Cyber Security Headlines

CISO Series
undefined
Aug 18, 2025 • 8min

Cisco firewall warning, Colt Telecom cyberattack, CISA’s OT request

A severe vulnerability has been discovered in Cisco's firewall software, prompting urgent security alerts. Colt Telecom recently faced a major cyberattack, highlighting the ongoing threats to telecommunications. CISA is pushing for tighter security measures in critical infrastructure. Emerging techniques like ghost tapping fraud are on the rise, along with pressing alerts for e-commerce vulnerabilities. Additionally, recent ransomware indictments reveal the evolving landscape of cyber threats, including the dangerous ERMAC 3.0 Banking Trojan.
undefined
13 snips
Aug 15, 2025 • 30min

Week in Review: ShinyHunters-Scattered Spider merge, DARPA AI prize, Water infrastructure volunteers

This week features Steve Zalewski, co-host of Defense In Depth, who shares his cybersecurity expertise. The conversation delves into the shocking merger of ShinyHunters and Scattered Spider, which ramps up phishing threats targeting Salesforce users. They discuss innovative AI approaches to vulnerability management, and highlight community projects aimed at bolstering cybersecurity for critical infrastructure. Additionally, they touch on Microsoft’s new Windows 365 Reserve service and its implications for business continuity.
undefined
8 snips
Aug 15, 2025 • 8min

NFC fraud reappears, Canada government breach, Zoom’s critical flaw

A surge in NFC relay fraud linked to the Phantom Card trojan is targeting Brazilian banks. Meanwhile, Canada's House of Commons faces a cyberattack due to a Microsoft vulnerability. Zoom addresses a critical flaw in its Windows client enabling privilege escalation, prompting an advisory. On another front, the Italian government warns about identity document theft, and New York files a lawsuit against Zelle for inadequate security measures. The podcast also delves into new phishing strategies affecting companies like Booking.com.
undefined
15 snips
Aug 14, 2025 • 7min

Court filing system hack explained, PA AG weighs in on attack, Fortinet attacks raise concerns

A significant cyberattack has exposed vulnerabilities in the federal court filing system, impacting the Pennsylvania Attorney General's office. Meanwhile, there's a surge in brute-force attacks targeting Fortinet VPNs, raising concerns over high-risk exploits. The discussion also touches on the UK’s use of facial recognition technology and the implications for privacy. Additionally, the rising threats from deepfake AI trading scams are highlighted, along with a push to phase out outdated security tools like PowerShell 2.0 for improved cybersecurity.
undefined
14 snips
Aug 13, 2025 • 7min

Fortinet SSL VPNs getting hammered, The Netherlands critical infrastructure compromise, Africa the most targeted for cyber attacks

The podcast dives into the alarming surge of cyber attacks on Fortinet's SSL VPNs, revealing critical vulnerabilities. A security breach in the Netherlands involving Citrix Netscaler raises eyebrows, emphasizing the growing threat landscape. In Africa, particularly Nigeria, cybercrime is on an unsettling rise, showcasing the continent as a hotspot for malicious activity. Meanwhile, a significant data breach at a staffing service franchise highlights security lapses, and the emergence of advanced ransomware like CARON poses new challenges for organizations.
undefined
17 snips
Aug 12, 2025 • 9min

North Korean crypto theft, Microsoft rolls out back up, four charged in global scheme

Unearth the secrets behind a daring North Korean crypto heist that shook the digital world. Microsoft steps up its game with a new backup service that promises security during attacks. Meanwhile, four individuals face U.S. charges linked to a staggering $100 million global fraud scheme. Explore the murky waters of ransomware recruitment and celebrate the victories within the bug bounty community. Plus, a call for better human oversight in the age of AI-driven language models—important for ensuring accuracy and safety.
undefined
18 snips
Aug 11, 2025 • 8min

DARPA code prize, ScarCruft adds ransomware, Columbia breach tally

A $4 million prize was awarded by DARPA for innovative AI code review at DEF CON, showcasing the push for advanced cybersecurity tools. Meanwhile, North Korea's ScarCruft group is escalating their tactics by incorporating ransomware into their operations. Additionally, a major data breach at Columbia University has compromised the information of over 860,000 individuals, highlighting the ongoing risks in cybersecurity. These developments emphasize the importance of robust defenses and incident response plans in today's digital landscape.
undefined
7 snips
Aug 8, 2025 • 30min

Week in Review: UK LegalAid collapse, public ransomware approval, Salesforce breach impact

Montez Fitzpatrick, CISO at Navvis, delves into the troubling collapse of the UK's legal aid system under cyber attacks, stressing the urgent need for robust cybersecurity measures. He discusses legislation in Ohio that addresses ransomware payments while balancing transparency with immediate action. The conversation shifts to the urgent requirement for multi-factor authentication against rising threats, and the challenges posed by AI and 5G technologies. They also share light-hearted moments about nostalgia in cybersecurity, blending serious topics with humor.
undefined
6 snips
Aug 8, 2025 • 8min

Hybrid Exchange flaw, France telecom breach, Dialysis company attack

Microsoft warns of a critical flaw in hybrid Exchange deployments, raising alarms for businesses relying on this technology. Meanwhile, France's third-largest mobile operator faces a significant data breach impacting millions. A recent ransomware attack on a dialysis company has also affected 900,000 individuals. The podcast delves into emerging threats like the Shiny Hunters group and highlights Microsoft's innovative Project IRE for improved malware defense. Together, these topics underscore the ongoing need for robust cybersecurity measures across industries.
undefined
27 snips
Aug 7, 2025 • 6min

Gemini AI hijacked, Nvidia rejects AI chip backdoors, phishers abuse Microsoft 365

In a bold cyber attack, hackers hijacked Google’s Gemini AI using a poisoned calendar invite. Nvidia fiercely rejected U.S. demands for backdoors in AI chips, emphasizing security. The discussion also highlights a data breach where hackers stole customer information from Google's Salesforce database. Additionally, the ongoing phishing threats and tactics cybercriminals employ for ad fraud and ransomware are explored. It's a deep dive into the evolving landscape of cybersecurity challenges.

The AI-powered Podcast Player

Save insights by tapping your headphones, chat with episodes, discover the best highlights - and more!
App store bannerPlay store banner
Get the app