Can Get them Back," joins Dave this week, we have some listener follow up from John with a tip on ATM security, Dave's got a two-fer this week including a useful site called www.shouldiclick.org and a Twitter report on multi-factor authentication thanks Rachel Tobac for calling our attention to it, Joe's story is from Microsoft on trends in tech support scams, and our Catch of the Day is from a listener on Twitter called @DoNoEvilMan about a payout from the Federal Reserve...

A little dose of skepticism. Play Episode
We have some listener follow-up sharing dnstwister.report site, Dave has a story of consent phishing, Joe talks about calendar invite phishing, The Catch of the Day is a lazy money multiplying scam, and later in the show, Dave's conversation with Don MacLennan from Barracuda Networks on brand impersonation. Links to stories: Microsoft warns of Office 365 phishing via malicious OAuth apps Abnormal Attack Stories: Calendar Invite Phishing Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

Life in the (second) age of pirates. Play Episode
Dave has an account from a man who was almost scammed by an impersonation of his own close friend. Joe has the story of a sophisticated phishing scheme involving Microsoft Office 365. The catch of the day goes all the way back to the age of pirates. Carole Theriault interviews Andrew Brandt from Sophos regarding their 2020 threat report. Links to stories: Tricky Phish Angles for Persistence, Not Passwords SophosLabs 2020 Threat Report Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

If you didn't ask for it don't install it. Play Episode
Dave describes a gas-pump hidden camera scam. Joe shares the story of a fraudulent Microsoft Windows Update notice. The catch of the day involves a scammer making use of an online celebrity's profile picture. Our guest is Karl Sigler from Trustwave with tips for staying safe online through the holidays. Links to stories: https://krebsonsecurity.com/2019/11/hidden-cam-above-bluetooth-pump-skimmer/ https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-windows-update-spam-leads-to-cyborg-ransomware-and-its-builder/ Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com or hit us up on Twitter.

How Did This Get Made?

---

War of the Worlds (2025) Play Episode
Ice Cube saves the world from aliens via Amazon Prime and Microsoft Teams?! You all demanded it, so Paul, June, and Jason got their butts into the studio to cover all the mouse-clicking, keyboard-clacking, and front-facing video calls in the new War of the Worlds reboot. They discuss the Tesla ambulance, how Ice Cube plays a straight up stalker, the heroic Amazon Prime Air Drone, the packing tape tourniquet, the bonkers computer drop-down menu options, if the aliens want our nude pics, and so much more. Plus, the gang debate the correct way to pronounce "data" and Paul goes out...

How I Built This

---

Exploding Kittens: Elan Lee. How cat-themed Russian Roulette changed game night forever Play Episode
Exploding Kittens began as a jerry-rigged version of Russian Roulette a deck of cards hastily modified with a Sharpie. But what happened next is one of the most improbable success stories in the creator economy: a $10,000 Kickstarter goal that ballooned into nearly $9 million, a community that rewrote the rules of crowdfunding, and a company that has now sold over 60 million card and board games.Co-founder Elan Lee shares the story behind Exploding Kittens from dismantling his brothers toys as a kid, to helping design Halo, to walking away from Microsofttwice. He reveals how burnout, curiosity, and an obsession...

Expedia & Zillow: Rich Barton Play Episode
In the early 90s, Rich Barton arrived to work at Microsoft just as the world wide web was taking off. He wound up pitching Bill Gates on an idea that was transformative at the time: to let everyday travelers book their own flights and hotels by giving them online access to previously hidden reservation systems. Expedia launched from inside Microsoft but was so successful at transforming the travel industry that it was spun out into a public company with Rich as CEO. Then in 2005, Rich moved on to a new idea with some Expedia colleagues, co-founding Zillow as a...

Canva: Melanie Perkins (2019) Play Episode
When she was just 19 years old, Melanie Perkins dreamt of transforming the graphic design and publishing industries. But she started small, launching a site to make yearbook design simpler and more collaborative. Her success with that first ventureand an unexpected meeting with a VC investoreventually landed her the backing to pursue her original idea, and the chance to take on software industry titans like Adobe and Microsoft. Today, Melanie's online design platform Canva is valued at $6 billion, joining the list of Australia's "unicorn" companies.For more information on the HIBT Fellowship visit: https://npr.org/fellowsSee Privacy Policy at https://art19.com/privacy and California...

Canva: Melanie Perkins Play Episode
When she was just 19 years old, Melanie Perkins dreamt of transforming the graphic design and publishing industries. But she started small, launching a site to make yearbook design simpler and more collaborative. Her success with that first venture and an unexpected meeting with a VC investor eventually landed her the backing to pursue her original idea, and the chance to take on software industry titans like Adobe and Microsoft. Today, Melanie's online design platform Canva is valued at over $1 billion, joining the list of Australia's "unicorn" companies. PLUS for our postscript "How You Built That," how Tristan Corriveau...

LinkedIn: Reid Hoffman Play Episode
In the early 1990s, Reid Hoffman had a vision for the future of the Internet: people would connect through social networks using their real names, and their online lives would be completely merged with their real ones. After several early attempts, he co-founded LinkedIn a social network focused on jobs and careers. In 2016, the company sold to Microsoft for $26 billion dollars, helping make Hoffman one of the wealthiest and most influential figures in Silicon Valley. PLUS for our postscript "How You Built That," how Danica Lause turned a knitting hobby into Peekaboos Ponytail hats, knit caps with strategically...

Invest Like the Best with Patrick O'Shaughnessy

---

Ray Ozzie - The Future of Intelligent Machines - [Invest Like the Best, EP.391] Play Episode
My guest today is Ray Ozzie, one of the great technologists, software developers, and entrepreneurs of our time. Ray is perhaps best known as the creator of Lotus Notes, a collaboration tool that revolutionized business communication in the 1990s. He later succeeded Bill Gates as Chief Software Architect at Microsoft, where he played a key part in the development of Azure, Microsoft's cloud computing platform.Ray's work has earned him numerous accolades, including induction into the Computer History Museum Hall of Fellows and the National Academy of Engineering. Throughout his career, Ray has been at the forefront of technology innovation and...

Jeff Green - Modernizing Advertising - [Invest Like the Best, EP.315] Play Episode
My guest today is Jeff Green, the CEO and co-founder of advertising platform, The Trade Desk. The Trade Desk is the second advertising exchange Jeff has built, having sold his first venue to Microsoft in 2007. He started The Trade Desk in 2009 and has built it into a $30 billion public business. In our discussion, we talk about the parallels between The Trade Desk and an equity exchange, why Jeff chose to align with ad buyers not sellers, and how he shapes the culture of his firm. Please enjoy my conversation with Jeff Green. For the full show notes,...

Alexandr Wang - A Primer on AI - [Invest Like the Best, EP. 272] Play Episode
My guest today is Alexandr Wang, the CEO and founder of Scale AI. Alexandr founded Scale in 2016, having been inspired to accelerate the development of AI through his work at Quora and his studies at MIT. Specifically, Alexandr realized there was a lack of infrastructure solutions for producing high quality data, the lifeblood for AI models. Today, Scale provides data solutions to leading AI teams at Meta, Microsoft, OpenAI, Flexport, the US Air Force, and many others. This time last year, the business was valued at over $7 billion. Our conversation is a primer on AI. We discuss the...

Justin Singer - How Regulation Unlocks Opportunity - [Founders Field Guide, EP.2] Play Episode
My guest today is Justin Singer, the founder and CEO of Caliper Foods and Stillwater Brands, two leading companies in the cannabis industry. We start our conversation with a fascinating discussion on how regulation creates or destroys business and investing opportunities, and then go on to discuss the ins and outs of the cannabis industry in detail. Youll be able to tell quickly how high-quality Justin is as a thinker and operator, and youll learn a ton about this nascent business. Please enjoy our conversation. This episode is brought to you byMicrosoft for Startups. Microsoft for Startups is a global...

Charlie Songhurst Lessons from Investing in 483 Companies - [Invest Like the Best, EP.181] Play Episode
My guest this week is Charlie Songhurst, the former head of strategy at Microsoft and a prolific investor, having personally invested in nearly 500 companies throughout his career. I met Charlie at an event hosted in New York and you can tell within one minute of meeting him that his mind is sparkling with ideas and curiosity. Its no wonder hes been among the most commonly requested guests when I asked several top investors and CEOs who I should have on the show. We discuss the lessons hes learned about business, investing, and people from such a large sample size...

Tren Griffin Pulling the Thread - [Invest Like the Best, EP.87] Play Episode
My guest this week is a bundle of curiosity, and that is one of the nicest things I could say about someone. For several years, Tren Griffin has been writing a weekly blog post that highlights things he has learned from various investors, businesspeople, musicians, comedians, and more. Lately, he has also been tackling individual businesses, and broad topics like scaling, competitive forces, and product market fit. Trens full time job is serving as a director at Microsoft. Hes also worked with or for several well know businesspeople and investors like Craig McCaw, and written several books including one on...

Las Culturistas

---

"The Twins Are Fighting Again" (w/ Matt & Bowen) Play Episode
Matt & Bowen gain post-nut clarity this week and catch up on culture! They discuss the Super Bowl, how Back To The Future and Final Fantasy 7 predicted the future, the thrill of daytime sex, how spooning can lead to emotional danger, and Dylan Efron with his booty in the air. Also, Diddy, Blake v Justin, Stacey Rusch, Wendy Williams and the Anora-issance. All this, how Microsoft Teams sucks, Ashanti's "Foolish", Jon M. Chu's big win at Critics Choice, and an appeal to Universal Epic Universe. See omnystudio.com/listener for privacy information.

Lenny's Podcast

---

How AI is reshaping the product role | Oji and Ezinne Udezue Play Episode
Ezinne and Oji Udezue have over 50 years of combined product leadership experience at Microsoft, Twitter, Atlassian, WP Engine, Typeform, and Calendly. Theyve witnessed every major shift in product management, and, despite their seniority, theyre taking beginner AI courses and learning from engineers half their age, and Oji is coding more now than in the past decadefrom Waterfall to Agile to AI. They are also the authors of Building Rocketships, a guide to building great products. In this conversation, the couple shares hard-won lessons theyve learned from companies successfully adapting to AI, including their shipyard framework and their sharp problem...

How 80,000 companies build with AI: products as organisms, the death of org charts, and why agents will outnumber employees by 2026 | Asha Sharma (CVP of AI Platform at Microsoft) Play Episode
Asha Sharma leads AI product strategy at Microsoft, where she works with thousands of companies building AI products and has unique visibility into whats working (and whats not) across more than 15,000 startups and enterprises. Before Microsoft, Asha was COO at Instacart, and VP of Product & Engineering at Meta, notably leading product for Messenger.What youll learn:1. Why were moving from product as artifact to product as organism and what this means for builders2. Microsofts seasons planning framework that allows them to adapt quickly in the AI era3. The death of the org chart: how agents are turning hierarchies into...

Naming expert shares the process behind creating billion-dollar brand names like Azure, Vercel, Windsurf, Sonos, Blackberry, and Impossible Burger | David Placek (Lexicon Branding) Play Episode
David Placek is the founder of Lexicon Branding, a company that focuses exclusively on the development of brand names for competitive advantage. Lexicon is behind iconic names such as Sonos, Microsofts Azure, Windsurf, Vercel, Impossible Foods, BlackBerry, Intels Pentium, Apples PowerBook, and Swiffer. Over 40 years, Davids team has named nearly 4,000 brands and companies, employing over 250 linguists and pioneering naming innovation.What youll learn:1. The three-step process that generated names like Windsurf and Vercel2. How a name can give you the edge that no marketing budget can buy3. Why you wont know it when you see it4. Why Microsoft...

AI prompt engineering in 2025: What works and what doesnt | Sander Schulhoff (Learn Prompting, HackAPrompt) Play Episode
Sander Schulhoff is the OG prompt engineer. He created the very first prompt engineering guide on the internet (two months before ChatGPTs release) and recently wrote the most comprehensive study of prompt engineering ever conducted (co-authored with OpenAI, Microsoft, Google, Princeton, and Stanford), analyzing over 1,500 academic papers and covering more than 200 prompting techniques. He also partners with OpenAI to run what was the first and is the largest AI red teaming competition, HackAPrompt, which helps discover the most state-of-the-art prompt injection techniques (i.e. ways to get LLMS to do things it shouldnt). Sander teaches AI red teaming on...

Unconventional product lessons from Binance, N26, Google, more | Mayur Kamat (CPO at N26, ex-Binance Head of Product) Play Episode
Mayur Kamat is the chief product officer at N26a $9 billion neobank serving over 7 million customers in 25 countrieswhere he leads product, design, data, and research. Prior to N26, Mayur was Head of Product at Binance, growing the crypto exchange to a peak $400 billion valuation. Earlier in his career, he built and scaled products at Google (Gmail Mobile, Hangouts), Microsoft, and travel unicorn Agoda.Learn:1. How to find and focus on the highest-leverage problems2. Why you shouldnt optimize for compensation early in your career3. Why you should optimize for strengths, not weaknesses4. Why you need to decide if you...

Microsoft CPO: If you arent prototyping with AI, youre doing it wrong | Aparna Chennapragada Play Episode
Aparna Chennapragada is the chief product officer of experiences and devices at Microsoft, where she oversees AI product strategy for their productivity tools and work on agents. Previously, she was the CPO at Robinhood, spent 12 years at Google, and is also on the board of eBay and Capital One.What youll learn:1. How prompt sets are the new PRDs and why prototyping with AI is now essential for effective product development2. The three key characteristics of AI agents: autonomy (delegation of tasks), complexity (handling multi-step challenges), and natural interaction (conversing beyond simple chat)3. Why NLX (natural language experience) is the...

Scripts for difficult conversations: Giving hard feedback, navigating defensiveness, the three questions you should end every meeting with, more | Alisa Cohn (executive coach) Play Episode
Alisa Cohn is an executive coach who has worked with C-suite executives at startups like Venmo, Etsy, Wirecutter, and DraftKings, and Fortune 500 companies like Microsoft, Google, Pfizer, Dell, and IBM. Inc. Magazine named Alisa one of the top 100 leadership speakers, and she was named one of the Top 50 coaches in the world by Thinkers50 and the #1 startup coach for the past four years by Global Gurus. She is also the author of From Start-Up to Grown-Up, which won the 2022 Independent Press Award and the American Book Fest 2023 Best Book Award for Entrepreneurship, and is...

Building Wiz: the fastest-growing startup in history | Raaz Herzberg (CMO and VP Product Strategy) Play Episode
Raaz Herzbergis the chief marketing officer and VP of product strategy at Wiz. Wiz hit $100 million ARR within 18 months (the fastest growth in startup history) and, five years in, is generating over $500 million ARR. It also serves over 45% of the Fortune 100. Raaz was one of the first five employees at Wiz, joining as the first product manager, and helped the team pivot to what may be the most intense PMF in history. Before Wiz, Raaz led security products at Microsoft, including Azure Sentinel. In our conversation, we discuss: How Wiz pivoted from their initial idea...

Land your dream job in todays market: negotiation tactics, job search councils, and more | Phyl Terry (Author, Never Search Alone) Play Episode
Phyl Terry is the author of Never Search Alone, which Ive seen so many people reference as the most impactful guide they read for finding a job. Phyl was on the founding team of the first company Amazon acquired back in the 90s and then was CEO of pioneering product consulting firm Creative Good, with companies like Apple, Facebook, and Microsoft as customers. Today, Phyl is the founder and CEO of Collaborative Gain, which 20 years ago pioneered bringing councils to senior product leaders and GMs in Silicon Valley. Thats their day jobin addition to that, Phyl runs a free...

The original growth hacker reveals his secrets | Sean Ellis (author of Hacking Growth) Play Episode
Sean Ellis is one of the earliest and most influential thinkers and operators in growth. He coined the term growth hacking, invented the ICE prioritization framework, was one of the earliest people to use freemium as a growth lever, and, most famously, developed the Sean Ellis Test for product-market fit (which a large percentage of founders use today to track if theyve found PMF). Over the course of his career, Sean was head of growth at Dropbox and Eventbrite; helped companies like Microsoft and Nubank refine their growth strategy; was on the founding team of LogMeIn, which sold for over...

Making an impact through authenticity and curiosity | Ami Vora (CPO at Faire, ex-WhatsApp, FB, IG) Play Episode
Ami Vora is the Chief Product Officer of Faire, which connects independent retailers and brands around the world. Before Faire, Ami spent over 15 years at Meta, including as VP of Product and Design for WhatsApp (2B+ users), VP of Product for Facebooks ads system (now $130B of annual revenue), and director at Instagram. She began her career working on developer tools at Microsoft. In our conversation, we discuss: Why execution eats strategy for breakfast Using metaphor to rally teams around one shared goal How to build cross-functional relationships Dinosaur brain, Toddler soccer, and the hill climbing metaphors A tactic...

How to discover your superpowers, own your story, and unlock personal growth | Donna Lichaw (author of The Leaders Journey) Play Episode
Donna Lichawis an internationally sought-after executive coach, keynote speaker, and best-selling author. She helps visionary founders, CEOs, and executive teams level up their leadership and scale their impact while staying true to their mission, purpose, and themselves. Donna works with leaders at companies like Google, Disney, Twitter, Microsoft, Mailchimp, and Adobe, as well as a plethora of mission-driven startups and nonprofits. In our conversation, we discuss: How our personal narratives influence our success and failure Why identifying your superpowers (and kryptonite) is so important, and how to do it The value of doubling down on your strengths rather than trying...

Good Strategy, Bad Strategy | Richard Rumelt Play Episode
Richard Rumelt is a legend in the world of strategy. Hes the author of Good Strategy/Bad Strategy and The Crux: How Leaders Become Strategists, both of which are often recommended by guests on this podcast. From his early days teaching in Iran at a Harvard-sponsored business school to teaching at Harvard Business School itself to over four decades teaching at UCLAs Anderson School of Management, Richards impact resonates globally. His strategic insights are sought after by major corporations including Microsoft, Shell, Apple, AT&T, Intel, and Commonwealth Bank and by governmental organizations such as the U.S. Army Special Operations Command. In...

How to be more innovative | Sam Schillace (Microsoft deputy CTO, creator of Google Docs) Play Episode
Sam Schillace is deputy CTO and corporate vice president at Microsoft. Prior to working at Microsoft, Sam started a company called Writely, which was acquired by Google and became the foundation of what today is Google Docs. While at Google, Sam helped lead many of Googles consumer products, including Gmail, Blogger, PageCreator, Picasa, Reader, Groups, and more recently Maps and Google Automotive Services. Sam was also a principal investor at Google Ventures, has founded six startups, and was the SVP of engineering at Box through their IPO. In this episode, we discuss: The journey of building Google Docs The importance...

The future of AI in software development | Inbal Shani (CPO of GitHub) Play Episode
Inbal Shani is the chief product officer at GitHub, where she leads core product management, along with product strategy, marketing, open source, and communities, including the development of GitHub Copilot. Prior to joining GitHub, she led engineering and product teams at Amazon and Microsoft.In todays conversation, we discuss: What Inbal believes is overhyped and underhyped in the rapidly changing field of AI How AI-driven code generation is changing software development Her take on whether AI will replace developers How software development looks in 3 to 5 years How product teams operate at GitHub GitHubs Next team, and other ways the...

Becoming evidence-guided | Itamar Gilad (Gmail, YouTube, Microsoft) Play Episode
Brought to you by EzraThe leading full-body cancer screening company | VantaAutomate compliance. Simplify security | LinkedIn AdsReach professionals and drive results for your businessItamar Gilad is a product coach, author, and speaker with over two decades of experience in senior product roles at Google, Microsoft, and various startups. He is also the author of Evidence-Guided: Creating High-Impact Products in the Face of Uncertainty and publishes a popular product management newsletter. In todays episode, we discuss: What it means to be evidence-guided How to think about your KPIs as metric trees How to prioritize ideas using the confidence meter The...

How to measure and improve developer productivity | Nicole Forsgren (Microsoft Research, GitHub, Google) Play Episode
This episode is brought to you by DXa platform for measuring and improving developer productivity.Dr. Nicole Forsgren is a developer productivity and DevOps expert who works with engineering organizations to make work better. Best known as co-author of the Shingo Publication Award-winning book Accelerate and the DevOps Handbook, 2nd edition and author of the State of DevOps Reports, she has helped some of the biggest companies in the world transform their culture, processes, tech, and architecture. Nicole is currently a Partner at Microsoft Research, leading developer productivity research and strategy, and a technical founder/CEO with a successful exit to Google....

The ultimate guide to A/B testing | Ronny Kohavi (Airbnb, Microsoft, Amazon) Play Episode
Brought to you by MixpanelEvent analytics that everyone can trust, use, and afford | RoundThe private network built bytechleaders fortechleaders | EppoRun reliable, impactful experimentsRonny Kohavi, PhD, is a consultant, teacher, and leading expert on the art and science of A/B testing. Previously, Ronny was Vice President and Technical Fellow at Airbnb, Technical Fellow and corporate VP at Microsoft (where he led the Experimentation Platform team), and Director of Data Mining and Personalization at Amazon. He was also honored with a lifetime achievement award by the Experimentation Culture Awards in September 2020 and teaches a popular course on experimentation on...

Building a long and meaningful career | Nikhyl Singhal (Meta, Google) Play Episode
Brought to you by SuperhumanThe fastest email experience ever made | MicrosoftClaritySee how people actually use your product | EppoRun reliable, impactful experimentsNikhyl Singhal is VP of Product at Meta, overseeing teams building messaging, groups, stories, and the main Facebook feed. Before that, he served as the Chief Product Officer at Credit Karma and held various leadership roles at Google, leading teams on Google Photos and Google Hangouts. Nikhyl was also co-founder of three startups, including SayNow and Cast Iron Systems, which were acquired by Google and IBM, respectively. Alongside his successful career, he is passionate about coaching and mentoring,...

Storytelling with Nancy Duarte: How to craft compelling presentations and tell a story that sticks Play Episode
Brought to you by MicrosoftClaritySee how people actually use your product | Lennys Job BoardHire the best product people. Find the best product gigs | EppoRun reliable, impactful experimentsNancy Duarte is the CEO of Duarte Inc. and has helped create over 250,000 presentations for influential business leaders across the globe, including Apple, TED, the World Bank, and Al Gores An Inconvenient Truth. Shes also written six best-selling books, and her TED talk has garnered over 3 million views. She regularly contributes to HBR, MIT-Sloan, and Forbes, and her books are essential reading in leading business schools worldwide. In todays episode,...

Lessons from scaling Spotify: The science of product, taking risky bets, and how AI is already impacting the future of music | Gustav Sderstrm (Co-President, CPO, and CTO at Spotify) Play Episode
Brought to you by MicrosoftClaritySee how people actually use your product | EppoRun reliable, impactful experiments | EcoYour most rewarding appGustav Sderstrm is the Co-President and Chief Product and Technology Officer at Spotify. He is responsible for Spotifys global product and technology strategy, overseeing the product, design, data, and engineering teams. Prior to Spotify, he founded 13th Lab, a startup that was later acquired by Facebooks Oculus. He also served as the Director of Product and Business Development for Yahoo Mobile and founded Kenet Works, a company focused on community software for mobile phones, which was acquired by Yahoo in...

Frameworks for product differentiation, team building, and thinking from first principles | Ayo Omojola (Carbon Health, Cash App) Play Episode
Brought to you by MicrosoftClaritySee how people actually use your product | EcoYour most rewarding app | LMNTZero-sugar hydrationAyo Omojola is Chief Product Officer at Carbon Health, one of the fastest-growing and most innovative health tech companies in the world. Previously, he was a PM leader at Cash App, where he co-created the Cash Card and scaled it to a nine-figure revenue line for Square. Hes also an angel investor in companies like Mercury, Modern Treasury, Faire, and many others. In this episode, we discuss: How Cash App broke through the noise and became a consumer app success story Why...

Hot takes and techno-optimism from techs top power couple | Sriram and Aarthi Play Episode
Brought to you by VantaAutomate compliance. Simplify security | DovetailBring your customer into every decision | LMNTZero-sugar hydrationAarthi Ramamurthy and Sriram Krishnan are founders, angel investors, and product leaders who host the podcast Aarthi and Srirams Good Time Show. They have both held leadership roles at major technology companies including Meta, Twitter, Snap, Microsoft, and Netflix. In todays episode, we dive into how and why to build your personal brand, how to deal with impostor syndrome, and stories from Aarthis time at Clubhouse and Srirams time working with Zuck. Aarthi and Sriram share their lessons from past failures, their experience...

An inside look at how Figma builds product | Yuhki Yamashita (CPO of Figma) Play Episode
Yuhki Yamashita is Chief Product Officer at Figma. Prior to Figma, he was Head of Design of Ubers New Mobility efforts, and before that a product manager at Google and Microsoft. Adding to his impressive resume, Yuhki also taught introductory computer science at Harvard. In today's episode, we talk about operationalizing quality, the case against OKRs, and how Figma isn't just known for product-led growth, but also for building a community of empowered users. Yuhki also shares why he thinks storytelling is key to being a great product manager, owning the "why," and the potential impact of Adobe's acquisition of...

How to hit revenue targets in a recession | Sahil Mansuri (Bravado) Play Episode
Sahil Mansuri is the CEO of Bravado, the worlds largest online sales community. Sahil is passionate about sales, and his experience dates all the way back to 2008, working for Obamas presidential campaign. During his time at Glassdoor, Sahil was able to close some incredible accounts, including Facebook, Google, Microsoft, and Amazon. In todays podcast, we talk about why sales is a crucial part of any business and how to continue selling successfully through a recession. We get super-specific on building a conservative plan for the near future and cover everything from where to place your best salespeople to restructuring...

Using behavioral science to improve your product | Kristen Berman (Irrational Labs) Play Episode
Kristen Berman is the CEO and co-founder of Irrational Labs, where she helps companies like Google, Airbnb, PayPal, Microsoft, and LinkedIn improve their products and services through behavioral design research. She is also the co-founder of Common Cents Lab, a Duke University initiative dedicated to improving the financial well-being of low- to middle-class Americans. In todays episode, Kristen shares the 3B Framework of Behavioral Design and uses real-life examples to illustrate what influences behavior change and the common biases that get in the way of building successful products. She also explains how to keep users engaged and how you can...

Building a meaningful career | Jason Shah (Airbnb, Amazon, Microsoft, Alchemy) Play Episode
Jason Shah has led product teams at Amazon, Airbnb, Microsoft, and Yammer and currently leads the product team at Alchemy (one of the most important web3 infrastructure companies). In addition, hes an advisor, investor, and two-time founder. In todays episode, Jason discusses what its like to be a PM in web3, why his role at Amazon made such a big impact on his life and career, what makes a great leader, and how to hire well. He also shares his unique perspective on building a meaningful career and life.Find the full transcript here: https://www.lennysnewsletter.com/p/building-a-meaningful-career-jasonWhere to find Jason Shah: Twitter: https://twitter.com/jasonyogeshshah...

The role of AI in product development | Ryan J. Salva (VP of Product at GitHub, Copilot) Play Episode
Ryan J. Salva is the VP of Product at GitHub, where he led the incubation and launch of Copilot. Copilot uses OpenAIs ML engine to suggest code and entire functions in real time, right from your editor, and is changing the way we build software. Ryan is an experienced developer and product manager, with over a decade of experience working for Microsoft before moving to lead the GitHub product team. In todays episode, he shares how Copilot got its start, how it moved from prototype to live product, and how he structures R&D teams within larger companies. He also discusses...

The rituals of great teams | Shishir Mehrotra of Coda, YouTube, Microsoft Play Episode
Shishir Mehrotra is the co-founder and CEO of Coda, and formerly head of product and engineering at YouTube. In this episode, he shares his insights on growth strategy, how he evaluates talent, a peek at his upcoming book The Rituals of Great Teams, why reference checks are the most important step in the interview process, and so much more. Join us.Find the full transcript here: https://www.lennyspodcast.com/the-rituals-of-great-teams-shishir-mehrotra-coda-youtube-microsoft/#transcriptWhere to find Shishir Mehrotra: Twitter: https://twitter.com/shishirmehrotra LinkedIn: https://www.linkedin.com/in/shishirmehrotra/Where to find Lenny: Newsletter: https://www.lennysnewsletter.com Twitter: https://twitter.com/lennysan LinkedIn: https://www.linkedin.com/in/lennyrachitsky/Thank you to our wonderful sponsors for making this episode possible: Coda: http://coda.io/lenny Flatfile: https://www.flatfile.com/lenny Eppo: https://www.geteppo.com/ Referenced:...

Manik Gupta (ex-CPO Uber, Google Maps) on how to build consumer apps, why its useful to be optimistic about technology, creating inflections in your PM career, the changing CPO role, and more Play Episode
Manik Gupta has led two of the most successful consumer products in historyGoogle Maps, where he was Director of product for the Maps team, and Uber, where he was CPO. After leaving Uber, he spent some time working on a product to help people avoid getting COVID called CVKey, and most recently he took on a role at Microsoft as Corporate Vice President leading many of their consumer efforts.Thank you to our wonderful sponsors for making this episode possible: Mixpanel: https://mixpanel.com/startups Coda: http://coda.io/lenny Unit: https://unit.co/lennyIn this episode, we cover:[3:55] Patterns for career success[7:19] Why its valuable to be optimistic about...

Sanchan Saxena (VP of Product at Coinbase) on the inside story of how Airbnb made it through Covid; what hes learned from Brian Chesky, Brian Armstrong, and Kevin Systrom; much more Play Episode
Sanchan Saxena is VP of Product at Coinbase. Before Coinbase, Sanchan was Head of Product and GM at Airbnb, founder and Head of Product of Instagram Shopping, Director of Product Management at Yahoo, and Lead PM at Microsoft.Thank you to our sponsors for making this episode possible: Dovetail: https://dovetailapp.com/lenny Persona: https://withpersona.com/lenny Productboard: https://www.productboard.com/In this episode, youll learn:[3:50] How Sanchan worked his way up to VP of Product at Coinbase[6:15] Sanchans best advice to early-stage PMs[9:41] What to look for in a company to join[12:09] What Sanchan learned from Airbnb[16:40] Behind the scenes of how Airbnb survived the Covid downturn when...

Jackie Bavaro on getting better at product strategy, what exactly is strategy, PM pitfalls to avoid, advancing your career, getting into management, and much more Play Episode
Jackie Bavaro is the author of the best-selling books Cracking the PM Interview and Cracking the PM Career. She was most recently at Asana, where she joined as its first product manager and later became the head of product. Earlier in her career, Jackie was a PM at Google and Microsoft, where she worked on high-impact products such as Google Search and Microsoft SharePoint.In this episode, we cover:1. How did Jackie become head of product at Asana? Start writing the best-selling PM books on interviews and the career ladder?2. How and why to find a product coach.3. What are the...

Lex Fridman Podcast

---

#479 Dave Plummer: Programming, Autism, and Old-School Microsoft Stories Play Episode
Dave Plummer is a programmer, former Microsoft software engineer (Windows 95, NT, XP), creator of Task Manager, author of two books on autism, and host of the Dave’s Garage YouTube channel, where he shares stories from his career, insights on software development, and deep dives into technology. Thank you for listening Check out our sponsors: https://lexfridman.com/sponsors/ep479-sc See below for timestamps, and to give feedback, submit questions, contact Lex, etc. CONTACT LEX: Feedback – give feedback to Lex: https://lexfridman.com/survey AMA – submit questions, videos or call-in: https://lexfridman.com/ama Hiring – join our team: https://lexfridman.com/hiring Other – other ways to get in touch:...

Bjarne Stroustrup: C++ Play Episode
Bjarne Stroustrup is the creator of C++, a programming language that after 40 years is still one of the most popular and powerful languages in the world. Its focus on fast, stable, robust code underlies many of the biggest systems in the world that we have come to rely on as a society. If you’re watching this on YouTube, many of the critical back-end component of YouTube are written in C++. Same goes for Google, Facebook, Amazon, Twitter, most Microsoft applications, Adobe applications, most database systems, and most physical systems that operate in the real-world like cars, robots, rockets that...

Kevin Scott: Microsoft CTO Play Episode
Kevin Scott is the CTO of Microsoft. Before that, he was the Senior Vice President of Engineering and Operations at LinkedIn. And before that, he oversaw mobile ads engineering at Google. This conversation is part of the Artificial Intelligence podcast. If you would like to get more information about this podcast go to https://lexfridman.com/ai or connect with @lexfridman on Twitter, LinkedIn, Facebook, Medium, or YouTube where you can watch the video versions of these conversations. If you enjoy the podcast, please rate it 5 stars on iTunes or support it on Patreon.

Kai-Fu Lee: AI Superpowers China and Silicon Valley Play Episode
Kai-Fu Lee is the Chairman and CEO of Sinovation Ventures that manages a 2 billion dollar dual currency investment fund with a focus on developing the next generation of Chinese high-tech companies. He is the former President of Google China and the founder of what is now called Microsoft Research Asia, an institute that trained many of the AI leaders in China, including CTOs or AI execs at Baidu, Tencent, Alibaba, Lenovo, and Huawei. He was named one of the 100 most influential people in the world by TIME Magazine. He is the author of seven best-selling books in Chinese,...

Malicious Life

---

The Reason You Dont Have Data Privacy Play Episode
Weve all experienced the creepiness of modern data trafficking, but that kind of daily annoyance is the surface of a much bigger issue: Big Tech companies such as Amazon & Microsoft are lobbying policymakers to veto laws that harm their business, and often hide their lobbying behind industry coalitions or organizations with names that are vague and seemingly harmless. Will current and future privacy laws actually protect your information, or will they protect the companies collecting your information?Advertising Inquiries: https://redcircle.com/brands

Masters of Scale

---

The New York Times will not be cowed, with CEO Meredith Kopit Levien Play Episode
From attacks by President Trump to active lawsuits against Microsoft and OpenAI, The New York Times is engaged in a fierce fight to preserve the future of independent journalism. It also keeps building a multi-faceted, excellence-obsessed brand with more users for games, recipes and podcasts than ever before. President and CEO Meredith Kopit Levien joins Bob Safian live on stage at the Masters of Scale Summit in San Francisco to explore The Times business model, how news coverage relates to the organization's fast-growing lifestyle products, and the impact of AI as a threat and a tool.Visit the Rapid Response website...

Replay: Bill Gates is ending his foundation heres how it began Play Episode
Bill Gates announced this week that he will shutter his philanthropic foundation in 20 years but not before using it to give away $200 billion to fight global diseases. In this archival episode from 2019, he tells host Reid Hoffman the story of how it all started and how he learned to scale his impact as a philanthropist.In Part 2 of this special two-part conversation, were talking with Bill Gates about the biggest success story ever told on the podcast. It was achieved not through Microsoft, but through the Bill & Melinda Gates Foundation. Bill and Melinda have built their...

Is AI a new species? Microsofts Mustafa Suleyman thinks so Play Episode
Artificial intelligence is a new digital species, says Mustafa Suleyman, Microsoft AIs CEO. For this episode, Mustafa joined Reid Hoffman on stage at the October 2024 Masters of Scale Summit. They discuss the risks and rewards of AI, and Mustafa explains why AI will change our experience of memory. Plus, why he thinks now is a great time to found and scale companies.Synthetic voiceover of Reid Hoffman used in this episode was produced by Respeecher with full consent and permission.Read Mustafas book: The Coming Wave: Technology, Power, and the 21st Centurys Greatest DilemmaRead a transcript of this episode: https://mastersofscale.comSubscribe to the...

Reid Hoffman & Jeff Berman on why the future needs re-founders Play Episode
Reid Hoffman thinks visionary leaders should pursue a "re-founder" state of mind. In this episode he welcomes the newest host of Masters of Scale, Jeff Berman, for a dialogue that digs into a re-founder's mission: evolving an organization while staying true to core values. As the re-founder of WaitWhat, the media company that brings this podcast to life, Jeff explores with Reid their own experiences with leadership succession. And they draw on re-founding insight from all-stars like Microsoft's Satya Nadella, Uber's Dara Khosrowshahi, and Yahoo's Marissa Mayer. So reset the clock to Day 0 because it's always a prime time...

Reid Hoffman confronts the AI critics, w/WaitWhat CEO Jeff Berman Play Episode
Are AIs harshest critics causing irreversible harm to humanity? How far should leaders lean into AI? And just what would Reid sound like speaking Chinese with a British accent?Reid Hoffman sits down with CEO of WaitWhat and longtime friend Jeff Berman to tackle these pressing questions and more. Join them in an unguarded exploration of how the AI landscape has continued to shift in the six months since Reid published Impromptu, the book he co-authored with ChatGPT.Reid also gives a sneak peek into his work with Microsoft's unreleased AI text-to-speech tech, and discusses why he chose not to join Elon...

Rapid Response: Make AI your co-pilot, w/Microsoft VP of Design & AI, John Maeda Play Episode
Rapid Response with Bob Safian: Can you truly take advantage of AI before speaking its language? Microsofts VP of Design and AI, Dr. John Maeda discusses AIs common misconceptions and its misunderstood opportunities. A veteran of AI development, John shares valuable insights for entrepreneurs about how to engage with the new technology from overcoming trepidation to making AI work harder for you and AIs potential to help leaders make better decisions.Read a transcript of this episode: https://mastersofscale.com/Subscribe to the Masters of Scale weekly newsletter: https://mastersofscale.com/subscribeSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Microsofts Satya Nadella: Why we need re-founders Play Episode
To achieve massive scale, you dont just need founders, you also need a re-founder someone to come in at a later stage to keep the mission and culture on track. As Microsofts third CEO ever after Bill Gates and Steve Ballmer Satya Nadella is doing just that. Hes fostered a culture at Microsoft that rewards new ideas and makes room for feedback. Satya discusses how, as Chairman and CEO, he has transformed Microsoft from a cutthroat culture towards embracing social networks, collaboration, and cloud. Plus, Satya and Reid reminisce about the early conversations that led to Microsofts acquisition of LinkedIn....

Bill Gates: How to accelerate history (Part 1) Play Episode
How did Bill Gates scale BOTH a global business and a global philanthropy? He spotted an inflection point in history and accelerated it. What does that take? A great idea, great timing, and also: Great partners. Because even Bill Gates doesnt go it alone. In Part 1 of this special two-part episode, Bill reflects with Reid on the founding and growth of Microsoft how he not only spotted an inflection point (hello, personal computers) but accelerated it to massive scale (forget computers, let's talk platforms). Theres timeless wisdom in Bills ability to identify inflection points, build strategic partnerships, and just...

Need to Know, w/Reid & Bob: Ukraine reverberations, inflation volatility, lessons from Peloton, Theranos, Meta, & more Play Episode
We should expect more volatility, Reid Hoffman tells Rapid Response host Bob Safian in the first Need to Know session of the year, covering news and business topics impacting entrepreneurs right now. Reid and Bob discuss the implications of the Ukraine invasion, then dive into the pandemic-fueled troubles at Peloton, PayPal, and Meta, new climate-change urgencies including Reids recent trip to Antarctica, and how Activision will be different after merging with Microsoft. Plus: pay transparency; the lessons of Theranos; and the business case for democracy. Cameos: John Doerr (author of Speed & Scale), Jeremy Farrar (Wellcome Trust), Daniella Ballou-Aares (Leadership...

Microsofts Satya Nadella: Why we need re-founders Play Episode
To achieve massive scale, you dont just need founders, you also need a re-founder someone to come in at a later stage to keep the mission and culture on track. As Microsofts third CEO ever after Bill Gates and Steve Ballmer Satya Nadella is doing just that. Hes fostered a culture at Microsoft that rewards new ideas and makes room for feedback. Satya discusses how, as Chairman and CEO, he has transformed Microsoft from a cutthroat culture towards embracing social networks, collaboration, and cloud. Plus, Satya and Reid reminisce about the early conversations that led to Microsofts acquisition of LinkedIn....

Coming soon on Masters of Scale Season 9 Play Episode
Coming August 31st: An all-new season of Masters of Scale, with iconic leaders and rising stars of scale companies. This season, Reid Hoffman trades theories with Satya Nadella, CEO of Microsoft, Robert Reffkin, founder and CEO of Compass, Indra Nooyi, former CEO of Pepsico, Jessica Alba, founder of The Honest Company, Beth Ford, CEO of Land O'Lakes, iconic investor and founder Marc Andreessen, Sheila Marcello, founder of Care.com, Lynn Jurich, co-founder and CEO of Sunrun and many more. Plus, weve got live episodes coming up, your favorite Strategy Sessions, and a few surprises in store. Join us!   Dont miss an episode! Subscribe...

Rapid Response: Why take on a turnaround, w/Magic Leaps Peggy Johnson Play Episode
Why leave a storied tech icon to lead a troubled brand? As the pandemic deepened this summer, Peggy Johnson left a safe perch at Microsoft to take the helm of one-time startup darling Magic Leap, which had just barely avoided bankruptcy. Yet with CEO roles for women in tech still unfortunately rare, Johnson felt compelled to take a risk. Now she's betting that the accelerated tech adoption prompted by Covid-19 will boost emerging areas like Magic Leap's AR. All entrepreneurs face moments when the bar seems impossibly high. But even in difficult times, Johnson knows, we can make our own...

Bill Gates: How to accelerate history (Part 1) Play Episode
How did Bill Gates scale BOTH a global business and a global philanthropy? He spotted an inflection point in history and accelerated it. What does that take? A great idea, great timing and also: Great partners. Because even Bill Gates doesnt go it alone. In Part 1 of this special two-part episode, Bill reflects with Reid on the founding and growth of Microsoft how he not only spotted an inflection point (hello, personal computers) but accelerated it to massive scale (forget computers, let's talk platforms). Theres timeless wisdom in Bills ability to identify inflection points, build strategic partnerships and just...

Take on Goliath and win, w/Dropbox's Drew Houston Play Episode
When Drew Houston founded Dropbox, he knew he faced some fierce competition (hello, Google, Apple and Microsoft). But he didnt back down. Why? Because he believed in his product, and he knew he had an advantage those big, cumbersome competitors could never exploit: Dropbox was lean, focused and fast. Hear how he outmaneuvered the big dogs and what's next for Dropbox.Drew Houston's reading list! Books mentioned in this episode:Competing Against Luck, by Clay Christensen and Karen DillonThe Effective Executive, by Peter DruckerThe Hard Thing About Hard Things, by Ben HorowitzBecoming Steve Jobs, by Brent Schlender and Rick TetzeliHard Drive: Bill...

The Reid Hoffman Story (Part 2): Make everyone a hero Play Episode
Were back with Part 2 of our special turn-the-tables episode with Reid Hoffman. In this episode, we follow Reid through PayPal, LinkedIn, the Microsoft acquisition, his angel investments, Greylock, and his hosting of Masters of Scale all the while proving our theory that you can chart an epic journey to scale if you make everyone you enlist a hero in their OWN story and not just yours. Guest host: June Cohen, the executive producer of Masters of Scale and the cofounder of WaitWhat, the company behind it). Cameo appearances: Arianna Huffington (Thrive Global) and Jeff Weiner (LinkedIn).Read a transcript of...

Motley Fool Money

---

OpenAIs Strategy Shift Ahead of IPO Play Episode
OpenAI is moving away from side quests as it prepares the business and financials for an IPO. To make matters more complicated, Microsoft is upset about a deal OpenAI made with Amazon. Plus, why short sellers are important. Travis Hoium, Lou Whiteman, and Rachel Warren discuss:- OpenAIs strategy shift- Microsofts warning to Amazon- Why short sellers are important Companies discussed: SoFi (SOFI), Amazon (AMZN), Microsoft (MSFT). Host: Travis HoiumGuests: Lou Whiteman, Rachel WarrenEngineer: Bart Shannon Advertisements are sponsored content and provided for informational purposes only. The Motley Fool and its affiliates (collectively, TMF) do not endorse, recommend, or verify the...

Big Techs $650 Billion Bet on AI Play Episode
Whats a few hundred billion dollars in capex spending among friends? When it comes to big tech, the numbers have gotten astronomical and theres both enthusiasm and fear about this much spending, so we try to make sense of whats going on. Travis Hoium, Lou Whiteman, and Jon Quast discuss: - Big techs $650 billion bet on AI - This weeks SaaS-pocalypse - We play Gold, Silver, and Bronze - Stocks on our radar Companies discussed: Amazon (AMZN), Alphabet (GOOG, GOOGL), Microsoft (MSFT), Meta Platforms (META), Coupang (CPNG), Cava (CAVA), Chipotle (CMG), Starbucks (SBUX), Portillos (PTLO), Texas Roadhouse (TXRH), Markel...

Teslas Daring Move Play Episode
For several years, Tesla has been straddling the fence between an electric vehicle manufacturer and its ambition to pursue autonomous driving and humanoid robots. This most recent quarterly report looks like the sign that the company has picked a side. Plus, the ups and downs of Metas and Microsofts earnings. Tyler Crowe, Matt Frankel, and Jon Quast discuss: - Teslas earnings - Elon Musks announcement that Tesla will discontinue production of the Model S and X. - Metas massive capital spending plan - Microsofts future getting closely tied to OpenAI - Stocks on our radar Companies discussed: TSLA, META, MSFT,...

It's the Big Tech Earnings Game! AAPL, META, MSFT Play Episode
Big Tech earnings are baaaaack. Apple (NASDAQ: AAPL), Meta (NASDAQ: META), and Microsoft (NASDAQ: MSFT) report earnings this week. Will they beat, raise, or miss the Street's targets? Hosts discuss + 3 bullet points of topics: Rick Munarriz and Sanmeet Deo:- Discuss Big Tech spending plans for 2026.- Review analyst expectations for AAPL, META, and MSFT.- Play a game of "beat, raise, or miss" and offer some other predictions.Dont wait! Be sure to get to your local bookstore and pick up a copy of Davids Gardners new book Rule Breaker Investing: How to Pick the Best Stocks of the Future...

FSDs Big Week, Abel Makes a Mark on Berkshire, and 24/7 Trading Play Episode
Teslas robotaxis are finally driving without a safety driver in the front seat (they are reportedly in a chase car) and we discussed the future business models for Tesla. Then, we covered Greg Abel making a mark on Berkshire Hathaway, Apples chatbot, and 24/7 trading. Travis Hoium, Lou Whiteman, and Jon Quast discuss: - FSD is herekind of - Greg Abel cleans house - Apples Siri chatbot - NYSE tokenizing stocks Companies discussed: Tesla (TSLA), Disney (DIS), Microsoft (MSFT), Berkshire (BRK), Spotify (SPOT), Sysco (SYY), Rocket Lab (RKLB), Elf Beauty (ELF), Intercontinental Exchange (ICE), Apple (AAPL). Host: Travis Hoium Guests:...

Big Tech Breaks the Bank for AI Play Episode
Big tech earnings were the talk of the market this week and we covered a blowout from Alphabet, questions about Meta, and why Amazon has its mojo back. To finish the show, we play Trick or Treat and discuss the stocks on our radar. Travis Hoium, Lou Whiteman, and Asit Sharma discuss: - Alphabets big cloud quarter - Metas AI questions - Amazon and AWS growth - Netflixs surprising stock split Companies discussed: Nike (NKE), On Holding (ONON), Alphabet (GOOG), Meta (META), Netflix (NFLX), Coinbase (COIN), Microsoft (MSFT), Chipotle (CMG). Host: Travis Hoium Guests: Lou Whiteman, Asit Sharma Engineer: Dan...

Alphabet Soars While Meta Sinks Play Episode
2025 has been the year of AI capex (so far). Companies have been announcing huge spending increases and signing deals to secure critical supplies like semiconductors for years into the future. So far, the market has responded well to these announcements. Except today when Meta announced the most ambitious AI capital spending plan of the Magnificent 7 companies and the market blinked. Tyler Crowe, Matt Frankel, and Jon Quast discuss: - Metas ambitious spending plan sending the stock down -Microsofts and Alphabets earnings and outlook getting mixed reviews -One year without Brian Niccol at Chipotle -One year with Brian Niccol...

Microsoft Gets $135 Billion OpenAI Stake Play Episode
Microsoft has agreed to a deal that will allow OpenAI to become a for-profit company, likely paving the way for an IPO. The tech giants stake will be worth $135 billion and comes with another $250 billion in cloud computing revenue. We also discuss recent jobs news and the future of AI in transportation and medicine. Travis Hoium, Lou Whitemand, and Rachel Warren discuss: - Microsofts $135 billion OpenAI stake - Rolling layoffs in Corporate America - NVIDIAs deals in robotics, aviation, and medicine Companies discussed: Microsoft (MSFT), Amazon (AMZN), Target (TGT), NVIDIA (NVDA), UPS (UPS). Host: Travis Hoium Guests:...

Nano Banana Steals the Spotlight From NVIDIA Play Episode
Can NVIDIAs recent earnings continue to bolster the market? Or maybe Nano Banana is the savior of AI? Travis Hoium, Jon Quast, and Dan Caplinger discuss: - NVIDIAs earnings- Nano Banana from Google Gemini- Spotify gets social- Dollar General show momentum in retail. Companies discussed: NVIDIA (NVDA), Alphabet (GOOG), Microsoft (MSFT), Meta Platforms (META), Dollar General (DG), Dollarama (DOL), Spotify (SPOT). Host: Travis HoiumGuests: Jon Quast, Dan CaplingerEngineer: Bart Shannon Advertisements are sponsored content and provided for informational purposes only. The Motley Fool and its affiliates (collectively, TMF) do not endorse, recommend, or verify the accuracy or completeness of the...

Autonomous Vehicles Hit an Inflection Point & GPT-5 Is Here Play Episode
Autonomous vehicles hit an inflection point, GPT-5 is here, and The Trade Desk drops 38%, plus the stocks on our radar. Companies discussed:.Alphabet (GOOG), Microsoft (MSFT), The Trade Desk (TTD), Hims & Hers (HIMS), Crocs (CROX), Shift4 (FOUR), Palantir (PTLR), Axon (AXON), Figma (FIG), Reddit (RDDT), Universal Display (OLED), Montrols Environmental (MEG). Host: Travis Hoium Guests: Lou Whiteman, Jon Quast Engineer: Dan Boyd Disclosure: Advertisements are sponsored content and provided for informational purposes only. The Motley Fool and its affiliates (collectively, TMF) do not endorse, recommend, or verify the accuracy or completeness of the statements made within advertisements. TMF is...

The Feds Inflation Conundrum & an AI Billionaire Battle Royale Play Episode
The Feds Inflation Conundrum & an AI Billionaire Battle RoyaleThe Fed kept rates flat this week, Apple and Amazon reported earnings, and we have the biggest names in AI battle it out for supremacy.Travis Hoium, Lou Whiteman, and Jason Moser discuss:- The Feds decision to hold rates steady- Apple and Amazon earnings- AI billionaire battle royale- Stocks on our radarCompanies discussed: Alphabet (GOOG, GOOGL), Apple (AAPL), Alphabet (GOOG, GOOGL), Cloudflare (NET), PayPal (PYPL), Microsoft (MSFT).Host: Travis HoiumGuests: Lou Whiteman, Jason MoserEngineer: Bart Shannon, Adam LandfairAdvertisements are sponsored content and provided for informational purposes only. The Motley Fool and its affiliates...

Tariffs and Trade Wars Cant Slow Big Techs Momentum Play Episode
The Federal Reserve holds rates steady for now, but an ever-evolving trade and tariff picture raises questions about for how long. Also, Meta Platforms and Microsoft earnings suggest no slowdown in AI spending. Lou Whiteman, Rachel Warren, and Jon Quast discuss: - The Federal Reserves decision to keep rates steady - A shift in smartphone production - Microsoft and Meta Platforms commit to continued elevated capex spending - Who will be the next $4 trillion company? Companies discussed: Meta Platforms (META), Apple (AAPL), Microsoft (MSFT), Nvidia (NVDA) Host: Rachel Warren Guests: Lou Whiteman, Jon Quast Engineer: Bart Shannon Advertisements are...

Taking the Market's Weight Play Episode
The Gross Domestic Product of the United States fell last quarter by 0.3%. The big tech giants are still growing. Jason Moser and Asit Sharma join Ricky Mulvey to discuss: - If the U.S. economy is sliding into a recession. - Earnings from Amazon, Meta, Microsoft, and Apple. - If investors should mind 20% of the S&P 500s market cap being tied to four companies. Then (19:11) Motley Fool Contributor Rick Munnariz joins Mary Long to discuss Universal Studios new park, Epic Universe, and the state of the travel industry. (32:17) Asit and Jason break down two radar stocks: Twilio...

The Best Company in Big Tech? Play Episode
Microsoft just got the market focused on business results again. (00:21) Nick Sciple and Dylan Lewis discuss: - Microsoft posting double digit growth across five segments and continuing to put cap ex to work on AI and the cloud. - Metas advertising present and AI future. - Why Microsoft is leading big tech and has the best near-term outlook for the Mag 7 stocks. (17:33) Yasser el-Shimy and Mary Long continue their conversation about Warner Brothers Discovery and shine a spotlight on David Zaslav the man tasked with leading the media conglomerate into the future. Companies discussed: MSFT, META, AAPL,...

Whats Cooking at Toast Play Episode
and why the stock is nowhere near fully valued. (00:21) Tim Beyers and Mary Long break down earnings from Toast, the restaurant tech company, and discuss Microsofts latest development in quantum computing. Then, (18:00), Kirsten Guerra joins Mary to check in on Roblox, how it stacks up against other gaming companies, and why the platforms young user base concerns some investors. Companies discussed: TOST, MSFT, RBLX, META, SNAP Host: Mary Long Guests: Tim Beyers, Kirsten Guerra Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl Learn more about your ad choices. Visit megaphone.fm/adchoices

The Infrastructure Behind the AI Revolution Play Episode
If youve got a network that cant go down, you call Arista Networks, a company building the infrastructure for the AI revolution. (00:21) David Meier and Ricky Mulvey discuss: - Why Microsoft and Meta rely on Arista Networks. - How Arista CEO, Jayshree Ullal, is managing Wall Street expectations. - The downfall of dating app Bumble. Then, (18:45) Anthony Schiavone joins Ricky to discuss Mid America Apartments, and why some housing costs are swinging back in favor of renters. Companies discussed: ANET, MSFT, META, BMBL, MAA, AVB Host: Ricky Mulvey Guests: David Meier, Anthony Schiavone Engineers: Dan Boyd, Rick Engdahl...

DeepSeek Disrupts, Big Tech Responds Play Episode
The market was left with more questions than answers about the next era of artificial intelligence. As we wait, the hyperscalers keep spending. (00:44) Jason Moser and Asit Sharma discuss: - The shockwaves of a cheaper, more efficient option in AI compute, and why big tech leaders like Microsoft and Meta are sticking to their buildout plans. - Apples continued struggles to find growth with the iPhone and its China business. (19:03) The earnings rundown continues! - Tesla finishes a flat year, but has big futurey plans for 2025 and 2026. - Starbucks first quarter under Brian Niccol looks a...

The Hyperscalers Are Hyper-Spending Play Episode
Meta and Microsoft are now spending roughly 30% of their annual revenues on capital expenditures. What are they hoping to get from all that investment? (00:14) Asit Sharma and Mary Long break down earnings from Meta and Microsoft. They also discuss: - Whether the DeepSeek story changes how investors should view off-the-walls AI spending. - The future of Reality Labs. - Microsofts $13B-and-growing AI business. - Why fungible fleet is a potentially ominous phrase for Sam Altman Companies discussed: META, MSFT, NVDA Host: Mary Long Guest: Asit Sharma Producer: Ricky Mulvey Engineer: Rick Engdahl Learn more about your ad choices....

DeepSeek and AIs Efficiency Era Play Episode
The tech battle between China and the U.S. is heating up one player just showed the world that Ai can be done well with a lot less. (00:14) Tim Beyers and Dylan Lewis discuss: - The Chinese app that is shaking up the AI landscape DeepSeek and how its leaner, less resource-intensive approach will affect artificial intelligence technology. - Why software prowess and efficiency will be the major themes for AI in 2025. - What to focus on when the affected big tech companies Apple, Microsoft, Meta, ASML report earnings this week. (19:15) Senior Fool Analyst David Meier, interviews John...

OpenAIs Magic Number? $100B Play Episode
Money is the major milestone for how OpenAI and Microsoft are thinking about the holy grail of artificial intelligence AGI. (00:45) Asit Sharma and Bill Mann discuss: - Microsoft and OpenAIs odd definition of artificial general intelligence (AGI) and Metas push into AI Influencers for Instagram. - One of the tastier parts of President Jimmy Carters legacy, and the potential ripple effects of surgeon generals warning about alcohol consumption. - A few words of caution for fintech and investing in the U.S. in 2025. (19:03) New year, new gameplan? Motley Fool CEO Tom Gardner walks Motley Fool members through his...

Big Tech's AI Spending Spree Play Episode
Amazon, Alphabet, and Microsoft are doing their part to drive $200B in AI-related capital expenditures for 2024. Theyll get some of that back in generative AI cloud workloads, but theyve got a ways to go. (00:42) Bill Mann and Matt Argersinger discuss: - How AI demand is refueling cloud growth at Amazon and Alphabet, but why theres still some reason to be concerned about the sustainability of that spend. - Apple continuing to run counter to the rest of big tech with their AI strategy and cap ex approach. - Reddits first-ever quarterly profit, Atlassian getting its mojo back, and...

Activision Blizzard: What Microsoft Got for $69 Billion Play Episode
Last year, Microsoft closed its takeover of Activision Blizzard, the maker of Warcraft, Call of Duty, and Candy Crush. In the months that followed, interest rates rose, expectations changed, and Microsoft Gaming eliminated 8% of its workforce. Jason Schreier is the author of Play Nice: The Rise, Fall, and Future of Blizzard Entertainment and a reporter at Bloomberg. Schreier joined Ricky Mulvey for a conversation about: - The magic that made Blizzard Entertainment. - The state of the video game industry. - Why Grand Theft Auto VI is taking so long to develop. Companies discussed: MSFT, TTWO, OTC: NTDOY Host:...

Signs Intels Foundry is Heating Up Play Episode
Intel investors have been looking for signs of life with its foundry business a couple billion dollars in deals and its new independent subsidiary status might help. (00:21) Tim Beyers and Dylan Lewis discuss: - Intels three focuses for turning it around: its Foundry business, AI strategy, and cost structure. - The real reason Amazon might be pushing workers to return to office five days a week, and why Andy Jassy is looking to reduce bureaucracy. - Microsofts new buyback authorization and dividend hike and it marches on the path to being a Dividend Aristocrat. (18:20) Alison Southwick and Robert...

Big Tech Bets on Overinvesting Play Episode
Amazon, Alphabet, Microsoft, and Meta are all spending a ton of money to build out cloud capabilities to fuel the next phase of AI growth. But the market isnt sold on that spend yet. (00:21) Ron Gross and Matt Argersinger discuss: - Why recent job numbers dramatically boosted the likelihood of a rate cut in 2024. - Intels dividend cut, and what history has to say about companies that stop payments to shareholders. - Why Apple and Meta are holding up well during a tough earnings season for big tech. - Amazon, Microsoft, and Alphabets combined $45B in capital expenditures...

Heres Your Unicorn Drink. Now Get Out. Play Episode
Is efficiency everything? Starbucks certainly seems to think so. (00:21) Bill Mann and Mary Long discuss Microsofts AI timeline and what experience means at the worlds largest coffee chain. Then, (15:10) Bloomberg media reporter Hannah Miller joins for a conversation on what the Paris Olympics mean for Peacock. Companies mentioned: MSFT, SBUX, LCKNY, CMCSA, NLFX, AMZN, DIS, WBD Host: Mary Long Guests: Bill Mann, Hannah Miller Producer: Ricky Mulvey Engineers: Dan Boyd, Austin Morgan Learn more about your ad choices. Visit megaphone.fm/adchoices

Amazon Up, Walgreens, Nike & McPlant Down Play Episode
Amazon joins the likes of Microsoft, Apple, Nvidia and Alphabet above $2T. Who is least likely to stay there? (00:21) Jason Moser and Bill Mann discuss: - Tips for playing the long game with the 2024 election cycle ramping up - Amazon joining the $2T club, and which member is most likely to experience a big fall. - Disappointing earnings for Walgreens and Nike, while McCormick keeps business zesty. (19:11) Author Nicola Twilley talks about her new book Frostbite, the development of modern refrigeration, and what its evolution can teach us about the development of other technologies today. (31:22) Jason...

Millions, Billions, Trillions for Nvidia Play Episode
Nvidias been on such a tear, its tough to keep the zeroes straight. We talk through its status as a top dog in the market and how top-heavy the S&P 500 is. (:21) Ron Gross and Bill Mann discuss: - How Nvidia stacks up to fellow titan Microsoft, and whether investors should be worried about how much of the markets returns are being driven by a few companies. - An luxury-fashion IPO that wasnt in Italy. - AI pushing Accenture through a slowdown in its core business and how Dardens Restaurant chains are holding up as pricing comes into focus...

Oracle and the AI Boom Play Episode
Is the software giant still a growth company? (00:21) Tim Beyers and Ricky Mulvey break down results from Oracle and why Microsoft is focusing on start-ups for the next leg of its AI strategy. Plus, (18:10) Mary Long and Motley Fool analyst Anthony Schiavone look at Hersheys near-term headwinds and long-term opportunity for investors. Companies discussed: ORCL, MSFT, DOCN, HSY Article discussed: https://www.wsj.com/tech/ai/microsoft-nadella-openai-inflection-9727e77a?mod=hp_lead_pos7 Host: Ricky Mulvey Guests: Tim Beyers, Mary Long, Anthony Schiavone Engineers: Tim Sparks, Austin Morgan Public.com disclosure: A High-Yield Cash Account is a secondary brokerage account with Public Investing, member FINRA/SIPC. Funds from this account are automatically...

The Big Three Drive All-Time Highs Play Episode
If you own an S&P 500 index fund then about 20% of your money is in Microsoft, Nvidia, and Apple. (00:21) Asit Sharma and Ricky Mulvey discuss why big tech is driving the market, earnings from Lululemon, and mindset advice for new investors. Plus, (17:05) Mary Long interviews Tom Steyer, author of Cheaper, Faster, Better: How Well Win the Climate War about advancements in green tech. Companies discussed: AAPL, NVDA, MSFT, LULU, CAVA, CRM Host: Ricky Mulvey Guests: Asit Sharma, Mary Long, Tom Steyer Engineers: Dan Boyd, Tim Sparks Public.com disclosure: A High-Yield Cash Account is a secondary brokerage account...

More AI = More Cyberthreats Play Episode
The number of data compromises last year increased by 78% from just 2022, according to the 2023 Annual Data Breach Report. One primary reason for this increase? Artificial intelligence. This Week in Tech co-hosts Tim Beyers and Tim White discuss the rise of cyber threats, and what it means for companies like Microsoft, Crowdstrike, and Zscaler. They also discuss how these breaches work, and what you can do to protect yourself and your family. Members of any Motley Fool Service can watch This Week in Tech at 10:00 am ET on Fridays, or any time at the Fool Live replay...

Everything at Highs: Tech, Rates, Gold and Cocoa Play Episode
Conventional theory says stocks, debt, and hedges shouldnt all be at highs at the same time what does it mean for investors? (00:21) Emily Flippen and Matt Argersinger discuss: - The latest inflation numbers and whether the Fed will actually cut rates in 2024. - The oddity of stocks, interest rates, and alternative hedges like commodities all being up at the same time. - Amazon CEO Andy Jassys annual letter, and why Amazon, Meta, and Microsoft are all doing what they can to reduce reliance on Nvidia in AI. . (19:11) Motley Fool Moneys Deidre Woollard talks with Barbara Kellerman...

Charles Duhigg on Supercommunicators Play Episode
What happens when a group of hedge fund managers share the last time they cried? Charles Duhigg is a Pulitzer prize-winning reporter and a best-selling author. His latest book is Supercommunicators: How to Unlock the Secret Language of Connection. Mary Long caught up with Duhigg for a conversations about: - The habits of Supercommunicators. - How Boeing and Netflix navigated communications crises. - An under-the-radar figure running the technical side of Microsoft. Host: Mary Long Guest: Charles Duhigg Producer: Ricky Mulvey Engineers: Rick Engdahl, Dan Boyd Learn more about your ad choices. Visit megaphone.fm/adchoices

Big Tech: AI, Devices, and Dividends Play Episode
A big week of debuts in tech Apples Vision Pro hits shelves and Meta unveils a new plan for its cash. (00:21) Bill Mann and Jason Moser discuss: - Apples Vision Pro, Metas new dividend, and how the cloud keeps performing for Microsoft and Amazon. - Why New York Community Banks woes dont signal broader banking issues, but the liquidation of Evergrande could mean more pain ahead in China. (19:11) Will Lansing, CEO of FICO, talks through his teams management philosophy, why investors should focus on more than just the companys scoring business, and the way AI and buy-now-pay-later are...

Finding AI in Big Tech Earnings Play Episode
Microsoft continues to live up to its top dog status in its latest report thanks to its cloud segment, and the market is less convinced Alphabet has fully caught up. (00:21) Asit Sharma and Dylan Lewis discuss: - Where AI developments are showing up in Microsofts financials. - The concerns over Alphabets ad segment, even as it posts a return to growth. - How the market is grading big tech companies this earnings season. (14:12) Is scanning social media a part of your investment research? Chris Camillo, co-host of "Dumb Money Live" on YouTube, Motley Fool Senior Analyst Sanmeet Deo...

Microsofts Reminder: Dont Sleep on Giants Play Episode
Microsoft taking the spot as the largest company in the world is a good reminder that sometimes it takes a while for big names to turn it around. We explain why and talk about how IBM and Comcast could have good times ahead. (00:21) Bill Mann and Andy Cross discuss: - Microsoft crossing $3T and surpassing Apple as the largest publicly traded company. - Alibabas co-founders buying up $200M shares, and the state of investing in China. - Teslas tough, but predictable quarter, big subscriber growth from Netflix, and why IBM is a sneaky AI play. (19:11) Motley Fool Moneys...

Geek Out! Play Episode
The rules of business are changing. And those rules are being written by some unlikely characters. Andrew McAfee is a Principal Research Scientist at the MIT Sloan School of Management and author of a number of books, including The Geek Way. Mary Long caught up with McAfee to discuss how culture shapes companies and brings about impressive returns along the way. They discuss: The power of geekiness How Satya Nadella turned Microsoft around And why Amazon *wants* to see billion-dollar failures. Tickers discussed: AMZN, MSFT, AAPL, GOOG, META Host: Mary Long Guest: Andrew McAfee Producer: Ricky Mulvey Engineers: Dan Boyd,...

Is This The Beginning Or The End Of OpenAI? Play Episode
With the dust still not settled, what could be next for Microsoft and OpenAI? (00:13) Bill Barker and Deidre Woollard discuss: - Winners and losers in the OpenAI schism. - If anything will slow the pace of AI. - What former Cruise CEO Kyle Vogt might do next. (17:55)Ryan Severino, chief economist at BentalGreenOak, part of the alternative assets business at Sun Life, talks with Deidre Woollard about the latest in commercial real estate. Companies discussed: MSFT, NVDA, GM, GOOG, GOOGL Claim your Stock Advisor discount here: www.fool.com/mfmdiscount Host: Deidre Woollard Guests: Bill Barker, Ryan Severino Producer: Mary Long Engineers:...

Softness Ahead for Ads and Consumer Spend? Play Episode
Big tech is still benefiting from the push into the cloud, but digital advertising might be slowing down a bit. Earnings from the credit card companies help explain why. (00:21) Emily Flippen and Jason Moser discuss: - Big tech earnings trends in cloud spend for Amazon, Microsoft, and Alphabet, and what ad market softness might mean for Meta. - Visa and Mastercard earnings, and why consumer spend might lighten up a bit in Q4. - Spotifys fantastic past twelve months and what investors should think now. (19:11) Motley Fool co-Founder and CEO Tom Gardner caught up with Michael Lewis at...

One of these Clouds Is Not Like the Other Play Episode
Alphabet shed $100 billion in market value as it ceded some ground in the cloud competition. (00:21) Ricky Mulvey and Nick Sciple discuss: - Microsofts quarter and focus on Copilot. - If Bing can become more of a competitor to Google search. - Alphabets investments in self-driving technology. - The anti-trust suit hanging over Alphabet. Plus, (14:58) Deidre Woollard interviews Vincent Stanley, Patagonias Director of Philosophy, about companies that are doing work to help the planet. Companies discussed: MSFT, GOOG, GOOGL, WMT, UL, DANOY, SSU Hosts: Ricky Mulvey, Deidre Woollard Guests: Nick Sciple, Vincent Stanley Producer: Mary Long Engineers: Dan...

Microsoft Closes Activision Deal Play Episode
Nearly two years after the initial announcement, Microsoft has completed the largest deal in tech history. (00:21) Ricky Mulvey and Asit Sharma discuss:- What got Microsoft across the finish line for its acquisition of Activision Blizzard.- An unexpected winner in the deal.- The latest memo from Howard Marks, Further Thoughts on Sea Change.- The case for credit investing, and a bond fund yielding 9%.Plus, (15:04) Robert Brokamp and Alison Southwick answer listener questions about money market funds, 401(k) rollovers, and automated investing.Companies/Funds mentioned: MSFT, LULU, USHYHosts: Ricky Mulvey, Alison Southwick Guests: Asit Sharma, Robert Brokamp Engineers: Dan Boyd, Rick Engdahl...

Google, DOJ, and Default Inertia Play Episode
The DOJs anti-trust suit against Google is far from over, but details are emerging that show even the search giant knew the optics of their search default deal with Apple werent great. (00:21) Tim Beyers and Dylan Lewis discuss: - How the DOJ is charging Google cemented itself as the search leader with exclusive deals with Apple. - Just how lucrative those deals were for Apple. - The similarities with this case and the governments anti-trust case against Microsoft in the 1990s. (14:46) Mary Long caught up with Motley Fool analyst Sanmeet Deo for a chat about airport security stock...

Microsoft and Alphabets Cash Stacks Play Episode
Microsofts cash flow is astounding, and Alphabets CFO moves to a pretty cool position CIO with a big check book. (00:13) Tim Beyers and Dylan Lewis discuss: - Microsofts strong cloud business, and why the stocks selloff on guidance is misguided - The slow roll of AI and how investors need to be patient with new tech efforts. - Why Alphabet may have more good days ahead of it when the advertising market rebounds. - The legacy of Alphabet CFO Ruth Porat (16:14) Match group and Bumble have millions of paid users... but how many of those daters are sticking...

Schwab Is Not SVB Play Episode
When Silicon Valley Bank collapsed, some investors thought Charles Schwab could be next. But, the bank with $8 trillion in client assets is proving to be resilient. (00:21) Ricky Mulvey and Asit Sharma discuss: - Schwabs cash sorting problem. - Takeaways from bank earnings. - A deadline for the Microsoft/Activision deal whooshing by. (11:21) Robert Brokamp answers listener questions about 529 plans, target-date funds, and investing in a 401(k). Companies discussed: SCHW, MS, PNC, BAC, MSFT, ATVI Pullback report: www.fool.com/pullback Got a question for the show? Email us at podcasts at fool dot com. Host: Ricky Mulvey Guests: Asit Sharma,...

One Step Closer to a $69B Deal Play Episode
The FTC failed to prove the Microsoft/Activision Blizzard deal would substantially lessen competition, which means blockbuster acquisition might come together before next weeks deadline. (00:21) Bill Mann and Dylan Lewis discuss: - Why the FTCs attempt to block the Microsoft/Activision Blizzard deal failed. - The concessions Microsoft is making to make the deal happen. - How were seeing a similar response to regulatory interest in Broadcoms planned acquisition. (14:09) Is it the end of an era for superheros? Mary Long caught up with Catie Peiper to discuss trends in entertainment and Mattel's big bet on Barbie. Companies discussed: MSFT, ATVI,...

Deal or No Deal? Play Episode
Regulators are taking a hard look at acquisitions for Adobe, MIcrosoft, and Amazon. And that might be a good thing for Adobe and Activision shareholders. (00:21) Emily Flippen and Matt Argersinger discuss: - Why more rate hikes are on the way. - How housings impact on inflation probably wont slow down any time soon. - Why Activision and Adobe shareholders might not want their companys proposed acquisitions to go through. (19:11) Deidre Woollard spoke with Atif Qadir, the founder of proptech company Commonplace, about how issues at regional banks affect real estate, and whether empty office space can really be...

Game over for GameStops CEO Play Episode
GameStops CEO is out and Spotify is shaking up its podcast strategy. (00:20) Deidre Woollard and Bill Barker discuss: - Why the market isnt quite certain about Ryan Cohens new role at GameStop. - If GameStop can move beyond meme status and find new growth. - Spotifys layoffs and what it signals about its strategic shift. (11:40) Asit Sharma talks to former Snowflake CEO Bob Muglia on his new book The Datapreneurs, what Microsoft got wrong about the internet, and where AI could take us next. Companies discussed: MSFT, GME, SPOT, SNOW Host: Deidre Woollard Guests: Bill Barker, Asit Sharma,...

Nvidia Booms Play Episode
The graphics processing maker became $200 billion more valuable in a single day. (00:21) Jim Gillies and Ricky Mulvey discuss: - Nvidias blockbuster quarter and valuation questions to consider. - The history of tech cycles and lessons for investors. - If Best Buy needs sales growth to reward shareholders. Plus, (16:21) Tim Beyers and Meilin Quinn interview Digital Ocean CEO Yancey Spruill about how the cloud service provider differentiates itself from competitors like Microsoft and Amazon. Companies discussed: NVDA, BBY, QCOM, CSCO, INTC, MSFT, DOCN, AMZN Host: Ricky Mulvey Guests: Jim Gillies, Yancey Spruill, Meilin Quinn, Tim Beyers Engineers: Dan...

Time To Buy Golf Stocks? Play Episode
Sometimes you need to stop thinking, let things happen, and be the ball. (00:21) Jason Moser discusses: - EU regulators approving Microsoft's deal to buy Activision Blizzard (but investors being skeptical) - Peloton recalling more than 2 million exercise bikes - Why he's keeping a close eye on Home Depot's earnings report on Tuesday (13:00) Nick Sciple joins Jason to discuss the business of golf and analyze two publicly-traded golf companies. Companies discussed: MSFT, ATVI, SONY, PTON, HD, WMT, TJX, TGT, MODG, GOLF Host: Chris Hill Guests: Jason Moser, Nick Sciple Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl Learn...

Big Tech, Big Payments, Big Burrito Play Episode
A huge week for earnings reveals a theme for investors: bigger is better (0:21) Matt Argersinger and Jason Moser discuss: - Amazon's 1st-quarter revenue impressed but questions remain about AWS - Alphabet's $70 billion share buyback plan (and 1st-quarter results) - Visa and Mastercard beating Wall Street's expectations and providing insight into consumer spending - The latest from Microsoft, Meta Platforms, and Chipotle (19:11) Motley Fool senior analyst Tim Beyers talks with Jay Chaudhry, CEO of the cloud cybersecurity company Zscaler, about "zero trust" security, under-the-radar threats, and Zscaler's growing opportunity in federal government contracting. (31:17) Matt and Jason share...

Microsoft-Activision Deal Blocked. Now What? Play Episode
How hard will Microsoft and Activision-Blizzard fight to appeal the decision by UK regulators? (00:21) Bill Barker discusses: - Microsoft's strong 3rd-quarter results being overshadowed - The $3 billion breakup fee Microsoft is now likely to have to pay - Chipotle shares hitting a new all-time high after 1st-quarter profits were much higher than Wall Street was expecting (15:48) As businesses look to cut costs, what does that mean for cloud spending? Tim Beyers and Tim White take a closer look at Amazon Web Services. Companies discussed: MSFT, ATVI, SONY, NTDOY, CMG, AMZN, DDOG, ORCL, IBM Host: Chris Hill Guests:...

The (Wall Street) Hits Keep On Coming Play Episode
It was another big week of earnings results (and surprises). (0:21) Jason Moser and Ron Gross discuss: - Shopify's guidance outweighing its results - Airbnb nearly doubling profit expectations - Record revenue for The Trade Desk - Shares of Roku popping more than 25% - The latest from Marriott, Twilio, Cisco Systems, and Zillow Group (19:11) Jason and Ron keep the earnings coverage going and discuss: - Boston Beer surprising Wall Street - Outset Medical's latest results - The state of Microsoft's bid to buy Activision Blizzard - The latest from Coca-Cola, Roblox, Chipotle, and Alphabet - Two stocks on...

NFL Predictions, AI Competitions Play Episode
Big changes could be coming to the NFL playoffs. (0:21) Emily Flippen and Andy Cross discuss: - The growing AI battle between Microsoft and Alphabet - Lyft shares falling 35% - PayPal CEO Dan Schulman announcing his retirement - CVS Health buying a primary care business for $10 billion - The latest from Disney, Cloudflare, Chipotle, and Pepsi (19:11) Andrew Brandt, former NFL executive and director of Villanova University's Moorad Center of Sports Law, discusses the business health of the NFL, how the playoffs may change, and his prediction for a blowout Super Bowl 57. (34:40) Andy and Emily share...

Disney Pops, Alphabet Drops Play Episode
Disneys latest results and plans were just what Wall Street wanted to hear. (0:21) Tim Beyers discusses: - How the parks & experiences division drove Disneys 1st-quarter results - ESPN+ being a bright spot among streaming properties - Alphabet shares falling over a botched AI demo and concerns about Microsoft (13:20) Just in time for Valentines Day, Jason Hall and Ryan Henderson engage in a bull vs. bear debate over Match Group. Motley Fool premium members, click here to link your Motley Fool membership to a Spotify account and check out the latest episode of our exclusive podcast, Stock Advisor...

The AI Land Grab Has Started Play Episode
Microsoft's AI event is only the latest sign of the hottest area of tech. (0:21) Jason Moser discusses: - CEO Satya Nadella hailing "a new day in search" - Shares of C3AI, an enterprise AI platform company, doubling in the past five weeks - Zoom Video announcing it's laying off 15% of employees (12:00) Robert Brokamp talks with former Pittsburgh Steelers lineman Jonathan Scott about playing in Super Bowl 45, managing an irregular income, and other takeaways from his book "The Winning Playbook: Strategies for Life on and off the Field". Stocks discussed: MSFT, GOOG, AMD, AI, ZM Host: Chris...

Gen Z & Millennials Are Driving AmEx Higher Play Episode
If American Express had a problem with an aging demographic, it looks like that problem is being addressed. (0:20) Jason Moser discusses: - Shares of AmEx popping 15% in two days off of strong guidance for 2023 - How younger customers are the majority of the companys growth story - Why hes going to be watching Amazons revenue when it reports earnings on Thursday (11:00) Tim White and Tim Beyers discuss the implications of Microsofts $10 billion investment in ChatGPT. Companies discussed: AXP, GS, AMZN, MSFT, GOOG, GOOGL Host: Chris Hill Guests: Jason Moser, Tim Beyers, Tim White Producer: Ricky...

GDP, Tesla, FinTech, and "Burrito Season" Play Episode
As much as we love stocks, sometimes the Big Macro really does drive the market. (0:21) Emily Flippen and Ron Gross discuss: - Stronger-than-expected GDP sending stocks higher - Tesla ending the year on a high note - Chevron's record profits and huge buyback plan - Visa and Mastercard delivering strong profits (again) - The latest from Intel, Microsoft, Southwest Airlines, and Johnson & Johnson (19:11) Deidre Woollard talks with Corrado Russo, head of global securities at Hazelview Investments, about real estate, REITs, and a part of the market investors might want to avoid. (30:00) Emily and Ron discuss Chipotle's...

Eyes on the Cloud Play Episode
Investors are paying up for stability, as big tech growth slows down. (0:15) Dylan Lewis and Motley Fool Chief Investment Officer Andy Cross discuss: - Microsoft's quarter, and lower growth expectations for its cloud business. - What long-term investors can expect from Microsoft. - The Department of Justice's suit against Alphabet, and a shifting regulatory environment. - Kimberly Clark's "less than stellar" quarter. Plus, (16:25) Motley Fool Canada's Jim Gillies joins Ricky Mulvey to give the bull case for one of the most heavily shorted stocks of 2022. Companies discussed: MSFT, GOOG, GOOGL, TTD, KMB, BIG Host: Dylan Lewis Guests:...

Big Tech Layoffs, Signs of Housing Trouble Play Episode
Alphabet and Microsoft are laying off a combined 22,000 employees. Is Apple next? (0:21) Matt Argersinger and Jason Moser discuss: - The ripple effect of Big Tech Layoffs - Netflix founder Reed Hastings stepping down from his co-CEO role - Cancellation rates soaring in one segment of the housing market - Differing views on interest rates from two major bank CEOs - The latest from Procter & Gamble, Nordstrom, and holiday retail data (19:11) John Rotonti talks with Jurrien Timmer, Director of Global Macro at Fidelity Investments, about what history can teach about the current market cycle and sectors that...

Prices Falling, More Tech Layoffs Play Episode
As many expected, Microsoft announced the layoff of 5% of its employees. (0:21) Asit Sharma discusses: - The Producer Price Index falling 0.5%, much more than economists were expecting - Microsoft's layoffs, and whether Alphabet will be next - Why he's expecting more questions about layoffs this earnings season, but also more talk of where companies are investing (9:25) Is Lululemon Athletica facing short-term headwinds or long-term challenges? Ryan Henderson and Jamie Louko go head to head in our latest Bull vs. Bear debate! Our flagship service, Stock Advisor, is open to new members for just $99 a year. To...

3 CEOs Walk Into A Bar Play Episode
On a shortened week of trading for investors, three CEOs dominated the headlines. (0:21) Matt Argersinger and Jason Moser discuss: - Layoff announcements and a sober prediction from Microsoft CEO Satya Nadella - The market's positive reaction to the December jobs report - Key things they're watching in the tech industry - Newest unveilings at CES in Las Vegas - The latest from Stitch Fix and Constellation Brands (19:11) Malcolm Ethridge, CFP and host of "The Tech Money Podcast", weighs in with predictions of two more interest rate hikes, why "Mega Cap Tech" is the key to a stock market...

London Calling Microsoft Play Episode
A new 10-year deal with the London Stock Exchange sends shares of Microsoft higher. (0:21) Jason Moser discusses: - The "win-win" deal between the two sides - How cloud services like Azure and AWS are becoming utilities - The short, not-so-happy public life of Weber Grill - Peter Lynch's advice being a starting point (not a finish line) for investors (12:30) Ricky Mulvey talks with Eddie Alterman, host of the "Car Show" podcast, about the used car market and how GM is competing with Ferrari. Stocks mentioned: MSFT, LDNXF, AMZN, GOOG, GOOGL, WEBR, COOK, GM Holiday Music: Sugar & Booze...

USA vs. Microsoft Play Episode
It's time to lawyer up! (0:21) Andy Cross and Ron Gross discuss: - Wholesale prices rising higher than expected - Costco's surprisingly disappointing quarter - DocuSign ending the year on a positive note - Casey's General Stores hitting an all-time high thanks in part to beer cheese pizza - The latest from Lululemon, RH, Campbell's Soup, and Chewy (19:11) Rachel Warren talks with Jay Jacobs from BlackRock about megatrends to watch in healthcare, infrastructure, and electric vehicles. (30:20) Andy and Ron discuss the FTC suing Microsoft over its proposed acquisition of Activision Blizzard, and share two stocks on their radar:...

Apple, Amazon, and 2 New All-Time Highs Play Episode
The biggest tech companies reported this week, but it was Apple that shined the brightest. (0:30) Jason Moser and Matt Argersinger discuss: - The diversity and strength of Apple's business lines - Slowing growth in Amazon Web Services - Meta Platforms hitting its lowest point in 6 years - Ford Motor's demonstration of fiscal discipline - The latest from Alphabet, Microsoft, and Visa (19:15) Jason and Matt continue the earnings analysis and discuss: - ExxonMobil and McDonald's hitting new highs - Chipotle's plans for growth - Surprisingly strong weeks for Teladoc Health and Intel - Overrated and underrated Halloween candy...

Big Tech Earnings Preview Play Episode
Earnings season kicks into full swing with Alphabet, Meta, and Microsoft reporting this week. (:21) Dylan Lewis and Tim Beyers discuss: - Margins, pricing power, and other metrics to watch from big tech companies. - More details about Twitter's acquisition. - Why Chinese tech stocks are dropping as Xi Jingping begins his third term. The battle of research papers is on! (16:58) Tim White joins Tim Beyers to discuss the simple reason why tech giants are very interested in generating images from text prompts. Companies mentioned: MSFT, GOOG, GOOGL, META, TWTR, NFLX, AAPL Host: Dylan Lewis Guests: Tim Beyers, Tim...

Stocks (and Investing Books) We're Bullish On Play Episode
Snap fell 30% and took other social media and advertising stocks down with it. (0:30) Emily Flippen and Ron Gross discuss: - Pinterest, Meta Platforms, and Alphabet getting dragged down by Snap's bad news - American Express shares falling despite increased full-year guidance - Boston Beer's strong 3rd-quarter report - The latest from Microsoft, Netflix, Tesla, and Tractor Supply (19:15) Emily and Ron dip into the Fool Mailbag and discuss: - Medical device pure-plays - Investing books they recommend - Surprising economics of pumpkin spice - The latest from McDonald's and Keurig Dr. Pepper - Stocks they're more bullish on...

Activist Investors Shake the Tree Play Episode
If you'd like to see tech stocks turn around, some activist investors feel the same way. They just have some more fire power. (0:21) Deidre Woollard and Asit Sharma discuss: - Starboard Value's recent stakes in Splunk and Salesforce. - Dan Loeb's push for a spinoff at Colgate-Palmolive. - Layoffs at Microsoft. Plus, Robert Brokamp and Matt Frankel (14:06) discuss how your home fits into a financial plan. Companies discussed: CRM, MSFT, CL, SPLK, GIS, INTC Host: Deidre Woollard Guest: Asit Sharma, Robert Brokamp, Matt Frankel Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl Learn more about your ad choices....

"Make no mistake, this too shall pass." Play Episode
Bear markets always come to an end, but they're not necessarily fun while they last. (0:21) Bill Mann discusses: - The market reacting to the Federal Reserve's announcement a day before the Fed actually makes it - Why large companies like Microsoft are quietly preparing for 2023 and 2024 - The bizarre incident involving Beyond Meat's chief operating officer (11:25) Alison Southwick and Robert Brokamp talk with Emily Flippen about some of the biggest consumer goods storylines of the year, and potential radar stocks for investors. Stocks mentioned: MSFT, BYND, NFLX, LULU, PTON, CHWY, SG, BARK, VDC Host: Chris Hill...

4 Tech Titans Boost Stocks Play Episode
Apple, Microsoft, Alphabet, and Amazon provide a welcome lift to the market. (0:30) Andy Cross and Ron Gross discuss: - The Fed raising interest rates and GDP contracting - Apple and Amazon surprising to the upside - Microsoft's cloud division delivering again - Shopify's relative attractiveness as a stock - Meta Platforms warning investors (19:45) Andy and Ron discuss Chipotle's impressive ability to raise prices, as well as: - McDonald's stock closing in on a new high - The war on cash with Visa and Mastercard - Diageo wrapping up a strong year - The latest from Etsy and Roku...

Big Tech Bounces Back Play Episode
Microsoft and Alphabet didn't disappoint with their latest quarterly results. (0:22) Bill Mann discusses: - Microsoft having tough comps, with the cloud division shining once again - Alphabet proving its resilience - Chipotle continuing to raise prices and profits (12:54) Ricky Mulvey talks with Jack Caporal about The Motley Fool's latest research into crypto scams and how you can avoid them. Stocks mentioned: WMT, TGT, AMZN, COST, SHOP ETH, SOL Host: Chris Hill Guests: Bill Mann, Jack Caporal Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl Learn more about your ad choices. Visit megaphone.fm/adchoices

Netflix Review, Comic-Con Preview Play Episode
Turns out Netflix did NOT lose 2 million subscribers as previously predicted. (Only 970,000) (0:22) Tim Beyers discusses: - The market's relief that 2nd-quarter results for Netflix were "less bad" - Why Microsoft shareholders have a stake in Netflix's success - Twitter winning the 1st round in its legal battle with Elon Musk (10:21) Ricky Mulvey and Catie Peiper discuss how entertainment companies have dealt with rough economic situations in the past (and how they could respond in the current environment), and preview this year's San Diego Comic-Con! Stocks mentioned: NFLX, MSFT, TWTR, DIS, WBD, AMZN Host: Chris Hill Guests:...

Fintech's Future, Underrated Investing Metrics Play Episode
Earnings season has begun! (0:30) Emily Flippen and Jason Moser discuss: - Latest results from the Big Banks and tough comments from JPM's CEO Jamie Dimon - Pinterest shares rising on an activist buying 9% - Amazon's potential for dropping in-house brands - Unity Software buying Ironsource - BMW launching a SWaaS (seat warmers as a service) subscription - The latest from Microsoft, Netflix, Twitter, Disney, and The Trade Desk (20:17) Rachel Warren and Auri Hughes talk with Jared Isaacman, CEO of Shift4 Payments, about the future of fintech. (32:35) Emily and Jason answer mailbag questions about new "Night Effect"...

Microsoft Wins Netflix Ad Biz Play Episode
Can a $1.9 trillion company still be a dark horse? Microsoft beats the odds and wins the Netflix ad business. (0:21) Maria Gallagher discusses: - How Microsoft being "agnostic" helped it beat Google and Comcast - Netflix purposefully timing this news ahead of next week's earnings - Why she's focused on the ripple effects of Target's upcoming report (9:13) Ricky Mulvey and Rick Munarriz discuss Celsius Holdings, an energy drink company with triple-digit growth. Got a question about stocks? Call the Motley Fool Money Hotline at 703-254-1445! Stocks mentioned: NFLX, GOOG, GOOGL, CMCSA, MSFT, TGT, CELH, KO, PEP, MNST Host:...

Microsoft's Deal Under Investigation Play Episode
The UK's regulatory authority on competition has officially opened an investigation into Microsoft's deal to buy Activision Blizzard. (0:21) Bill Mann discusses: - Why Wall Street is shrugging off the news - What to expect when the decision is announced by September 1st - Amazon's deal to take a small stake in GrubHub - The prospect for more companies (e.g., Salesforce, Atlassian) to take stakes in smaller software companies (11:51) Deidre Woollard talks with Jacob Goldstein about his recent interview with Redfin CEO Glenn Kelman, the 3% commission model, and more. Got a question about stocks? Call the Motley Fool...

Should Netflix Buy Roku? Play Episode
Is Roku really preparing for a takeover bid from Netflix? (0:25) Asit Sharma discusses: - Whether acquiring Roku solves Netflix impending ad challenges - Why Roku's stock is still pricy after its recent fall - DocuSign's expanded partnership with Microsoft - If this paves the way for an eventual acquisition (13:21) Deidre Woollard talks with Jason Hall about why he's so bullish about homebuilders and the tailwinds driving his thesis. Stocks discussed: ROKU, NFLX, DOCU, MSFT, ADBE, CRM Host: Chris Hill Guests: Asit Sharma, Deidre Woollard, Jason Hall Producer: Ricky Mulvey Engineers: Dan Boyd, Rick Engdahl Learn more about your...

Economic Hurricane? Just Keep Buying Play Episode
Microsoft lowered guidance, Elon Musk has a super bad feeling about the economy, and Jamie Dimon warned investors that a hurricane is coming. (0:30) Jason Moser and Ron Gross discuss: - Why short-term trading in and out of the market is NOT the answer - Oktas strong results and optimism for the rest of the fiscal year - Lululemons online sales growth - Ford Motor CEO Jim Farleys comments on plans for the electric vehicles - The latest from Chewy and Salesforce (19:00) Nick Maggiulli, COO of Ritholtz Wealth Management, discusses insights from his book Just Keep Buying: Proven Ways...

Mega Caps Struggle, Becky Quick on Berkshire-Hathaway's Future Play Episode
The biggest companies in the U.S. markets couldn't stop April being the worst month for the stock market in years. (0:30) Emily Flippen and Ron Gross discuss: - Amazon falling more than 10% after a weak 1st-quarter report - Apple's supply chain outlook - Microsoft delivering strong earnings across its business units - Atlassian's guidance outweighing great 3rd-quarter profits - Pinterest bouncing back from a 52-week low - The latest from Meta Platforms, Alphabet, and Pinterest (19:00) CNBC host Becky Quick calls in from the Berkshire-Hathaway annual meeting to discuss Warren Buffett's investing strategies, inflation, the strength of the U.S....

Big Tech's Big Returns, Sports Business in the Spotlight Play Episode
Apple posts record revenue. Microsoft makes its intentions clear with respect to its gaming division. Visa and American Express rise on strong results. Tesla tells Wall Street not to expect any new models this year. Home Depot's getting a new CEO while Lowe's gets a new partner in Petco. Atlassian raises guidance and McDonald's is optimistic about the McPlant Burger. Emily Flippen and Ron Gross analyze those stories, discuss areas of the market that look attractive right now, and share two stocks on their radar: Fulgent Genetics and Garmin. John Ourand from Sports Business Journal discusses NFL ratings, what the...

"The healthiest business on the U.S. stock market" Play Episode
Microsoft CEO Satya Nadella talked about his company doubling down on gaming, which should give gamers and investors pause. Tim Beyers analyzes not only the impressive 2nd-quarter results but the overall health of Microsoft's business and how much room to run the gaming division has. He also discusses Mattel's renewed partnership with Disney, and what investors need to understand about F5's place in the cloud industry. Plus, Olivia Zitkus and Keith Speights discuss how Pfizer, Moderna, and Abbott Laboratories are investing the money they've earned from Covid-19-related sales, and whether one is doing a better job of it than the...

Alphabet's Discipline, 5G's Potential Play Episode
Microsoft's acquisition of Activision Blizzard wasn't just a shot at Meta Platforms. Shares of Sony continue to fall in the wake of Microsoft's move, causing some to question the future of Sony's PlayStation. Tim Beyers analyzes the shifting landscape in entertainment, including Google's move to shut down its original programming division at YouTube. He also discusses whether winning regulatory approval to become a bank holding company makes SoFi Technologies a more attractive investment and Verizon and AT&T changing some of their plans for today's nationwide rollout of 5G. Plus, Ricky Mulvey talks with John Laconte from The Vail Daily about...

Microsoft Buys Activision Blizzard and Takes Aim at Meta Platforms Play Episode
With its biggest acquisition ever, Microsoft buys Activision Blizzard for $68.7 billion. Jason Moser analyzes why the move signals a direct shot at Meta Platforms and why Microsoft shareholders should be optimistic about the company's gaming aspirations. He also examines shares of Goldman Sachs and The Gap, both falling similar amounts, and why one of them represents a potential buying opportunity. Plus, Alison Southwick and Robert Brokamp discuss actionable ways to stay on track with your financial goals for 2022, including a rare triple-tax advantage to help prepare for future healthcare costs. Stocks: MSFT, ATVI, META, NVDA, GPS, GS Host:...

Microsofts Ascension, Facebooks Metamorphosis Play Episode
Microsoft becomes the worlds most valuable company. Amazon and Apple deal with supply chain issues. Alphabet rises on (what else?) strong ad sales. Visa gets a visit from the U.S. Department of Justice. Facebook changes its name to Meta. Atlassian hits a new all-time high. Ron Gross and Jason Moser analyze those stories, discuss the latest earnings from Starbucks, McDonalds, Shopify, Twilio, and share two stocks on their radar: Asana and Teladoc Health. Learn more about your ad choices. Visit megaphone.fm/adchoices

September Retail, Big Banks, Consumer Tech Events Play Episode
What do surprisingly good retail sales in September indicate for holiday shopping? Will Googles new Pixel phone be a hit? Which major retailer could be the next to drop tobacco products? Are we in for a record-setting Halloween? Maria Gallagher and Jason Moser answer those questions, analyze the latest from Dominos Pizza, Virgin Galactic, Shopify, Microsoft, Oracle, Restaurant Brands International, and share two stocks on their radar: Zillow Group and Marvell Technology. Learn more about your ad choices. Visit megaphone.fm/adchoices

Earnings: Big Tech Surprises and Disappointments Play Episode
Amazon has its worst day in over a year after missing expectations. Alphabet hits a new high and announces a $50 billion buyback plan. Apple and Microsoft dip despite reporting huge profits. And McDonalds serves up a chicken sandwich-fueled surprise. Motley Fool analysts Emily Flippen and Jason Moser discuss those stories and weigh in on the latest earnings from Facebook, PayPal, Shopify, Starbucks, Qualcomm, Twilio, Teladoc Health, Pinterest, and Hasbro. Plus, our analysts share two stocks on their radar: Beyond Meat and Etsy. Looking for more stocks foryourradar? Get 50% off our Stock Advisor service just by going tohttp://RadarStocks.fool.com. Learn...

Big Tech, Huge Earnings Play Episode
Alphabet, Amazon, and Apple report record earnings. Microsoft reports its biggest revenue growth in three years. Shopify rises on a strong quarter. Shares of Crocs, Facebook, and Waste Management hit all-time highs. Pinterest and Teladoc tumble. And Dominos reports double-digit growth. Motley Fool analysts Ron Gross and Jason Moser discuss those stories and dig into earnings news from Starbucks, McDonalds, and Visa. Plus, our analysts share a couple of stocks on their radar: Axon Enterprise and Skillz. Looking for more stocks foryourradar? Get 50% off Stock Advisor by going tohttp://RadarStocks.fool.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsofts Big Deal and Coinbases Big Debut Play Episode
Microsoft buys Nuance Communications in a $16 billion deal. Coinbase makes an $86 billion Wall Street debut. FDA hits the pause button on Johnson & Johnsons COVID-19 vaccine. Katrina Lake steps down as the CEO of Stitch Fix. Bed Bath & Beyond slips on earnings. White Claw introduces Surge. Pepsi serves up big growth in its snack division. And IBM unveils a surprising name for its cloud business. Motley Fool analysts Emily Flippen and Ron Gross discuss those stories and share two stocks on their radar: Bilibili and Ecolab. Plus, e.l.f. Beauty CFO Mandy Fields talks about the big business...

As GameStop Turns Play Episode
Investors react to the escalating drama with Redditt, speculators, and GameStop. Johnson & Johnson reports Phase 3 trial results from its one-shot vaccine. Apple reports record-breaking revenue. Microsoft hits a new high on earnings. Facebook slides. Atlassian rises. Starbucks surprises. And Tesla dips. Motley Fool analysts Andy Cross and Ron Gross discuss those stories and weigh in on the latest from Mastercard, Visa, and General Motors. Ron and Andy share two stocks on their radar: NextEra Energy and Unity Software. Plus, Ad Ages Jeanine Poggi previews the advertising for Super Bowl LV. Learn more about your ad choices. Visit megaphone.fm/adchoices

Big Buys, New Highs, and Hot Holiday Toys Play Episode
Wall Street shrugs off disappointing jobs numbers. Salesforce buys Slack and squares off against Microsoft. Docusign beats on the top and bottom lines. Crowdstrike, Five Below, and Zscaler all hit all-time highs. Zoom Video reports strong earnings but slips on slowing revenue growth. UltaBeautyslips on slowing sales. Okta rises on earnings. WarnerMedia disrupts the movie business. And Oreos go Gaga! Motley Fool analysts Andy Cross and Ron Gross weigh in on those stories and share two stocks on their radar: Fulgent Genetics and Lemonade. Plus, toy industry analyst Jackie Breyer talks holiday toys, scented Play Doh, and the state of...

Retail Surprises and the Future of Video Games Play Episode
Walmart delivers big online sales. Target and Williams-Sonoma hit all-time highs. Home Depot and Lowes fall on earnings. Amazon gets into the pharmacy business. And Radio Shack returns! Motley Fool analysts Andy Cross and Jason Moser discuss those stories and weigh in on the latest from Intuit, Workday, Goldman Sachs, and Zaxbys. Plus, Andy and Jason share two investment ideas on their radar: Cerence and Roblox. And Loup Ventures managing partners Gene Munster and Doug Clinton take stock in the future of video games and talk Apple, Google, and Microsoft. To get 40% off our Everlasting Portfolio service, go to...

Earnings and Elections Play Episode
Alphabet surges on strong earnings. Microsoft reports higher profits but disappoints with guidance. Amazon reports record quarterly sales. Facebook falls on concerns over a decline in U.S. and Canadian users. Starbucks serves up a surprise. Apple dips on weak iPhone sales. And Netflix raises prices. Motley Fool analysts Andy Cross, Ron Gross, and Jason Moser discuss those stories and dig into the latest results from Etsy, Pinterest, Shopify, Tupperware, Twitter, and Under Armour. Our analysts share three stocks on their radar: Wix.com, Inphi, and EPAM Systems. And we talk about what the upcoming election means for investors. Learn more about...

TikTok Deals, Investing in Real Estate Play Episode
Microsoft and Walmart team up to pursue TikTok. Salesforce reports a record quarter. Workday gets the job done. Okta hits an all-time high. Best Buy gets a big boost from online sales. Ulta Beauty surges. And McDonalds adds some spice. Motley Fool analysts Andy Cross and Jason Moser discuss those stories and share two stocks on their radar: Chewy and Medallia. Plus, Matt Argersinger, lead advisor of Millionacres, a Motley Fool investing service, talks about the current environment for commercial real estate and shares some opportunities for investors in real estate today. Learn more about your ad choices. Visit megaphone.fm/adchoices

Fortnite vs. Apple and the Future of Malls Play Episode
Simon Property Group talks with Amazon about mall-based distribution centers. Microsoft announces plans to sell a $1,400 foldable phone. Marriott rises despite reporting its first quarterly loss in more than eight years. Apple and Fortnite engage in a battle royale. Lyft deals with sinking revenue and California concerns. SmileDirectClub gives investors something to frown about. And Starbucks, Dunkin, and Hersheys get a head start on fall and Halloween. Motley Fool analysts Ron Gross and Jason Moser discuss those stories and share two stocks on their radar: Bed Bath & Beyond and Qualcomm. Plus, Lakehouse Capital Chief Investment Officer Joe Magyer...

Intels Drop, Microsofts Record, MercadoLibres Future Play Episode
Intel plunges on chip delays. Microsoft declines despite a record quarter. Twitter pops on strong user growth. Chipotle serves up strong digital growth but slips on closed restaurants. Coca-Colas CEO says the worst is over. Intuitive Surgical surprises. Boston Beer surges. Tesla slides. Disney delays Mulan indefinitely. And Slack goes to war with Microsoft. Analysts Andy Cross and Jason Moser discuss those stories and share two stocks on their radar: Equinix and Qorvo. Plus, MercadoLibres Head of Investor RelationsFederico Sandlertalks online retail, online payments, and the future of the e-commerce giant. Learn more about your ad choices. Visit megaphone.fm/adchoices

Digital Ad Spending and the Power of Weird Play Episode
Google deals with slipping ad sales while Facebook and Amazon gain market share. Amazon buys a new car. McCormick hits a new high. Nike stumbles. And Microsoft pulls the plug on its stores. Motley Fool analysts Andy Cross and Jason Moser discuss those stories and weigh in on the latest from Albertsons, Chuck E. Cheese, and Darden Restaurants. The guys share two stocks on their radar: Etsy and Houlihan Lokey. Plus, Atlantic writer Olga Khazan shares some insights from her book, Weird: The Power of Being an Outsider in an Insider World. Learn more about your ad choices. Visit megaphone.fm/adchoices

Sell in May and Go Away? Play Episode
An additional 4 million Americans file for unemployment as the total number of unemployed tops 30 million. The S&P 500 wraps up its best month since 1987. Amazon reports surging sales and rising costs. Apple sees strength in services. Mastercard and Visa beat expectations. Alphabet gets a boost from YouTube. Microsoft gets a boost from the Cloud. And Facebook rises on strong engagement. Motley Fool analysts Aaron Bush, Andy Cross, and Jason Moser discuss those stories and weigh in on the latest from Atlassian, McDonalds, Microsoft, Spotify, Starbucks, Teladoc, and Twitter. Aaron talks about the future of gaming. And the...

Earnings-palooza: Welcome to Club Trillion! Play Episode
Amazons huge 4th-quarter gets the company back above the trillion-dollar market cap. Apple and Microsoft continue their hot streaks, while Facebook sells off due to margin concerns. Jason Moser, Andy Cross, and Ron Gross analyze the latest earnings results from Tesla, Visa, Colgate-Palmolive, McCormick, Starbucks, McDonalds, and PayPal. Plus, we discuss IBMs new CEO, Ataris new line of hotels, and why the guys have Mastercard, Walker & Dunlop, and Pinterest are on their radar. For a free copy of our Investing Starter Kit, go to www.fool.com/StarterKit and well email it to you. Learn more about your ad choices. Visit megaphone.fm/adchoices

2019 in Review: Software, Entertainment, and Cheap Beer Play Episode
Disney Plus works its magic. WeWork falls down on the job. Best Buy rewards investors. And Constellation Brands unloads some cheap beer. Analysts Andy Cross, Ron Gross, and Jason Moser discuss some of the years top business stories, stock market surprises, underappreciated stories, and dumb investments. We share why Chipotle, Microsoft, and Target each have a claim on having the Best CEO of 2019. Businesses analyzed this week include Amazon, Lumentum, Lyft, Microsoft, Uber, and more. Plus, we revisit our conversation with NYU professor and best-selling author Scott Galloway, who talks about his latest book,The Algebra of Happiness: Notes on...

Amazon's Investments, Tesla's Surprising Profit Play Episode
Amazon slips as one-day shipping costs rise. Microsoft climbs higher thanks to growth in the cloud. Tesla generates its best day in six years. Southwest Airlines reports record earnings despite MAX headwinds. And Biogen surges on encouraging results from a discontinued Alzheimers drug. Motley Fool analysts Emily Flippen, Ron Gross, and Jason Moser discuss those stories and weigh in on the latest from eBay, Hasbro, Hershey, PayPal, Twitter, and Visa. Plus, we debate overrated and underrated Halloween candies and share three stocks on our radar. Thanks to Molekule for supporting our channel. Get 10% off your first air purifier at...

Microsoft's Hike, GM's Strike Play Episode
Microsoft hikes its dividend and buys back stock. Apple launches its subscription gaming service. Airbnb announces plans for an IPO. And FedEx delivers disappointment. Analysts Aaron Bush, Emily Flippen, and Ron Gross discuss these stories and the latest from Datadog, General Mills, WeWork, and YUM! Brands. Plus, we dip into the Fool Mailbag to discuss AIs future. And Motley Fool auto analyst John Rosevear weighs in on GMs strike, Fords future, and Amazons electrifying buy. Get the money you need to run your small business. Go to Kabbage.com to get started. Credit lines subject to review and change. Individual requests...

Americas E-Cigarette Addiction Play Episode
The S&P 500 and DJIA both hit record highs. Ford Motor and Volkswagen team up on autonomous vehicles and EVs. Zoom Video has a bug problem. Slack shares fall as competition from Microsoft Teams heats up. Pepsi hits a new high, and Lululemon starts a surprising new business. Andy Cross, Emily Flippen, and Jason Moser analyze those stories and share three stocks theyre watching closely this earnings season. Plus, Carl Quintanilla discusses the growing popularity of vaping, the focus of CNBCs new documentary Vaporized: Americas E-Cigarette Addiction. Thanks Netsuite. Get the FREE guide, 7 Key Strategies to Grow your Profits...

The Trillion-Dollar Sleeper Play Episode
Microsofts market cap crosses the trillion-dollar mark as shares hit an all-time high. Amazon reports its most profitable quarter ever. Facebook surprises, but in a good way. And Uber and Slack get ready for their public debuts. Analysts Andy Cross, Emily Flippen, and Jason Moser discuss those stories and dig into earnings from Comcast, Dominos, PayPal, Starbucks, and Twitter. Plus, CNBCs Becky Quick talks Warren Buffett and previews the Berkshire Hathaway annual meeting. Thanks to Molekule for supporting our channel. Get $75 off your first order at http://www.molekule.com code fool75. Learn more about your ad choices. Visit megaphone.fm/adchoices

We Have Lyft-Off! Play Episode
Lyft rises in its public markets debut. Wells Fargo makes a change at the top. Lululemon hits a new high. Analysts Aaron Bush, Ron Gross, and Jason Moser discuss those stories and dig into the latest from McCormick, Blackberry, and Restoration Hardware, as well as surprising e-commerce news. Plus, Motley Fool media analyst Tim Beyers reviews Apples big event and discusses Google, Microsoft, and the future of gaming. Check outHello Monday from LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

The Netflix of Video Games? Play Episode
Jeff Bezos squares off with the National Enquirer. Chipotle sizzles. And Alphabet ramps up its spending. Our analysts discuss those stories and dig into the latest from Disney, Electronic Arts, Take-Two Interactive, Hasbro, Mattel, Papa Johns, Skechers, Spotify and Twitter. Plus, on Satya Nadellas 5th anniversary as Microsoft CEO, tech journalist Mary Jo Foley talks about Nadella and the future of Microsoft. To join our live Q&A on February 13th, subscribe to our YouTube channel with one click of a button at www.YouTube.com/TheMotleyFool. Thanks to LinkedIn for supporting The Motley Fool. Go to linkedin.com/fool and get $50 off your first...

Big Tech Returns and Big Game Surprises Play Episode
Amazon fails to impress Wall Street. Microsoft reports some cloudy returns. And Facebook connects. Analysts Andy Cross, Ron Gross, and Jason Moser discuss these stories and dig into the latest from Apple, eBay, MasterCard, PayPal, Tesla, and Visa. Plus, Wall Street Journal editor Nat Ives talks about the business of Super Bowl marketing. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Business of Hurricanes Play Episode
Hurricane Florence makes landfall. Apple unveils new phones. Nike hits a new high. Dave & Busters delivers. Sears surprises. And Volkswagen kills a bug. Motley Fool analysts Matt Argersinger, Ron Gross, and Jason Moser delve into these stories and discuss the latest with Kroger, AMD, and more. Plus, analyst Tim Beyers weighs in on Tesla, the battle for the living room, and why Microsoft might be the new Apple. Thanks to Casper for supporting The Motley Fool. Save $50 on a mattress at http://www.casper.com/fool (use the promo code Fool). Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsofts Cloud Nine Play Episode
Microsoft shares hit an all-time high thanks to strength in the companys cloud business. Netflix falls on concerns over subscriber growth. American Express doesnt get rewarded. And Skechers gets kicked around. Analysts Matt Argersinger, David Kretzmann, and Jason Moser discuss those stories and weigh in on the latest from eBay, Dominos, and Papa Johns. Plus, Motley Fool co-founder David Gardner talks with best-selling author Dan Pink about the science of perfect timing. Thanks to Harrys for supporting Motley Fool. Get your Trial Set go to Harrys.com/fool . Learn more about your ad choices. Visit megaphone.fm/adchoices

Tech Titans: Infinity War Play Episode
Amazon hits a new high, and raises the price on Prime. Alphabet racks up big profits amid higher spending. Facebook posts record revenue, while Microsofts cloud goes higher. Which one of these tech behemoths will get to a $1 trillion market cap first? Jason Moser, David Kretzmann, and Jeff Fischer analyze those stories, as well as the latest results from Visa, PayPal, Baidu, Twitter, Chipotle, Intel and more. Plus, we dip into the Fool Mailbag and share a few stocks on our radar. Learn more about your ad choices. Visit megaphone.fm/adchoices

New CEOs, New IPOs, and a Conversation with LinkedIn Play Episode
Baiduannounces IPO plans for its video service. Under Armour jumps higher. Boston Beer and Chipotle name new CEOs. And Alibabas Chairman hits the big screen. Our analysts discuss those stories and share some stocks on their radar. Plus, Motley Fool co-founder Tom Gardner talks with LinkedIn CEO Jeff Weiner about the Microsoft marriage, the power of diversity, and the power of predictive analytics. Learn more about your ad choices. Visit megaphone.fm/adchoices

Earnings-Palooza! Play Episode
Amazon, Alphabet, Apple, eBay, Facebook, McDonalds, Microsoft, and PayPal report earnings. And Hostess takes the cake with its new bonus plan. Our analysts weigh in on those stories and share some stocks on their radar. Thanks to LegalZoom for supporting The Motley Fool. Get special savings by going to LegalZoom.com and use Fool at checkout. Learn more about your ad choices. Visit megaphone.fm/adchoices

Big Tech is Getting Bigger Play Episode
Alphabet, Amazon and Microsoft all hit new highs after their latest earnings reports. Jason Moser, Matt Argersinger and Jeff Fischer analyze the growing dominance of these tech giants. We also take a look at Baidu, Intel, Twitter and more, and share a few stocks on our radar. Plus, we get the inside scoop on two of the biggest candy makers as we talk with Joel Glenn Brenner, author of The Emperors of Chocolate: Inside the Secret World of Hershey and Mars. Thanks to Freshbooks for supporting The Motley Fool. Get a 30-day free trial by going to FreshBooks.com /FOOL and...

Netflix & The Business of Comic-Con Play Episode
Netflix shares hit a new high. Microsofts cloud business continues to grow. Visa and American Express ring the cash register for investors. Pepsi revives an old brand while Chipotle deals with another health crisis. Plus, Forbes contributor Rob Salkowitz calls in from San Diego to provide analysis of this years Comic-Con and the business of pop culture. Thanks to Slack for supporting The Motley Fool. Learn more at slack.com. Thanks also to Harrys for supporting The Motley Fool. Get your Free Trial Set go to Harrys.com/Fool. Learn more about your ad choices. Visit megaphone.fm/adchoices

Becoming Warren Buffett Play Episode
Starbucks slows. Microsoft surprises. Apple sues Qualcomm. And Twinkie goes cold. Plus, Emmy-award winning director Peter Kunhardt talks about his new HBO documentary, Becoming Warren Buffett. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft's New High Play Episode
Microsoft hits an all-time high. Netflix delivers. Hasbro gets a boost from princess power. And Snoopy gets sent to the doghouse. Plus, best-selling author Roger Lowenstein talks about his newest book, America's Bank. Learn more about your ad choices. Visit megaphone.fm/adchoices

Money Advice from Dad Play Episode
Microsoft buys LinkedIn. Lumber Liquidators bounces back. We analyze those stories and more, and share the best money advice from our Dads. Plus, technology columnist Charles Arthur analyzes the Brexit vote, Apple, Google, and hot tech trends. Learn more about your ad choices. Visit megaphone.fm/adchoices

Big Tech's Big Miss Play Episode
Alphabet, Microsoft, and Netflix slip. McDonald's surprises. And Under Armour rises. Plus, CNBC's Becky Quick previews the annual Berkshire Hathaway meeting. Learn more about your ad choices. Visit megaphone.fm/adchoices

Facebook's Big Surprise Play Episode
Facebook reports record earnings thanks to strong growth in advertising. Microsoft connects with its cloud business. Apple loses some of its shine after projecting a decline in revenues. And McDonald's brings home the bacon thanks to all-day breakfast. Our analysts discuss the week's top business stories and share some stocks on their radar. Learn more about your ad choices. Visit megaphone.fm/adchoices

New Highs for Alphabet, Amazon & Microsoft Play Episode
Alphabet, Amazon, McDonald's and Microsoft hit new highs. Valeant Pharmaceuticals plummets. And Oprah gives Weight Watchers a boost. Our analysts discuss those stories and share three stocks on their radar. Plus, CNBC's Kayla Tausche talks big banks, Square IPO, and Star Wars. Learn more about your ad choices. Visit megaphone.fm/adchoices

Amazon's Secret Weapon Play Episode
Starbucks serves up a new all-time high. And Amazon and Microsoft find big profits in the cloud. Our analysts discuss those stories and delve into earnings news from Chipotle, Google, and 3D Systems. Plus, CNBC journalist Becky Quick previews the upcoming Berkshire Hathaway annual meeting. To get a copy of our e-book on Warren Buffett, just email warren@fool.com. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.24.2014 Play Episode
Apple hits a new high. Amazon stumbles. Microsoft surprises. And McDonalds slowdown continues. Our analysts discuss those stories and share some stocks on their radar. And we talk about the power of the unconventional with Linda Rottenberg, author of Crazy is a Compliment: The Power of Zigging When Everyone Else Zags. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 07.18.2014 Play Episode
Microsoft cuts 18,000 jobs.Mattel slips on Barbie bearishness. And Google climbs on stronger-than-expected revenues. Our analysts discuss those stories and share three stocks on their radar. And just how did LEGO go from near-bankruptcy to Everything is Awesome? Chris talks with Wharton Professor David Robertson, author of Brick by Brick: How LEGO Rewrote the Rules of Innovation and Conquered the Global Toy Industry. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 03.28.2014 Play Episode
Facebook makes a big buy. Microsoft introduces Office for the iPad. And Candy Crush gets crushed. Our analysts discuss those stories and share three stocks on their radar. Plus, Motley Fool retirement expert Robert Brokamp talks portfolio rebalancing, hidden fees, and financial planning. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 03.21.2014 Play Episode
Microsoft hits a 14-year high. Wal-Mart goes after GameStop. And Starbucks bets on wine and beer.Our analysts discuss those stories. Plus, best-selling author Will Thorndike shares some investing insights from his book, The Outsiders:Eight Unconventional CEOsand Their Radically Rational Blueprint for Success. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 02.07.2014 Play Episode
CVS makes a surprising announcement. Twitter tumbles. And Disney hits a new high. Plus, Guardian technology editor Charles Arthur talks about Microsoft's new CEO. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 01.24.2014 Play Episode
Netflix investors see green after strong subscriber growth. Microsoft surprises with strong Surface sales. And Starbucks serves up big earnings. Our analyst discuss those stories and share some stocks on their radar. Plus, Motley Fool Asset Management's Bill Mann talks international investing. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 01.10.2014 Play Episode
Target sees red after its data breach. Twitter gets downgraded. And Ford's CEO turns down Microsoft. Our analysts discuss those stories and share some stocks on their radar. Plus, Motley Fool analyst Matthew Argersinger shares some insights from CES 2014. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.25.2013 Play Episode
Microsoft rises on earnings. Amazon hits a new high. And Netflix overtakes HBO. Our analysts discuss those stories and share three stocks on their radar. Plus, Panera Bread founder and CEO Ron Shaich serves up some insights on the restaurant business. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.04.2013 Play Episode
The government shuts down. Twitter gets ready to go public. And some Microsoft shareholders call for Bill Gates to step down. Our analysts discuss those stories and Honest Tea co-founder Seth Goldman talks about the business of tea. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.27.2013 Play Episode
Government shutdown looms, JC Penney does it again, and Nike hits an all-time high. Our guys analyze the latest on Microsofts next CEO and share 3 stocks on their radar. Plus, craft beer pioneer Ken Grossman takes us inside the industry with his new book, Beyond the Pale: The Story of Sierra Nevada Brewing Co. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.20.2013 Play Episode
Bernanke surprises. Microsoft makes a big buy. And Tesla accelerates. Plus, producer Jim Bruce discusses his new film, Money for Nothing: Inside the Federal Reserve. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.06.2013 Play Episode
The government reports weaker-than-expected jobs numbers. Microsoft makes a big buy. Samsung & Qualcomm unveil the first smart watches. And Campbell Soup serves up a new way to make soup. On this weeks show, our analysts discuss those stories and share three stocks on their radar. Plus, Motley Fool Asset Managements Bill Mann gives his take on the some recent business developments. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 07.12.2013 Play Episode
The market hits new highs. Microsoft restructures. Kroger buys Harris Teeter. And Twinkie makes a comeback. Our analysts discuss those stories and share some stocks on their radar. And we talk business with the hosts of The Dinner Party Download. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 05.24.2013 Play Episode
The Fed stays the course. Microsoft unveils the Xbox One. And Disney makes some surprising cuts. Our analysts discuss those stories. Plus, corporate governance expert and film critic Nell Minow talks Apple, Buffett, and Memorial Day movies. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 04.19.2013 Play Episode
Our analysts discuss earnings news from Google, Microsoft, Chipotle, Intel, Coca-Cola, and Pepsi.And we talk with Kenneth Cukier, co-author of Big Data:A Revolution That Will Transform How We Live, Work, and Think. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 11.30.2012 Play Episode
Costco issues a special dividend. Microsoft deals with problems below the Surface. And Zynga makes a risky bet. Our analysts discuss those stories. Plus, Robert Pozen shares some insights from his book, Extreme Productivity. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.19.2012 Play Episode
Shares of Google plunge after an earnings surprise.Our analysts discuss Google's big miss and delve into earnings news from Chipotle, McDonald's, and Microsoft.Plus, Gina Keating talks abouther newbook, Netflixed: TheEpic Battle for America's Eyeballs. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.21.2012 Play Episode
Apple's new iPhone goes on sale. Microsoft increases its dividend. Nike buys back shares.And an online real estate company makes a big splash with its IPO. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.14.2012 Play Episode
Apple unveils the iPhone 5. McDonald's adds calories to its menu. And Facebook's CEO says it's time to double down. Our analysts discuss those stories and share some stocks on their radar. Plus, Guardian technology editor Charles author talks about his book, Digital Wars: Apple, Google, Microsoft and the Battle for the Internet. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 08.24.2012 Play Episode
Apple, Google, Microsoft and Amazon all have events planned in September to unveil new products. Our analysts discuss which companies have the most to gain and lose, and delve into earnings from Dell, HP and Best Buy. Plus New York Times reporter Charles Duhigg discusses his best-selling book The Power of Habit: Why We Do What We Do in Life and Business and Motley Fool retirement expert Robert Brokamp shares financial tips. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 07.20.2012 Play Episode
Chipotle, Google, IBM,and Microsoft report earnings. And Yahoo! names a new CEO. Our analysts discuss those stories and share three stocks on their radar. Plus, we talk about the business of bouncing back with Andrew Zolli, author of Resilience: Why Things Bounce Back. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 07.13.2012 Play Episode
China reports its slowest growth in three years. JPMorgan Chaseupdates investors on its big loss. BridgepointEducation and SuperValu get slammed. And Microsoft's CEO has some fighting words for Apple. Our analysts discuss those stories and share three stocks on their radar. Plus, Motley Fool retirement expert Robert Brokamp shares some 401K tips. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 06.22.2012 Play Episode
The Fed makes a move.Moody's downgrades big banks.Microsoft unveils its Surface tablet.And Burger King serves up a hot I.P.O.Our analysts discuss those stories and share three stocks on their radar.Plus,we talk about the natural gas revolution with journalist Tom Wilber, author of Under the Surface: Fracking, Fortunes, and the Fate of the Marcellus Shale. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 06.15.2012 Play Episode
Investors brace for elections in Greece. JPMorgan Chase CEO Jamie Dimon testifies before Congress. Dell and Nokia announce some big cuts. And Microsoft makes a big buy. Our analysts discuss those stories and share three stocks on their radar. Plus,we talk about the business of lying with Dan Areily, author of The Honest Truth About Dishonesty: How We Lie to Everyone - Especially Ourselves. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 06.01.2012 Play Episode
Investors react to weaker-than-expected jobs numbers.NYC Mayor Michael Bloomberg attempts to crack down on sugary drinks.Samsung launches a big rival to the iPhone.And Amazon and Microsoft combine forces in the battle for the living room.Our analysts discuss those stories and share three stocks on their radar.Plus, we talk horse racing, betting, and investing with Daily Racing Form publisher and columnist Steven Crist. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 05.04.2012 Play Episode
The government reports weaker-than-expected jobs growth.Yahoo! deals with a leadership controversy.Whole Foods serves up big earnings. Green Mountain Coffee serves up some bitter earnings.And Microsoft bets on the Nook. Our analysts discuss those stories and share three stocks on their radar.Plus,Motley Fool co-founder Tom Gardner talks about his approach to investing. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 04.20.2012 Play Episode
Our analysts discuss the latest earnings news from Coca-Cola, Chipotle, GE, Intel, McDonald's, and Microsoft. And we talk with CNBC's Carl Quintanilla about the new CNBC documentary, The Costco Craze: Inside the Warehouse Giant. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 12.09.2011 Play Episode
Jobless claims fall as the EU continues to search for a resolution to the debt crisis. Ford reinstates its dividend for the first time in 5 years. Microsoft releases a major upgrade to Xbox Live. McDonalds stock hits an all-time high and JC Penney buys a stake in Martha Stewart. Our analysts discuss those stories and more, and share 3 stocks on their radar. Venture capitalist Paul Holland discusses the future of technology and Something Ventured, his documentary film about the start of the VC movement. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.21.2011 Play Episode
World markets react to the death of Libyan dictator Muammar Qadaffi. Apple, Chipotle, Intel, McDonald's, and Microsoft report earnings. And Groupon prepares for its IPO. Our analysts discuss these stories and share three stocks for the next fifty years. Plus, Honest Tea co-founder Seth Goldman talks about the business of tea. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.23.2011 Play Episode
HP names a new CEO. Nike reports big earnings. Netflix deals with another backlash. And McDonald's and Microsoft increase their dividends. Our analysts discuss those stories and share a few stocks on their radar. Plus, CNBC's Scott Wapner talks about the new CNBC documentary, The Coffee Addiction. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 05.27.2011 Play Episode
Google introduces tap-to-pay technology.Hedge fund manager David Einhorn calls for Microsoft CEO Steve Balmer to step down.And Krispy Kreme reports itstenth consecutive quarter of same-store-sales growth. Our analysts tackle those topics and share some stocks on their radar.Plus, corporate governance expert and film critic Nell Minow talks whistleblowers, Netflix, and must-see movies. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 05.13.2011 Play Episode
Microsoft bets big on Skype. Disney loses big on Mars. Big oil gets grilled over big tax breaks. Google unveils the Chromebook. And Facebook deals with a public relations fiasco. Plus, New York Times writer Diana Henriques, author of The Wizard of Lies: Bernie Madoff and the Death of Trust, discusses how Bernie Madoff pulled off the biggest Ponzi scheme in history. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 02.11.2011 Play Episode
Our analysts discuss the latest earnings from Chipotle, Cisco, and Disney. We delve into Microsoft's new deal with Nokia and talk retail with Costco CEO and co-founder Jim Sinegal. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 01.28.2011 Play Episode
Microsofts latest quarterly earnings were a mixed bag but well tell you why the stock is poised for success. Plus, the latest earnings analysis on Amazon, Ford, McDonalds, Netflix and more. All that (and more) and well talk emerging markets, global trends, and the future of Lady Gaga with economist Daniel Altman, author of the new book Outrageous Fortunes: The Twelve Surprising Trends That Will Reshape the Global Economy. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 01.07.2011 Play Episode
Is Facebook really worth $50 billion? Is GM on the road to recovery? Is Microsoft Kinect the future of television? And does the Starbucks CEO know the difference between a mermaid and a siren? On this weeks Motley Fool Money, we answer those questions and talk with Consumer Electronics Association Chief Economist Shawn DuBravac about some hot tech products at the Consumer Electronics Show in Las Vegas. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10 29 2010 Play Episode
Who is Todd Combs and what does Warren Buffett see in him? Has Microsoft regained its mojo? And will Kimberly-Clark revolutionize your bathroom?On this week's show, we'll answer those questions, talk about some of the week's big stock market movers, and talk about the business of the mid-term elections with CNBC's John Harwood. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10 15 2010 Play Episode
Google reports big earnings.Microsoft introduces new phone software.Fed Chief Bernanke says the economy is growing too slowly.And Starbucks says its employees are moving too fast.On this week's "Motley Fool Money", we'll tackle those stories, share some stocks on our radar, and talk vertical farming with Columbia University Professor Dickson Despommier. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 09.24.2010 Play Episode
Warren Buffett says the recession isn't over. Microsoft hikes its dividend. Blockbuster files for bankruptcy. And Wall Street: Money Never Sleeps debuts at the box office. On this week's show, we'll tackle those stories, share some stocks on our radar, and talk with Corporate Library co-founder and film critic Nell Minow. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 06.25.2010 Play Episode
What will the financial reform bill mean for investors? Will Kinnect technology connect for Microsoft? Will technical glitches hurt the new iPhone's reception? On this week's Motley Fool Money Radio Show, we discuss those stories, share three stocks on our radar, and talk with Ted Turner biographer Bill Burke. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 04.23.2010 Play Episode
President Obama goes to Wall Street.Apple, Chipotle, and Netflix report big, big earnings. And Congress debates the future of movie futures. In this week's Motley Fool Money Radio Show, we tackle those stories, discuss the future of Microsoft, and share three stocks on our radar.Corporate Library co-founder and film critic Nell Minow gives her take on financial reform and Kick Ass.And we talk with Washington Post business reporter Frank Ahrens about Goldman Sachs, Fabulous Fab, and the future of satellite radio. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 01.29.2010 Play Episode
Apple introduces the iPad. Toyota issues a massive recall. And Amazon.com, Microsoft, and Netflix report big earnings. On this week's Motley Fool Money Radio Show, we'll tackle those stories, talk with Washington Post tech columnist Rob Pegoraro and Trade-Off author Kevin Maney, and share three stocks on our radar. Plus, we'll talk about the iPad that Apple isn't telling you about. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 10.23.2009 Play Episode
Amazon.com and Netflix report big earnings. Microsoft unveils Windows 7. And the Pay Czar gets down to business. In this installment of Motley Fool Money, we tackle those topics, talk about a new study on the relationship between housework and sex, and share three stock ideas. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 08.21.2009 Play Episode
Amazon.com, Microsoft, and Yahoo! team up against a tech rival. Starbucks announces that it's raising and lowering prices. And the Fed Chief expresses some optimism about the near term. In this installment of Motley Fool Money, we discuss those stories, share three stock ideas, and play a spirited game of "Which S&P 500 stocks have outperformed Google since Google went public five years ago?" Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 07.24.2009 Play Episode
Existing home sales rise for the third straight month. The Dow crosses 9,000 for the first time since January. And Amazon, Apple, Chipotle, eBay, Ford, JP Morgan, McDonalds and Microsoft report earnings. So what does the weeks big business news mean for investors? In this installment of Motley Fool Money, well give our take, offer up 3 stock ideas, and talk about the relative merits of buying shoes online. Learn more about your ad choices. Visit megaphone.fm/adchoices

Motley Fool Money: 05.29.2009 Play Episode
The economy continues to contract and foreclosures continue to rise. General Motors gears up for bankruptcy. And Microsoft adds some Bingto its search. In this installment of Motley Fool Money, Motley Fool analysts Seth Jayson and Shannon Zimmerman explain what it means for investors, air a few beefs, and share a few stock ideas. Learn more about your ad choices. Visit megaphone.fm/adchoices

My Favorite Murder

---

145 - Live at the Microsoft Theater in Los Angeles Play Episode
Karen and Georgia cover the satanic panic of McMartin Pre-School and the Mannequin at the Carnival. See omnystudio.com/listener for privacy information.

My Wakeup Call with Dr. Mark Goulston

---

Ep 559 - Nataly Kogan Play Episode
In this episode I speak with returning guest, Nataly Kogan, a Russian refugee, author of "The Awesome Human Project" and her follow up book, "The Awesome Human Journal," whose wakeup call was becoming burned out after a highly successful career with McKinsey and Microsoft and founder or executive and five startups and tech companies. http://natalykogan.com

Naked Security

---

S3 Ep144: When threat hunting goes down a rabbit hole Play Episode
Why your Mac's calendar app says it's JUL 17. One patch, one line, one file. Careful with that {axe,file}, Eugene. Storm season for Microsoft. When typos make you sing for joy. Twitter: @NakedSecurity Intro and outro music by Edith Mudge (www.edithmudge.com)

S3 Ep134: It's a PRIVATE key - the hint is in the name! Play Episode
The world-changing Visible Calculator. How not to get a job. Private keys - the hint is in the name. Microsoft's complicated bootkit patch. Taming Bluetooth trackers. Email: tips@sophos.com Twitter: https://twitter.com/nakedsecurity Original music by Edith Mudge (www.edithmudge.com)

S3 Ep113: Pwning the Windows kernel: the crooks who hoodwinked Microsoft Play Episode
The irony of the CAN-SPAM law. When genuine kernel drivers go rogue. Apple patches everything. Stealing data via secret radio waves. E-commerce supply chain drama. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep109: How one leaked email password could drain your business Play Episode
Microsoft's tilt at the MP3 marketplace. Apple's not-a-zero-day emergency. Cracking the lock on Android phones. Browser-in-the-Browser revisited. The Emmenthal cheese attack. Business Email Compromise and how to prevent it. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep105: WONTFIX! The MS Office cryptofail that "isn't a security flaw" Play Episode
Coolest videogame ever. Zoom thinks everyone's a developer. The Patch Tuesday that wasn't. A data breach coverup. Log4Shell all over again. And the Office cryptofail that Microsoft won't fix. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep103.5: OAuth 2 and why Microsoft is forcing you into it Play Episode
Naked Security meets Sophos X-Ops! Duck and Chet dig into OAuth 2.0, a well-known protocol for authorization. Microsoft calls it "Modern Auth", though it's a decade old, and is finally forcing Exchange Online customers to switch to it. Original music by Edith Mudge

S3 Ep103: Scammers in the Slammer (and other stories) Play Episode
A fridge-sized calculator made with transistors (really). ProxyNotShell situation reviewed. Romance and BEC scammer gets 25 years in the slammer. Is there an answer to nuisance callers? Is the answer voicemail? Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep102.5: "ProxyNotShell" Exchange bugs - an expert speaks Play Episode
Chester Wisniewski gives you actionable advice on how to deal with two actively exploited Exchange zero-days that suddenly burst into the news. Learn who's affected and how, find out what you can do while waiting for Microsoft's patches, and plan your threat hunting in case the worst happens to you. Original music by Edith Mudge

S3 Ep100: Browser-in-the-Browser hacking how to spot an attack Play Episode
Second Cosmic Rocket (not a band!) Microsoft 0-day. Apple 0-days. Good logging habits. Browser-in-the-browser trickery. DEADBOLT ransomware. Again. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity

S3 Ep85: Now THAT'S what I call a Microsoft Office exploit! Play Episode
Why calling a computer after a famous scientist doesn't always help. The wacky but dangerous 0-day hole in Windows. Supply chain attacks and the crooks who orchestrate them. Smishing revisited. And why saying what you really mean makes you better at cybersecurity. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep69: Wordpress woes, Wormhole holes, and a Microsoft change of heart Play Episode
Problems with plugins. A Wormhole wormhole. Can machines think? Microsoft has a change of heart. And then another one. Why screen cleaning cloths are cool. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep57: Europol v. Ransomware, Shrootless bug, and Linux browser flamewars Play Episode
Norbert (huzzah for Norbert!) does tech support. Europol digs into the ransomware scene. Microsoft finds a wacky bug in Apple's shell. The Morris worm turns 33. Edge on Linux phans the phlames. Ola! Gibberish peculiarity textual solvage. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep51: OMIGOD a gaping hole, waybill scams, and Face ID hacked Play Episode
A scarily exploitable hole in Microsoft open source code. A simpler take on delivery scams. A Face ID bypass hack, patched for the initial release of iOS 15. And how not to get locked in a cabling closet. Coder? Use Sophos Intelix yourself for free: https://sophos.com/intelix With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep50: Two 0-days plus another 0-day plus a fast food bug Play Episode
Apple patches two zero-day bugs. Microsoft patches one zero-day bug. A security researcher finds a fast-food bug (non-insect sort). And a touchpad user turns right into left, and vice versa. (See also: Big Office bug squashed for September 2021 Patch Tuesday) With Paul Ducklin and Doug Aamoth. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep8: A conversation with Katie Moussouris Play Episode
How do you go from pentester to creator of Microsofts bug bounty program? Find out from hacker and vulnerability disclosure pioneer, Katie Moussouris. Join us for a fascinating interview with Katie about her journey, the bugs in bug bounty programs, and the people who inspired her along the way. With Kimberly Truong and special guest Katie Moussouris (@k8em0 on Twitter), Founder and CEO of Luta Security. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S3 Ep2: Creepy smartwatches, botnets and Pings of Death Play Episode
In this episode: we investigate a smartwatch for kids with a creepy set of functions, discuss Microsoft's short-lived takedown of Trickbot, explain how to avoid the Windows "Ping of Death" bug, and (oh no!) find the source of mysterious beeping from every computer in the office. With Kimberly Truong, Doug Aamoth and Paul Ducklin *** Creepy covert camera feature found in popular smartwatch for kids https://nakedsecurity.sophos.com/creepy-covert-camera-feature-found Microsoft on the counterattack! Trickbot malware network takes a hit https://nakedsecurity.sophos.com/microsoft-on-the-counterattack-trickbot Windows' "Ping of Death" bug revealed https://nakedsecurity.sophos.com/windows-ping-of-death-bug *** Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity

S2 Ep40: Demonic printers, a sleazy stalker and 10 reasons to patch Play Episode
This week we discuss a customer who went to Subway for a sandwich and left with a stalker, demon printers and the things you should patch now. Producer Alice Duckett is joined by Sophos experts Mark Stockley, Paul Ducklin and Greg Iddon. Related articles: Beware the DHL delivery message email it could be a package scam https://nakedsecurity.sophos.com/2020/05/13/beware-the-dhl-delivery-message-email-it-could-be-a-package-scam/ Microsoft joins encrypted DNS club with Windows 10 option https://nakedsecurity.sophos.com/2020/05/15/microsoft-joins-encrypted-dns-club-with-windows-10-option/ Criminal forum trading stolen data suffers ironic data breach https://nakedsecurity.sophos.com/2020/05/13/criminal-forum-trading-stolen-data-suffers-ironic-data-breach/ Woman stalked by sandwich server via her COVID-19 contact tracing info https://nakedsecurity.sophos.com/2020/05/14/woman-stalked-by-sandwich-server-via-her-covid-19-contact-tracing-info/ PrintDemon patch this ancient Windows printer bug! https://nakedsecurity.sophos.com/2020/05/14/printdemon-patch-this-ancient-windows-printer-bug/ Top 10 most...

S2 Ep37: Microsoft fixes, airgap fun and free games for 2FA Play Episode
This week we talk ransomware apologies, whether companies should be pushing 2FA and good vibrations, kind of... We're proud to be nominated for Best Cybersecurity Podcast in the European Cybersecurity Blogger Awards. If you enjoy our show, please vote for us: https://docs.google.com/forms/d/e/1FAIpQLSe8AkYMfAAwJ4JZzYRm8GfsJCDON8q83C9_wu5u10sNAt_CcA/viewform?fbzx=1378805297375984251 Host Anna Brading is joined by Sophos experts Mark Stockley, Paul Ducklin and Producer Alice Duckett. Listen now! Further reading: https://nakedsecurity.sophos.com/evil-gif-account-takeover-flaw-patched-in-teams https://nakedsecurity.sophos.com/warning-fake-zoom-hr-meeting-emails-phish-for-your-password https://nakedsecurity.sophos.com/patch-now-microsoft-issues-unexpected-office-fix https://nakedsecurity.sophos.com/fan-vibrations-can-be-used-transmit-data-from-air-gapped-machines

S2 Ep5 - Phishing, eavesdropping voice assistants and quick fire questions Play Episode
This week on the Naked Security podcast we discuss whether big tech companies are spying on you and the latest phishing scams. Do you have a question? Let us know and well answer them next week. With Anna Brading, Ben Jones and Matt Boddy. Humans are listening to your voice recordings Our articles are below: Microsoft: https://nakedsecurity.sophos.com/2019/08/09/your-skype-translator-calls-may-be-heard-by-humans/ And then updating its policy: https://nakedsecurity.sophos.com/2019/08/16/microsoft-wont-shift-on-ai-recordings-policy/ Facebook: https://nakedsecurity.sophos.com/2019/08/15/facebook-got-humans-to-listen-in-on-some-messenger-voice-chats/ Google and Apple: https://nakedsecurity.sophos.com/2019/08/05/google-and-apple-suspend-contractor-access-to-voice-recordings/ Apple saying no to backdoor the San Bernadino terrorists iPhone: https://nakedsecurity.sophos.com/2016/02/17/apple-says-no-to-iphone-backdoor-in-terror-case/ Sophos says No Backdoors: https://sophos.com/nobackdoors/ Phishing article Matt mentions: https://nakedsecurity.sophos.com/2019/08/20/serious-security-phishing-in-the-cloud-the-freemium-way/ Matt, Ben and Mark did some RDP research: https://sophos.com/rdp

Chet Chat 254 - Oct 7, 2016 Play Episode
Chet and John bring you this week's Chet Chat live from the Virus Bulletin conference in Denver, Colorado USA. They summarize some of their favourite talks covering IoT vulnerabilities, malvertising, banking malware, building your own open source lab and whether Microsoft Defender is ever enough.

Chet Chat 202 - June 12, 2015 Play Episode
Join Sophos security experts Chester Wisniewski and Paul Ducklin in this week's episode of our security podcast. Apple, Microsoft, patching, hacking - and 49 arrests in a Europol action against bank fraudsters.

Chet Chat 197 - May 6, 2015 Play Episode
Join Sophos experts Chester Wisniewski and Paul Ducklin for the latest episode of our weekly computer security podcast. From the future, where Microsoft's Update Tuesday is no more, to 15 years in the past, when we were awash in virus-infected emails that claimed, "ILOVEYOU." News and discussion with plenty of good advice.

Chet Chat 181 - Jan 15, 2015 Play Episode
Join Sophos experts Chester Wisniewski and Paul Ducklin as they take on the week's news in our regular security podcast. In this epsiode: the new-look Update Tuesday; the "bug reports at 15 paces" duel between Microsoft and Google; Google drops the security ball for 61% of Android users; CENTCOM hacked (sort of); Apple Spotlight privacy leakage; and why attacks only ever get smarter.

Chet Chat 161 - Aug 20, 2014 Play Episode
Join Sophos experts Chester Wisniewski and Paul Ducklin for this week's Chet Chat podcast, and turn computer security news into computer security advice. In this episode: Microsoft's blue screen of death woes; the future of Apple security patches; the risks of remote access; and a Russian MP's son arrested for online cybercrime.

Chet Chat 146 - May 7, 2014 Play Episode
Sophos security experts Chester Wisniewski and Paul Ducklin look at what we can learn from the week's security news. Target, Dropbox, Microsoft, the mysterious Webdriver Torso and Sophos Naked Security itself feature in this episode of our weekly podcast.

Chet Chat 140 - Mar 26, 2014 Play Episode
How bad is the latest Microsoft Word 0-day? Does OS X really need patching less often than Windows? What does Gmail's move to HTTPS-only really mean? And if WhatsApp has privacy coded into its DNA, is it coded into its app, too? Chet and Duck add their opinion and advice to the good and the bad in the past weeks' news.

Chet Chat 127 - Dec 24, 2013 Play Episode
Chet and Duck analyse the latest security news to help you keep ahead of the bad guys. Find out about the recent and massive Target breach; get to grips with Microsoft's and Apple's latest updates; and learn how to respond to Google's recent changes to image rendering for Gmail users.

Chet Chat 124 - Nov 20, 2013 Play Episode
Chester and John Shier take time out of the IANS Information Security Forum in Atlanta, Georgia, to talk about the key issues of the past week. There's the US police department that paid the CryptoLocker ransom; the company Loyaltybuild that took two weeks to tell its loyal customers that it hadn't even bothered to encrypt their PII that was stolen; and, to finish with some good news, high praise for Microsoft's public push for cryptographic progress.

Sophos Techknow - The End of XP Play Episode
Paul Ducklin and Chester Wisniewski investigate the what, the why and the how of dealing with the impending end of support for Windows XP in 2014. Don't worry: even if you have computers that you simply won't be able to update in time, for example because they run bespoke industrial control software, or a legacy financial application, Duck and Chet have some healthy suggestions for you. They also share some insights into why Microsoft hasn't simply packed all the improved security components from Windows 7 and 8 into the aging XP, leading to the 08 April 2014 deadline.

Chet Chat 122 - Nov 7, 2013 Play Episode
Chet and Duck discuss the latest Microsoft zero-day, the latest code verification flaw in Android (the third bug of the same sort in the same part of the code!), and whether version numbers are becoming an irrelevancy as products "just update" anyway.

Sophos Techknow - Understanding vulnerabilities Play Episode
Make sense of vulnerability jargon by listening to this 15 minute podcast... With recent updates from Microsoft (three times), Adobe, Oracle, Apple and Firefox, the timing could scarcely be better.

Sophos Security Chet Chat - Episode 110 - June 4, 2013 Play Episode
Chet welcomes series regular Paul 'Duck' Ducklin to discuss the latest security news: Microsoft reading Skype messages, the IP Commission Report, small business cybersecurity, and AusCERT 2013 #SophosPuzzle.

Sophos Security Chet Chat - Episode 93 - June 21, 2012 Play Episode
Michael Argast joins Chet once again to discuss Flame, LinkedIn, warrantless wiretapping, Patch Tuesday, border patrol spying and Microsoft's BlueHat prize.

Sophos Security Chet Chat - Episode 83 - February 16, 2012 Play Episode
This week's Chet Chat finds Paul Ducklin and Chester Wisniewski discussing the vulnerabilities patched this Tuesday in Microsoft, Adobe and Oracle products, mobile phone application privacy issues and upcoming events RSA and Anatomy of an Attack in Portland, OR and Wellington, NZ.

Sophos Security Chet Chat - Episode 75 - October 14, 2011 Play Episode
John Shier joined Chet this week as they discussed the death of UNIX and C co-creator Dennis Ritchie, the Virus Bulletin 2011 conference, Apple's release of iOS 5 and OS X 10.7.2, Microsoft Patch Tuesday, and the German R2D2 Trojan.

Sophos Security Chet Chat - Episode 51 - March 7, 2011 Play Episode
Michael Argast talks with Chet about Apple's new test release of OS X, codenamed Lion. They also chat about Microsoft begging people to stop using IE6, providing social media access to your employer, the rise in Facebook scams and the recent spat of malware on the Android Market.

Sophos Security Chet Chat - Episode 46 - January 31, 2011 Play Episode
Chester Wisniewski and Michael Argast discuss the internet situation in Egypt, Anonymous and the arrests by the FBI, the new Microsoft zero day MHTML vulnerability and the standard set of Facebook stories

Niche Pursuits Podcast: Find Your Next "Niche" Business Idea!

---

DeepSeek AI: The Game-Changer No One Saw Coming Play Episode
Welcome to another episode of the Niche Pursuits News Podcast! This week Jared Bauman and guest host Thomas Smith tackle the most important industry headlines, share some fantastic tips related to their side hustles, and offer some interesting ideas arising from their weird niche sites. They discuss China's launch of DeepSeek - https://arstechnica.com/ai/2025/01/china-is-catching-up-with-americas-best-reasoning-ai-models/ https://www.theatlantic.com/technology/archive/2025/01/deepseek-china-ai/681481/ They talk about OpenAI's response - https://www.nytimes.com/2025/01/29/technology/openai-deepseek-data-harvest.html?unlocked_article_code=1.tE4.0cFF.azvHZ0SL1uuc&smid=url-share They discuss Hubspot's SEO collapse - https://searchengineland.com/hubspot-seo-organic-traffic-drop-451096 https://www.aleydasolis.com/en/search-engine-optimization/hubspot-blog-rankings-drop-analysis/ They mention that the Google Quality Rater guidelines are updated - https://www.searchenginejournal.com/google-updates-search-quality-rater-guidelines-what-to-know/538259/ They discuss TikTok and Microsoft - https://www.bloomberg.com/news/articles/2025-01-28/trump-says-microsoft-eyeing-tiktok-bid-with-app-s-future-unclear?cmpid=012825_marketsdaily&utm_medium=email&utm_source=newsletter&utm_term=250128&utm_campaign=marketsdaily Jared's weird niche site -https://www.mousemingle.com/Welcome Thomas's weird niche site - https://wildturkeylab.com/ Ready...

Reddit Blocks Search Engines but NOT Google! Play Episode
Welcome back, everyone, to another episode of the Niche Pursuits News podcast. Jared hosts this week's episode, along with Morgan Overholt, who's standing in for Spencer. They kick off the news portion of the episode talking about Reddit and how it has blocked Bing Search. Microsoft has confirmed this news and is respecting Reddit's decision, but the plot thickens when Reddit's CEO speaks out. This leads them to another article that talks about how the traditionally mutually beneficial arrangement of web crawling is breaking down, referencing Google and Reddit's relationship, Reddit's decision to block Microsoft, and how these moves are...

NP News: Bing Integrates ChatGPT, Google Bard Supports Images, & A Tooth Fairy Site Play Episode
Welcome to another great episode of Niche Pursuits News. This week Jared is joined by his 201 Creative agency co-founder Kaitlin Cooper to unpack all of the latest developments from the week that may impact online publishers. And there was surprisingly a lot to go over. They start by discussing the integration of ChatGPT and Bing, which is powered by Microsoft's Prometheus and offers current results. Kaitlin highlights the composition feature in Bing, which allows for AI writing prompts, while Jared dives into the Expedia and Zapier plugins and their various, exciting use cases. The conversation then turns to Google's...

No Agenda Show

---

1697 - "neat-o" Play Episode
No Agenda Episode 1697 - "neat-o" "neat-o" Adam Curry and John C Dvorak discuss the absurdity of modern culture, including body deodorant commercials and the recent campaign event featuring Kamala Harris, which they mock for its celebrity-filled nature. They criticize the use of AI in creating deepfakes and job scams, highlighting the limitations and potential dangers of the technology. The conversation touches on the potential of AI in warfare and the economic impact of AI on jobs, with concerns about inflation and job displacement. They also mention the reopening of the Three Mile Island nuclear site for Microsoft's energy needs,...

On Purpose with Jay Shetty

---

Bill Gates: The Untold Story of Who Bill Gates REALLY Is Play Episode
How do you define success beyond money and career? Do you think wealth should come with a responsibility to give back? Today,  Jay Shetty sits down with one of the most influential innovators of our time, Bill Gates, to explore the intersection of personal growth, technological innovation, and philanthropy. Bill reflects on his journey from a curious child fascinated by computers to building Microsoft and becoming a global force for change. Bill shares candid stories about his upbringing, his parents’ profound influence, and the lessons he learned from their high expectations and encouragement. He also talks about his career-long passion...

Melinda Gates: Why Your Perfectionism Has Been Draining You & 7 Reasons You Should Spend Time Alone in Silence Today Play Episode
Are you a perfectionist?  Do you ever spend time alone in silence?  Today, Jay sits down with Melinda French Gates, co-chair of the Bill and Melinda Gates Foundation and founder of Pivotal Ventures to talk about her journey from studying computer science at Duke University to working at Microsoft, and eventually transitioning into philanthropy. Melinda highlights the importance of goal setting and quiet reflection, practices instilled in her from a young age; the challenges women and people of color face in achieving equality, emphasizing the need for more inclusive policies and support systems; and the importance of diverse representation in...

Pardon My Take

---

NCAA Tournament With Mark Titus, Aaron Donald Retires, Hot Seat/Cool Throne + #MadOnline Play Episode
Were 24 hours from the best 2 sports day of the year and we get off track with a wild Microsoft excel story. Aaron Donald retired and Anthony Edwards took a soul (00:00:00-00:20:18). We recap the final 2 episodes of the Dynasty documentary (00:20:18-00:33:25). Hot Seat/Cool Throne including Jim Harbaughs garage sale (00:33:25-00:48:38). Mark Titus joins us to break down the brackets, upsets, final four and storylines throughout the tourney plus useful tips when youre doing your office pool (00:48:38-01:49:35). We finish with #MadOnline (01:49:35-02:00:22).You can find every episode of this show on Apple Podcasts, Spotify or Netflix. Prime Members...

Phillip Wylie Show

---

Unpacking Cybersecurity: Stories from the Cyber Distortion Podcast Play Episode
SummaryIn this episode of the Phillip Wylie Show, Phillip welcomes Jason and Kevin from the Cyber Distortion Podcast, diving deep into their hacker origin stories and the evolution of their podcasting journey. Kevin shares his unconventional path from marketing and graphic design to IT, highlighting how a conversation about salaries led him to pursue Microsoft certifications and a long-standing career in technology. Jason recounts his early fascination with technology, from building science projects to coding on his first home computer, illustrating how his inquisitive nature laid the groundwork for his future in cybersecurity.The conversation shifts to their experiences in podcasting,...

Eva Benn: The Power of Resilience in Cybersecurity Play Episode
SummaryIn this episode of the Phillip Wylie Show, host Phillip Wylie interviews Eva Benn, a leader in the cybersecurity field. Eva shares her inspiring journey from a disadvantaged background in Bulgaria to leading the Microsoft Red Team. She discusses the importance of resilience, the role of gaming in developing cybersecurity skills, and offers valuable advice for aspiring professionals in the field. The conversation also covers personal branding, networking authentically, and the significance of continuous learning and growth in one's career.Takeaways Eva Benn's journey from Bulgaria to leading the Microsoft Red Team is inspiring. Resilience and determination are key to overcoming...

Yuri Diogenes Discusses Building a Career in Cybersecurity Play Episode
About The Guest:Yuri Diogenes is a cybersecurity expert and author with over 15 years of experience in the industry. Originally from Brazil, Yuri moved to the US in 2003 to work at Microsoft and Dell Computers. He has published 31 books on cybersecurity and currently works as a People Manager at Microsoft, overseeing the development of cloud security products. Yuri is also a professor at Capitol Technology University and holds a Master's degree in Cybersecurity. Summary:Yuri Diogenes, a cybersecurity expert and author, joins the podcast to discuss his book "Building a Career in Cybersecurity." He emphasizes the importance of self-assessment...

Phoenix Cast

---

Current events: AI for payments, more vulns Play Episode
What should leaders take from Brickstorm, a 150-year-old company felled by one password, and an easy Microsoft global-admin misstepplus how agent-to-agent payments could evolve? In this episode of the Phoenix Cast, hosts John and Kyle connect the dots for you. Have a listen, and let us know what you think!We'd love to hear your thoughts! Tweet us at our new handle, @ThePhoenixCast, andhttps://www.bleepingcomputer.com/news/security/google-brickstorm-malware-used-to-steal-us-orgs-data-for-over-a-year/https://thehackernews.com/2025/09/how-one-bad-password-ended-158-year-old.html?m=1don't forget to join our LinkedIn Group to connect with fellow Phoenix Casters. If you enjoyed the episode, help us out by leaving one of those coveted 5-star reviews on Apple Podcasts. Thanks for listening!Links:https://dirkjanm.io/obtaining-global-admin-in-every-entra-id-tenant-with-actor-tokens/https://colinmcnamara.com/blog/understanding-a2a-ap2-protocols-builder-guide

Microsoft Recall, GEN Nakasone (ret), NDAA cyber study Play Episode
In this episode of Phoenix Cast, hosts John and Kyle talk through some interesting news of note around AI enabled screenshots, what GEN Nakasone is doing in retirement, and a cyber force study potentially being included in the NDAA. Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts and join our LinkedIn Group. Links: Recall - https://www.bleepingcomputer.com/news/microsoft/windows-11-recall-ai-feature-will-record-everything-you-do-on-your-pc/ Nakasone - https://news.vanderbilt.edu/2024/05/08/gen-paul-nakasone-named-founding-director-of-institute-for-national-defense-and-global-security/ https://openai.com/index/openai-appoints-retired-us-army-general/ NDAA - https://defensescoop.com/2024/06/14/assessment-independent-cyber-force-passes-house-senate-defense-committee/ https://www.secureworld.io/industry-news/cyber-force-on-hold

Current Events Around AI Play Episode
In this episode of Phoenix Cast, hosts John, Rich, and Kyle discuss current events, with a focus on a slew of AI topics. Share your thoughts with us on Twitter: @USMC_TFPhoenix - Follow MARFORCYBER, MCCYWG, & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: A couple of Podcasts to Listen to: https://podcasts.google.com?feed=aHR0cHM6Ly9hbmV5ZW9uYWkubGlic3luLmNvbS9yc3M%3D&episode=ZTM5OTVkZjUtZWNhMi00ODQ4LTkwN2ItYTBmNmQ5YWFjZmFh https://podcasts.google.com?feed=aHR0cHM6Ly9mZWVkcy5zaW1wbGVjYXN0LmNvbS81NG5BR2NJbA%3D%3D&episode=NmU5MGJhZDctNDgwZi00OTc0LTkyZjgtZDRlNzY1MjBiNDNj Articles we discuss: https://www.reuters.com/technology/sam-altmans-ouster-openai-was-precipitated-by-letter-board-about-ai-breakthrough-2023-11-22/ https://openai.com/blog/introducing-gpts https://www.theguardian.com/technology/2023/nov/25/how-crisis-openai-sam-altman-unfolded#:~:text=And%20a%20major%20event%20in,the%20alleged%20breaches%20of%20trust. https://www.vox.com/future-perfect/2023/11/21/23971765/openai-sam-altman-microsoft https://cset.georgetown.edu/wp-content/uploads/CSET-Decoding-Intentions.pdf https://www.tomshardware.com/news/nvidia-takes-chip-business-revenue-crown-from-tsmc https://youtu.be/3d0kk88IE8c?si=mbkXS_Vw5ZZStyO4

Current Events Play Episode
In this episode of Phoenix Cast, hosts John and Kyle discuss a slew of articles of interest and current events worthy of your consideration. Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: Solarwinds: https://www.wired.com/story/the-untold-story-of-solarwinds-the-boldest-supply-chain-hack-ever/ New domains: https://blog.google/products/registry/8-new-top-level-domains-for-dads-grads-tech/ https://www.reddit.com/r/programming/comments/13fsvl5/the_zip_tld_sucks_and_it_needs_to_be_immediately/jjxivcp?utm_source=share&utm_medium=android_app&utm_name=androidcss&utm_term=1&utm_content=share_button Zenbleed: https://cybersecuritynews.com/aws-zenbleed-attacks/ GameOver(lay): https://thehackernews.com/2023/07/gameoverlay-two-severe-linux.html?_m=3n%2e009a%2e3107%2eit0ao0egkj%2e23bw&m=1 PyPI: https://www.bleepingcomputer.com/news/security/pypi-temporarily-pauses-new-users-projects-amid-high-volume-of-malware/ China LoL: https://media.defense.gov/2023/May/24/2003229517/-1/-1/0/CSA_Living_off_the_Land.PDF Microsoft Exchange365 Breach: https://www.microsoft.com/en-us/security/blog/2023/07/14/analysis-of-storm-0558-techniques-for-unauthorized-email-access/ Defender IOT: https://www.bleepingcomputer.com/news/microsoft/microsoft-previews-defender-for-iot-firmware-analysis-service/?fbclid=IwAR08GUK_CxMY_EhsZi2EwNl3zlgolHan2-rkV11UVyEeEeZyH41E5SgI_7I_aem_AaGJSY9KfdRFYfMcsXu--32Np4pCTG2HQvRcuJJZr9U2zAxczEjsP3Vtugm8lN6Sptc&mibextid=Zxz2cZ

Exchange Vuln and Meetings Play Episode
In this episode of Phoenix Cast, hosts John, Rich, and Kyle discuss an exchange vulnerability and some thoughts on meetings - when to have them, what we need to fix, and even a tie into doctrine and planning. Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: Exchange vuln: https://www.bleepingcomputer.com/news/microsoft/microsoft-confirms-new-exchange-zero-days-are-used-in-attacks/ Adam Grant (tweet): https://twitter.com/adammgrant/status/1575919115621249025?s=46&t=3ssUn0PdP9nZeSGThMitSg Bloomberg Article: https://www.bloomberg.com/news/articles/2022-09-26/are-meetings-a-waste-of-time-pointless-plans-cost-big-companies-100m Book: The Geography of Thought: How Asians and Westerners Think Differently...and Why https://a.co/d/eaMtKZk

Quick Reaction: Lapsus$ Ronin and Atlassian Play Episode
Show notes In this episode of Phoenix Cast, hosts John and Kyle talk about a pair of recent hacks and some SaaS downtime. Share your thoughts with us on Twitter: @USMC_TFPhoenix (Now verified!) Follow MARFORCYBER & MCCOG on Twitter, LinkedIn, Facebook, and YouTube. Leave your review on Apple Podcasts. Links: -https://krebsonsecurity.com/2022/04/leaked-chats-show-lapsus-stole-t-mobile-source-code/  -https://krebsonsecurity.com/2022/03/a-closer-look-at-the-lapsus-data-extortion-group/ -https://www.microsoft.com/security/blog/2022/03/22/dev-0537-criminal-actor-targeting-organizations-for-data-exfiltration-and-destruction/ -https://www.wired.com/story/okta-hack-microsoft-bing-code-leak-lapsus/ -https://fortune.com/2022/03/24/mastermind-lapsus-microsoft-nvidia-okta-hack-16-year-old-living-mom/ -https://gizmodo.com/lapsus-hackers-are-stealing-microsoft-samsung-okta-d-1848687645 -https://newsletter.pragmaticengineer.com/p/scoop-atlassian?s=r

Instant Reaction: SolarWinds Compromise Play Episode
In this bonus episode of Phoenix Cast, hosts John, Kyle and Rich break down their instant reaction to the compromise and cyberattack of SolarWinds. What really happened? What are the cybersecurity implications for you and your networks? Share your thoughts with us on TWITTER: @USMC_TFPhoenix Episode Notes: 1) Read the FireEye Report:  https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html 2) Read the Microsoft Report:  https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/

Podcasting 2.0

---

Episode 226: TechNeck Play Episode
Podcasting 2.0 June 27th 2025 Episode 226: "TechNeck" Adam & Dave are joined by Rockie Thomas of Soundstack to talk LIT, Chat and Workin' Wood ShowNotes We are LIT Microsoft Officially Retires 'Blue Screen of Death' After 40 Years of Frowny Faces - CNET 20 years of podcasting - Apple Accelerated Idiocracy Rockie Thomas Chief Strategy Officer at Soundstack My favorite person I've ever had a meeting with that didn't result in business And the best name for any on-air position in radio or podcasting: -Jingle- Rockie Thomas! True Fans iOS app Hostig Companies - Funding, LIT , Podroll, PodPing...

Risky Business

---

Risky Business #824 -- Microsoft's Secure Future is looking a bit wobbly Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: Microsoft reshuffles security leadership. It doesnt spark joy. Russia is hacking the Winter Olympics. Again. But y tho? China-linked groups are keeping busy, hacking telcos in Norway, Singapore and dozens of others Campaigns underway targeting Ivanti, BeyondTrust and SolarWinds products An unknown hero blocks 23/tcp on the US internet backbone And James Wilson pops into talk about Claudes go at a C compiler This weeks episode is sponsored by Ent.AI, an AI startup that isnt quite ready to tell us all what theyre doing. But...

Risky Business #823 -- Humans impersonate clawdbots impersonating humans Play Episode
Patrick Gray and Adam Boileau are joined by the newest guy on the Risky Business Media team, James WIlson. They discuss the weeks cybersecurity news, including: Notepad++ update supply chain attack has been attributed to China The AI agent future is even more stupid than expected; behold the OpenClaw/Clawdbot/Moltbook mess The Epstein files claim he had a personal hacker? Microsoft is finally getting ready to (think about starting to begin to) disable NTLM by default The usual bugs in the usual things! Ivanti, Fortinet, and Solarwinds. Again. Telco hides a free trip in its privacy policy, someone actually reads it...

Risky Business #819 -- Venezuela (credibly?!) blames USA for wiper attack Play Episode
In the final show of 2025, Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: React2Shell attacks continue, surprising no one The unholy combination of OAuth consent phishing, social engineering and Azure CLI Venezuelas state oil firm gets ransomwared, blames US but what if it really is a US cyber op?! Russian junk-hacktivist gets indicted for cybering critical err a car wash and a fountain Microsoft finally turns RC4 off by default in Active Directory Kerberos Traefiks TLS verify=on turns it off, whoopsie This weeks episode is sponsored by Sublime Security, makers of an email filtering solution thats...

Risky Business #817 -- Less carnage than your usual Thanksgiving Play Episode
In this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news. Its a quiet week with Thanksgiving in the US, but theres always some cyber to talk about: Airbus rolls out software updates after a cosmic ray bitflips an A320 into a dive Krebs tracks down a Scattered Lapsus$ Hunters teen through the usual poor opsec as Wired publishes an opsec guide for teens. Microsoft decides its login portal is worth a Content Security Policy South Korean online retailer data breach covers 65% of the country This weeks episode is sponsored by Nebulock. Founder and CEO Damien...

Risky Business #812 -- Alleged Trenchant exploit mole is ex-ASD Play Episode
In this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: L3Harris Trenchant boss accused of selling exploits to Russia once worked at the Australian Signals Directorate Microsoft WSUS bug being exploited in the wild Dan Kaminsky DNS cache poisoning comes back because of a bad PRNG SpaceX finally starts disabling Starlink terminals used by scammers Garbage HP update deletes certificates that authed Windows systems to Entra This weeks episode is sponsored by automation company Tines. Field CISO Matt Muller joins to discuss how Tines has embraced LLMs and the agentic-AI future into their workflow automation....

Risky Business #811 -- F5 is the tip of the crap software iceberg Play Episode
In this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: China has been rummaging in F5s networks for a couple of years Meanwhile China tries to deflect by accusing the NSA of hacking its national timing system Salesforce hackers use their stolen data trove to dox NSA, ICE employees Crypto stealing, proxy-deploying, blockchain-C2-ing VS Code worm charms us with its chutzpah Adam gets humbled by new Linux-capabilities backdoor trick Microsoft ignores its own guidance on avoiding BinaryFormatter, gets WSUS owned. This episode is sponsored by Push Security. Co-founder and Chief Product Officer Jacques Louw joins...

Risky Business #805 -- On the Salesloft Drift breach and "OAuth soup" Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: The Salesloft breach and why OAuth soup is a problem The Salt Typhoon telco hackers turn out to be Chinese private sector, but state-directed Google says it will stand up a disruption unit Microsoft writes up a ransomware gang thats all-in on the cloud future Aussie firm hot-mics its work-from-home employees laptops Youtube scam baiters help the feds take down a fraud ring This episode is sponsored by Dropzone.AI. Founder and CEO Edward Wu joins the show to talk about how AI driven SOC tools...

Wide World of Cyber: Microsoft's China Entanglement Play Episode
The Wide World of Cyber podcast is back! In this episode host Patrick Gray chats with Alex Stamos and Chris Krebs about Microsofts entanglement in China. Redmond has been using Chinese engineers to do everything from remotely support US DoD private cloud systems to maintain the on premise version of the SharePoint code base. Its all blown up in the press over the last month, but how did we get here? Did Microsoft make these decisions to save money? Or was it more about getting access to the Chinese market? And how can we all make the worlds most important...

Risky Business #803 -- Oracle's CSO Mary Ann Davidson quietly departs Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: Oracles long term CSO departs, and were not that sad about it Canadas House of Commons gets popped through a Microsoft bug Russia degrades voice calls via Whatsapp and Telegram to push people towards Max South-East Asian scam compounds are also behind child sextortion Reports that the UK has backed down on Apple crypto are strange Oh and of course theres a Fortinet bug! Theres always a Fortinet bug! This weeks episode is sponsored by open source identity provider Authentik. CEO Fletcher Heisler joins the...

Risky Business #802 -- Accessing internal Microsoft apps with your Hotmail creds Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: CISA warns about the path from on-prem Exchange to the cloud Microsoft awards a crisp zero dollar bill for a report about what a mess its internal Entra-authed apps are Everyone and their dog seems to have a shell in US Federal Court information systems Google pays $250k for a Chrome sandbox escape Attackers use javascript in adult SVG files to farm facebook likes?! SonicWall says users arent getting hacked with an 0day this time. This weeks episode is sponsored by SpecterOps. Chief product officer...

Risky Business #800 The SharePoint bug may have leaked from Microsoft MAPP Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news: Did the SharePoint bug leak out of the Microsoft MAPP program? Expel retracts its FIDO bypass writeup The mess surrounding the women-only dating-safety app Tea gets worse Broadcom customers struggle to get patches for VMWare hypervisor escapes Aeroflot gets hacked by the Cyber Partisans, disrupting flights This weeks episode is sponsored by Push Security. Daniel Cuthbert joins and explains how having telemetry about identity from inside the browser is a key pillar for investigating intrusions in the browser-centric future. This episode is also available on Youtube....

Risky Business #799 -- Everyone's Sharepoint gets shelled Play Episode
Risky Biz returns after two weeks off, and there sure is cybersecurity news to catch up on. Patrick Gray and Adam Boileau discuss: Microsoft tried to make outsourcing the Pentagons cloud maintenance to China okay (it was not) She shells Sharepoint by the sea-shore (by she we mean China) Four (alleged) Scattered Spider members arrested (and bailed) in the UK Hackers spend $2700 to buy creds for a Brazilian payment system, steal $100M Fortinet has SQLI in the auth header, Citrix mem leak is weaponised, HP hardcodes creds and Sonicwalls get user-moderootkits. Just security vendor things! This weeks episode is...

Risky Business #798 -- Mexican cartel surveilled the FBI to identify, kill witnesses Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news: Australian airline Qantas looks like it got a Scattered Spider-ing Microsoft works towards blunting the next CrowdStrike disaster Changes are coming for Microsofts default enterprise app consenting setup Synology downplays hardcoded passwords for its M365 cloud backup agent The next Citrix Netscaler memory disclosure looks nasty Drug cartels used technical surveillance to find, fix and finish FBI informants and witnesses This weeks episode is sponsored by RAD Security. Co-founder Jimmy Mesta joins to talk through how they use AI automation to assess the security posture of...

Risky Business #796 -- With special guest co-host Chris Krebs Play Episode
On this weeks show Patrick Gray and Adam Boileau are joined by special guest Chris Krebs to discuss the weeks cybersecurity news. They talk through: Israeli hacktivists take out an Iranian state-owned bank Scattered-spider and friends pivot into attacking insurers Securing identities in a cloud-first world keeps us awake at night Microsoft takes the aas out of SaaS for Europe, leaving us with just software! An AI prompt injection into M365 exfils corporate data This weeks episode is sponsored by Krolls Cyber practice. Kroll Cyber Associate Managing Director George Glass is based in London and talks through his experiences helping...

Risky Business #787 -- Trump fires NSA director, CISA cuts inbound Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news: Oracle quietly cops to being hacked, but immediately pivots into pretending it didnt matter NSA and CyberCom leaders fired for not being MAGA enough US Treasury had some dusty corners it hadnt found China in yet, looked, found China in them which is a great time to discuss slashing CISAs staffing Ransomware crews and bullet proof hosting providers are getting rekt, and we love it And Microsoft patches yet another logging 0-day being used in the wild. This episode is sponsored by Yubico, makers of Yubikey...

Risky Business #784 -- GitHub supply chain attack steals secrets from 23k projects Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news: Github Actions supply chain attack loots keys and secrets from 23k projects Why a VC fund now owns a minority stake in Risky Business Media (!?!?) China doxes Taiwanese military hackers Microsoft thinks .lnk file whitespace trick isnt worth patching but APTs sure love it CISA delivers government efficiency by re-hiring fired staff to put them on paid leave and Google acquires Wiz for $32bn This weeks show is sponsored by Zero Networks, and they have sent along a happy customer to talk about their experience....

Risky Business #773 -- Cybercriminals are dropping like flies in Russia Play Episode
On this weeks show, Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: The FTC decides its time to take another look at Microsoft Exxons opponents targeted by hackers Russian hackers keep getting sentenced and it confuses us The Feds recommend Signal, because throwing hackers out of telcos aint gonna happen A South Korean set-top-box manufacturer shipped a DDoS client for corpo-combat And much, much more. This weeks sponsor interview with Vijit Nair from Corelight. We talk to him about doing detection in cloud environments, and how the varied nature of cloud systems makes the old ways -...

Risky Business #771 -- Palo Alto's firewall 0days are very, very stupid Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: Microsoft introduces some sensible sounding post-Crowdstrike changes Palo Alto patches hella-stupid bugs in its firewall management webapp CISA head Jen Easterly to depart as Trump arrives AI grandma tarpits phone scammers in family-tech-support hell Academic research supports your gut-reaction; phishing training doesnt work And much, much more. This weeks episode is sponsored by Greynoise. The always excitable Andrew Morris joins to remind us that the edge-device vulnerabilities Pat and Adam complain about on the show are in fact actually even worse than we make them...

Risky Business #769 -- Sophos drops implants on Chinese exploit devs Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: Sophos drops implants on Chinese firewall exploit devs Microsoft workshops better just-in-time Windows admin privileges Snowflake hacker arrested in Canada Okta has a fun, but not very impactful auth-bypass bug Russians bring dumb-but-smart RDP client attacks And much, much more. Special guest Sophos CISO Ross McKerchar joined us to talk about its hacking back campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do. This weeks episode is sponsored...

Risky Biz Soap Box: Thinkst Canary's decade of deception Play Episode
In this Soap Box edition of the podcast Patrick Gray chats with Thinkst Canary founder Haroon Meer about his decade of deception, including: A history of Thinkst Canary including a recap of what they actually do A look at why theyre still really the only major player in the deception game A look at what companies like Microsoft are doing with deception Why security startups should have conference booths

Risky Business #767 SEC fines Check Point, Mimecast, Avaya and Unisys over hacks Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks cybersecurity news, including: SEC fines tech firms for downplaying the Solarwinds hacks Anonymous Sudan still looks and quacks like a Russian duck Apple proposes max 10 day TLS certificate life Oopsie! Microsoft loses a bunch of cloud logs Veeam and Fortinet are bad and should feel bad North Koreans are good (at hacking) And much, much more. This weeks episode is sponsored by Proofpoint. Chief Strategy Officer Ryan Kalember joins to talk about their work keeping up with prolific threat actor SocGholish. This episode is also available on...

Risky Business #766 China hacks America's lawful intercept systems Play Episode
On this weeks show Patrick Gray and Adam Boileau discuss the weeks infosec news, including: Chinese spooks all up in western telco lawful intercept Jerks ruin the Internet Archives day Microsoft drops a great report with a bad chart The feds make their own crypto currency and get it pumped Forti-, Palo- and Ivanti-fail And much, much more. This weeks episode is sponsored by detection-as-code vendor Panther. Casey Hill, Panthers Director Product Management joins to discuss why the old just bung it all in a data lake and ??? approach hasnt worked out, and what smart teams do to handle...

Risky Business #763 Microsoft un-patches critical bug Play Episode
On this weeks show, Patrick Gray and Adam Boileau discuss the weeks security news, including: Russias disinformation peddlers face multifaceted sternness from the DoJ Telegram is now law enforcements bestest new pal, all of a sudden Irans banking industry arranges a payment plan for a ransom Columbia investigates how it sent private jets full of cash to pay for Pegasus Microsoft innovates with Un-Patch Tuesday And much, much more. This weeks sponsor is Kroll Cyber, and one of their incident responders Paul Wells joins to discuss that one weird trick that actually helps - preparing for an incident before hand,...

Rule Breaker Investing

---

December 2024 Mailbag: Portfolio-Level Thinking Play Episode
From a preschool teacher newly inspired to invest at 73 to a lifelong Fool whose Microsoft shares became a 500-bagger, this year-end Mailbag brims with transformational stories. Listeners wrestle with rebalancing versus never sell, explore layering in and out of big winners like Tesla, and reflect on optimism as both delicate and powerful. David highlights multigenerational lessonslike giftingYou Have More Than You Thinkto a nephew-turned-advisorand celebrates that its never too late to start making smarter, happier, and richer choices. This holiday season, embrace the joy of learning from each other, fueling a Foolish momentum into 2025. Host:David Gardner Producer:Desire Jones...

Secure AF - A Cybersecurity Podcast

---

Double Trouble: Microsoft Office and Fortinet FortiCloud Flaws Under Attack Play Episode
Got a question or comment? Message us here!This weeks #SOCBrief covers a dangerous double-hit: a Microsoft Office security bypass and a Fortinet FortiCloud authentication flaw, both exploited in the wild. Andrew walks through what the CVEs mean, how attackers are abusing trusted tools, and the patching and hunting steps SOC teams should take immediately.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Patch Tuesday: Zero-Day Alert and Patching Must-Dos Play Episode
Got a question or comment? Message us here!A new zero-day. 63 flaws. Endless patching chaos. This weeks #SOCBrief breaks down Microsofts November Patch Tuesday and what it means for your SOC. Well cover the top critical CVEs, patching priorities, and how to keep your systems resilient before attackers strike.Support the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

A Critical ZERO-DAY (CVE-2025-53770) Play Episode
Got a question or comment? Message us here!A critical zero-day (CVE-2025-53770) is actively targeting on-premises SharePoint servers AND its already been used to compromise over 100 organizations. In this #SOCBrief, Andrew and Tanner break down how the exploit works and what steps your team should take now. If your SharePoint instance is public-facing and unpatched ... assume compromise. Tune in for insights, mitigation tips, and what to look for in your logs.Links:https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/https://learn.microsoft.com/en-us/defender-xdr/advanced-hunting-overviewhttps://www.cisa.gov/news-events/alerts/2025/07/20/update-microsoft-releases-guidance-exploitation-sharepoint-vulnerabilitiesSupport the showWatch full episodes at youtube.com/@aliascybersecurity.Listen on Apple Podcasts, Spotify and anywhere you get your podcasts.

Security Now

---

SN 1069: You can't hide from LLMs - Was Your Smart TV a Stealth Proxy? Play Episode
Think your online alias keeps you safe? This episode reveals how advanced language models are making it trivial to de-anonymize users at scale, challenging everything we thought we knew about internet privacy. Anthropic & Mozilla improve Firefox's security. Apple & Google begin testing cross-platform RCS encryption. Ubuntu's SUDO starts echoing asterisks. Inviting a web proxy into your home. Apple devices cleared by Germany for NATO's use. A serious remote takeover of OpenClaw. TokTok won't encrypt messaging for visibility. Microsoft bans the term "Microslop" on Discord. Lot's of great listener feedback. LLMs could make Orwell's 1984 seem optimistic. Show Notes -...

SN 1065: Attestation - Code Signing Gets Tough Play Episode
How secure are your Chrome extensions and certificate signings really? This episode pulls back the curtain on a massive spyware discovery and exposes the convoluted hoops developers must jump through to prove their identity in 2026. Websites can place high demands upon limited CPU resources. Microsoft appears to back away from its security commitment. What's Windows 11 26H1 and where do I get it. Chrome 145 brings Device Bound Session Credentials. More countries are moving to ban underage social media use. The return of Roskomnadzor. Discord to require proof of adulthood for adult content. Might you still be using WinRAR...

SN 1062: AI-Generated Malware - Ireland Legalizes Spyware Play Episode
Can AI really write malware better than hackers ever could? This episode exposes the first real-world case of advanced, fully AI-generated malware and why it signals a seismic shift in cybersecurity risk. CISA's uncertain future remains quite worrisome. Worrisome is Ireland's new "lawful" interception law. The EU's Digital Rights organization pushes back. Microsoft acknowledges it turns over user encryption keys. Alex Neihaus on AI enterprise usage dangers. Gavin confesses he put a database on the Internet. Worries about a massive podcast rewinding backlog. What does the emergence of AI-generated malware portend? Show Note - https://www.grc.com/sn/SN-1062-Notes.pdf Hosts: Steve Gibson and Leo...

Shared Security

---

Best of Shared Security (2020) History Repeats Itself: Cybersecurity Challenges that Still Haunt Us Play Episode
In this best of episode of the Shared Security Podcast, we revisit a discussion from September 2020 thats just as relevant today as it was then. First, we cover how ransomware attacks forced several school districtsincluding Hartford, CT and Toledo, OHto delay or shut down classes on the very first day of school. Then we dive into Google Chromes new (at the time) update designed to block resource-heavy ads, making browsing faster and safer. Finally, we look at Microsofts warning about foreign interference attempts targeting the 2020 U.S. election. What makes this episode especially powerful to revisit is how little...

Leaked, Patched, and Still Hacked: The SharePoint Zero-Day Crisis Play Episode
This week we explore the recent Microsoft SharePoint vulnerability that has led to widespread exploitation by ransomware gangs and Chinese State-sponsored hackers. We also cover the confirmed compromise of multiple US agencies, including the Department of Homeland Security, in a large-scale cyber espionage campaign. Kevin Johnson joins to discuss the implications of these events, the underlying issues with patching systems, and the complexities of protecting applications like SharePoint. Stay informed on the latest cybersecurity developments and get insights on what might have gone wrong. Plus, get a peek at whats happening at Black Hat and DEF CON in Vegas. **...

The Great CrowdStrike Crash, AIs Role in Employee Smiles Play Episode
In episode 341, we cover the unprecedented global IT outage caused by a CrowdStrike update crash, affecting 8.5 million Windows machines. We discuss whether it’s the largest outage in history and discuss the intricacies of internet accessibility and responses from key stakeholders like Microsoft. Also, in our Aware Much segment, we explore Japan’s AI system, Mr. Smile, designed to standardize employee smiles, and its implications on employee monitoring. Plus, we welcome back Kevin and give a special shout-out to our latest Patreon supporter. ** Links mentioned on the show ** CrowdStrike update crashes Windows systems, causes outages worldwide https://www.bleepingcomputer.com/news/security/crowdstrike-update-crashes-windows-systems-causes-outages-worldwide/ https://www.bleepingcomputer.com/news/microsoft/microsoft-releases-windows-repair-tool-to-remove-crowdstrike-driver...

Social Media Warning Labels, Should You Store Passwords in Your Web Browser? Play Episode
In this episode of the Shared Security Podcast, the team debates the Surgeon General’s recent call for social media warning labels and explores the pros and cons. Scott discusses whether passwords should be stored in web browsers, potentially sparking strong opinions. The hosts also provide an update on Microsoft’s delayed release of CoPilot Plus PCs due to security concerns and reflect on the underlying privacy issues. Join Tom, Scott, and Kevin for these engaging discussions and more! ** Links mentioned on the show ** Recall recalled (delayed) https://www.bleepingcomputer.com/news/microsoft/microsoft-delays-windows-recall-amid-privacy-and-security-concerns/ The Surgeon General’s Fear-Mongering, Unconstitutional Effort to Label Social Media https://www.eff.org/deeplinks/2024/06/no-online-speech-should-not-have-warning-labels Should...

Ticketmaster Data Breach and Rising Work from Home Scams Play Episode
In episode 333 of the Shared Security Podcast, Tom and Scott discuss a recent massive data breach at Ticketmaster involving the data of 560 million customers, the blame game between Ticketmaster and third-party provider Snowflake, and the implications for both companies. Additionally, they discuss Live Nation’s ongoing monopoly investigation. In the ‘Aware Much’ segment, the rise of work-from-home job scams is analyzed, highlighting FBI warnings and tips to avoid falling victim to such schemes. The success of a past episode on Microsoft’s new recall feature is also mentioned, emphasizing privacy concerns and spirited audience discussions. ** Links mentioned on the...

Microsofts Copilot+ Recall Feature, Slacks AI Training Controversy Play Episode
Episode 331 of the Shared Security Podcast discusses privacy and security concerns related to two major technological developments: the introduction of Windows PC’s new feature ‘Recall,’ part of Microsofts Copilot+, which captures desktop screenshots for AI-powered search tools, and Slack’s policy of using user data to train machine learning features with users opted in by default. Tom and Kevin express significant concerns over the implications for privacy, data security, and the potential for misuse of these features. Discussions cover the technical workings, potential vulnerabilities, and broader impacts of these technologies on privacy and security. The episode also mentions anecdotes that...

Application Security Trends & Challenges with Tanya Janca Play Episode
In this episode, noteworthy guest Tanya Janca returns to discuss her recent ventures and her vision for the future of Application Security. She reflects on the significant changes she has observed since her career at Microsoft, before discussing her new role at Semgrep that recently acquired WeHackPurple. Tanya sheds light on her decision to partner with Semgrep, a company that aligns with her vision of providing free resources in the Application Security community. Despite facing a failed acquisition process the previous year, WeHackPurple received multiple acquisition offers, leading to a bidding war. In addition, Tanya shares her optimism about the...

Microsoft Lost Its Keys, Voice Cloning Scams, The Biden-Harris Cybersecurity Labeling Program Play Episode
In this episode, we discuss the recent Microsoft security breach where China-backed hackers gained access to numerous email inboxes, including those of several federal government agencies, using a stolen Microsoft signing key to forge authentication tokens. A TikTok influencer used a voice cloning app to expose a cheating boyfriend. But wait, there’s more to this story than meets the eye! We discuss the serious implications of voice cloning and how its being used for new types of phone scams. Lastly, we discuss the recent announcement by the Biden-Harris administration about their new cybersecurity labeling program for smart devices. Will this...

Uber Breach Guilty Verdict, Mandatory Password Expiration, Fake Executive Profiles on LinkedIn Play Episode
Former Uber CSO Joe Sullivan was found guilty of obstructing a federal investigation in connection with the attempted cover-up of a 2016 hack at Uber, NIST and Microsoft say that mandatory password expiration is no longer needed but many organizations are still doing it, and how fake executive profiles are becoming a huge problem for LinkedIn. ** Links mentioned on the show ** Guilty verdict in the Uber breach case makes personal liability real for CISOs https://www.csoonline.com/article/3676148/guilty-verdict-in-the-uber-breach-case-makes-personal-liability-real-for-cisos.html https://www.linkedin.com/posts/stuart-w-techsecscot_uberbreach-uberciso-uberhack-activity-6984057144438325248-gg1s/ Is mandatory password expiration helping or hurting your password security? https://www.helpnetsecurity.com/2022/10/04/mandatory-password-expiration-helping-or-hurting-password-security/ Glut of Fake LinkedIn Profiles Pits HR Against the Bots https://krebsonsecurity.com/2022/10/glut-of-fake-linkedin-profiles-pits-hr-against-the-bots/...

What are Passkeys, PowerPoint Mouseover Attack, 2K Games Support Hacked Play Episode
Passkeys are coming soon to Apple iOS 16 so what are passkeys and why are they an eventual replacement for passwords? Researchers have discovered a new attack that uses mouse movement in Microsoft PowerPoint to deploy malware, and details on how the 2K Games help desk support platform was compromised to push malware through fake support tickets. ** Links mentioned on the show ** Passkeys coming to iOS 16. What are Passkeys? https://developer.apple.com/passkeys/ https://www.cnet.com/tech/mobile/passkeys-more-secure-than-passwords-arrive-on-ios-16-iphone-14/ https://developer.apple.com/videos/play/wwdc2022/10092/ Hackers Using PowerPoint Mouseover Trick to Infect System with Malware https://thehackernews.com/2022/09/hackers-using-powerpoint-mouseover.html 2K Games says hacked help desk targeted players with malware https://www.bleepingcomputer.com/news/security/2k-games-says-hacked-help-desk-targeted-players-with-malware/ ** Watch this...

Janet Jackson Can Crash Laptops, Credential Phishing Attacks Skyrocket, A Phone Carrier That Doesnt Track You Play Episode
Janet Jacksons Rhythm Nation has been recognized as an exploit for a vulnerability after Microsoft reported it can crash the hard drives of certain old laptop computers, phishing attacks that compromise credentials using brand impersonation are on the rise, and details about a new privacy focused phone carrier that doesn’t track your location or web browsing activity. ** Links mentioned on the show ** Microsoft: Bug in Janet Jacksons Rhythm Nation could crash a laptop https://therecord.media/microsoft-bug-in-janet-jacksons-rhythm-nation-could-crash-a-laptop/ https://www.theregister.com/2022/08/18/janet_jackson_video_crashes_laptops/ Credential phishing attacks skyrocketing, 265 brands impersonated in H1 2022 https://www.helpnetsecurity.com/2022/08/15/landscape-email-threat/ A Phone Carrier That Doesnt Track Your Browsing or Location https://www.wired.com/story/pretty-good-phone-privacy-android/ https://invisv.com/articles/pretty-good-phone-privacy.html...

DuckDuckGo Browser Allows Microsoft Trackers, Stolen Verizon Employee Database, Attacking Powered Off iPhones Play Episode
The DuckDuckGo mobile browser allows Microsoft trackers due to an agreement in their syndicated search content contract, a database of contact details for hundreds of Verizon employees was compromised after an employee was social engineered to give the attacker remote access to their corporate computer, and details about new research that shows that even when an iPhone running iOS 15 is turned off, its really not off and certain wireless features allow the phone to be located and possibly attacked. ** Links mentioned on the show ** DuckDuckGo caught giving Microsoft permission for trackers despite strong privacy reputation https://9to5mac.com/2022/05/25/duckduckgo-privacy-microsoft-permission-tracking/ https://www.bleepingcomputer.com/news/security/duckduckgo-browser-allows-microsoft-trackers-due-to-search-agreement/...

FBI Warrantless Searches, Passwordless Sign-Ins, Keylogging Web Forms Play Episode
The FBI searched emails, texts and other electronic communications of 3.4 million U.S. residents without a warrant, Apple, Google, and Microsoft have announced they will support a new passwordless sign-in standard created by the FIDO Alliance and the World Wide Web Consortium, and details about how some websites are keylogging your data as you type it into a web form, before you hit submit. ** Links mentioned on the show ** CircleCityCon 9.0: Saturday Morning Cartoons – Indianapolis, IN Friday, July 1 – Sunday, July 3 2022 New to cybersecurity? Never been to a conference? Contact us for a chance...

LAPSUS$ Hacks Okta, Browser-in-the Browser Phishing Attack, Popular Software Package Updated to Wipe Russian Systems Play Episode
The LAPSUS$ hacking group has claimed to have hacked both Microsoft and Okta, details about a novel phishing technique called a browser-in-the-browser (BitB) attack, and how a popular software package that has 1.1 million weekly downloads released a new tampered version to condemn Russia’s invasion of Ukraine by wiping arbitrary file contents. ** Links mentioned on the show ** LAPSUS$ Hackers Claim to Have Breached Microsoft and Authentication Firm Okta https://thehackernews.com/2022/03/lapsus-hackers-claim-to-have-breached.html https://blog.cloudflare.com/cloudflare-investigation-of-the-january-2022-okta-compromise/ https://www.okta.com/blog/2022/03/updated-okta-statement-on-lapsus/ New Browser-in-the Browser (BITB) Attack Makes Phishing Nearly Undetectable https://thehackernews.com/2022/03/new-browser-in-browser-bitb-attack.html https://mrd0x.com/browser-in-the-browser-phishing-attack/ Popular NPM Package Updated to Wipe Russia, Belarus Systems to Protest Ukraine Invasion https://thehackernews.com/2022/03/popular-npm-package-updated-to-wipe.html ** Watch...

Russia Gets Hacked, Microsoft 365 Credential Stuffing, McDonalds Ice Cream Machine Hackers Play Episode
This week we discuss some of the more interesting hacks of Russian assets, technology, and more. Scott discusses recent credential stuffing attacks on Microsoft 365 accounts, and a fascinating story about ice cream machine “hackers” that are suing McDonald’s for $900 million dollars in damages. ** Links mentioned on the show ** Round up of interesting Russian hacking incidents https://www.vice.com/en/article/akvya5/russian-electric-vehicle-chargers-hacked-tell-users-putin-is-a-dickhead https://www.mirror.co.uk/news/world-news/hackers-rename-putins-73million-superyacht-26355609 https://www.thesun.co.uk/tech/17818843/anonymous-russia-space-agency-roscosmos/ Attackers use Microsoft Teams as launchpad for malware https://www.helpnetsecurity.com/2022/02/17/microsoft-teams-malware/ Ice Cream Machine Hackers Sue McDonald’s for $900 Million https://www.wired.com/story/kytch-ice-cream-machine-hackers-sue-mcdonalds-900-million/ The REAL Reason McDonalds Ice Cream Machines Are Always Broken https://www.youtube.com/watch?v=SrDEtSlqJC41 Realtime map of all broken McDonalds Ice Cream...

No Password Microsoft Accounts, Facebook Smart Glasses, Security.txt Internet Standard Play Episode
Microsoft will now allow you to login to your accounts without a password, Facebook releases its Ray-Ban Stories smart glasses, and a conversation about the security.txt “Internet standard” and if this will help or hinder a organization’s vulnerability disclosure process. ** Links mentioned on the show ** You Can Now Sign-in to Your Microsoft Accounts Without a Password https://thehackernews.com/2021/09/you-can-now-sign-in-to-you-microsoft.html Facebook already has your memories, smart glasses will get it more https://www.msn.com/en-us/news/technology/facebook-already-has-your-memories-smart-glasses-will-get-it-more/ar-AAOkt6u Does Your Organization Have a Security.txt File? https://krebsonsecurity.com/2021/09/does-your-organization-have-a-security-txt-file/ RFC 5965 – An Extensible Format for Email Feedback Reports https://datatracker.ietf.org/doc/html/rfc5965 ** Watch this episode on YouTube ** https://youtu.be/GGIv2NS3Hkc ** Thank...

CISA JCDC Announcement, Apples Child Abuse Image Scanning, Amazon Pays You for Your Biometric Data Play Episode
CISA announces the new Joint Cyber Defense Collaborative (JCDC), the controversy over Apple scanning devices for child sexual abuse material, and Amazon offers you a $10 credit if you enroll your biometric data in their palm print recognition system. ** Links mentioned on the show ** CISA to partner with Amazon, Google, Microsoft, Verizon, AT&T and more for cyberdefense initiative https://www.zdnet.com/article/cisa-to-partner-with-amazon-google-microsoft-verizon-at-t-and-more-for-cyberdefense-initiative Apple’s plan to scan phones for child abuse worries privacy advocates https://www.cnet.com/tech/services-and-software/apples-plan-to-scan-phones-for-child-abuse-worries-privacy-advocates/ Amazon will give you a whole $10 for your palm print https://www.theverge.com/2021/8/3/22607218/amazon-one-palm-print-technology-10-dollar-promo ** Watch this episode on YouTube ** https://youtu.be/NrX44LYlxOk ** Thank you to our sponsors! **...

Kaseya Ransomware Attack, PrintNightmare Zero-day, Kaspersky Password Manager Vulnerability Play Episode
Details on the Kaseya supply-chain and REvil ransomware attack, a new zero-day exploit called “PrintNightmare” affects all Windows versions before June, and how randomly generated passwords in a popular password manager were not so random. ** Links mentioned on the show ** REvil Used 0-Day in Kaseya Ransomware Attack, Demands $70 Million Ransom https://thehackernews.com/2021/07/revil-used-0-day-in-kaseya-ransomware.html https://grahamcluley.com/revil-ransomware-rampages-following-kaseya-supply-chain-attack/ Public Windows PrintNightmare 0-day exploit allows domain takeover https://www.bleepingcomputer.com/news/security/public-windows-printnightmare-0-day-exploit-allows-domain-takeover/ https://www.bleepingcomputer.com/news/microsoft/microsofts-incomplete-printnightmare-patch-fails-to-fix-vulnerability/ Kaspersky Password Manager caught out making easily bruteforced passwords https://www.zdnet.com/article/kaspersky-password-manager-caught-out-making-easily-bruteforced-passwords/ https://donjon.ledger.com/kaspersky-password-manager/ ** Watch this episode on YouTube ** https://youtu.be/phdOcE5FMY8 ** Thank you to our sponsors! ** Privacy Privacy is a tool that masks your bank...

Data Breaches vs. Data Leaks, FBI Exchange Server Controversy Play Episode
This week Tom and Kevin are back with an all new episode! Data breaches vs. recent data leaks, and the controversy over the FBI operation conducted to remove web shells from compromised Microsoft Exchange servers. ** Links mentioned on the show ** Facebook Data Breach: Heres What To Do Now https://www.forbes.com/sites/kateoflahertyuk/2021/04/06/facebook-data-breach-heres-what-to-do-now/?sh=32c7c9235708 LinkedIn says some user data scraped and posted for sale https://www.reuters.com/article/us-linkedin-dataprotection-idUSKBN2BW1D3 Scraped personal data of 1.3 million Clubhouse users has reportedly leaked online https://www.msn.com/en-us/money/other/personal-data-of-13-million-clubhouse-users-has-reportedly-leaked-online-days-after-linkedin-and-facebook-also-suffered-data-breaches/ar-BB1fweCz FBI nuked web shells from hacked Exchange Servers without telling owners https://www.bleepingcomputer.com/news/security/fbi-nuked-web-shells-from-hacked-exchange-servers-without-telling-owners/ ** Watch this episode on YouTube ** https://youtu.be/4QeFEwj64ck ** Thank you to our...

Encryption Backdoor Debate, Microsoft Exchange Attacks, Airline Supplier Data Breach Play Episode
Why is federal law enforcement (still) asking Congress for encryption backdoors? Attacks on Microsoft Exchange servers seem to have gotten worse, details on an airline supplier data breach, and the real reason Kevin hasn’t replaced his Chewbacca mannequin with Darth Vader! ** Links mentioned on the show ** The FBI Should Stop Attacking Encryption and Tell Congress About All the Encrypted Phones Its Already Hacking Into https://www.eff.org/deeplinks/2021/03/fbi-should-stop-attacking-encryption-and-tell-congress-about-all-encrypted-phones Warning the World of a Ticking Time Bomb https://krebsonsecurity.com/2021/03/warning-the-world-of-a-ticking-time-bomb/ https://krebsonsecurity.com/2021/03/a-basic-timeline-of-the-exchange-mass-hack/ https://securityboulevard.com/2021/03/huge-fallout-from-microsoft-incompetence-lets-exchange-exchange/ Airlines warn passengers of data breach after aviation tech supplier is hit by cyberattack https://www.zdnet.com/article/airlines-warn-passengers-of-data-breach-after-aviation-tech-supplier-is-hit-by-cyberattack/ ** Watch this episode on YouTube **...

The Deepfake Dilemma, Microsoft Exchange Zero-Days, IT Security Investments Play Episode
Deepfake video and audio has really advanced in recent years. Will this technology start to erode trust in the media we consume? Microsoft Exchange zero-days in the wild, and why is it that IT security investment on cybersecurity is at an all time high, yet we continue to see more data breaches? ** Links mentioned on the show ** Deepfakes are getting better and better. Should we be concerned? https://twitter.com/RachelTobac/status/1365413178327277575?s=20 https://www.vice.com/en/article/n7vgm8/heres-how-worried-you-should-be-about-those-tom-cruise-deepfakes State hackers rush to exploit unpatched Microsoft Exchange servers https://www.bleepingcomputer.com/news/security/state-hackers-rush-to-exploit-unpatched-microsoft-exchange-servers/ Why do companies fail to stop breaches despite soaring IT security investment? https://thehackernews.com/2021/03/why-do-companies-fail-to-stop-breaches.html Check out our previous episodes with...

TrickBot Takedown, VPN Flaws, Zoom End-to-End Encryption Play Episode
In episode 143 for October 19th 2020: Microsoft gets creative to help take down the TrickBot botnet, details on how attackers have been using VPN flaws to attack election support systems, and Zoom’s rollout of end-to-end encryption. ** Links mentioned on the show ** “The Social Dilemma” A Conversation about the Pros and Cons of Social Media https://sharedsecurity.net/2020/10/12/the-social-dilemma/ Microsoft and others orchestrate takedown of TrickBot botnet https://blogs.microsoft.com/on-the-issues/2020/10/12/trickbot-ransomware-cyberthreat-us-elections/ Hackers used VPN flaws to access US govt elections support systems https://us-cert.cisa.gov/ncas/alerts/aa20-283a Zoom to roll out end-to-end encrypted (E2EE) calls https://blog.zoom.us/zoom-rolling-out-end-to-end-encryption-offering/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to...

Schools Under Cyberattack, Chrome Ad Blocking Update, US Election Interference Play Episode
In episode 138 for September 14th 2020: School districts under cyber-attack, Google Chrome’s new ad blocking feature, and Microsoft’s latest alert about foreign interference in the 2020 US election. ** Links mentioned on the show ** City of Hartford postpones first day of school after ransomware attack https://www.zdnet.com/article/city-of-hartford-postpones-first-day-of-school-after-ransomware-attack/ Hackers shutdown first day of Toledo Public Schools online classes https://www.13abc.com/2020/09/08/hackers-shutdown-first-day-of-toledo-public-schools-online-classes/ Miami-Dade Schools: Students log on successfully after days of cyber slowdowns https://www.local10.com/news/local/2020/09/03/superintendent-miami-schools-platform-also-targeted-by-foreign-interference/ Google Chrome starts blocking ads that slow down the browser https://www.bleepingcomputer.com/news/google/google-chrome-starts-blocking-ads-that-slow-down-the-browser/ New cyberattacks targeting U.S. elections https://blogs.microsoft.com/on-the-issues/2020/09/10/cyberattacks-us-elections-trump-biden/ ** Watch this episode on YouTube ** https://www.youtube.com/c/SharedSecurityPodcast ** Thank you to...

The Big Twitter Hack, Critical Windows DNS Server Update, Email Impersonation Attacks Play Episode
In episode 130 for July 20th 2020: Details on the big Twitter hack which took over high-profile accounts, a major wormable critical vulnerability in Microsoft Windows DNS Server, and how email impersonation attacks take advantage of everyone working from home. ** Links mentioned on the show ** Twitter blames ‘coordinated’ attack on its systems for hack of Joe Biden, Barack Obama, Bill Gates and others https://www.cnn.com/2020/07/15/tech/twitter-hack-elon-musk-bill-gates/index.html https://twitter.com/TwitterSupport/status/1283591846464233474 Hackers Convinced Twitter Employee to Help Them Hijack Accounts https://www.vice.com/en_us/article/jgxd3d/twitter-insider-access-panel-account-hacks-biden-uber-bezos Crypto hack latest in a history of high-profile Twitter breaches https://www.hindustantimes.com/world-news/crypto-hack-latest-in-a-history-of-high-profile-twitter-breaches/story-5z9Q0hh4S3yjSmv5fgAiZK.html Microsoft warns of critical Windows DNS Server vulnerability thats wormable https://www.theverge.com/2020/7/14/21324353/microsoft-windows-dns-server-security-vulnerability-patch-critical-flaw Email...

GoDaddy Security Incident, Fake Downloaders, Firefox Lockwise Play Episode
In episode 120 for May 11th 2020: The latest on the GoDaddy security incident affecting 28,000 customers, fake Microsoft Teams notification emails and Zoom downloaders, and details on new features to the Firefox built in password manager. ** Show notes and links mentioned on the show ** GoDaddy notifies users of breached hosting accounts https://www.bleepingcomputer.com/news/security/godaddy-notifies-users-of-breached-hosting-accounts/ GoDaddy email to affected customers https://oag.ca.gov/system/files/Customer%20Notification.pdf How to combine SSH key authentication and two-factor authentication on Linux https://www.techrepublic.com/article/how-to-combine-ssh-key-authentication-and-two-factor-authentication-on-linux/ Fake Microsoft Teams Notification Emails https://www.helpnetsecurity.com/2020/05/04/fake-microsoft-teams-notification/ Fake Zoom Downloaders https://www.zdnet.com/article/hackers-target-remote-workers-with-fake-zoom-downloader/ The Firefox password manager now tells you when you use leaked passwords https://www.zdnet.com/article/the-firefox-password-manager-now-tells-you-when-you-use-leaked-passwords/ World Password Day https://www.daysoftheyear.com/days/password-day/...

Contact Tracing Controversy, Fighting COVID-19 Criminal Activity Play Episode
In episode 99 of our April monthly show: Apple and Google’s controversial efforts to create contact tracing technology, fighting COVID-19 criminal activity, and what the new normal means for startup companies. ** Show notes and links mentioned on the show ** Apple and Google to build contact tracing technology https://www.rte.ie/news/business/2020/0410/1129902-apple-and-google-to-build-contact-tracing-technology/ COVID-19 Cyber Threat Coalition https://www.cyberthreatcoalition.org/ Cyber Threat Alliance https://www.cyberthreatalliance.org/ COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic? https://krebsonsecurity.com/2020/04/covid-19-has-united-cybersecurity-experts-but-will-that-unity-survive-the-pandemic/ More cybersecurity and other vendors stepping up with free products for healthcare and other impacted organizations https://www.helpnetsecurity.com/2020/04/15/microsoft-accountguard-healthcare/ https://www.helpnetsecurity.com/2020/04/08/cybersecurity-pandemic-try-solutions/ ** Thank you to our sponsors! ** Silent Pocket Visit...

Voting by Smartphone, Jeff Bezos Hacked, Microsoft Security Breach Play Episode
In episode 96 of our monthly we discuss the controversy of voting by smartphone in our elections, the Jeff Bezos hacking incident, and the recent Microsoft support security breach. ** Show notes and links mentioned on the show ** Seattle-Area Voters To Vote By Smartphone In 1st For U.S. Elections https://www.npr.org/2020/01/22/798126153/exclusive-seattle-area-voters-to-vote-by-smartphone-in-1st-for-u-s-elections Saudi Prince Allegedly Hacked World’s Richest Man Jeff Bezos Using WhatsApp https://thehackernews.com/2020/01/saudi-prince-allegedly-hacked-worlds.html Microsoft discloses security breach of customer support database https://www.zdnet.com/article/microsoft-discloses-security-breach-of-customer-support-database/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your...

Critical Windows Vulnerability, Dating App Security Risk, Apple iOS Privacy Features Play Episode
In episode 104 for January 20th 2020: Details on the new critical Microsoft Windows vulnerability, why dating apps could pose a national security risk, and how new Apple privacy features are changing the way your data is sold. ** Show notes and links mentioned on the show ** Major Windows flaw was discovered and reported by the NSA https://www.cnet.com/news/major-windows-10-flaw-was-reportedly-discovered-by-the-nsa/ https://media.defense.gov/2020/Jan/14/2002234275/-1/-1/0/CSA-WINDOWS-10-CRYPT-LIB-20190114.PDF https://www.us-cert.gov/ncas/alerts/aa20-014a https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0601 Windows 7 end of life announcement https://support.microsoft.com/en-us/help/4057281/windows-7-support-ended-on-january-14-2020 Apples new privacy features have further rattled the location-based ad market https://digiday.com/marketing/apples-new-privacy-features-rattle-location-based-ad-market ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of...

The Password Reuse Problem, US Government IoT Recommendations, Smart Lock Security Disaster Play Episode
In episode 99: Password reuse is still a very large problem, US government recommendations for securing Internet of Things devices, and yet another smart lock device security disaster. ** Show notes and links mentioned on the show ** Password reuse continues to be a major problem https://www.microsoft.com/securityinsights/Identity https://resources.hypr.com/top-recommendations/password-usage-study https://www.nbcnews.com/news/us-news/man-hacks-ring-camera-8-year-old-girl-s-bedroom-n1100586 US government recommendations for securing Internet of Things devices https://www.bleepingcomputer.com/news/security/fbi-recommends-securing-your-smart-tvs-and-iot-devices/ https://www.bleepingcomputer.com/news/security/ftc-advises-checking-smart-toy-features-before-buying/ Another “smart” lock device security disaster https://www.helpnetsecurity.com/2019/12/11/keywe-smart-lock/ https://sharedsecurity.net/2019/10/14/hong-kong-protests-instagrams-anti-phishing-tool-smart-device-fail/ ** Thank you to our sponsors! ** Silent Pocket Visit https://silent-pocket.com to check out Silent Pocket’s amazing line of faraday bags and other products built to protect your privacy. As a listener...

WhatsApps NSO Group Lawsuit, This Week in Data Breaches, Office 365 Voicemail Phishing Play Episode
You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technologywith your host, Tom Eston. In episode 93 for November 4th 2019: The WhatsApp NSO group lawsuit plus details on Facebook’s preventive health tool, this week’s data breach news, and how attackers are using a voicemail to phish Microsoft Office 365 users. Halloween may be over but this time of year doesn’t have to be scary when it comes to protecting your digital privacy. Silent Pocket makes it easy to protect your devices with their full line of faraday bags, wallets, and other accessories...

Microsoft OneDrive Personal Vault, Googles New Privacy and Security Controls, REAL ID Deadline Play Episode
You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technologywith your host, Tom Eston. In episode 89 for October 7th 2019: Microsoft’s new OneDrive personal vault, updated privacy and security controls announced by Google, and the TSA’s announcement about the REAL ID deadline next year. I have a question for you. What’s in your daily carry? Now I’m not talking about your concealed weapon of choice (if you do legally choose to do so) but I’m talking about your wallet, backpack, clutch, or other travel accessory. If you’re looking to upgrade to something...

Biometric Security Data Breach, Critical Windows Vulnerabilities, FBI Data Harvesting Play Episode
You’re listening to the Shared Security Podcast, exploring the trust you put in people, apps, and technologywith your host, Tom Eston. In episode 82 for August 19th 2019: The BioStar2 biometric security data breach, wormable vulnerabilities in Microsoft Windows, and the FBI trying to harvest your social media data. Can you believe that this week we’re celebrating the 10 year anniversary of this podcast? For the last 10 years we’ve been talking about how your private information can be exposed through data breaches, vulnerabilities, exploits, and even through the wireless capabilities of our smartphones and laptops. It seems that in...

Critical WhatsApp Vulnerability, Facial Recognition Ban, Wormable Flaw in Windows Play Episode
This is your Shared Security Weekly Blaze for May 20th 2019 with your host, Tom Eston. In this week’s episode: A serious spyware vulnerability in WhatsApp, San Francisco bans facial recognition, and a wormable vulnerability in older Microsoft systems. Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer. Hi everyone, welcome to the Shared Security Weekly Blaze where we update...

Microsoft Email Hacked, Instagram Nasty List Phishing Scam, Facebook Third-Party Data Deals Play Episode
This is your Shared Security Weekly Blaze for April 22nd 2019 with your host, Tom Eston. In this week’s episode: Microsoft email services hacked, the Instagram “Nasty List” phishing scam, and Facebook’s attempted deals to sell your data. Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer. Hi everyone, welcome to the Shared Security Weekly Blaze where we update you...

Facebook Passwords Exposed, Android Q Privacy, Microsoft Office Targeted Play Episode
This is your Shared Security Weekly Blaze for March 25th 2019 with your host, Tom Eston. In this week’s episode: Facebook passwords exposed in plain text, Android Q’s new privacy features, and why Microsoft Office is the most popular target for cybercriminals. Protect your digital privacy with Silent Pocket’s product line of patented Faraday bags, phone cases, and wallets which will make your devices untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order during checkout. Visit silentpocket.com today to take advantage of this exclusive offer. Hi everyone, welcome to the Shared Security Weekly Blaze...

Special Guest Tanya Janca, DevOps and AppSec, Women in Cybersecurity #82 Play Episode
In this episode Tom and Scott are joined by special guest Tanya Janca who is a Senior Cloud Developer Advocate for Microsoft. We speak with Tanya about her journey into the world of AppSec, women and minorities in Cybersecurity, her advice for getting started in AppSec, her OWASP project (DevSlop), the current state of DevOps and privacy, and much more! Tanya is one of our most fun and engaging guests, it’s one not to miss! Below are show notes and links mentioned in the podcast: Tanya’s blog on Medium and her article on getting started in AppSec. Follow Tanya on...

Microsoft and Apple Security Updates, Signals Sealed Sender, Girl Scouts Data Breach WB41 Play Episode
This is your Shared Security Weekly Blaze for November 5th 2018 with your host, Tom Eston. In this week’s episode: Microsoft and Apple security Updates, Signal’s sealed sender and the Girl Scouts data breach. Silent Pocket is a proud sponsor of the Shared Security Podcast! Silent Pocket offers a patented Faraday cage product line of phone cases, wallets and bags that can block all wireless signals, which will make your devices instantly untrackable, unhackable and undetectable. Use discount code “sharedsecurity” to receive 15% off of your order. Visit silent-pocket.com to take advantage of this exclusive offer. Hi everyone, this is...

Shawn Ryan Show

---

#238 Sriram Krishnan - Senior White House Policy Advisor for AI Play Episode
Sriram Krishnan is an entrepreneur, venture capitalist, and former senior product leader at tech giants like Microsoft, Facebook, Twitter (now X), and Snap. Born in Chennai, India, he began his career at Microsoft before moving to Silicon Valley, where he contributed to product development at leading companies and later transitioned to venture capital as a General Partner at Andreessen Horowitz from 2021 to 2024, focusing on consumer and enterprise investments. In December 2024, President-elect Donald Trump appointed him as Senior Policy Advisor for Artificial Intelligence at the White House Office of Science and Technology Policy, tasked with advancing U.S. dominance...

#208 Alexandr Wang - CEO, Scale AI Play Episode
Alex Wang is the CEO and co-founder of Scale AI, a leading data platform accelerating the development of artificial intelligence applications. Founded in 2016, Scale AI provides high-quality training data for AI models, serving clients like OpenAI, Microsoft, and the U.S. Department of Defense. A former software engineering prodigy, Wang dropped out of MIT to build Scale AI, which is now valued at over $13 billion. Recognized on Forbes 30 Under 30 and TIMEs 100 Most Influential People in AI, Wang is a prominent voice in shaping the future of AI innovation and deployment. He advocates for responsible AI development...

Software Engineering Daily

---

SED News: CoreWeave IPO, Anthropics MCP, and Microsoft Turns 50 Play Episode
Welcome to the pilot episode of SED News, a new podcast series from Software Engineering Daily. Join hosts Gregor Van and Sean Falconer as they break down the weeks most important stories in software engineering, machine learning, and developer culture. In this episode, Gregor and Sean discuss the CoreWeave IPO and the companys recent acquisition The post SED News: CoreWeave IPO, Anthropics MCP, and Microsoft Turns 50 appeared first on Software Engineering Daily.

Software Engineering Radio - the podcast for professional software developers

---

SE Radio 711: Scott Hanselman on AI-Assisted Development Tools Play Episode
Scott Hanselman, the VP of Developer Community at Microsoft, speaks with host Jeremy Jung about AI-assisted coding. They start by considering how the tools are a progression from syntax highlighting and autocomplete. Scott describes the ambiguity and non-determinism of agentic loops, why vague high-level prompts usually don't give good results, and the need to express intent and steer the models. He explains how knowing fundamentals helps you create better plans and know what to ask the models, and how to treat agents differently based on your knowledge level. He discusses his experience porting Windows Live Writer to a modern .NET...

Episode 487: Davide Bedin on Dapr Distributed Application Runtime Play Episode
Davide Bedine, a cloud solution architect at Microsoft and professional Dapr enthusiast joined host Jeff Doolittle to discuss his book, Practical Microservices with Dapr and .NET. Dapr, the Distributed Application Runtime, simplifies cloud-native...

Episode 458: Daniel Roth on Blazor Play Episode
Daniel Roth from Microsoft discusses Blazor's key features and benefits of using c# full stack for building web apps with host Priyanka Raghavan.

Episode 443: Shawn Wildermuth on Diversity and Inclusion in the Workplace Play Episode
Felienne discusses diversity and inclusivity in software development with Shawn Wildermuth, Microsoft MVP and creator of the Hello World movie.

SE-Radio Episode 339: Jafar Soltani on Continuous Delivery for Multiplayer Games.mp3 Play Episode
Jafar Soltani of Rare (Microsoft Studios) discusses Continuous Delivery in AAA Games and how it can increase quality, reduce crunch, and deliver games faster. Topics include implementation and architecture, asset and delivery pipelines, and special challenges of games.

SE-Radio Episode 331: Kevin Goldsmith on Architecture and Organizational Design Play Episode
Travis Kimmel and Kevin Goldsmith discuss the correspondence between organizational design and software architecture. Their conversation covers: what Conway's Law is; Kevin's experiences in different organizational structures (e.g., Avvo, Spotify, Adobe, and Microsoft) and how those structures influenced the software architecture; what the "Reverse Conway Maneuver" is and how organizations can leverage it; how organizations can evolve existing architectures.

SE-Radio-Episode-281-James-Whittaker-on-Career-Strategy Play Episode
Edaena Salinas talks with James Whittaker about Career Strategy in the technology field. James is a Distinguished Technical Evangelist at Microsoft and author of "How Google Tests Software" and the viral blog post "Why I left Google". Topics include: Career Management, the role of mentors and managers in your career, a discussion on 1:1 meetings, job specialization and advice on when to switch jobs.

Episode 203: Leslie Lamport on Distributed Systems Play Episode
Leslie Lamport won a Turing Award in 2013 for his work in distributed and concurrent systems. He also designed the document preparation tool LaTex. Leslie is employed by Microsoft Research, and has recently been working with TLA+, a language that is useful for specifying concurrent systems from a high level. The interview begins with a []

Episode 140: Newspeak and Pluggable Types with Gilad Bracha Play Episode
This episode is a conversation with Gilad Bracha about Newspeak, type systems in general and optional/pluggable types in particular. It was recorded during DSL Devcon in the gardens of the Microsoft campus, and thanks to Gilad's "speaking like a book" way of talking it is published completely unedited :-)

Episode 129: F# with Luke Hoban Play Episode
This episode is a discussion about F# with Microsoft's F# program manager Luke Hoban.

Episode 123: Microsoft OSLO with Don Box and Doug Purdy Play Episode
In this episode we discuss Microsoft's OSLO platform with Doug Purdy and Don Box. We briefly discuss what OSLO is in general and then look at the various components of OSLO. We also look at how OSLO fits in with the general Microsoft strategy and how it compares to other DSL/Model-driven approaches. We then look at language modularization and composition and discuss the similarities with XML and Smalltalk. Finally, we discuss possible integrations of OSLO with other MD* approaches and technologies.

Episode 97: Interview Anders Hejlsberg Play Episode
In this episode we have the pleasure of talking to Anders Hejlsberg, Chief Language Strategist at Microsoft. We started by discussing his more distant past, namely, his involvement with Turbo Pascal and Borland's Delphi. We then looked at the influences Delphi had on C# and how C# evolved from Delphi. In the next section we discussed a couple of general language design issues, among them components and checked vs. unchecked exceptions. Next, we discussed interesting issues about languages of the future, static vs. dynamic typing, functional programming, meta programming as well as the importance of good support for concurrency. We...

Episode 88: The Singularity Research OS with Galen Hunt Play Episode
In this episode we talk to Galen Hunt about the Singularity research OS. Galen is the head of Microsoft's OS Research Group and, together with a team of about 30 other researches, has built Singularity. We started our discussion by covering the basics of Singularity: why it was designed, what the goals of the project are as well as some of the architectural foundations of Singularity: software isolated processes, contract-based channels and manifest-based programs. In this context we also looked at the role of the Spec# and Sing# programming languages and the role of static analysis tools to statically verify...

Episode 48: Interview Dragos Manolescua Play Episode
In this Episode we discuss software architecture evaluation with Dragos Manolescu, an architect at Microsoft's patterns & practices group. We start off the discussion by trying to define what software architecture evaluation is and when and you want to evaluate an architecture in the system's lifecycle. We then make sure evaluators set the expectations for the evaluation process right - it is important to understand that architecture evaluation is typically not primarily a review of the technology decisions made for the architecture. We then discuss the kinds of notations that are useful for describing architectures, and which of these are...

SpyCast

---

Cyberattacks, Espionage & Ransomware Inside Microsofts Threat Intelligence Center (MSTIC) Play Episode
From your Visa card to your Outlook account, and from the gas you pump into your Ford to your Windows operating system, a cyber struggle is taking place all around us. In this episode Andrew spoke to founder of Microsofts threat hunting intelligence center John Lambert, which tracks the worlds most dangerous cybercriminals and state-affiliated hackers, and the head of the Digital Security Unit Cristin Goodwin, who helps provide security support to governments and works closely with Johns team. Microsoft has billions of customers, serves millions of businesses, and works with almost every government department: to say it might have...

The Bill Simmons Podcast

---

Paul Thomas Anderson on Pursuing Filmmaking, Loving Adam Sandler, and Making 'Boogie Nights' (Ep. 306) Play Episode
HBO and The Ringer's Bill Simmons is joined by filmmaker Paul Thomas Anderson and Ringer editor-in-chief Sean Fennessey to discuss the changing landscape of selling movies (10:00), dropping out of college to pursue filmmaking dreams (20:00), working with Burt Reynolds (35:00), the art form of DVD commentary (45:00), the comedic genius of Adam Sandler (54:00), the intense setting while shooting 'The Master' (1:07:00), and writing scripts on Microsoft Word (1:18:00). Learn more about your ad choices. Visit podcastchoices.com/adchoices

Ep. 189: Steve Ballmer on Owning an NBA Franchise Play Episode
HBO and The Ringer's Bill Simmons is joined by Los Angeles Clippers owner Steve Ballmer to discuss technology's impact of viewing habits (6:00), the Clippers' need for a championship (12:00), the potential of a new Clippers arena (24:30), the Seattle expansion for the NBA (35:00), the NBA boardroom (42:00), understanding the salary cap (54:00), the future of this Clippers core (1:02:00), and the Microsoft scouting report (1:12:00). Learn more about your ad choices. Visit podcastchoices.com/adchoices

The Cloudcast

---

The Future of Enterprise Software? Play Episode
Are we ready to move into an era of wild predictions about where the future of Enterprise software is headed in 2026 and beyond?SHOW: 999SHOW TRANSCRIPT: The Cloudcast #999 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW NOTESThe SPAC-king is going to fix legacy softwareAll Enterprise software is deadMicrosoft and Software Survival (Stratechery)WHAT HAPPENS TO ENTERPRISE SOFTWARE NEXT?How much do enterprises want to write their own software?How much do enterprises wish they could write more software?How much do enterprises not understand the economics of owning their own software?How much does big SaaS or just...

How AGI will change Everything, Everywhere Play Episode
If an AGI falls in the woods and nobody can define it, did it actually fall? This week we make an exact prediction of when AGI will happen, and the 10 ways it will immediately change the world.SHOW: 986SHOW TRANSCRIPT: The Cloudcast #986 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW NOTESPlanning for AGI and Beyond (OpenAI)Machines of Loving Grace (Anthropic)Microsoft and Google has different visions/opinions on AGIAmazon reorganizes around new AGI team reporting to Andy JassyMistral CEO says that AGI is a marketing moveAGI is defined by an independent committee in new Microsoft...

Looking back on Industry Market Leaders Play Episode
After a very long roadtrip, lets explore the lessons we can learn from some of the greatest business models in tech and how or if they apply to the AI era companies.SHOW: 951SHOW TRANSCRIPT: The Cloudcast #951 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW SPONSORS:[VASION] Vasion Print eliminates the need for print servers by enabling secure, cloud-based printing from any device, anywhere. Get a custom demo to see the difference for yourself.[DoIT] Visit doit.com (thats d-o-i-t.com) to unlock intent-aware FinOps at scale with DoiT Cloud Intelligence.SHOW NOTES:7 Powers of Competitive DynamicsMicrosoft (Vol 1,...

AI & Cloud Trends for May 2025 Play Episode
Brian Gracely (@bgracely) and Brandon Whichard (@bwhichard, @SoftwareDefTalk) discuss the top stories in Cloud and AI from May 2025, including Google I/O, Microsoft Build, OpenAI, and Jony Ive.SHOW: 929SHOW TRANSCRIPT: The Cloudcast #929 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST: "CLOUDCAST BASICS"SPONSORS:[VASION] Vasion Print eliminates the need for print servers by enabling secure, cloud-based printing from any device, anywhere. Get a custom demo to see the difference for yourself.[US CLOUD] Cut Enterprise IT Support Costs by 30-50% with US CloudSHOW NOTES:Link to May 2025 News and ArticlesFEEDBACK?Email: show at the cloudcast dot...

Where do Developer-Assistants go next with AI? Play Episode
Where does the next phase of AI-assistants for software development go next? Is it an evolution of developer productivity, or a complete rethinking of the barriers and limitations for broader software development?SHOW: 924SHOW TRANSCRIPT: The Cloudcast #924 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW SPONSORS:Cut Enterprise IT Support Costs by 30-50% with US CloudSHOW NOTES:WHERE DO AI DEVELOPER-ASSISTANTS GO NEXT?A year ago it felt like co-pilots were one of the entry point use-cases for AI.Since then weve seen numbers say the uplift is 10-20% productivity.Microsoft claims that 20-30% of their code is now...

The Early AI Journey and Learning Curve Play Episode
As more companies begin to adopt AI into their workforce and day-to-day processes, it will be interesting to watch how their learning curve is spread across knowledge workers.SHOW: 920SHOW TRANSCRIPT: The Cloudcast #920 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW SPONSORS:Cut Enterprise IT Support Costs by 30-50% with US CloudSHOW NOTES:AI Horseless Carriages (AI user-experiences)HOW WILL WE VIEW AN AI AGENT IN THE CONTEXT OF HUMANS OR USERSThe low-hanging fruit, simple on-ramp is the key to early AI adoptionGoogle and Microsoft are already showing revenue increases, likely through the productivity apps bundlingExpect prices...

Bathing in the Confusion around GenAI Play Episode
Right now the news around GenAI seems scattered, all of the place, and confusing. Lets dig into whats working, whats not, and where some future trends are heading.SHOW: 902SHOW TRANSCRIPT: The Cloudcast #902 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW SPONSORS:Try Postman AI Agent Builder TodayCut Enterprise IT Support Costs by 30-50% with US CloudSHOW NOTES:Most AI Investments Will Lose Money as Market Enters Greed Cycle (Vinod Khasla, VC)My LLM CodeGen workflow (Harper Reed)"Gen AI: Too Much Spend, Too Little Benefit?" (Goldman Sachs)Microsoft cancels leases on Data Centers for AINVIDIA announces Q4 earningsAn...

Welcome to the Bi-Modal Cloud Era Play Episode
After a decade of Bi-Modal IT discussion, weve now reached the era of Bi-Modal Cloud. Balancing traditional CPU-based cloud resources is now clashing with the demands of GPU-based AI cloud needs. Lets explore!SHOW: 896SHOW TRANSCRIPT: The Cloudcast #896 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW NOTES:Public cloud providers are missing the market with AI (David Linthicum, 2025)Why digital business needs bi-modal IT (Gartner, 2015)Microsoft / Azure earnings (Jan 2025)Alphabet / Google Cloud earnings (Feb 2024)Amazon / AWS earnings (Feb 2025)WHAT HAPPENS WHEN A BUSINESS HAS TO PRIORITIZE THE LOWER REVENUE PATHSWeve come full...

Shut up and write code! Play Episode
It feels like weve gone the last 15+ years of tech without really having to directly involve politics in the discussion. But that seems to be coming to an end, in a big way. Let discuss if we can discuss tech without discussing politics.SHOW: 894SHOW TRANSCRIPT: The Cloudcast #894 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK: http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST: "CLOUDCAST BASICS"SHOW NOTES:United States vs. IBMUnited States vs. MicrosoftOracle vs. Google (Java)EU vs. Apple (AppStore)EU vs. GoogleShut up and dribble (2018)THE OLD SWIM LANES ARE NO LONGER INDEPENDENT AND ISOLATEDVendors are cloud providers, so they have to be involved...

5 Storylines that will shape Cloud and AI in 2H 2024 Play Episode
They may not be major stories, but these 5 headlines will play an important role in how AI and the Cloud evolve in the 2H of 2024.SHOW: 846SHOW TRANSCRIPT: The Cloudcast #846 TranscriptSHOW VIDEO: https://youtube.com/@TheCloudcastNETCLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW NOTES:VCs are looking to get out (Business Insider)Microsoft earnings (31%), Google earnings (29%), Amazon earnings (19%) - QtoQ earnings for the hyperscalersTHE ECONOMY WILL BE THE STORY OF 2H 2024 DUE TO THE US ELECTIONSBUT WILL ANY OF THESE OTHER STORIES GET THE ATTENTION THEY DESERVE?Are VCs going to be out on...

Cloud News of the Month - March 2024 Play Episode
Aaron (@aarondelp) and Brian (@bgracely) discuss the biggest tech stories, announcements, and trends from March 2024.SHOW: 809SHOW TRANSCRIPT: https://bit.ly/cloudcast-809-transcriptCLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS"SHOW NOTES:LINKS TO ALL THE ARTICLES FOR MARCH 2024 CLOUD NEWSSegments Covered in the Show:Good Old Fashioned Cloud NewsThe AI Innovation Continues - Speed RoundTrend 1 - KubeCon EU 2024Trend 2 - Microsoft continues to branch out from OpenAI as a partnerTrend 3 - NVIDIA held a pretty massive GTC eventFEEDBACK?Email: show at the cloudcast dot netTwitter: @cloudcastpodInstagram: @cloudcastpodTikTok: @cloudcastpodFEEDBACK?Email: show @ reasoning dot showBluesky: @reasoningshow.bsky.socialTwitter/X:...

Cloud News of the Month - February 2024 Play Episode
Welcome to the "second monthly" Cloud News of the Month. Aaron and Brian discuss the biggest tech stories and five trends from February 2024.SHOW: 801CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT OUR OTHER PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendSHOW NOTES:LINKS TO ALL THE ARTICLES FOR FEB 2024 CLOUD NEWS HERESegments Covered in the Show:Good Old Fashioned Cloud NewsThe AI Innovation Continues - Speed RoundTrend 1 - Microsoft is branching out from just OpenAI as a partner, as they shouldTrend 2 - Selling Customer Data...

The Curious Case of AI, Funding and Cloud Credits Play Episode
Big 3 cloud providers investing in AI with cloud credits. $7 trillion dollar big plans. VCs concerned about AI valuations. It feels like a new set of rules are being created.SHOW: 794CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero provides immediate and ongoing savings with 100% visibility into your total cloud spendLearn More About Azure Offerings : Learn more about Azure Migrate and Modernize & Azure Innovate!Azure Free Cloud Resource Kit : Step-by-step guidance, resources and expert advice, from migration to innovation.CloudZero Cloud Cost Visibility and SavingsSHOW NOTES:Microsoft invests $10B into OpenAIAmazon invests...

The Industry Fallout from OpenAI 2023 Play Episode
Aaron, Brian and Brandon Whichard (@bwhichard, Software Defined Talk) talk about the November OpenAI drama and how it potentially impacts the entire AI industry in 2024.SHOW: 781CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:Benedict Evans - AI, and Everything Else (2024 looking forward)Is AI the next Oppenheimer event? (Eps.770)Building the Foundations of the Modern Cloud (Eps.774)Microsoft CEO Satya Nadella on the OpenAI Debacle (Kara Swisher)NVIDIA - The Dawn of the AI Era (Acquired...

Will a New Cloud Emerge? Play Episode
Aaron Delp and Brian Gracely discuss the possibility of another major cloud provider emerging as the economy changes and new application workloads begin to take shape.SHOW: 757CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwNEW TO CLOUD? CHECK OUT - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBEReduce the complexities of protecting your workloads and applications in a multi-cloud environment. Panoptica provides comprehensive cloud workload protection integrated with API security to protect the entire application lifecycle. Learn more about Panoptica at panoptica.appSHOW NOTES:Microsoft hiring to build small reactors...

AI is the new Bi-Modal IT Play Episode
As AI begins to go mainstream in IT, were now at the stage where projects will either be AI-enabled or not, creating the new Bi-Modal IT for the 2020s. SHOW: 722CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Find "Breaking Analysis Podcast with Dave Vellante" on Apple, Google and SpotifyKeep up to data with Enterprise Tech with theCUBESHOW NOTES:Why Digital Business needs BiModal IT (Gartner 2015)Slack getting an AI ChatbotNVIDIA shares spike on demand for AI chipsAI announcements from Microsoft Build 2023Windows and the AI Platform ShiftGoogle I/O and the coming AI BattlesRed Hat...

How Microsoft Evolved Play Episode
The evolution of Microsoft under Satya Nadella provides a blueprint for how to transition companies from one focus to another. SHOW: 683CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Section is the fastest, easiest and most cost-effective way to run applications across multiple clouds.Cloudcast listeners can experience the benefits of unparalleled performance and uptime, plus the ability to scale as needed. Theres no risk to try it out run one project for free with no credit card required!CloudZero --Cloud Cost Visibility and SavingsSHOW NOTES:Bill Gates write about Internet Tidal Wave (1995)Microsoft Revenues (since 2000)How...

Follow the Cloud Money Play Episode
Jordan Novet (@jordannovet, Technology Reporter @CNBC) talks about how to analyze earnings from the big clouds, Microsofts position as the #2 cloud, and what might disrupt the Big 3 in the future.SHOW: 641CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero - Cloud Cost Intelligence for Engineering TeamsStreamline on-call, collaboration, incident management, and automation with a free 30-day trial of Lightstep Incident Response, built on ServiceNow. Listeners of The Cloudcast will also receive a free Lightstep Incident Response T-shirt after firing an alert or incident.Pay for the services you use, not the number of...

How DevOps is like Microsoft Excel Play Episode
DevOps mashes together two things, Dev and Ops. But in reality, it includes much more than that. But who owns DevOps? Does anyone use all of DevOps? And is DevOps a people, process or technology?SHOW: 605CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero - Cloud Cost Intelligence for Engineering TeamsstrongDM - Secure infrastructure access for the modern stack.Manage access to any server, database, or Kubernetes instance in minutes. Fully auditable, replayable, secure, and drag-and-drop easy. Try it free for 14 days - www.strongdm.com/signupDatadog Kubernetes Solution: Maximum Visibility into Container EnvironmentsStart monitoring the health...

Reviewing Microsoft Insight & GitHub Universe Play Episode
In October and November, Microsoft hosted the GitHub Universe and Ignite 2021 conferences, focused on Developers and Cloud Computing. We review the important announcements and analyze the future directions for Azure, GitHub, etc SHOW: 567CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CBT Nuggets: Expert IT Training for individuals and teamsSign up for a CBT Nuggets Free Learner accountMegaport - Network as a Service PlatformTry Megaport - Cloud Connectivity SimplifiedBMC Wants to Know if your business is on it's A-GameBMC Autonomous Digital EnterpriseSHOW NOTES:Microsoft Ignite 2021 AnnouncementsMicrosoft Ignite 2021 (Keynote)Everything new from GitHub Universe...

Clouds, Chaos and Change Play Episode
The next 12-18 months are going to be all about changes, chaos and a three-ring circus between the major cloud providers. The status quo is likely going to change, as plenty of new names and faces, and big money, try to steer these giant ships.SHOW: 546CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Register for Cisco Magnetic CloudAWS Data Backup for Dummies (Veeam)Choose Your Own Cloud Adventure with Veeam and AWSCloudZero - Cloud Cost Intelligence for Engineering TeamsSHOW NOTES:Castles in the Cloud (Greylock VC)Rising Tension between AWS and Partners (Business Insider)Microsoft hired ex-AWS executive...

What does Security even mean anymore Play Episode
Security has been in the news quite a bit lately, both for failures and funding. But does security even matter anymore? Nobody knows.SHOW: 544CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:Teleport Access Plane: Quickly access any computing resource anywhereTry Teleport for freeCloudZero - Cloud Cost Intelligence for Engineering TeamsSHOW NOTES:Coverage of recent Security commitments from Cloud Providers2021 Top Security Breaches (Part I, Part II)The State of Cloud Security Report (2021)Microsoft warns thousands of cloud customers of exposed databasesDOES ANYONE ACTUALLY CARE ABOUT SECURITY?This is the worst cloud vulnerability you can imagine. WHAT IS...

The Transformation of Microsoft Play Episode
Since Satya Nadella became CEO in 2014, the transformation of Microsoft has been incredible. Lets explore how he evolved the company from many previously missed opportunities. SHOW: 530CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW SPONSORS:CloudZero - Cloud Cost Intelligence for Engineering TeamsOkta - Safe Identity for customers and workforceTry Okta for FREE (Trial in 10 minutes)CBT Nuggets: Expert IT Training for individuals and teamsSign up for a CBT Nuggets Free Learner accountSHOW NOTES:Microsoft AcquisitionsHistory of Microsoft XboxHistory of Microsoft Azure10 Charts that will change your perspective on MicrosoftAREAS OF STRUGGLE FOR MICROSOFT pre-2014Social...

Is the Public Cloud growing fast enough? Play Episode
Public cloud is expected to grow 23% (overall) in 2021. Is that a fast enough pace of growth, or are there still significant barriers to adoption and faster growth?SHOW: 511SHOW SPONSORS:Cut your Cloud bills in half with Linode Linux VMs$100 in Free Credits at LinodeCloudZero - Cloud Cost Intelligence for Engineering TeamsOkta - Safe Identity for customers and workforceTry Okta for FREE (Trial in 10 minutes)CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwCHECK OUT OUR NEW PODCAST - "CLOUDCAST BASICS"SHOW NOTES:Gartner forecasts 2021 Public Cloud GrowthGartner forecasts 2021 IT Spending (Overall)Global Smartphone Market Share (2021)Apple reports quarterly earningsAmazon/AWS reports quarterly earningsMicrosoft...

AzureStack for Hybrid Cloud Play Episode
Carmen Crincoli (@carmencrincoli, Sr. ProgMgr @Microsoft) + Todd Christ (@toadster, Ent. Solutions Architect, @IntelBusiness) talk about the evolution of AzureStack, how HCI is being extended as a cloud service, and how COVID is creating new use-cases for on-premises and public cloud. SHOW: 480SHOW SPONSOR LINKS:Datadog Security Monitoring Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt.CloudAcademy - Build hands-on technical skills. Get measurable results.Get 50% of the monthly price of CloudAcademy by using code CLOUDCASTOkta - You should not be building your own...

Migrating to the Cloud Play Episode
Jeremy Winter (Partner Director of Azure Management at Microsoft) talks about what trends are driving migrations, how companies plan for success, useful tools & frameworks, and leading successful transitions.SHOW: 465SHOW SPONSOR LINKS:DivvyCloud - Achieve continuous security & compliance. Request a free trial today!DivvyCloud - The best mistakes are the ones that dont happen. Learn how IaC offers preventive cloud security.Datadog Security Monitoring Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt.CLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwPodCTL Podcast is Back (Enterprise Kubernetes) -...

Delegated Identity in the Cloud Play Episode
Christos Matskas (@ChristosMatskas, PPM Identity & Security) and John Patrick Dandison (@AzureAndChill, Principal PM Identity) at Microsoft talk about Identity in today's cloud, managing borderless environments, and how to best enforce identity.SHOW: 461SHOW SPONSOR LINKS:DivvyCloud - Achieve continuous security & compliance. Request a free trial today!DivvyCloud - The best mistakes are the ones that dont happen. Learn how IaC offers preventive cloud security.Datadog Security Monitoring Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirtCLOUD NEWS OF THE WEEK - http://bit.ly/cloudcast-cnotwPodCTL Podcast is Back...

2010's Decade in Review & Reader Mailbag Questions Play Episode
SHOW: 429DESCRIPTION: Aaron and Brian discuss the biggest trends of the 2010s decade, and answer reader mailbag questions from 2019.SHOW SPONSOR LINKS:MongoDB Homepage - The most popular database for modern applicationsMongoDB Atlas - MongoDB-as-a-Service on AWS, Azure and GCPDatadog Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt[DONUT RUN DONATIONS][FREE]Try an IT Pro ChallengeTRENDS FROM THE DECADE (2010-2019):Hype or Not?: OpenStack, HCI, Docker, Cloud Foundry (or any PaaS), Kubernetes, Blockchain, AI/ML, ServerlessThe re-invention of Microsoft (Azure, GitHub, Open Source, dropping failed efforts (Nokia,...

Reviewing Microsoft Ignite 2019 Play Episode
SHOW: 425DESCRIPTION: Aaron and Brian take a look at the Docker acquisition and review the Microsoft Ignite show and announcementsSHOW SPONSOR LINKS:Datadog Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirtThe Cyberwire - Your security news connection.The Cyberwire daily podcast[FREE]Try an IT Pro ChallengeGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:Mirantis acquires DockerSHOW INTERVIEW LINKS:Microsoft IgniteSHOW NOTES:Topic 1 - Insight and feel from the show floor and the eventTopic 2 - Azure ArcTopic 3 - Project CortexTopic 4...

Understanding HTTP/S, CDNs and Edge Proxies Play Episode
SHOW: 421DESCRIPTION: Brian talks with Julia Evans (@b0rk, software engineer, data scientist, zine artist) about the fundamentals of HTTP/HTTPS, and the interaction of web traffic with CDNs, Load-Balancers and Edge Proxies.SHOW SPONSOR LINKS:PricingWire: Monetization & Pricing Strategy for Software & Technology InnovatorsPricingWire - Pricing Metric Decision GuideDatadog Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirt[FREE]Try an IT Pro ChallengeGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:DOD awards JEDI contract to MicrosoftAWS revenues grow, but growth continue to...

Dashboards, Metrics and Observability Play Episode
SHOW: 416DESCRIPTION: Brian talks with Bjrn Rabenstein (Engineer at @Grafana) about the intersection of Dashboards, Metrics, Monitoring and Observability.SHOW SPONSOR LINKS:Digital Ocean HomepageGet Started Now and Get a free $50 Credit on Digital OceanPricingWire: Monetization & Pricing Strategy for Software & Technology InnovatorsPricingWire - Pricing Metric Decision Guide[FREE]Try an IT Pro ChallengeGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:Congress begins to investigate anti-trust behavior of Amazon and AWSMicrosoft Project Saturn to re-architect AzureStack based on containersGitHub/Microsoft acquires Semmle (code analysis)SHOW INTERVIEW LINKS:Grafana Labs HomepageBjrns talk at VelocityConf - What remains of dashboards and metrics without...

Knative Serverless Play Episode
SHOW: 414DESCRIPTION: Brian talks with Sebastien Goasguen (@sebgoa, CTO/Co-Founder at @TriggerMesh) about the evolution of the Knative project.SHOW SPONSOR LINKS:Digital Ocean HomepageGet Started Now and Get a free $50 Credit on Digital OceanPricingWire: Monetization & Pricing Strategy for Software & Technology InnovatorsPricingWire - Pricing Metric Decision Guide[FREE]Try an IT Pro ChallengeGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:HashiCorp collaborates with Microsoft to deliver service mesh as a service on Microsoft AzureHashiCorp launches key multi-cloud provisioning capabilities in Terraform Cloud for individuals, teams, and enterprisesMicrosoft acquires Movere for Cloud migrations -Stripe launches Stripe CapitalSHOW INTERVIEW LINKS:Triggermesh...

Blockchain beyond the Database Play Episode
SHOW: 411DESCRIPTION: Brian talks with Brian Platz (@bplatz, CEO/Co-Founder at @Flureee) about blockchain use-cases outside of cryptocurrencies, immutable data, graph databases, and building APIs on data.SHOW SPONSOR LINKS:Datadog Homepage - Modern Monitoring and AnalyticsTry Datadog yourself by starting a free, 14-day trial today. Listeners of this podcast will also receive a free Datadog T-shirtDigital Ocean HomepageGet Started Now and Get a free $50 Credit on Digital Ocean[FREE]Try an IT Pro ChallengeGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:Microsoft acquires JClarityAWS forbids partners from mentioning multi-cloudDoes the VMware buying Pivotal announcement happen this week or during...

Simplifying Application Development and Integration Play Episode
SHOW: 397DESCRIPTION: Brian talks with Matthew Creager (@matt_creager, Co-Founder & VP Developer Relations @manifoldco) about the challenges of cloud silos, connecting apps to multiple cloud services, the importance of collaboration beyond just coding, and how Manifold makes it simpler to integrate apps to align to business needs.SHOW SPONSOR LINKS:Digital Ocean HomepageGet Started Now and Get a free $100 Credit on Digital OceanSnowflake HomepageGet started with Snowflake at snowflake.com/cloudcastGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:Red Hat launches OpenShift 4 - Enterprise KubernetesMicrosoft and Red Hat launch Azure Red Hat OpenShift managed serviceSHOW INTERVIEW LINKS:Manifold Homepage...

Advancements in Webscale Logging Play Episode
SHOW: 396DESCRIPTION: Aaron and Brian talk with Renaud Boutet (@boutetren, VP Product Management @datadoghq) about logging, monitoring, observability, and the challenges of balancing the collection of the right data with the costs of all the data.SHOW SPONSOR LINKS:Snowflake HomepageGet started with Snowflake at snowflake.com/cloudcastDigital Ocean HomepageGet Started Now and Get a free $100 Credit on Digital OceanGet 20% off VelocityConf passes using discount code CLOUDCLOUD NEWS OF THE WEEK:A Cloud Guru raises $33M in funding to expand courses and labsMicrosoft Azure adds VMware CloudVMware Cloud on DellSHOW INTERVIEW LINKS:Datadog Homepage - Modern Monitoring and AnalyticsSHOW NOTES:Topic 1 - Welcome to...

What We Know (now) About Serverless Play Episode
Show Number: 369Overview: Aaron talks with Pam Selle (@pamasaur; Software Engineering Lead at @IOPipes) at All Things Open about the current state of Serverless applications, Serverless monitoring, and the evolution of Serverless DevOps.Cloud News of the Week:Learnings from AWS and Azure EarningsAmazon / AWS EarningsMicrosoft / Azure EarningsShow Interview Links:Pam Selle - All Things OpenIOpipe Homepage[PODCAST] @PodCTL - Containers | Kubernetes | OpenShift - RSS Feed, iTunes, Google Play, Stitcher, TuneIn and all your favorite podcast playersShow Sponsor Links:Datadog Homepage - Modern Monitoring & Analytics[Datadog] Try it yourself by starting a free, 14-day trial today. Listeners of this podcast will...

The Cloudcast #333 - Infrastructure 3.0 for AI and ML Play Episode
Aaron and Brian talk with Lenny Pruss (@lennypruss, Partner at Amplify Partners) about the evolution of application and infrastructure architectures, how AI/ML are radically changing how applications are designed, the new inputs to application systems, and how VCs are investing in companies that can augment new cloud services.Show Links:Lenny Pruss @ Amplify PartnersInfrastructure 3.0: Building blocks for the AI revolutionSoftware 2.0Infrastructure 2.0CNCF Cloud-Native LandscapeGoogle AutoMLAWS & Microsoft announce GluonAWS DeepLens[PODCAST] @PodCTL - Containers | Kubernetes - RSS Feed, iTunes, Google Play, Stitcher, TuneIn and all your favorite podcast players[A CLOUD GURU] Get The Cloudcast Alexa Skill[A CLOUD GURU] A Cloud...

The Cloudcast #306 - PaaS Adoption from Around the World Play Episode
Aaron and Brian talk with Thurupathan Vijayakumar (@ThuruTweets, Solutions Architect | Developer | Microsoft Azure MVP) about cloud deployments in Asia, the business drivers for using public cloud services, the challenges of data sovereignty, and how companies are managing their organizations to align to microservices.Show Links:Thuru's Book - Practical Azure Application Development: A Step-by-Step Approach to Build Feature-Rich Cloud-Ready SolutionsThurus BlogInterested in ServerlessConf in NYC, Oct 8-11? 20% Discount on all passesStart Serverless Skills Bundle (4 courses) - (only $49 instead of $79)FREE Alexa Development for Absolute BeginnersShow NotesTopic 1 - Welcome to the show. Youre our first guest from...

The Cloudcast #296 - KubeCon, DockerCon, Azure Functions and Bears, Oh My! Play Episode
Aaron and Brian review KubeCon 2017 (Berlin), DockerCon 2017 (Austin) and Aarons trip to Seattle to learn more about Azure Functions. They also read a bunch of sponsor ads for sponsors they don't have. Use offer code CLOUDCAST to get awesome discounts and free stuff (or not). Show Links:Get a free eBook from O'Reilly media or use promo code PC20CLOUD for a discount - 40% off Print Books and 50% off eBooks and videosCloudNativeCon + KubeCon VideosMicrosoft Azure FunctionsTriggers and Bindings for Azure FunctionsAzure Logic AppsDocker to Moby Changes| LinuxKit | containerdtheCUBE at DockerCon (videos)Show Notes:Topic 1 - Lets talk...

The Cloudcast #275 - Microsoft, Millennials & Open Source Play Episode
Brian talks with Heather Shapiro (@microheather, Technical Evangelist @Microsoft) about Microsoft's approach to Big Data, how visualization helps people grasp analytics concepts, helping students learn the basics of big data, and the millennial perspective on the tech industry today. Show Links: Get a free eBook from O'Reilly media or use promo code PCBW for a discount - 40% off Print Books and 50% off eBooks and videos Heathers GitHub Page Show Notes: Topic 1 - Welcome to the show. Tell us a little bit about your background and your talk today. Topic 2 - Microsoft big data was Excel and...

The Cloudcast #246 - The Quest for 1M Containers Play Episode
Aaron and Brian talk to Mitchell Hashimoto (@mitchellh, Founder of @HashiCorp) about the lack of VC funding for an open source Death Star, customer interest in Microsoft Azure, the need for bigger/faster schedulers, developer patterns and Zero-Trust Datacenter. Show Links: This show is sponsored by Intel Cloud For All Get a free book from O'Reilly media or use promo code PCBW for a discount on all books Hashicorp Homepage Hashicorp Adds Microsoft Azure Support Nomad 1,000,000 Container Challenge Topic 1 - Its been a little over a year since you were last on the show. Things are changing really fast...

The Cloudcast #243 - Understanding Azure Stack Play Episode
Aaron and Brian talk with Corey Sanders (@CoreySandersWA; Director of Program Management @Microsoft) and Ryan OHara (Director Private Cloud Solutions @Microsoft) about how Microsoft is attempting to bring the Azure Cloud down into customers data centers. Show Links: This show sponsored by Intel Cloud For All Get a free book from O'Reilly media or use promo code PCBW for a discount on all books Microsoft Azure Stack Homepage Microsoft Azure (Cloud) Homepage Coreys Microsoft Blog Tuesday's with Corey - Video Series Topic 1 - Youve both been at Microsoft for a good amount of time. Give us a little bit...

The Cloudcast #222 - Microsoft Operations Management Suite Play Episode
Brian talks with Jeremy Winter (Principle Group Program Manager @Microsoft) about the changing culture at Microsoft, the evolution of Hybrid Cloud management, OMS technology support and how Microsoft is listening to customers differently.* Microsoft OMS Announcement Microsoft OMS Homepage Jeremy on Channel 9 Topic 1 - Jeremy, youve been at Microsoft for a while and the company culture has been through a bunch of changes recently. Tell us about your background and whats happening at Microsoft. Topic 2 - Many people know Microsoft Systems Center, so where does OMS fit into the broader Microsoft management framework? How does this tie...

The Cloudcast #211 - Mesosphere DCOS Play Episode
Aaron talks with Ben Hindman (@benh; Co-creator of ApacheMesos, Founder of @mesosphere) about his time at Twitter, building Mesos, understanding problems at scale, how Mesos compares to Kubernetes, Mesosphere DCOS and the recent announcements with Microsoft. Interested in growing your career and networking with professionals in the Data Center and Cloud industry? Attend John Troyer's The Reckoning event, in Half Moon Bay, CA on September 13-14. Cloudcast listeners can get $100 discount by entering promo-code: CLOUDCAST. Interested in the O'Reilly Velocity NYC? Want a chance at a free pass for VelocityConf NYC? Send us your interesting journey in Web-Scale Operations...

The Cloudcast #207 - Managing Shared Cloud Resources Play Episode
Brian talks to Sumeet Singh (Founder/CEO @AppFormix) his background at Cisco and Microsoft, the challenges of shared infrastructure, how Appformix works across Docker and OpenStack, and what to expect from the start-up moving forward. Links from the show: AppFormix Homepage AppFormix VC Funding Topic 1 - Tell us about yourself and some background on AppFormix. Topic 2 - Lets talk about the core problem that AppFormix is trying to solve. Is this a public cloud problem, or does it also apply to private clouds? Topic 3 - Lets talk about the AppFormix technology. How does it work? How far does...

The Cloudcast #198 - Architecting Cloud Foundry Play Episode
Aaron and Brian talk to Chip Childers (@chipchilders, VP of Technology @CloudFoundryOrg) about the current status of Cloud Foundry projects, how Microsoft .NET will be integrated, IaaS vs. PaaS, and the CF.org thinking about overall interoperability Interested in the O'Reilly OSCON? Want to register for OSCON now? Use promo code20CLOUDfor 20% off Details to win an OSCON pass coming soon! Check out the OSCON Schedule Free eBook from O'Reilly Media for Cloudcast Listeners! Check out an excerpt from the upcoming Docker Cookbook Topic 1 - From an overall project perspective, what grades would you give Cloud Foundry in terms of...

The Cloudcast #129 - Cloud Chaos, HyperConvergence & Commoditization Play Episode
Brian talks with Greg Knieriemen (@knieriemen) and Stu Miniman (@stu) about the Open Compute Project, Cisco's future in storage, the future of software-defined and object storage, Microsoft's new CEO and how many public clouds will be optimal in the future. Music Credit: Nine Inch Nails (www.nin.com)FEEDBACK?Email: show @ reasoning dot showBluesky: @reasoningshow.bsky.socialTwitter/X: @ReasoningShowInstagram: @reasoningshowTikTok: @reasoningshow

The Mobilecast #15 - The Apple Announcements Play Episode
Brian chats with Chris Hazelton (@Chris451mobile) of 451 Research and Ray Wang (@rwang0) of Constellation Research a few minutes after the Apple Announcement is over. They discuss the announcements and how they think they will effect both the consumer and the enterprise. They delve into some of the new features that are available in the 5s and whether innovation is dead in the phone slab market as well as the colors of the 5c and how the announcement of iWork going free may effect Microsoft and consumers.FEEDBACK?Email: show @ reasoning dot showBluesky: @reasoningshow.bsky.socialTwitter/X: @ReasoningShowInstagram: @reasoningshowTikTok: @reasoningshow

The Mobilecast #14 - The Microsoft + Nokia Deal Play Episode
Brian chats with Ben Bajarin (@benbajarin), Bob Egan (@bobegan) and Matt Rosoff (@mattrosoff) as a panel and they discuss the Microsoft buyout of Nokia Devices and Services announced early this morning. They have a wide-ranging and fun discussion that starts with whether the buyout was needed, whether it was worth how much Microsoft is offering to pay for it and goes through to what we might see next from Microsoft and in the industry.FEEDBACK?Email: show @ reasoning dot showBluesky: @reasoningshow.bsky.socialTwitter/X: @ReasoningShowInstagram: @reasoningshowTikTok: @reasoningshow

The Cyber Threat Perspective

---

(Replay) Email Spoofing: From Basics to Advanced Techniques and Solutions Play Episode
Welcome to this replay on The Cyber Threat Perspective! In this episode, Brad and Spencer dive into the mechanics and recent developments of email spoofing, shedding light on how attackers are bypassing advanced email protections.In this episode, we cover:The fundamentals of email spoofing and why it's a significant threat.Insight into the recent echo spoofing campaign exploiting Proofpoint's misconfiguration.The role of SPF, DKIM, and DMARC in combating email spoofing.How threat actors are using Microsoft 365 to bypass email protections.Mitigation strategies and the latest updates from Proofpoint and Microsoft to address these vulnerabilities.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links:...

Episode 116: Painfully Persistent Problems - Weak Passwords Play Episode
In this episode, were diving into one of the most enduring cybersecurity challengesweak passwords. Well explore how poor password practices and identity management pitfalls leave organizations vulnerable to compromise. From understanding the most common mistakes to implementing effective defenses, were breaking down what it takes to fortify your systems against attackers exploiting the weakest link. Sourceshttps://www.verizon.com/about/news/2023-data-breach-investigations-report?utm_source=chatgpt.comhttps://blog.1password.com/challenges-of-shadow-it/https://www.microsoft.com/en-us/security/security-insider/intelligence-reports/microsoft-digital-defense-report-2024?msockid=2e875ee0e1fe64d22f854aa6e0746523Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Episode 112: Key Insights From The Microsoft Digital Defense Report 2024 Play Episode
In this episode, we dive deep into the newly released Microsoft Digital Defense Report 2024, which offers a comprehensive look at the latest trends in the global cybersecurity landscape. From evolving cyber threats and attack strategies to Microsoft's analysis of the most vulnerable sectors, we break down the key findings and what they mean for businesses, governments, and cybersecurity professionals. Join us as we discuss how threat actors are leveraging new technologies, the role of AI in defense strategies, and what steps organizations can take to bolster their cyber resilience. Whether you're an IT professional or just passionate about cybersecurity,...

Episode 103: Email Spoofing Play Episode
In this episode, Spencer and Brad dive into the complex maze of 3rd party email providers, filtering and spoofing. Email spoofing is a technique used by cybercriminals to disguise the sender's address in an email message, making it appear as though the email originated from a different source. This can be used for a variety of malicious purposes, such as phishing attacks, fraudulent activities, or spreading malware.DMARC Rundown - Offensive Security Blog - SecurIT360EchoSpoofing A Massive Phishing Campaign Exploiting...Spoof intelligence insight - Microsoft Defender for Office 365How attackers bypass third-party mail filtering to Office 365Spoofing Microsoft 365 Like Its 1995...

Episode 99: Tool Time - OneDriveEnum & AD Miner Play Episode
In this episode, Spencer and Tyler discuss two of their current favorite tools: OneDriveEnum for enumerating user accounts in Microsoft 365 and AD Miner for visualizing attack paths in Active Directory. We hope you enjoy and get value from this episode!Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Episode 98: Current State of M365 Attacks: Initial Access Play Episode
In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this. Topics covered:Credential Stuffing, Brute Force Attacks, Password Spraying, Prompt Bombing, Session Hijacking,Adversary-in-the-Middle (AiTM) Attacks,OAuth Phishing, Legacy Authentication Protocols,App Passwords, Conditional Access PoliciesBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Episode 97: Current State of M365 Attacks: Enumeration Play Episode
In this episode, we discuss the latest trends and techniques for enumerating Microsoft 365. We break down how attackers may identify M365 tenants, how they discover and validate accounts and what you as an IT admin can do to protect your organization in-light of this.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

11/2023 Cyber Threat Recap: Okta, Octo Temptest, Smishing Play Episode
This is the November 2023 Cyber Threat Recap. Every day our Cyber Threat Intelligence team is tracking, researching, and analyzing threats, vulnerabilities, exploits, and techniques with the purpose of keeping you up-to-date on what's relevant and important in the industry. So you can be more prepared today than you were yesterday to protect your organization.Okta Breach/1PasswordOkta says its support system was breached using stolen credentials1Password Detects Suspicious Activity Following Okta Support BreachHackers Stole Access Tokens from Oktas Support Unit Krebs on SecurityOcto Tempesthttps://www.microsoft.com/en-us/security/blog/2023/10/25/octo-tempest-crosses-boundaries-to-facilitate-extortion-encryption-and-destruction/Trendshttps://www.simplilearn.com/top-cybersecurity-trends-articleThe 10 Biggest Cyber Security Trends In 2024 Everyone Must Be Ready For NowBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow...

Episode 26: Cloud Security Quick Wins For Defenders Play Episode
In this episode Spencer and Darrius discuss a variety of things you can and should be doing to secure your cloud environments. While the majority of these quick wins pertain to Microsoft 365 and Azure, the same concepts can be applied to AWS, Okta, Duo and others. Take the time to know your environment and secure it well. We hope this episode helps give you ideas on how to further secure your cloud infrastructure.Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting...

Episode 17: Abusing WSUS for Lateral Movement Play Episode
In this episode Spencer and Brad talk about the hidden dangers of not properly protecting Microsoft WSUS Servers. That's Windows Server Update Service for those not in the know. Attackers often use legitimate functionality to gain ground and WSUS is no different.Nettitude blog discussing SharpWSUS: Introducing SharpWSUS - Nettitude LabsSpencer's fork of SharpWSUS: GitHub - techspence/SharpWSUS: SharpWSUS is a c# tool for abusing Microsoft Windows Server Update Services for Lateral MovementBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we...

9-16-22 Week in Review: Uber Hacked, Teams Cleartext Tokens, Intermittent Ransomware Encryption Play Episode
In this week's reviewUber was hackedMicrosoft Teams stores auth tokens as cleartext in Windows, Linux, MacsRansomware Developers Turn to Intermittent Encryption to Evade DetectionBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

8-26-22 Week in Review: LastPass Breach, Office 365 Abuse, DevSecOps Play Episode
In this week's reviewHackers Breach LastPass Developer System to Steal Source CodeYou Cant Audit Me: APT29 Continues Targeting Microsoft 365 | MandiantThe GitLab 2022 Global DevSecOps SurveyBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

8-5-22 Week in Review: Evasive Phishing, Tricky Malware and Initial Access Brokers Play Episode
In this week's reviewLarge-Scale AiTM Attack targeting enterprise users of Microsoft email servicesDeception at a scaleInitial Access Brokers Are Key to Rise in Ransomware AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

July 22nd 2022 CTP Week in Review: RIP Macros, Bad Luck BlackCat, Mr. Eagle Play Episode
In this week's review:Microsoft resumes default blocking of Office macros after updating docshttps://docs.microsoft.com/en-us/deployoffice/security/internet-macros-blockedA potentially dangerous macro has been blockedBlackCat ransomware attacks not merely a byproduct of bad luck'AIG' Threat Group Launches With Unique Business ModelBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

July 15th 2022 CTP Week in Review: Macros, Coin Miners, Rustomware, Cookie Phishing Play Episode
In this week's review:Microsoft DOES plan to work on blocking internet macros by default in Office, their pause is apparently temporaryThe DFIR Report - SELECT XMRig FROM SQLServerHive ransomware gets upgrades in RustFrom cookie theft to BEC: Attackers use AiTM phishing sites as entry point to further financial fraudBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

July 8th 2022 CTP Week in Review: Office Macros - BRC4 - QNAPWorm - Leaky S3 Buckets - Prevention Over Response Play Episode
In this week's reviewMicrosoft Rolls Back Decision to Block Office Macros By Default Possible APT29/Ransomware Groups Use of Brute Ratel C4When Pentest Tools Go Brutal: Red-Teaming Tool Being Abused by Malicious ActorsReversing Malware Also How is APT 29 Successful with This Phishing TechniqueRaspberry Robin/QNAPWormRaspberry Robin gets the worm earlyMicrosoft finds Raspberry Robin worm in hundreds of Windows networksNew Raspberry Robin worm uses Windows Installer to drop malwareCloud Misconfig Exposes 3TB of Sensitive Airport Data in Amazon S3 BucketPrevention Takes Priority Over ResponseBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with...

June 17th 2022 CTP Week In Review: BlackCat - LockBit 2.0 - Saitama DNS Tunneling - Exposed Travis CI Logs Play Episode
In this week's review:The rise of BlackCat (ALPHV) ransomwareMicrosoft Analysis of BlackCatAdvIntel Analysis of BlackCatRansomware Group Debuts Searchable Victim DataLockBit 2.0: How This RaaS Operates and How to Protect Against ItTranslating Saitama's DNS tunneling messages - SANS Internet Storm CenterPublic Travis CI Logs (Still) Expose Users to Cyber AttacksBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

June 3rd 2022 Cyber Threat Perspective Week in Review Play Episode
In this week's review:Microsoft Diagnostics Tool Remote Code Execution Zero DayNew Windows Search zero-day added to Microsoft protocol nightmareVendor Refuses to Remove Backdoor Account That Can...Over 3.6 million exposed MySQL servers on IPv4 and IPv6 |...APTs Overwhelmingly Share Known Vulnerabilities Rather Than Attack O-DaysBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.comBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

Threat Intel Flash Briefing May 31st 2022 - Follina - CVE-2022-30190 Play Episode
The sky IS NOT falling with this one. Is it important? Yes. Does it highlight an area that's under-researched and likely contains additional attack vectors and techniques? Absolutely. Resourceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30190https://doublepulsar.com/follina-a-microsoft-office-code-execution-vulnerability-1a47fce5629ehttps://www.huntress.com/blog/microsoft-office-remote-code-execution-follina-msdt-bughttps://github.com/NVISOsecurity/nviso-cti/blob/master/advisories/29052022%20-%20msdt-0-day.mdJohn Hammond's Excellent CVE-2022-30190 VideoBlog: https://offsec.blog/Youtube: https://www.youtube.com/channel/UCCWmudG_CTNAFBaV48vIcfwTwitter: https://twitter.com/cyberthreatpovBlog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://x.com/cyberthreatpov Follow Spencer on social Spencer's Links: https://spenceralessi.com Work with Us: https://securit360.com | Find vulnerabilities that matter, learn about how we do internal pentesting here.

The Daily Stoic

---

Ask Daily Stoic: Ryan Holiday & Tim Ferriss Discuss "Alive Time vs Dead Time" Play Episode
Ryan speaks with Tim Ferriss, the author, podcaster, and investor. Tim has written five New York Times best selling books, including The 4-Hour Workweek, The 4-Hour Body, Tools of Titans and Tribe of Mentors. His podcast, The Tim Ferriss Show, has over 400 million downloads on iTunes. He has been an early investor in over 50 companies, including Uber, Facebook, Shopify, and Alibaba. Tim writes a hugely popular blog and has spoken in front of millions of people, whether on TV or to organizations like Google, MIT, Microsoft, and Palantir.(4:57) - How Stoicism has helped them deal with COVID-19(21:30) -...

The Deep Wealth Podcast - Unlock Your Deep Wealth—In Business and Life

---

Post-Exit Entrepreneur And Now PE Investor Sunny Vanderbeck Reveals Why Business Growth Is Fueled by Company Culture (#347) Play Episode
Send us Fan MailStay optimistic and dont let the pessimism creep in. -Sunny VanderbeckIn this episode of Deep Wealth, Sunny Vanderbeck, co-founder of Satori Capital, discusses his journey from an Army Ranger to a public company CEO and finally to an investor committed to 'conscious capitalism.' Sunny shares his insights on building and sustaining mid-market companies, emphasizing the importance of creating value for all stakeholders. He talks about Satori Capitals unique approach, which combines an indefinite time horizon and a focus on business rather than just finances.03:45 Sunny's Journey: From Military to Microsoft06:56 Founding Satori Capital14:29 Microsoft's Strategy and Market...

Podcaster, Coach, Happy Engineer Zach White Reveals The Mechanics Of Massive Success In Business And Life (#249) Play Episode
Send a text"Its all OK; youre safe." - Zach WhiteJeffrey Feldberg and Zack White talk about little known but proven strategies to help optimize business and life for happiness and success. Zack shares how his engineering background helps him put success down to a formula that anyone can leverage.From working with Fortune 10 companies like Microsoft and Amazon to solopreneurs, Zack share his insights from the trenches. Jeffrey and Zack talk about the importance of energy and mindset which are fuel for your efforts and ultimate success.Click here to subscribe to The Deep Wealth Podcast to save time and effort.SELECTED...

Silicon Valley Business Development Master Kurt Davis Shares All On Growing Your Business (#218) Play Episode
Send a textDon't go at it alone, make friends and build teams because it's a lot more fun along the way. - Kurt DavisKurt Davis is a technology executive and investor with over two decades of experience building tech startups throughout Silicon valley, Europe and Asia. From 2008 to 2017, he worked with a startup called Boku where he led global business development, focusing on deals with the Apple, Microsoft, Spotify, Sony, and more.Kurt's book Navigate to the Light House, A Silicon Valley Guy to Executing Global Deals. Quantico's boat poo, whose journey from closing small sales deals to transactions...

Mitchell Chi, A Revenue Expert With 7 Successful Exits, Reveals How To Succeed In Business And In Life (#61) Play Episode
Send a text"Life is a journey. Don't be a hitchhiker." - Mitchell ChiMitchell Chi is a strategist with tactical results. As a revenue expert with consistent success in driving top-line growth, Mitchell focuses on helping businesses acquire a new account and increase market share.Mitchell has sold important launch solutions for every firm he's worked for including Apple, Oracle, and Microsoft.'Using his proven sales approach and repeatable execution model Mitchell drives new revenues, acquires new logos, and evalangizes outcomes-based results with stakeholders, CEOs, and CFOs.As an exceptional sales professional Mitchell was a top-five sales manager at Oracle Corporation and a top-two...

The Diary Of A CEO with Steven Bartlett

---

EMERGENCY EPISODE: Ex-Google Officer Finally Speaks Out On The Dangers Of AI! - Mo Gawdat Play Episode
In this new episode Steven sits down with the Egyptian entrepreneur and writer, Mohammad"Mo" Gawdat. Mo began his career atIBM Egypt as a systems engineer, before moving to NCR Abu Dhabi to cover the non-finance sector. He worked in various roles at Microsoft for seven-and-a-half years before joining Google in 2007 to start its business in emerging markets. In 2013, he joined Googles innovation arm, Google X and eventually became its chief business officer. He left this role in 2018 to focus helping one billion people become happier as part of the #onebillionhappy global movement. He is the author of...

How To Find Ultimate Fulfilment At Work: Marcus Buckingham Play Episode
Marcus Buckingham, is one of the world's most in-demand career experts and the author of several best-selling business books including, First, Break All The Rules, Nine Lies About Work and Love + Work. He is known as the worlds most prominent researcher on strengths and leadership at work, and today leads research at the ADP Research Institute. Marcus is used to consulting with teams at brands such as Disney, Coca-Cola, Microsoft and Facebook and focuses on strengths versus weaknesses, how to take feedback, how to build on strengths and identify leadership. From struggling with a stammer in his early teens,...

The Food Medic

---

S9 E4: How to become a better communicator with Adrienne Herbert Play Episode
Back for the third time, Adrienne Herbert shares her top tips when it comes to communicating effectively, drawing from her experience as a podcast host and international keynote speaker working with brands such as Microsoft, Apple and Google. Adrienne is the epitome of a digital entrepreneur, former Director of Innovation at the UKs leading fitness app Fiit, and has recently joined Jaguar Land Rover as an advisor on their Future council. Check out Adrienne over on her instagram @adrienne_ldn This episode covers: What makes a great communicator How to pitch great ideas in a clear and effective way Its not...

S8 E1: Setting boundaries and reclaiming time with Adrienne Herbert Play Episode
This episode covers:How the pandemic has changed how we work.Hybrid working and its impact on our well-beingHow companies can support their employees health Setting boundaries with workWhy we all need white space in our diary How to prevent burnout when building your career.Busy vs productive : whats the difference? Adrienne herbert is a leading wellness professional, international TEDx speaker, podcast host, and author. Adrienne is a strategic advisor at the UK's leading fitness startup Fiit and is often invited to deliver talks and workshops for brands such as Apple, Barclays & Microsoft, to motivate and empower their employees to perform...

The Fox News Rundown

---

Iran's Asymmetrical Warfare Campaign Against The U.S And Israel Play Episode
As U.S. and Israeli forces continue to dimmish Iran's military capabilities, Tehran is moving towards more asymmetrical warfare with cyberattacks and the cutting off of the important trade route of the Straight of Hormuz. Irans proxy groups using low end drones and speedboats to attack on U.S. and other Mideast nation's owned oil and energy infrastructures aim to damage the worked economy. Meanwhile, a U.S. medical device company, Stryker, confirmed they experienced a cyberattack focused on their Microsoft platform that shares patient information and real time data. More cyberattacks, like the one on Stryker, are feared to be coming as...

Business Rundown: Hardware vs. Software, Anthropic, And The Future Of AI Play Episode
On Wall Street, its a showdown between hardware and software: As the rise of AI proves once again this week, it will continue to reshape the future of our economy. February was a volatile month, driven largely by growing investor anxiety about the long-term impact of artificial intelligence. Software stocks are currently experiencing a significant sell-off, driven by fears that AI tools from companies like Anthropic will disrupt traditional "Software-as-a-Service" (SaaS) business models for major players such as Microsoft, Adobe, and Salesforce. Lou BaseneseExecutive Vice President of Market Strategy at Prairie Operating Company and a FOX News Contributorjoins FOX Business...

Business Rundown: Big Earnings Expectations, Escalating Trade Tensions With Canada Play Episode
While tens of millions of Americans are digging out from a historic winter storm, Wall Street is hoping for a scorching earnings season. Fourth-quarter earnings season kicks into high gear this week as the markets heavyweights prepare to be in the spotlight. A major focus will be on four of the magnificent seven tech giantsApple, Meta, Microsoft, and Teslaall set to report this week. But the giants don't stop there. We are also watching results from United Health, Chevron, Verizon, Boeing, and American Express. Capitalist Pig hedge fund manager and Fox Business contributor Jonathan Hoenig joins FOX Business Networks Taylor...

The Glenn Beck Program

---

Glenn Completely Changes Course on Trump's Tariffs | 2/26/26 Play Episode
Glenn kicks off the show by discussing two major developments overseas, including Israels Iron Dome and Indias alleged seizure of oil tankers tied to Russia and Iran, which Glenn argues is signaling Indias pivot toward the West economically, strategically, and on security matters. Glenn argues this is evidence that America is reversing course and becoming the leader of the free world once again.Glenn discusses the latest scandal involving Microsoft founder Bill Gates and accusations of stepping outside his marriage. Glenn admits he was wrong about something. Glenn admits hes finally come around to President Trumps use of tariffs after seeing...

Bud Light Insider Reveals What Led to Dylan Mulvaney Controversy| Guest: Anson Frericks | 2/20/25 Play Episode
Glenn discusses what he says might be the biggest story of his lifetime: Yesterday, Microsoft announced something that could change the very fabric of society. Microsoft has created a chip that it has turned into a topological conductor that Microsoft can control, which has the capability to turn into a quantum computer.After having a terrifying conversation with Grok, Glenn goes through how quickly these computers and AI bots can advance by decades. What ramifications will this have for society? The benefits of ASI are extreme, but are they worth the risk?Glenn explains why AI tools are extremely attractive to society....

Best of the Program | Guest: Anson Frericks | 2/20/25 Play Episode
Glenn discusses what he says might be the biggest story of his lifetime: Yesterday, Microsoft announced something that could change the very fabric of society. Microsoft has created a chip that it has turned into a topological conductor that Microsoft can control, which has the capability to turn into a quantum computer. Glenn takes calls from listeners to gauge their feelings on this latest AI development. Author of Last Call for Bud Light Anson Frericks joins to discuss the infamous Bud Light controversy involving Dylan Mulvaney and what the company has learned following the fallout. Learn more about your ad...

Why Is Microsoft Taking Screenshots of Your Computer?! | 5/23/24 Play Episode
The New York Times ran a hit piece against Supreme Court Justice Samuel Alito, attacking him for flying a flag at his beach house that stands for a country in distress. Glenn blasts the Lefts hypocrisy for attempting to make this an issue worthy of recusal. Glenn and Stu also shame the New York Times for running the story of Alito and claiming his relationship with his wife is a problem. Glenn reacts to Microsofts terrifying new feature being added to peoples computers, and he and Stu think of all the ways it can fail. Are head transplants now possible?...

Best of the Program | 5/23/24 Play Episode
The New York Times ran a hit piece against Supreme Court Justice Samuel Alito, attacking him for flying a flag at his beach house that stands for a country in distress. Glenn reacts to Microsofts terrifying new feature being added to peoples computers, and he and Stu think of all the ways it can fail. Are head transplants now possible? Journalist Megyn Kelly took Bill Maher to school after she pointed out the Lefts hypocrisy regarding election denial. Some counties in Oregon want to secede and join the state of Idaho. Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsoft vs. Your Privacy | Guests: Allum Bokhari & Justin Haskins | 3/4/21 Play Episode
Glenn trended on Twitter again, this time after calling the cancellation of Dr. Seuss books fascism." President Biden called Texas lifting its mask mandate Neanderthal thinking." Glenn and Stu discuss Gov. Andrew Cuomos "apology." Breitbarts Allum Bokhari joins to warn of a Microsoft-led coalition to track everything posted online. Glenn reads the speech that got a principal suspended, which warned his students about cancel culture. His attorney, Daniel Suhr, joins with insight on the lawsuit he has filed. The Heartland Institutes Justin Haskins returns with more on banks role in the Great Reset and how masks and Dr. Seuss are...

Its Debate Time! | Guests: Sen. Ted Cruz & Salena Zito | 9/28/20 Play Episode
This is not a normal election. The Left is using the State Departments strategy to flip countries and painting Trump supporters as violent. Could outages with 911 call systems and Microsoft Office be connected? Glenn and Stu run through just how close this election could be between Biden and Trump. Sen. Ted Cruz discusses tonights debate, Amy Coney Barrett, and his new book, One Vote Away, about how crucial the Supreme Court is. Reporter Salena Zito shares how she and the heartland feel about the election. BlazeTVs Steve Deace is in the studio to discuss what Biden and Trump must...

Fearing The Machines? |Guests: Andrew Wilkow & Lauren Chen | 12/05/18 Play Episode
Hour 1 Terminator time?...It's Coming Whether We Like It or Not?...A.I. = alien thinking...Market tanked yesterday, big time! but why?...Algorithm market...we are way over do for a recession? ...It's 1984 in China and they just built 1,400 prisons ...Meanwhile, our friends at Microsoft, who are already in bed with the government, just partnered with Master Card...asking people for their 'digital identity'?...the birth of a Social score system without the government involved?... 3 years of your social media history must be submitted? ...Global Warming = Transfer of Wealth?...Green is the New Red?...Politicians are the real Environmental Disasters? Hour 2 Get out...

The Joseph Carlson Show

---

The Microsoft Stock Sell-Off Explained Play Episode
00:00 Overview02:00 Microsoft13:00 Meta18:24 ASML20:08 Mastercard22:00 Tesla

Revealing My $1,400,000 Stock Portfolio Of Compounding Machines Play Episode
Join Qualtrim, the Stock Analysis platform I built and use, and join over 12,000 other paying members: https://www.qualtrim.com/00:00 Overview01:46 Google06:18 Mastercard09:40 Amazon11:20 S&P Global and Moody's12:45 ASML15:20 Netflix20:12 Microsoft21:06 Costco24:44 Intuit26:33 Salesforce28:10 Texas Roadhouse30:40 Equifax32:30 Duolingo

I Ran Valuation Analysis On The Most Popular Stocks Play Episode
00:00 Overview03:00 Mastercard08:00 Meta10:24 Adobe14:20 Amazon15:02 Duolingo17:03 Nvidia18:25 Salesforce19:25 Google21:05 Microsoft21:25 Uber22:50 Netflix26:00 Tesla28:10 Palantir29:50 ASML31:30 Paramount Hostile Bid40:50 Fail Of The Week: Waymo vs Kitkat

The Stock Market Valuation Is Worrying Analysts Play Episode
- Expert warns about "irrational" market- ASML goes above $1,000- Elon Musk goes to war with Netflix- Microsoft raises prices by +50% on Game Pass- FICO goes after Equifax- Peter Lynch Interview Reaction

Here's A Full Look At My $1.3 Million Stock Portfolio Play Episode
00:00 Overview04:48 Duolingo09:20 Netflix12:47 Amazon14:42 S&P Global16:22 Microsoft18:49 Mastercard20:33 Google26:10 Costco27:53 Intuit29:32 Texas Roadhouse31:12 Booking Holdings33:22 Moody's35:00 Salesforce37:06 Equifax39:22 ASML

Microsoft Just Changed The Game Play Episode
00:00 Microsoft14:20 Meta22:40 S&P Global25:00 FICO30:00 Mastercard31:30 Spotify

Amazon Microsoft Apple and Meta Report Earnings This Week Play Episode
00:00 Intro02:20 Spotify06:30 United Health Group09:30 Sofi10:50 Visa & Mastercard12:15 Booking Holdings16:30 Starbucks and Cheesecake Factory18:40 Microsoft26:50 Meta31:01 Apple35:07 Amazon

My Investing Game Plan If The US Goes To War With Iran Play Episode
00:00 The US and Iran Situation06:00 My Game Plan13:50 Amazon CEO Says Fewer Employees25:30 The Robotaxi Battle Heats Up32:50 Sam Altman Microsoft & Meta Dispute

Ten AI Stocks To Buy Now Play Episode
00:00 Introduction02:50 Focusing On AI05:00 ASML08:20 Meta09:26 Amazon12:28 Intuit14:40 Nvidia15:50 Salesforce19:10 Microsoft19:50 Google22:00 Oracle23:03 Palantir24:40 Brad Gerstner AI Thoughts33:36 Meta Buys AI Company34:30 Disney Sues AI Company

The 5 Best Growth Stocks for Second Half Of 2025 Play Episode
00:00 Introduction01:30 Quatrim Plug02:30 Portfolio Performance08:00 Netflix Analysis17:40 Amazon Analysis26:51 Google Analysis32:00 Microsoft Analysis35:30 S&P Global Analysis36:50 Meta Full AI Ads40:40 Tom Lee Bull Market

The US-China Trade Deal Explained Play Episode
00:00 intro02:05 US-China Trade Deal16:03 Biggest Fail Of The Year21:13 Regulation of Pharma Prices28:24 Why Is Microsoft Azure Growing So Fast

Big Tech Just Saved The Stock Market Play Episode
00:00 Intro02:21 Big Tech vs The Bears07:00 Microsoft Earnings14:00 Apple Earnings 17:46 Meta Earnings22:58 Amazon Earning29:40 Job Report34:15: GTA 6 Delay

Why the Negative GDP Report Isnt What It Seems Play Episode
00:00 Intro02:00 Portfolio Overview04:55 The Upcoming Recession11:11 S&P Global Earnings17:33 Visa Earnings19:50 Booking Holdings Earnings25:00 FICO Earnings25:48 Spotify Earnings26:46 Microsoft / Meta Upcoming Earnings27:00 Amazon Upcoming Earnings

Big Tech is About To Save The Market Play Episode
00:00 Intro03:00 S&P Gobal08:22 Spotify11:59 Visa / Mastercard14:20 Booking Holdings18:14 Microsoft22:00 Meta22:30 Amazon34:15 Apple

The Most Undervalued Stocks In The Market Play Episode
00:00 Introduction04:21 Apple07:25 Google10:18 Costco14:09 FICO16:48 Amazon20:30 S&P Global21:30 Texas Roadhouse24:35 Moody's25:25 Palantir27:45 ASML29:34 Salesforce31:15 Microsoft33:25 VICI33:50 Mastercard36:00 Uber38:15 Intuit39:56 Booking Holdings43:10 Netflix

Nvidia Reports Earnings This Week Play Episode
00:00 Introduction03:37 Booking Holdings Results06:10 Texas Roadhouse Results08:16 Dominos Results08:49 Hims Earnings15:06 Home Depot & Lowes Earnings16:40 Intuit Earnings21:01 Salesforce Earnings27:00 Nvidia Earnings31:53 Apple $500b investment36:53 Microsoft Cancels Data Leases38:34 Streaming Is Taking Over Cable

Big Tech Is About To Respond To DeepSeek (Earnings Preview) Play Episode
Apple, Microsoft, Meta, Tesla, ASML, all report earnings this week.

Top Ten Deep Value Stocks For 2025 Play Episode
00:00 Intro 02:04 Alibaba 05:37 Google 06:45 ASML 09:50 Berkshire Hathaway 14:02 Citigroup 16:10 Everest Group 18:45 LVMH 19:33 Moderna 21:31 SLB 22:25 Uber 27:43 Netflix NFL Stream 30:57 Microsoft Forces Copilot

Reviewing The Biggest Earnings This Week Play Episode
00:00 Intro 02:55 Portfolio Update 09:50 Amazon 23:20 Meta 26:50 Booking Holdings 30:40 Apple 34:26 Microsoft

The Biggest Earnings Week Just Started Play Episode
00:00 Intro 02:21 Qualtrim Earnings Calendar 06:54 Google 16:14 McDonalds 18:31 Visa 20:30 Microsoft 24:28 Meta 27:35 Booking Holdings 30:10 Starbucks 32:26 Mastercard 33:55 Uber 35:25 Apple 38:54 Amazon

We're Off To An Amazing Start Play Episode
00:00 Intro 02:07 Portfolio Update 04:11 Texas Roadhouse 08:49 Moody's and S&P Global 10:40 Canadian Pacific 13:18 Tesla 21:55 Microsoft's Subscription Gaming

This Super Investor Sold At The Bottom Play Episode
00:00 Intro 02:05 Selling At The Bottom 16:30 Moody's Earnings 17:53 Unhappy Amazon Employees Can Quit 23:07 Salesforce vs Microsoft

Reviewing My Entire $700,000 Stock Portfolio Play Episode
00:00 Intro 02:35 Investment Philosophy 04:35 S&P Global 07:00 Mastercard 09:45 Costco 13:48 Texas Roadhouse 16:53 Moody's 19:35 Booking Holdings 22:10 Salesforce 24:32 VICI 26:54 Intuit 29:20 Microsoft 31:28 Canadian Pacific 34:00 Apple

Google Is Now Officially An Illegal Monopoly Play Episode
00:00 Intro 02:48 Google Loses Monopoly Case 12:29 Airbnb Slowdown 17:30 Disney Streaming Profits 20:40 Microsoft and CrowdStrike blame Delta

Microsoft Is Selling Off After Earnings Play Episode
00:00 Intro 04:50 Microsoft Sell Off 09:38 Google Earnings Analysis 12:53 Moody's Earnings 15:40 S&P Global Earnings 16:57 Texas Roadhouse Earnings 21:30 PayPal Earnings 24:15 CrowdStrike Lawsuit 35:10 Cancel Netflix Campaign

Lets talk about earnings this week Play Episode
00:00 Intro 01:40 McDonalds 05:55 Sofi 09:20 PayPal 12:48 Microsoft 19:00 Starbucks 23:00 WingStop 24:17 Mastercard 26:00 Meta 30:45 Amazon 38:00 Apple 43:18 Booking Holdings

Microsoft Is Spending $100 Billion To Build An AI Super Computer Play Episode
Microsoft is building a $100 billion AI super computer. Amazon ditches their walk out tech. Disney fights off activist investors. Steve Eisman wants interest rates to stay the same.

Earnings Week 2 Has Started Play Episode
Microsoft, Google, Apple, Meta, Amazon are all reporting earnings this week! Here's what to expect.

Episode 355 - Microsoft Is Now Unstoppable Play Episode
Microsoft has somehow managed to become the leader in AI, with a lucky partnership with OpenAI. We discuss the implications this has on the stock and its long-term future.

Episode 352 - Google Is Falling Behind In Cloud Play Episode
In this episode we discuss the troubles Google has in cloud, along with Microsoft, Meta, Vici, Canadian Pacific earnings reports.

Biggest Earnings Predictions This Week Play Episode
00:00 Introduction 02:50 My Portfolios 04:25 Coca Cola 06:50 Verizon 09:20 Spotify 11:45 Microsoft 16:15 Google 22:08 Snapchat 23:10 Visa & Mastercard 26:36 Canadian Pacific 27:48 VICI 28:40 Thermo Fisher Scientific 29:50 Texas Roadhouse 30:50 Meta 34:40 Tractor Supply Company 37:10 Amazon 41:56 Chipotle

Google Search May Be In Trouble Play Episode
The CEO of Microsoft takes the stand in the courtroom and does not hold back against Google. In his testimony, he paints Google out to be a large anti-competitive company that boxes out all viable competition. Google gets the chance to respond.

I Compared My Portfolio Against The S&P 500 Play Episode
00:00 Introduction 04:00 S&P Global 09:40 Mastercard 11:33 VICI 14:50 Apple & Microsoft 17:32 Costco 22:18 Texas Roadhouse 25:09 Intuit 26:07 CPKC & Union Pacific 27:00 Chipotle

The Biggest Earnings Week 2 (My Predictions) Play Episode
00:00 Intro 02:34 Dominos 06:14 Verizon and AT&T 09:46 Spotify 12:40 Microsoft 16:20 Google 18:40 Snapchat 20:19 Visa and Mastercard 22:35 Union Pacific 24:20 Meta 26:30 Chipotle 28:51 McDonalds 29:44 Crocs 31:50 Intel 33:10 Roku

Episode 332 - Inflation Is Done, What I'm Doing Now Play Episode
00:00 Preview 01:35 Inflation Is Done 10:16 Microsoft Merger 17:55 Terry Smith Update 24:50 Amazon Prime Day

Episode 319 - Buffett: This Is Way Better Than Any Of Our Companies Play Episode
00:00 Introduction 02:40 Buffett's General Life Advice 10:31 Understanding Human Behavior 17:50 Emotional Investing 19:28 Is Diversification Necessary 21:45 Elon Musk 26:15 This Business is Way Better Than Any Of Our Companies 30:19 Buffett on Paramount 31:12 Microsoft Merger

Microsoft, Google, Meta Earnings Full Breakdown Play Episode
Topics covered in this video: - Microsoft, Google, Meta Earnings - Activision being blocked by the UK - Apple winning Epic Games trial - Redditor losing 100k to BBBY stock

Big Earnings This Week (My Predictions) Play Episode
Google, Meta, Microsoft, Amazon, Chipotle, Mcdonald's, Intel, and much more are reporting earnings this week. In this video, I go through each company and my predictions on how it will play out.

Episode 312 - I Might Spend $10,000 On This Stock Today Play Episode
The Activision Blizzard Microsoft deal gets closer. In this video I do analysis on the upside potential of investing now.

Episode 304 - Microsoft Just Won The Search Wars Play Episode
I want to be clear about something, because I don't want this to get taken out of context when Google stock goes up in the future, which I fully expect it will. *I'm bullish on Google and currently have over $10,000 invested in the company in my growth portfolio*.   In terms of Google losing this battle, it's about positioning. Google is already the dominant market leader in search with high margins. This means that they do not have any room for market share gain, and they don't have room to improve margins, in this specific situation, battling Microsoft's Bing, the...

Episode 302 - The Secret Microsoft Will Not Say Play Episode
A monopoly will never talk about being a monopoly.

The Secret That Microsoft Will Not Say Play Episode
In Episode 302 we discuss Microsoft's earnings report and the CEO, Satya Nadella pouring cold water on the future outlook of the company.

Big Tech Is Cheap Play Episode
I believe Amazon, Apple, Microsoft, Google, and Meta are cheap. Here's why.

Episode 293 - Microsoft Is In Trouble Play Episode
Microsoft is coming under fire for their acquisition of Activision Blizzard.

Joseph Carlson Ep. 259 - Stocks Go Insane! Meta, Google, and Microsoft Earnings (My Reaction) Play Episode
Qualtrim Insights: https://www.patreon.com/josephcarlson Dividend Portfolio: https://m1finance.8bxp97.net/P09WYq Growth Portfolio: https://m1finance.8bxp97.net/9Wdnv4  Revenue Charts: https://qualtrim.com/

Episode 233: Apple's Master Plan Revealed (Investors Should Know) Play Episode
In episode 233 we discuss Apple's master plan into becoming more like Microsoft.

Episode 216 - Microsoft To Buy Activision Blizzard For 68 Billion (My Reaction) Play Episode
In episode 216, we discuss the breaking news that Microsoft has agreed to buy Activision Blizzard for 68 billion dollars.

Episode 173 - My Top Stock Picks Just Had Earnings News Play Episode
Apple, Microsoft, VICI, and other top dividend stocks just had their earnings report. I give my reactions to their report as well as we discuss Scarlett Johannson suing Disney and the booming trend of buy now pay later. Patreon: https://www.patreon.com/josephcarlson Dividend Portfolio: https://m1finance.8bxp97.net/DVQ6Y2 Growth Portfolio: https://m1finance.8bxp97.net/9WeaW3 Join the Patreon and get access to a discord community with over 1,500 active members. Exclusive episodes, qualtrim (dividend tracking app and website), notifications of buys/sells, and much more. 00:00 Intro 03:30 Apple earnings 10:18 Microsoft earnings 10:56 VICI earnings 20:32 Scarlett Johansson suing Disney 24:27 Paypal buy now pay later trend 28:17 Is...

Episode 149 - Why Media And Code Make People Rich Play Episode
In this episode, I discuss why Media and Code are two industries that create so much wealth. We also discuss Microsoft's earnings. Patreon: https://www.patreon.com/josephcarlson Growth Portfolio: https://m1finance.8bxp97.net/ORRVBW Dividend Portfolio: https://m1finance.8bxp97.net/b3anNb Merch: https://teespring.com/stores/the-joseph-carlson-show Two Free Stocks: https://act.webull.com/k/naFfOIQZVjzi/main *If you sign up and put in $100 after using that Webull link, you get two free stocks, I get some money, Webull gets a chance to show off their brokerage to you, win-win. Second channel: https://www.youtube.com/channel/UCfCT7SSFEWyG4th9ZmaGYqQ M1 Finance (broker used in video): https://m1finance.8bxp97.net/973xy Instagram: https://www.instagram.com/joecarlsonshow/ Twitter: https://twitter.com/joecarlsonshow Apple Podcast: https://podcasts.apple.com/us/podcast/the-joseph-carlson-show/id1469457886 Have a question for me? Email me: joseph@josephcarlsonshow.com (I won't share your name...

Episode 148 - How To Find High Quality Stocks Play Episode
In this episode, I review what I think makes a company high quality or low quality. We discuss the pros and cons of financial YouTubers sharing their stock picks and portfolios. And I respond to an email of someone who turned $237 to $30,000 in Dogecoin. Patreon: https://www.patreon.com/josephcarlson Growth Portfolio: https://m1finance.8bxp97.net/ORRVBW Dividend Portfolio: https://m1finance.8bxp97.net/b3anNb Merch: https://teespring.com/stores/the-joseph-carlson-show Microsoft Charts: https://hypercharts.co/msft?r=smtCSTd6 Two Free Stocks: https://act.webull.com/k/naFfOIQZVjzi/main *If you sign up and put in $100 after using that Webull link, you get two free stocks, I get some money, Webull gets a chance to show off their brokerage to you, win win win. Second...

Episode 115 - Microsoft's Push Into Gaming Play Episode
Microsoft makes another major push into gaming by buying Bethesda. Nikola is in peril and fires Trevor Milton in an effort to salvage the situation. Apple is under pressure from multiple companies forming a "Coalition of App Fairness" to reform Apple's app policies. Enjoy this episode? Please consider subscribing: https://bit.ly/2xwiNdj View My Portfolio: https://m1finance.8bxp97.net/vRkWL Discord + Portfolio website: https://www.patreon.com/josephcarlson M1 Finance (broker used in video): https://m1finance.8bxp97.net/973xy Instagram: https://www.instagram.com/joecarlsonshow/ Twitter: https://twitter.com/joecarlsonshow Apple Podcast: https://podcasts.apple.com/us/podcast/the-joseph-carlson-show/id1469457886 00:00 - Intro 02:08 - Microsoft's push into gaming 10:28 - Nikola is a mess 17:45 - The Coalition of App Fairness 24:10 - How to invest...

Episode 107 - Microsofts Incredibly Dangerous Deal With TikTok Play Episode
Microsoft is trying to buy TikTok. Warren Buffett keeps buying Bank of America. And Disney reports it's quarterly earnings and subscriber growth. We discuss all of this plus a portfolio update of my dividend portfolio and respond to questions and emails from previous episodes. View My Portfolio: https://m1finance.8bxp97.net/M91K3 Discord (free until first of month) + Dividend Tracker: https://www.patreon.com/josephcarlson M1 Finance (broker used in video): https://m1finance.8bxp97.net/973xy 0:00 Intro 2:41 Microsoft dangerous deal with TikTok 15:15 Portfolio update 18:40 Warren Buffett buying Bank Of America 21:55 Disney subscriber growth 27:43 Tax plans 30:12 How big can Apple get? 32:32 Owning oil stocks...

Episode 105 - Is Bill Ackman Shorting My Portfolio? Hes Short High Yield Companies! Play Episode
Is Bill Ackman shorting my portfolio? We take look at the high yield companies he is short. Am I giving up on dividend investing? Tesla reports another profitable quarter with one big caveat. And Microsoft continues to gain market share and compete against Slack. View My Portfolio: https://m1finance.8bxp97.net/M91K3 Discord + Dividend Tracker: https://www.patreon.com/josephcarlson M1 Finance (broker used in video): https://m1finance.8bxp97.net/973xy View My Roth IRA: https://m1finance.8bxp97.net/qaBeN 0:00 - Intro 0:45 - Bill Ackman's Short 4:53 - Am I giving up on dividend investing? 12:16 - Do as I say, not as I do 13:29 - Tesla and Microsoft report earnings 19:06...

The Kim Komando Show

---

Iran declares war on your data Play Episode
Iran-linked hackers wiped out Stryker, one of America's biggest medical companies, erasing 200,000 devices overnight. Now Google, Amazon and Microsoft could be next. Here's what the escalating cyber war means for you. Plus, Uber's women-only rides, a fresh batch of emojis, and how AI is secretly jacking up your electric bill. And after her truck flipped into a freezing river, Andi Burns had only four inches of air and no way to reach her phone. Her $399 Apple Watch saved her life. Hour 1: 0:00 Hour 2: 34:33 Hour 3: 1:08:29.356 Learn more about your ad choices. Visit megaphone.fm/adchoices

Microsofts next move: Pay up or get left behind Play Episode
Windows 10 is officially done October 14. RIP. Dont worry you can pay Microsoft $61 per device for extended support. And it doubles every year. Cool. Plus, the Hello, pervert scam sweeping inboxes, side hustles that actually pay, and AI gunning for your job. Learn more about your ad choices. Visit megaphone.fm/adchoices

Art heists, redacted documents and iPads Oh my! Play Episode
I talk to David from Gainesville, Florida, who was looking for advice to beef up his business but ended up spilling the tea on a wild unsolved mystery. Then, how that tracker on your cat could double as the perfect stalking device. Plus, why your computer may be headed for the garbage, Microsofts debut in the world of fashion, and why youll be seeing more iPads on college football sidelines this season. Learn more about your ad choices. Visit megaphone.fm/adchoices

She ran a spy ring for North Korea Play Episode
An Arizona woman helped North Korean IT agents land fake remote jobs at 309 U.S. companies. Plus: you can now pay down national debt with Venmo, Microsoft reveals jobs AI is coming for, and why Mark Cuban reads 700 emails a day. Learn more about your ad choices. Visit megaphone.fm/adchoices

The 9-to-5 is dead June 21st, Hour 1 Play Episode
Microsoft says late-night meetings are up 16%. Burnout much? I also talk to an Uber driver almost tricked into trafficking stolen goods. Plus: Trump Orgs new phone biz, Bible stories on TikTok, and a smart way to check your internet speed. Learn more about your ad choices. Visit megaphone.fm/adchoices

June 22nd, 2024 Play Episode
Temus parent company is linked to the Chinese government. Is your data safe? Nvidia passes Microsoft as the worlds most valuable company. Plus, Ozempic scams surge, and AI-powered sex dolls. That and much more, plus all your calls and questions! Learn more about your ad choices. Visit megaphone.fm/adchoices

March 2nd, 2024 Play Episode
Biden stops countries of concern from buying our data in bulk. Plus, 17 million LoanDepot customers hacked, AT&Ts $5 apology for network outage and Apple cancels its EV car project. Also, Microsofts Copilot AI gets a big ego. That and much more, plus all your calls and questions. Learn more about your ad choices. Visit megaphone.fm/adchoices

September 23rd, 2023 Play Episode
A 14-year-old girl found an iPhone taped to the back of an airline toilet she thinks it was put there on purpose. Elon Musks hunt for Neuralink volunteers, Yelps new phony review index and a drone pilot chases a bear out of a tree with a drone. Plus, the latest Microsoft AI updates. All that and much more, along with all your calls and questions. Learn more about your ad choices. Visit megaphone.fm/adchoices

January 14th, 2023 Play Episode
In this weeks show, Microsoft is spending $10 billion to make game-changing AI even smarter, and theres a social media lawsuit you need to know about. Plus, a nasty scam targeting widows, signs your phone or computer is infected with a keylogger, and five things you need to stop buying in 2023. And a secret way to get ahold of someone whose phone is on Do Not Disturb. That and much more, plus all your calls and questions. Learn more about your ad choices. Visit megaphone.fm/adchoices

The President's Daily Brief

---

July 25th, 2025: Chinese Hackers Breach US Nuclear Weapons Agency & Zelensky Backs Down Play Episode
In this episode of The President's Daily Brief: Microsoft sounds the alarm after revealing that Chinese hackers breached a U.S. agency tied to Americas nuclear weapons stockpile. Mass protests and European Union backlash force Ukrainian President Volodymyr Zelenskyy to propose a new anti-corruption bill. Voice of America is under scrutiny following claims that executives met with Chinese officials to discuss more favorable media coverage. And in todays Back of the BriefIran agrees to host U.N. nuclear watchdogs but refuses to grant them access to any actual nuclear sites. To listen to the show ad-free, become a premium member of The...

October 16th, 2024: North Korean Troops in Ukraine, Israel's Ultimatum, & Cyber Threats from Russia, China, and Iran Play Episode
In this episode of The President's Daily Brief: New details emerge about North Korean troops fighting alongside Russian forces in Ukraine, with some sources suggesting that Pyongyang may have deployed up to 10,000 soldiers to the battlefield. The Biden administration reportedly delivers an ultimatum to Israel, threatening to withhold military aid unless humanitarian conditions in Gaza improve within 30 days. A new report from Microsoft reveals an alarming alliance between Russia, China, and Iran, utilizing criminal networks to escalate their cyberespionage operations. In todays Back of the Brief: An internal Border Patrol memo uncovers that nearly one-third of surveillance cameras...

August 12th, 2024: Trump Campaign Hacked, Ukraine Pushes into Kursk, & Iranian Retaliation Delayed Play Episode
In this episode of The President's Daily Brief: The Trump campaign reveals that its internal emails were hacked, with accusations pointing towards Iranian actors. This comes shortly after a Microsoft report on Iranian interference in the 2024 U.S. election. An update on the Ukrainian incursion into Kursk, where Kyivs troops are advancing deeper into Russian territory. The latest from the Middle East as reports suggest Irans Supreme Leader Khamenei has agreed to delay the countrys anticipated retaliation against Israel. In today's Back of the Brief, a potential twist in Venezuela's political situation: The Wall Street Journal reports that the U.S....

PDB Afternoon Bulletin | August 9th, 2024: Biden's Ceasefire Hail Mary & Iran Targets US Presidential Campaigns Play Episode
In this episode of ThePDB Afternoon Bulletin: With the Middle East teetering on the brink of war, the U.S., Egypt and Qatar are making a last ditch push to secure a ceasefire deal between Israel and Hamas. Microsoft is warning that Iranian cyber operatives are attempting to influence and monitor the U.S. presidential election, going so far as to try breaking into the account of a high-ranking official on a U.S. presidential campaign. To listen to the show ad-free, become a premium member of The Presidents Daily Brief by visiting PDBPremium.com. Please remember to subscribe if you enjoyed this episode...

The Team House

---

20+ Years in the CIA & 16 Years as CSO of Microsoft | Mike Howard | Ep. 321 Play Episode
Mike Howard is the former Chief Security Officer (CSO) at Microsoft for 16 years, with previous careers at the Central Intelligence Agency (CIA) for 22 years and in my youth, a few years with the Oakland, California Police Department.https://www.mikehowardauthor.comOrder Jack Murphy's new book "We Defy: The Lost Chapters of Special Forces History" today! https://www.amazon.com/We-Defy-Chapters-Special-History-ebook/dp/B0DCGC1N1N/Support the show here:https://www.patreon.com/TheTeamHouse___________________________________________________Subscribe to the new EYES ON podcast here:https://www.youtube.com/@EyesOnPodcast/featured-Today's Sponsors:GhostBedhttps://www.ghostbed.com/houseFOR 50% OFF!!!Mando https://shopmando.comPromo code "TEAMHOUSE" for 40% off your starter pack.____________________________________Pre-order Jack Murphy's new book "We Defy: The Lost Chapters of Special Forces History" today! https://www.amazon.com/We-Defy-Chapters-Special-History-ebook/dp/B0DCGC1N1N/To help support the show and for all bonus content...

The Tim Ferriss Show

---

#806: How Rich Barton Built Expedia and Zillow from $0 to $35B Audacious Goals, Provocation Marketing, Scrabble for Naming, and Powerful Daily Rituals Play Episode
Rich Barton is the co-founder and co-executive chairman of Zillow, a company transforming how people buy, sell, rent, and finance homes. Before Zillow, Rich founded Expedia within Microsoft in 1994 and successfully spun the company off as a public company in 1999. He served as president, CEO, and board director of Expedia and later co-founded and served as non-executive chairman of Glassdoor.Sponsors:Ramp easy-to-use corporate cards, bill payments, accounting, and more: https://ramp.com/tim (Get $250 when you join Ramp)Cresset prestigious family office for CEOs, founders, and entrepreneurs: https://cressetcapital.com/tim (book a call today)Shopify global commerce platform, providing tools to start, grow, market, and manage a retail business: https://shopify.com/tim (one-dollar-per-month trial period)Timestamps:[00:00:00] Start.[00:05:30]...

#539: Alisa Cohn on Prenups for Startup Founders, How to Reinvent Your Career, the Importance of "Pre-Mortems," and the Three Selves Play Episode
Alisa Cohn on Prenups for Startup Founders, How to Reinvent Your Career, the Importance of "Pre-Mortems," and the Three Selves | Brought to you by Kettle & Fire high quality, tasty, and conveniently packaged bone broths; Wealthfront automated investing; and Allform premium, modular furniture. More on all three below.Alisa Cohn (@AlisaCohn) is one of the most prominent startup coaches in the world. She has advised founders and executives at Venmo, Etsy, DraftKings, Wirecutter, Mack Weldon, InVision, Tory Burch, and others. She has also coached CEOs and C-suite executives at enterprises such as Dell, Hitachi, Sony, Google, Microsoft, Bloomberg, The New York Times Company, and Calvin Klein.She is...

This Week in Tech

---

TWiT 1068: Toto's Electrostatic Chuck - Is TikTok's New Privacy Policy Cause for Alarm? Play Episode
Microsoft quietly hands over BitLocker keys to the government, TikTok's new privacy terms spark a user panic, and Europe's secret tech backups reveal anxious prep for digital fallout. Plus, how gambling platforms are changing the future of news and sports. You can bet on how much snow will fall in New York City this weekend Europe Prepares for a Nightmare Scenario: The U.S. Blocking Access to Tech China, US sign off on TikTok US spinoff TikTok users freak out over app's 'immigration status' collection -- here's what it means Elon Musk's Grok A.I. Chatbot Made Millions of Sexualized Images, New...

We Study Billionaires - The Investor's Podcast Network

---

TIP728: Mastermind Q2, 2025: Microsoft, Block, Devon Energy, Adyen Play Episode
In today's episode, Stig Brodersen is talking stocks with Tobias Carlisle and Hari Ramachandra. Stigs pick is Microsoft, the worlds biggest market cap company for good reason. Tobias is pitching Devon Energy, an oil and gas producer with a big upside if youre right about the timing. Haris stocks of choice are Adyen and Block, two fast-growing companies with stronger moats that meet the eye. IN THIS EPISODE YOULL LEARN: 00:00 - Intro 01:51 - Why Hari is bullish on Block and Adyen (Ticker on NYSE: XYZ and on Euronext: ADYEN). 12:48 - The bear case for Block and Adyen,...

TIP652: Best Quality Idea Q3 2024 w/ Clay Finck & Kyle Grieve Play Episode
On todays episode, Clay and Kyle give an overview of their best quality stock idea for Q3 2024. This quarter, they discuss Old Dominion Freight Line. Over the past 20 years, Old Dominion has been one of the best performing stocks in the market. This seemingly boring best-in-class trucking company outperformed well-known companies like Amazon, Costco, and Microsoft. Tune into todays episode to hear Clay and Kyles thoughts on Old Dominions business and what the prospective returns might look like going forward. IN THIS EPISODE YOULL LEARN: 00:00 - Intro 02:14 - What is important to know about Old Dominions...

TIP601: Junk to Gold by Billionaire Willis Johnson Play Episode
On todays episode, Clay shares his biggest takeaways from reading billionaire Willis Johnsons book Junk to Gold. Willis Johnson founded Copart in 1982, and today he is worth over $2.6 billion through his equity ownership in the company. Copart is one of the most impressive businesses weve studied. Over the past 30 years, the stock has compounded at over 21% per year, outperforming Microsoft, Adobe, and the majority of other stocks. IN THIS EPISODE, YOULL LEARN: 00:00 - Intro 08:15 - The key experiences in Willis Johnsons early life that shaped him. 12:18 - How Willis thought about money and...

RWH034: The High Road To Riches w/ Peter Keefe Play Episode
In this episode, William Green chats with Peter Keefe, an outstanding investor whos trounced the market over three decades. Here, Peter discusses his timeless investing principles, what he looks for in a great business, how he evaluates the quality of management, why he loves Microsoft & Markel, why managing money is a high calling, & what investors can learn from apex predators. IN THIS EPISODE YOULL LEARN: 00:00 - Intro 02:55 - How Peter Keefe taught himself to invest intelligently. 07:59 - Why he loathed selling stocks as a broker on commission. 28:12 - How Peter built a dazzling record...

TIP575: The Future of AI w/ Bob Muglia Play Episode
Clay Finck is joined by Bob Muglia to discuss the AI boom, Bobs experience working with Bill Gates, and how he helped lead Snowflake from $0 to $200 million in revenue during his tenure as CEO. Bob Muglia is a prominent technology executive known for his influential roles at Microsoft, including Senior Vice President of the Server & Tools Division, and is also the former CEO of Snowflake, a leading cloud data warehousing company. Bob helped lead Snowflake to go from zero to a $200 million business. Today, he remains a key figure in the tech industry, contributing his expertise...

TIP542: The Crisis is Bigger Than Banks w/ Jeremy Grantham Play Episode
Trey Lockerbie welcomes back billionaire and legendary investor Mr. Jeremy Grantham. Jeremy has a reputation for accurately predicting future events, including nearly every single bubble bursting over his career. During their conversation, Jeremy shares his thoughts on recent bank failures, Fed policy, and other world issues. IN THIS EPISODE YOULL LEARN: 0:00 - Intro. 01:51 - Jeremys general thoughts on recent bank failures and Fed policy. 12:22 - A look at history and how long bear markets typically last. 36:00 - How Apple and Microsoft are eating the S&P 500? 46:52 - And other significant global concerns that are of...

TIP501: Investing During an Inflationary Environment Play Episode
IN THIS EPISODE YOULL LEARN: 01:24 -What are the primary drivers of inflation in 2022. 08:34 - How different asset classes perform during inflationary time periods. 21:45 - Why gold and cash flowing real estate can give good inflation protection. 25:36 - Why TIPS can help investors hedge against inflation. 36:39 - Warren Buffetts advice on hedging inflation. 39:57 - Clays intrinsic value analysis of Adobe and Microsoft. Disclaimer: Slight discrepancies in the timestamps may occur due to podcast platform differences. BOOKS AND RESOURCES Join the exclusive TIP Mastermind Community to engage in meaningful stock investing discussions with Stig, Clay,...

TIP493: Should CEOs Have Term Limits? w/ Bill George Play Episode
IN THIS EPISODE, YOU'LL LEARN: 17:01 - Bills early crucibles that helped him evolve into an empathetic leader. 30:25 - How to find your own True North and how to determine whether a company's leader is following their own. 27:26 - How Bill took Medtronic to $60B while cultivating an inclusive culture. 34:25- Why Bill set a 10-year term limit for his time at Medtronic. 37:12 - CEOs that handled the pandemic the right way including Satya Nadella of Microsoft, Mary Barra of GM, Corie Barry of Best Buy and others. 52:42 - Teaching Tracy Britt Cool at Harvard, who...

TIP348: Will Artificial Intelligence Take Over The World? w/ Cade Metz Play Episode
In 2020, there were six companies that made up 25% of the S&P 500 and you know which ones they are: Facebook, Amazon, Apple, Netflix, Google, and Microsoft. The common denominator driving the growth for all of these companies is Artificial Intelligence. Googles CEO, Sundar Pichai has described the development of AI as more profound than fire or electricity, but it is still very misunderstood. Everyone has a sci-fi image that appears in their head when they hear about AI, but what actually is it? Where did it come from? How fast is it growing? To answer these questions, Trey...

TIP234: Mastermind Discussion 1Q 2019 (Business Podcast) Play Episode
On today's show, our mastermind group talks about four different stock ideas that might outperform the market. IN THIS EPISODE YOULL LEARN: If Bed Bad & Beyond is finally trading at a good price for value investors Why Nucor, Steel Dynamics, and the entire industry is trading at appealing prices. Why its an advantage for investors that Alibaba is a Chinese company and not a US company If Microsoft is a good defensive investment in an overvalued market BOOKS AND RESOURCES Join the exclusive TIP Mastermind Community to engage in meaningful stock investing discussions with Stig, Clay, and the other...

TIP209: Billionaire Bill Gates' Lessons (Business Podcast) Play Episode
On todays show, we are going to be covering billionaire Bill Gates.As many people know, Mr. Gates is the co-founder of Microsoft and he now runs the largest non-profit in the entire world. IN THIS EPISODE YOULL LEARN: How much you can attribute luck to Bill Gates success How Bill Gates stays focused and motivated How much money Bill Gates is giving away and why Which tech products that will be developed over the next 15 years Ask The Investors: Is it a problem that we have fewer and fewer listed stocks? BOOKS AND RESOURCES Join the exclusive TIP Mastermind...

TIP 126 : The Third Wave - A Review of Billionaire Steve Case's Book (Business Podcast) Play Episode
IN THIS EPISODE, YOULL LEARN: Why the story of AOL is really a story about the Internet. How to negotiate with Microsoft when Bill Gates really wants to crush you. Why and how the Internet will be enabled in all devices in the future. Why the biggest merger in the field of technology failed and what we can learn from it. BOOKS AND RESOURCES Join the exclusive TIP Mastermind Community to engage in meaningful stock investing discussions with Stig, Clay, and the other community members. Steve Cases book,The Third Wave Read reviews of this book. Preston and Stigs discussion about...

TIP 112 : Billionaire Paul Allen - Idea Man (Business Podcast) Play Episode
IN THIS EPISODE, YOULL LEARN: How Bill Gates and Paul Allen founded Microsoft and why it couldnt have happened without their complementary skill sets. Why Bill Gates and Paul Allen had all the right external factors on their side to become billionaires. What you might do when you retire age 30 and have more than a billion dollars. If Microsoft has the right business strategy for the future. BOOKS AND RESOURCES Join the exclusive TIP Mastermind Community to engage in meaningful stock investing discussions with Stig, Clay, and the other community members. Paul Allens Book,Idea Man Read reviews of this...

Whiskey Web and Whatnot: Web Development, Neat

---

Disappointing Whiskey, Pizza Debates, and Tech Conference Adventures Play Episode
In this episode of Whiskey Web and Whatnot, hosts RobbieTheWagner and Charles William Carpenter III review a disappointing whiskey that leaves them questioning their life choices, discuss their lackluster food experiences in Italy, and chat about various tech conferences and events, including Emberfest, All Things Open, Microsoft Build, React Miami, and Big Sky Dev Con. In this episode: (00:00) - Intro (01:26) - Podcast ideas (03:03) - Whiskey - Van Brunt Stillhouse tasting and review (14:24) - Travel stories and food experiences (24:08) - Upcoming conferences and events (30:55) - Ancient structures and modern towns (31:41) - The evolution of...

Secrets of a JavaScript Guru: Natalia Venditto on AI, GraphQL, and More! Play Episode
Join host Charles William Carpenter III and special guest host Adam Argyle as they welcome Natalia Venditto on this episode of Whiskey Web and Whatnot. They dive into Natalia's background in JavaScript and her current work at Microsoft. The trio shares their impressions of Smooth Ambler's Contradiction Bourbon, discussing its unique blend of whiskeys, flavor profiles, and personal ratings. The conversation shifts to hot tech topics, including inferred vs. explicit types in TypeScript, IDEs vs. text editors, and opinions on GraphQL and micro frontends. They also touch on the nuances between developer experience (DX) and user experience (UX), frameworks like...

Aspire to Greatness: .NET Innovations You Can't Miss! w/ David Fowler and Damian Edwards Play Episode
Join Charles William Carpenter III and Adam Schmargyle in an engaging episode of 'Whiskey Web and Whatnot' as they welcome Damian Edwards and David Fowler from Microsoft. Listen as David shares his journey from Barbados to becoming a distinguished engineer at Microsoft and Damian recounts his experience with web technologies from Australia. The discussion includes insights into .NET frameworks, HTML semantics, and their new project, Aspire. The hosts also provide tips on integrating the Aspire dashboard with Otel tools, emphasizing hands-on experience. Amidst tech discussions, enjoy a light-hearted session of Japanese whiskey tasting, personal anecdotes, and dynamic software development perspectives....

Adaptability, HTMX, and DivOps with Jonathan Creamer Play Episode
Jonathan Creamer, Senior Software Engineer at Microsoft and a tech enthusiast, is carving out a niche in the world of front-end tooling. He's even coined the term "DivOps" with the help of his team. Jonathan is passionate about creating and experimenting with new tools that enhance developer workflows. He is on a mission to reduce the reliance on YAML configuration in CI/CD pipelines by converting repetitive tasks into code. For him, it's all about making these processes more efficient, maintainable, and testable. Jonathan shares one of his core beliefs, which is the importance of staying adaptable in a tech career....

The Case for Adopting TypeScript with Josh Goldberg Play Episode
Many people dream about being their own boss, but theres no clear rulebook that outlines how to get there. While self-employment seems glorious to some, its not for everyone. How does someone know when they are ready to take the step into the unknown, and how do they know if that choice will suit them? Josh Goldberg, Open Source Developer and author of Learning TypeScript, built much of his coding career at Microsoft and Codecademy before taking the leap into full-time open source tooling in January 2022. Since then, he has published a book and expanded his networking by speaking...

Advent of Whiskey: State of JS and Microsoft's Legacy Play Episode
The Javascript landscape is ever-changing. We can always rely on the State of JS survey to keep up with the latest trends and changes in the space. According to Robbie, Microsoft seems to be at the forefront of that change. Microsoft holds the lions share of platforms and products in Javascript development including VS Code and GitHub. Its hard not to rely on Microsoft as a developer. Its also hard to find someone who doesnt love the Xbox. But even though theyve come a long way and given us great inventions, theres still plenty of room to improve. Especially where...

Funding Open Source Projects, Leaving Homebrew, and Launching Tea with Max Howell Play Episode
Working on open source projects is a largely thankless job and a labor of love. The developers behind these projects often juggle full-time jobs to pay their bills while maintaining the software that keeps so much of the internet afloat. Max Howell, CEO of tea.inc., pivoted from chemistry to web development because of his fascination for open source. He worked full-time and did pull requests for Homebrew during his free time. After hustling to build a package manager used by engineers working for corporate giants like Google and Microsoft, he reached an inevitable burnout. Max created tea.inc. to fairly compensate...

Windows Weekly

---

WW 975: A Bubble of Knowledge - Microsoft Reorgs, OpenAI Drama, & Xbox's Next Move Play Episode
There's an ongoing narrative that Windows is worse than ever today and people are leaving in droves. Paul does not see that, and will simply point to Windows 8 and remind folks that it can be (and was) worse. Also, PowerToys 0.98 adds a major new feature to Command Palette, big changes to Keyboard Manager and CursorWrap, and about 100 other updates. This is a big one. Plus, Mozilla Firefox is staging a comeback and may be worth another look. Windows Rajesh Jha is retiring and Microsoft is reorging its Experiences + Devices team Release Preview: A peek at next...

WW 973: Bob's Rumor Store - ASUS & Dell Unveil Windows 365 Cloud PC Devices Play Episode
Can Microsoft's push for cloud PCs and AI-powered agents redefine where and how we work? If you keep to the defaults, Windows 11 is secure. Copilot+ PC is even more secure. But you can take additional steps to secure it either way, and you should. Plus, Paul's been trying to play different types of games, and Resident Evil Requiem is better (in his opinion) than Silent Hill f and Silent Hill 2 remake... if you want a horror game. Also, there's a cheaper new Audible plan thanks to Spotify! Windows 11 Shenanigans? If you use a third-party AI client in...

WW 972: I'm A Tolkien Scholar - Phil Spencer & Sarah Bond Depart Xbox Play Episode
Just last week, we asked about Phil Spencer and why he's been so quiet lately. Now we know why! Also, OneDrive for the Mac is finally going to look like it belongs on the Mac. And Google Chrome finally picks up a split view like the rest of the planet, plus a few other new features. PHIL SPENCER OUT AT XBOX Phil Spencer has retired from Microsoft and his heir-apparent, Sarah Bond, left Microsoft as well Report details the Xbox reorg Ex-Xbox executive issues an old guy shouting at sky assessment New Microsoft Gaming CEO discusses "return to Xbox" Hot-take:...

WW 971: Texas English - Where Does Xbox Go Next? Play Episode
Microsoft might finally give power users what they've been demanding: the ability to move the Windows 11 taskbar wherever they want. Plus, 3 major new chapters in Paul's next book, and a strange pick that solves his big issue with Windows Spotlight. Windows 11 Potentially good news for the 13 people who want to move the Taskbar to a different screen side Beta (but not Dev) with one new "feature" Release Preview for 24H2/25H2 with emoji 16.0, QMR improvements, network speed test, pan and tilt controls for compatible cameras, widgets improvements, more Lenovo revenues up 18% to $22.2 billion AI/Dev...

WW 970: Token Kill! - What Version 26H1's Scoped Release Implies Play Episode
After years of ignoring and maligning Windows, Microsoft has finally woken up and is making some happy noises. Last week, we discussed how Microsoft plans to improve the quality of Windows and that there are already many signs of that work in various security features and new OneDrive Folder Backup changes - plus those two new direct reports to Nadella. Then, Microsoft announced its Windows Baseline Security Mode and User Transparency and Consent initiatives with questions about the timing. And now, Microsoft just explained Windows 11 version 26H1, and it's not like 24H2 at all despite being tied to Snapdragon...

WW 969: The Hidden Sweatshop - Windows 11 Reaches 1 Billion Users! Play Episode
Microsoft is burning through billions on AI, but Wall Street is finally demanding to see where the payoff is. The earnings announcement triggered a $357 billion valuation wipe-out, the largest in Microsoft's history and the second-largest in history overall (Nvidia managed to lose $593 billion in value in the wake of DeepSeek in early 2025).Windows Windows 11 has over one billion users - and, surprise, it got their faster than Windows 10 without any of the shenanigans Microsoft to address the quality issues in Windows 11 in 2026 There is already evidence that Microsoft is trying to make Windows 11...

WW 968: Uncharted Territory - Big Changes in the Insider Program Play Episode
Microsoft's Patch Tuesday blunder triggers emergency fixes, surprise layoffs ripple through Amazon, and the crew debates whether rapid AI advances spell the end of traditional apps. Also, password managers do a lot more than manage passwords, so there's one thing everyone needs to get right. Windows 11 Dev splits from Beta, tests what will surely be 26H1 - After last week's show, Microsoft did issue that same Beta build in the Dev channel for some reason Dev and Beta get same fixes in different builds, but no new features 24H2 and 25H2 Release Preview update(s) are a peek at the...

WW 967: 2nd-Generation Bonobos - Windows 11 Gets Emergency OOB Update! Play Episode
This week, the hosts go deep on out-of-band updates, unwanted "innovations," and the uneasy cost of tech's latest gold rush. Plus, securing a Microsoft account is not as hard as some think, and neither are passkeys once you get past the jargon. And for developers, AI Dev Gallery offers a fascinating glimpse at what you can do for free with AI used against a CPU, GPU, or NPU. Windows 11 Microsoft issues an emergency fix for a borked Windows Update. Right. A fix for a fix. Hell freezes over, if only slightly: Microsoft quietly made some positive changes to forced...

WW 966: You Can't Spell Gmail Without AI - Is Microsoft's AI Strategy Doomed to Burst? Play Episode
Satya Nadella gave up much of his CEO duties in 2025. Are we on the cusp of a new CEO? And does some money manager/political duo like Amy Hood and Brad Smith actually make more sense in this role than an engineer-type for the modern Microsoft? Microsoft is trying to win our hearts and minds on AI After spending three years trying to jam AI down our collective throats, Microsoft has only met resistance. Now, the real marketing begins Governments and regulators: Microsoft will build out its AI infrastructure by actually paying for it and respecting the communities in which...

WSJ Tech News Briefing

---

TNB Tech Minute: IBM Finalizes $11 Billion Deal for Data-Streaming Company Confluent Play Episode
Plus: Microsoft reorganizes its Copilot teams. And Nvidia and Uber will expand their partnership to launch a global fleet of robotaxis. Julie Chang hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

TNB Tech Minute: Microsoft Announces AI Concierge Doctor In Copilot App Play Episode
Plus: Tesla gets license to supply electricity in Britain. And Honda expects up to $15.7 billion hit from EV strategy reassessment. Julie Chang hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

TNB Tech Minute: Meta Unveils Four New Custom-Built Chips for Internal Use Play Episode
Plus: WhatsApp introduces parent-managed accounts for preteens. And Microsoft rallies behind Anthropic in clash with the Pentagon. Julie Chang hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices

WSJs The Future of Everything

---

Encore: Can IBM Beat Microsoft and Google in the Quantum Computing Race? Play Episode
IBM has made a comeback in the past six years under the leadership of CEO Arvind Krishna. That's thanks to success in its hybrid cloud business and consulting services. But even as the company is reinventing itself again for the AI era, Krishna is already betting that quantum computing is the next big thing. Will Big Blue succeed against rivals like Microsoft and Google who are racing to make their own quantum breakthroughs? And how is the company learning from its past mistakes with Watson AI? Krishna joins the WSJ's Christopher Mims and Tim Higgins on the Bold Names podcast....

The Boldest Ideas of 2025 And Whats in Store for 2026 Play Episode
In this special episode, Tim Higgins and Christopher Mims revisit some of their favorite moments from the first year of Bold Names. We look back on conversations with guests including Microsoft AI CEO Mustafa Suleyman and former Secretary of State Condoleezza Rice on the explosive growth of AI and the complexities of the U.S.-China trade war. Then, Mims and Higgins flip the script to interview each other about the technological breakthroughs and geopolitical shifts that defined 2025 and ask if the AI industry is heading toward a bubble burst next year. Plus, we answer your questions. To watch the video...

Why IBM's CEO Thinks His Company Can Crack Quantum Computing Play Episode
After spending much of the 2010s in the doldrums, IBM has made something of a comeback in the past five years under the leadership of CEO Arvind Krishna. That's thanks to a lot of the success in its hybrid cloud business, as well as its consulting services. All of this has led to a surge in the company's share price. Now, IBM is betting that quantum computing will be the next big thing. But will Big Blue succeed against rivals like Microsoft and Google who are racing to make their own quantum breakthroughs? And how is the company learning from...

From AI and Defense Tech, to Tariffs and the New Streaming Wars: The Best of Bold Names Play Episode
WSJs Christopher Mims and Tim Higgins take a trip into the Bold Names podcast archives. Theyve covered everything from artificial intelligence and humanoid robots, to the online sports betting industry and the new streaming wars. Check out highlights from some of their favorite interviews. Plus, Tim and Christopher look back on what made these conversations memorable and share their own insights on guests including Anduril founder and CEO Palmer Luckey, venture capitalist Sarah Guo and Microsoft AI chief Mustafa Suleyman. Bold Names returns with new episodes on Fridays starting September 12 on YouTube and wherever you get your podcasts. Check...

How Microsofts AI Chief Defines Humanist Super Intelligence Play Episode
Few people developing artificial intelligence have as much experience in the field as Microsoft AI CEO Mustafa Suleyman. He co-founded DeepMind, helped Google develop its large language models and designed AI chatbots with personality at his former startup, Inflection AI. Now, hes tasked with leading Microsofts efforts on its consumer AI products. On the latest episode of the Bold Names podcast, Suleyman speaks to WSJs Christopher Mims and Tim Higgins about why AI assistants are central to his plans for Microsofts AI future. Plus, they discuss the companys relationship with OpenAI, and what Suleyman really thinks about artificial general intelligence....