Please enjoy this encore of Career Notes. Senior security engineer with the Johns Hopkins University Information Security Institute and the Institute for Assured Autonomy, Joe Carrigan, shares what he calls his life mistake and what spurred him to finally choose a career in technology. Throughout his life, Joe had interest in technology, he even worked at the computer lab in college, but never set his sights on that for a career. A conversation with a stranger guided him in that direction and he...
Sep 28, 2025•11 min•Season 2Ep. 88
This week, we are joined by Martin Zugec , Technical Solutions Director from Bitdefender , sharing their work and findings on "EggStreme Malware: Unpacking a New APT Framework Targeting a Philippine Military Company. A newly identified Chinese APT group has been observed deploying a sophisticated, fileless malware framework called EggStreme against a Philippine military company. The multi-stage toolkit uses DLL sideloading and in-memory execution to evade detection, with its core backdoor, EggSt...
Sep 27, 2025•24 min•Season 9Ep. 395
CISA gives federal agencies 24 hours to patch a critical Cisco firewall bug. Researchers uncover the first known malicious MCP server used in a supply chain attack. The New York SIM card threat may have been overblown. Microsoft tags a new variant of the XCSSET macOS malware. An exposed auto insurance claims database puts PII at risk. Amazon will pay $2.5 billion to settle dark pattern allegations. Researchers uncover North Korea’s hybrid playbook of cybercrime and insider threats. An old Hikvis...
Sep 26, 2025•24 min•Season 10Ep. 2401
Fortra flags a critical flaw in its GoAnywhere Managed File Transfer (MFT) solution. Cisco patches a critical vulnerability in its IOS and IOS XE software. Cloudflare thwarts yet another record DDoS attack. Rhysida ransomware gang claims the Maryland Transit cyberattack. The new “Obscura” ransomware strain spreads via domain controllers. Retailers’ use of generative AI expands attack surfaces. Researchers expose GitHub Actions misconfigurations with supply chain risk. Mandiant links the new BRIC...
Sep 25, 2025•29 min•Season 10Ep. 2400
British authorities arrest a man in connection with the Collins Aerospace ransomware attack. CISA says attackers breached a U.S. federal civilian executive branch agency last year. Researchers uncover two high-severity vulnerabilities in Supermicro server motherboards. A Las Vegas casino operator confirms a cyber attack. Analysts track multiple large-scale, automated email phishing campaigns. Libraesva issues an emergency patch for its Email Security Gateway. Our guest is Jason Clark, Chief Stra...
Sep 24, 2025•30 min•Season 10Ep. 2399
The Secret Service dismantles an illegal network. Jaguar Land Rover (JLR) extends the shutdown production plants. The EU probes tech giants over online scams. Iranian APT Nimbus Manticore expands operations in Europe. North Korean Kimsuky deploys a shortcut-based espionage campaign. Github and Ruby Central roll out supply-chain security upgrades. Lastpass warns of macOS ClickFix campaign using fake GitHub repos. AT&T’s CISO warns hackers mimic Salt Typhoon's unconventional tactics. CISO Pers...
Sep 23, 2025•26 min•Season 10Ep. 2398
A major ransomware attack disrupts airport operations across Europe. Congress is on the verge of letting major cyber legislation expire. A critical flaw nearly allowed total compromise of every Entra ID tenant. Automaker Stellantis confirms a data breach. Fortra patches a critical flaw in its GoAnywhere MFT software. Europol leads a major operation against online child sexual exploitation. Three of the cybersecurity industry’s biggest players opt out of MITRE’s 2025 ATT&CK Evaluations. A com...
Sep 22, 2025•29 min•Season 10Ep. 2397
Please enjoy this encore of Career Notes. CEO and Founder of KeyCaliber, Roselle Safran, takes us on her circuitous career journey from startup to White House and back to startup again. With a degree in civil engineering, Roselle veered off into a more technical role at a startup and she says "caught the startup bug." After convincing a hiring manager that she could learn on the job, she transitioned to computer forensics and started on the path of cybersecurity. Roselle worked in government for...
Sep 21, 2025•9 min•Season 2Ep. 87
Today we are joined by Nati Tal , Head of Guardio Labs , discussing their work “CAPTCHAgeddon” or unmasking the viral evolution of the ClickFix browser-based threat. CAPTCHAgeddon — Shaked Chen’s deep dive into the ClickFix fake-captcha wave — reveals how a red-team trick morphed into a dominant, download-free browser threat that tricks users into pasting clipboard PowerShell/shell commands and leverages trusted infrastructure, including Google Scripts. Guardio’s DBSCAN-based payload clustering ...
Sep 20, 2025•22 min•Season 9Ep. 394
OpenAI patches a ChatGPT flaw that could have exposed Gmail data. CISA documents malware exploiting two Ivanti Endpoint Manager Mobile (EPMM) flaws. WatchGuard patches a critical flaw in its Firebox firewalls. MI6 launches a dark web snitch site. The DoD looks to cut its cybersecurity job hiring time just 25 days. Researchers trick ChatGPT agents into solving CAPTCHAs. A UK teen faces accusations of being part of the Scattered Spider gang. The Senate confirms a new assistant secretary of defense...
Sep 19, 2025•28 min•Season 10Ep. 2396
SonicWall confirms a breach in its cloud backup platform. Google patches a high-severity zero-day in Chrome. Updates on the Shai-Hulud worm. Chinese phishing emails impersonate the chair of the House China Committee. The UK’s NCA takes the reins of the Five Eyes Law Enforcement Group. RevengeHotels uses AI to deliver VenomRAT to Windows systems. A major VC shares details of a recent ransomware attack. A lawsuit targets automated license plate readers. Our guest is Brock Lupton, Product Strategis...
Sep 18, 2025•29 min•Season 10Ep. 2395
A new self-replicating malware infects the NPM repository. Microsoft and Cloudflare disrupt a Phishing-as-a-Service platform. Researchers uncover a new Fancy Bear backdoor campaign. The VoidProxy phishing-as-a-service (PhaaS) platform targets Microsoft 365 and Google accounts. A British telecom says its ransomware recovery may stretch into November. A new Rowhammer attack variant targets DDR5 memory. Democrats warn proposed budget cuts could slash the FBI’s cyber division staff by half at a heat...
Sep 17, 2025•32 min•Season 10Ep. 2394
A controversial Trump administration deal gives the U.A.E. access to cutting-edge U.S. AI chips. FlowiseAI warns of a critical account takeover vulnerability. A new social engineering campaign impersonates Meta account suspension notices. A macOS Spotlight 0-day flaw bypasses Apple’s Transparency, Consent, and Control (TCC) protections. Are cost saving from outsourced IT services worth the risk? Poland boosts its cybersecurity budget after a surge in Russian-backed attacks. NTT Group joins the C...
Sep 16, 2025•26 min•Season 10Ep. 2393
This season on CISO Perspectives —your host, Kim Jones is digging into the issues shaping the future of cybersecurity leadership. From the regulations every CISO needs to understand, to the unexpected places privacy risks are emerging, to the new ways fraud and identity are colliding—these conversations will sharpen your strategies and strengthen your defenses. Industry leaders join the discussion to share their insights, challenges, and hard-earned lessons. Together, we’ll connect the dots acro...
Sep 16, 2025•3 min•Season 17Ep. 112
FBI botnet disruption leaves cybercriminals scrambling to pick up the pieces. Notorious ransomware gangs announce their retirement, but don’t hold your breath. Hacktivists leak data tied to China’s Great Firewall. A new report says DHS mishandled a key program designed to retain cyber talent at CISA. GPUGate malware cleverly evades analysis. WhiteCobra targets developers with malicious extensions. North Korea’s Kimsuky group uses AI to generate fake South Korean military IDs. My guest is Tim Sta...
Sep 15, 2025•29 min•Season 10Ep. 2392
Please enjoy this encore of Career Notes. Advisory CISO at Cisco, Helen Patton, shares that a combination of dumb luck, hard work and serendipity that got her to where she is today. Growing up in the country in Australia, Helen notes that computers were not really a thing. She happened into technology after moving to the US, as she was the only person in her office under 40. Of course she would be comfortable with computers and able to handle a database conversion, right? That launched her into ...
Sep 14, 2025•11 min•Season 2Ep. 85
Today we are joined by Amanda Rousseau , Principal AI Security Researcher from Straiker , discussing their work on "The Silent Exfiltration: Zero‑Click Agentic AI Hack That Can Leak Your Google Drive with One Email." Straiker’s research found that enterprise AI agents can be silently manipulated to leak sensitive data, even without user clicks or alerts. By chaining small gaps across tools like Gmail, Google Drive, and calendars, attackers achieved zero-click exfiltration, system mapping, and ev...
Sep 13, 2025•22 min•Season 9Ep. 398
Samsung patches a critical Android zero-day vulnerability. Microsoft resolves a global Exchange Online outage. CISA reaffirms its commitment to the CVE program. California passes a bill requiring web browsers to let users automatically send opt-out signals. Apple issues spyware attack warnings. The FTC opens an investigation into AI chatbots on how they protect children and teens. A hacker convicted of attempting to extort more than 20,000 psychotherapy patients is free on appeal. Our guest is D...
Sep 12, 2025•28 min•Season 10Ep. 2391
The House passes a defense policy bill that includes new provisions on cybersecurity and artificial intelligence. Senator Wyden accuses Microsoft of “gross cybersecurity negligence” after a 2024 ransomware attack crippled healthcare giant Ascension. The White House shelves plans to split U.S. Cyber Command and the NSA. The Pentagon finalizes its long-awaited Cybersecurity Maturity Model Certification (CMMC 2.0) rule. Akira ransomware group targets SonicWall devices. Officials warn solar-powered ...
Sep 11, 2025•26 min•Season 10Ep. 2390
Patch Tuesday. A data leak sheds light on North Korean APT Kimsuky. Apple introduces Memory Integrity Enforcement. Ransomware payments have dropped sharply in the education sector in 2025. A top NCS official warns ICS security lags behind, and a senator calls U.S. cybersecurity a “hellscape”. A Ukrainian national faces federal charges and an $11 million bounty for allegedly running multiple ransomware operations. Our guest is Jake Braun sharing the latest on Project Franklin. WhoFi makes WiFi a ...
Sep 10, 2025•28 min•Season 10Ep. 2389
The open source community heads off a major npm supply chain attack. The Treasury Department sanctions cyber scam centers in Myanmar and Cambodia. Scammers abuse iCloud Calendar invites to send callback phishing emails. Researchers discover a new malware variant exploiting exposed Docker APIs. Phishing attacks abuse the Axios user agent and Microsoft’s Direct Send feature. Plex warns users of a data breach. Researchers flag a surge in scans targeting Cisco ASA devices. CISA delays finalizing its...
Sep 09, 2025•26 min•Season 10Ep. 2388
The EU fines Google $3.5 billion over adtech abuses. Cloudflare blocks record-breaking Distributed Denial of Service (DDoS) attacks. The Salesforce-Salesloft breach began months earlier with GitHub access. Researchers say the new TAG-150 cybercriminal group has been active since March. Hackers use stolen secrets to leak more than 6,700 Nx private repositories. Subsea cable outages disrupt internet connectivity across India, Pakistan, and parts of the UAE. Monday Business Breakdown. On our Indust...
Sep 08, 2025•30 min•Season 10Ep. 2387
Please enjoy this encore of Career Notes. COO and Co-Founder of Query. AI, Andrew Maloney, shares how the building blocks he learned in the military helped him get where he is today. Coming from a blue collar family with a minimal knowledge of computers, Andrew went into computer operations in the Air Force. While deployed to Oman just after the start of the Iraq War, Andrew said he got his break into security. That's where he learned the components that fit together in order to effectively secu...
Sep 07, 2025•10 min•Season 2Ep. 84
Today we are joined by Selena Larson , co-host of Only Malware in the Building and Staff Threat Researcher and Lead Intelligence Analysis and Strategy at Proofpoint , sharing their work on "Microsoft OAuth App Impersonation Campaign Leads to MFA Phishing." Proofpoint researchers have identified campaigns where threat actors use fake Microsoft OAuth apps to impersonate services like Adobe, DocuSign, and SharePoint, stealing credentials and bypassing MFA via attacker-in-the-middle phishing kits, m...
Sep 06, 2025•21 min•Season 9Ep. 392
A cyberattack disrupts Bridgestone’s manufacturing operations. CISA warns of critical vulnerabilities in products used across multiple sectors. Additional cybersecurity firms confirm data exposure in the recent Salesforce–Salesloft Drift attack. A configuration vulnerability in Sitecore products leads to remote code execution. HHS promises stricter enforcement of healthcare information access rules. Texas sues an education software provider over a December 2024 data breach. A federal jury orders...
Sep 05, 2025•30 min•Season 10Ep. 2386
Salt Typhoon marks China’s most ambitious campaign yet. A major Google outage hit Southeastern Europe. A critical zero-day flaw in FreePBX gets patched. Scattered Lapsus$ Hunters claim the Jaguar Land Rover hack. Researchers uncover a major evolution in the XWorm backdoor campaign. GhostRedirector is a new China-aligned threat actor. CISA adds a pair of TP-Link router flaws to its Known Exploited Vulnerabilities (KEV) catalog. The feds put a $10 million bounty on three Russian FSB officers. Expe...
Sep 04, 2025•27 min•Season 10Ep. 2385
Jaguar Land Rover suffers a major cyberattack. ICE gains access to a powerful spyware tool. Researchers find Fancy Bear snuffling around a new Outlook backdoor. Cloudflare and Palo Alto Networks confirm compromised Salesforce data. A researcher discovers an unsecured Navy Federal Credit Union (NFCU) server. A new ClickFix scam spreads MetaStealer malware. Specialty healthcare providers struggle to protect sensitive patient data. CISA appoints a new Executive Assistant Director for Cybersecurity....
Sep 03, 2025•30 min•Season 10Ep. 2384
Researchers disrupt a cyber campaign by Russia’s Midnight Blizzard. The Salesloft Drift breach continues to ripple outward. WhatsApp patches a critical flaw in its iOS and Mac apps. A fake PDF editing tool delivers the TamperChef infostealer. A hacker finds crash data Tesla claimed not to have. Spain cancels a €10 million contract with Huawei. A fraudster bilks Baltimore for over $1.5 million. We’ve got a breakdown of the latest Business news. In our Threat Vector segment, Michael Sikorski and...
Sep 02, 2025•32 min•Season 10Ep. 2383
Welcome in! You’ve entered, Only Malware in the Building — but this time, it’s not just another episode. This is a special edition you won’t want to miss. For the first time, our hosts are together in-studio — and they’re turning up the heat. Literally. Join Selena Larson , Proofpoint intelligence analyst and host of their podcast DISCARDED , along with N2K Networks Dave Bittner and Keith Mularski , former FBI cybercrime investiga...
Sep 02, 2025•37 min•Season 1Ep. 15
While our team is observing the Labor Day holiday in the US, we hope you will enjoy this episode of The Microsoft Threat Intelligence Podcast . New episodes airs on the N2K CyberWIre network every other Wednesday. In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is live from Black Hat 2025 with a special lineup of Microsoft security leaders and researchers. First, Sherrod sits down with Tom Gallagher , VP of Engineering and head of the Microsoft Security Re...
Sep 01, 2025•44 min•Season 1Ep. 51
