Please enjoy this encore of Career Notes. Manager in BARR Advisory's Cyber Risk Advisory Practice, Hannah Kenney, shares her journey from never considering technology as a career to having it click in an informations systems class in college. After noticing she was the only one in the room who enjoyed the lecture, Hannah knew she wanted to go down the technology route. In talking about her work, Hannah describes it as creative problem solving. She hopes "people see me as someone who viewed cyber...
Aug 03, 2025•8 min•Season 2Ep. 79
This week, we are joined by Eric Woodruff , Chief Identity Architect at Semperis , discussing "nOAuth Abuse Alert: Full Account Takeover of Entra Cross-Tenant SaaS Applications". Semperis researchers identified a critical authentication flaw known as nOAuth in 9 out of 104 tested SaaS applications integrated with Microsoft Entra ID. This low-complexity but severe vulnerability allows attackers with just a user’s email address and access to an Entra tenant to impersonate users, exfiltrate data, a...
Aug 02, 2025•24 min•Season 9Ep. 387
A critical vulnerability in SUSE [SOO-suh] Manager allows attackers to run commands with root privilege. A joint CISA and U.S. Coast Guard threat hunt at a critical infrastructure site reveals serious cybersecurity issues. Healthcare providers across the U.S. report recent data breaches. Cybercriminals infiltrate a bank by physically planting a Raspberry Pi on a network switch. Russian state-backed hackers target Moscow diplomats to deploy ApolloShadow malware. Luxembourg investigates a major te...
Aug 01, 2025•25 min•Season 10Ep. 2362
A sweeping malware campaign by North Korea’s Lazarus Group targets open source ecosystems. President Trump announces a new electronic health records system. A new report reveals deep ties between Chinese state-sponsored hackers and Chinese tech companies. Researchers describe a new prompt injection threat targeting LLMs via browser extensions. Palo Alto Networks’ Unit 42 proposes a new Attribution Framework. Honeywell patches six vulnerabilities in its Experion Process Knowledge System. Research...
Jul 31, 2025•29 min•Season 10Ep. 2361
Officials in St. Paul, Minnesota declare a state of emergency following a cyberattack. Hackers disrupt a major French telecom. A power outage causes widespread service disruptions for cloud provider Linode. Researchers reveal a critical authentication bypass flaw in an AI-driven app development platform. A new study shows AI training data is chock full of PII. Fallout continues for the Tea dating safety app. Hackers are actively exploiting a critical SAP NetWeaver vulnerability to deploy malware...
Jul 30, 2025•26 min•Season 10Ep. 2360
Things get worse in the Tea dating app breach. CISA adds three vulnerabilities to its Known Exploited Vulnerabilities catalog. Researchers uncover a critical flaw in Google’s AI coding assistant. A Missouri Health System agrees to a $9.25 million settlement over claims it used web tracking tools. “Sploitlight” could let attackers bypass Apple’s TCC framework to steal sensitive data. Malware squeaks its way into a mouse configuration tool. Threat actors hide the Oyster backdoor in popular IT tool...
Jul 29, 2025•26 min•Season 10Ep. 2359
Russia’s flagship airline suffers a major cyberattack. U.S. insurance giant Allianz Life confirms the compromise of personal data belonging to most of its 1.4 million customers. A women’s dating safety app spills the tea. NASCAR confirms a data breach. Researchers believe the newly emerged Chaos ransomware group may be a rebrand of BlackSuit. Over 200,000 WordPress sites remain vulnerable to account takeover attacks. Lawmakers introduce legislation to Stop AI Price Gouging and Wage Fixing. State...
Jul 28, 2025•23 min•Season 10Ep. 2358
Please enjoy this encore of Career Notes. Distinguished Security Strategist at Splunk, Ryan Kovar, shares his journey that started in the US Navy and how it contributed to his leadership in life after the military. Cutting his teeth as sysadmin on the USS Kitty Hawk, Ryan worked as a contractor following the Navy. At Splunk, he leads the SURGe research team to solve what he calls the "blue collar for the blue team problems". He works hard on incorporating diversity of thought. Ryan notes, "I've ...
Jul 27, 2025•9 min•Season 2Ep. 78
Please enjoy this Special Edition episode of the Threat Vector podcast with an update on our previous Muddled Libra coverage. Muddled Libra is back and more dangerous than ever. In this episode of Threat Vector, David Moulton speaks with Sam Rubin and Kristopher Russo from Unit 42 about the resurgence of the threat group also known as Scattered Spider. They break down the group’s shift to destructive extortion, modular attack teams, and cloud-first tactics. Discover why traditional defenses fail...
Jul 26, 2025•36 min•Season 7Ep. 903
International law enforcement arrest the suspected operator of a major Russian dark web cybercrime forum. DHS is said to be among the agencies hit by the Microsoft SharePoint zero-day. The Fire Ant cyberespionage group targets global enterprise infrastructure. A Steam game is compromised to distribute info-stealing malware. Mitel Networks issues security patches for MiVoice MX-ONE communications platform. CISA nominee Sean Plankey faces tough questions at his Senate confirmation hearing. A malic...
Jul 25, 2025•29 min•Season 10Ep. 2357
The White House unveils its plan for global AI dominance. Microsoft warns that recent SharePoint server exploitation may extend to ransomware. A phishing campaign targeting the U.S. Department of Education’s grants portal. The FBI issues a warning about “The Com” cybercriminal group. SonicWall urges users to patch a critical vulnerability. A new supply chain attack has compromised several popular NPM packages. Joe Carrigan, co-host of the Hacking Humans podcast, joins to discuss how scammers are...
Jul 24, 2025•23 min•Season 10Ep. 2356
The National Nuclear Security Administration was among the organizations impacted by the SharePoint zero-day. Experts testify before congress that OT security still lags.The FBI warns healthcare and critical infrastructure providers about Interlock ransomware. New York proposes new cybersecurity regulations for water and wastewater systems along with grants to fund them. Researchers uncover an active cryptomining campaign targeting cloud environments. A new variant of the Coyote banking trojan e...
Jul 23, 2025•25 min•Season 10Ep. 2355
Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia’s financial regulator accuses a wealth management firm of failing to manage cybersecurity risks. Researchers uncover a WordPress attack that abuses Google Tag Manager. Arizona election officials question CISA following a state...
Jul 22, 2025•27 min•Season 10Ep. 2354
Microsoft issues emergency updates for zero-day SharePoint flaws. Alaska Airlines resumes operations following an IT outage. The UK government reconsiders demands for Apple iCloud backdoors. A French Senate report raises concerns over digital sovereignty. Meta declines to sign the EU’s new voluntary AI code of practice. A new report claims last year’s CrowdStrike outage disrupted over 750 hospitals. The World Leaks extortion group has breached Dell’s Customer Solution Centers. Hewlett-Packard En...
Jul 21, 2025•31 min•Season 10Ep. 2353
Please enjoy this encore of Career Notes: Associate Director at Raytheon Intelligence and Space in the Cyber Protection Services Division Anisha Patel always loved math and it defined her career journey. As a first-generation American from an Asian household, Anisha said she was destined for a STEM-focused career and chose electrical engineering. She began her career and remains at Raytheon (formerly E-Systems) working in several areas of the business thanks to her skills and informal mentors. S...
Jul 20, 2025•9 min•Season 2Ep. 77
This week, we are pleased to be joined by George Glass , Associate Managing Director of Kroll 's Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group’s industry-by-industry approach and what that means for defenders across sectors. George and Dave discuss the group’s history, their self-identifica...
Jul 19, 2025•18 min•Season 9Ep. 385
The UK sanctions Russian military intelligence officers tied to GRU cyber units. An AI-powered malware called LameHug targets Windows systems. Google files a lawsuit against the operators of the Badbox 2.0 botnet. A pair of healthcare data breaches impact over 3 million individuals. Researchers report a phishing attack that bypasses FIDO authentication by exploiting QR codes. A critical flaw in Nvidia’s Container Toolkit threatens managed AI cloud services. A secure messaging app is found exposi...
Jul 18, 2025•24 min•Season 10Ep. 2352
Pro-Russian Hackers, scam lords, and ransomware gangs face global justice. Louis Vuitton ties customer data breaches to a single cyber incident. The White House is developing a “Zero Trust 2.0” cybersecurity strategy. OVERSTEP malware targets outdated SonicWall Secure Mobile Access (SMA) devices. An Australian political party suffers a massive ransomware breach. Our guest Jacob Oakley speaks with T-Minus Space Daily host Maria Varmazis. Jacob is Technical Director at SIXGEN and Space Lead for th...
Jul 17, 2025•27 min•Season 10Ep. 2351
Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say they’ve disrupted Chinese cyber campaigns targeting U.S. critical infrastructure. A UK data breach puts Afghan soldiers and their families at risk. Researchers find malware hid...
Jul 16, 2025•24 min•Season 10Ep. 2350
A DOGE employee leaks private API keys to GitHub. North Korea’s “Contagious Interview” campaign has a new malware loader. A New Jersey diagnostic lab suffers a ransomware attack. A top-grossing dark web marketplace goes dark in what experts believe is an exit scam. MITRE launches a cybersecurity framework to address threats in cryptocurrency and digital financial systems. Experts fear steep budget cuts and layoffs under the Trump administration may undermine cybersecurity information sharing. A ...
Jul 15, 2025•30 min•Season 10Ep. 2349
British and Romanian authorities make arrests in a major tax fraud scheme. The Interlock ransomware gang has a new RAT. A new vulnerability in Google Gemini for Workspace allows attackers to hide malicious instructions inside emails. Suspected Chinese hackers breach a major DC law firm. Multiple firmware vulnerabilities affect products from Taiwanese manufacturer Gigabyte Technology. Nvidia warns against Rowhammer attacks across its product line. Louis Vuitton joins the list of breached UK retai...
Jul 14, 2025•28 min•Season 10Ep. 2348
Please enjoy this encore of Career Notes. Director of Google Cloud's Office of the CISO, MK Palmore, dedicated much of his life to public service and now brings his experience working for the greater good to the private sector. A graduate of the US Naval Academy, including the Naval Academy Prep School that he calls the most impactful educational experience of his life, MK commissioned into the US Marine Corps following his service academy time. He joined the FBI and that is where he came into t...
Jul 12, 2025•9 min•Season 2Ep. 76
Today we are joined by Selena Larson , Threat Researcher at Proofpoint , and co-host of Only Malware in the Building , as she discusses their work on "Amatera Stealer - Rebranded ACR Stealer With Improved Evasion, Sophistication." Proofpoint researchers have identified Amatera Stealer , a rebranded and actively developed malware-as-a-service (MaaS) variant of the former ACR Stealer, featuring advanced evasion techniques like NTSockets for stealthy C2 communication and WoW64 Syscalls to byp...
Jul 12, 2025•25 min•Season 9Ep. 384
Fortinet patches a critical flaw in its FortiWeb web application firewall. Hackers are exploiting a critical vulnerability in Wing FTP Server. U.S. Cyber Command’s fiscal 2026 budget includes a new AI project. Czechia’s cybersecurity agency has issued a formal warning about Chinese AI company DeepSeek. The DoNot APT group targets Italy’s Ministry of Foreign Affairs. Mexico’s former president is under investigation for alleged bribes to secure spyware contracts. The FBI seizes a major Nintendo Sw...
Jul 11, 2025•26 min•Season 10Ep. 2347
UK police make multiple arrests in the retail cyberattack case. French authorities arrest a Russian basketball player at the request of the U.S. A German court declares open season on Meta’s tracking pixels. The European Union unveils new rules to regulate artificial intelligence. London’s Iran International news confirms cyberattacks from Banished Kitten. Treasury sanctions a North Korean hacker over fake IT worker schemes. Microsoft confirms a widespread issue preventing organizations from dep...
Jul 10, 2025•30 min•Season 10Ep. 2346
Patch Tuesday. An Iranian ransomware group puts a premium on U.S. and Israeli targets. Batavia spyware targets Russia’s industrial sector. HHS fines a Texas Behavioral Health firm for failed risk analysis. The Anatsa banking trojan targets financial institutions in the U.S. and Canada. Hackers abuse a legitimate commercial evasion framework to package infostealer payloads. Researchers discovered malicious browser extensions infecting over 2.3 million users. Joe Carrigan, co-host on Hacking Human...
Jul 09, 2025•24 min•Season 10Ep. 2345
Researchers release proof-of-concept exploits for CitrixBleed2. Grafana patches four high-severity vulnerabilities. A hacker claims to have breached Spanish telecom giant Telefónica. Italian police arrest a Chinese man wanted by U.S. authorities for alleged industrial espionage. Beware of a new ransomware group called Bert. Call of Duty goes offline after reports of RCE vulnerabilities. President Trump's spending bill allocates hundreds of millions for cybersecurity. Nearly 26 million job seeker...
Jul 08, 2025•25 min•Season 10Ep. 2344
Ingram Micro suffers a ransomware attack by the SafePay gang. Spanish police dismantle a large-scale investment fraud ring. The SatanLock ransomware group says it is shutting down. Brazilian police arrest a man accused of stealing over $100 million from the country’s banking system. Qantas confirms contact from a “potential cybercriminal” following its recent customer data breach. The XWorm RAT evolves to better evade detection. Cybercriminals ramp up fraudulent domains ahead of Amazon Prime day...
Jul 07, 2025•31 min•Season 10Ep. 2343
Please enjoy this encore of Career Notes. Ground Labs' Head of Engineering, Swati Shekhar, shares her circuitous route from and back to engineering. Always being interested in leveraging the tools available to solve problems, Swati talks about how she found her place in engineering. She mentions how she had her first real experience with a computer when she was 17 in her first year at college. Aside from being one of 30 young women in a sea of 500 young men there, Swati described it as a "good c...
Jul 06, 2025•11 min•Season 2Ep. 75
Please enjoy this encore of Research Saturday. This week we are joined by Silas Cutler , Principal Security Researcher at Censys , asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has rem...
Jul 05, 2025•20 min•Season 9Ep. 368
