Cloudflare’s outage is rooted in an internal configuration error. The Trump administration is preparing a new national cyber strategy. CISA gives federal agencies a week to secure a new Fortinet flaw. MI5 warns that China is using LinkedIn headhunters and covert operatives to target lawmakers. Experts question the national security risks of TP-Link routers. The China-aligned PlushDaemon threat group hijacks software updates. Researchers discover WhatsApp’s entire global member directory accessib...
Nov 19, 2025•30 min•Season 10Ep. 2437
Cloudflare suffers a major outage. Google issues an emergency Chrome update. Logitech discloses a data breach. CISA plans a major hiring push. The House renews the State and Local Cybersecurity Grant Program. The GAO warns military personnel are oversharing online. Tech groups urge governments worldwide to reject proposals that weaken or bypass encryption. Australian authorities blame outdated software for the death of a telecom customer. An alleged Void Blizzard hacker faces extradition to the ...
Nov 18, 2025•35 min•Season 10Ep. 2436
Managing identity has been an evolving challenge as networks have only continued to grow and become more sophisticated. In this current landscape, these challenges have only become further exacerbated with new emerging technologies. In this episode of CISO Perspectives, host Kim Jones sits down with Richard Bird from Singular AI to discuss this evolving paradigm. Throughout this conversation, Kim and Richard tackle how managing identity has evolved and how security leaders can get ahead of AI ...
Nov 18, 2025•40 min•Season 17Ep. 117
The Pentagon is spending millions on AI hacking. The New York Times investigates illicit crypto funds. Researchers uncover widespread remote code execution flaws in AI inference engines. Police in India arrest CCTV hackers. Payroll Pirates use Google Ads to steal credentials and redirect salaries. A large-scale brand impersonation campaign delivers Gh0st RAT to Chinese-speaking users.A bitcoin mining company CEO gets scammed. Monday biz brief. On our Industry Voices segment with our Knowledge Pa...
Nov 17, 2025•35 min•Season 10Ep. 2435
Please enjoy this encore of Career Notes. Founder and general partner of Rain Capital, Chenxi shares her story and how she conquered and got over the obstacle of fear to reach her goals in life. " I realized a lot of times my obstacle is my own fear rather than a real obstacle" Wang states, she also shares her story of breaking glass ceilings as a female founder and working in the field of cybersecurity. She hopes to be remembered for being a kind person and developing her own venture fund, as s...
Nov 16, 2025•10 min•Season 2Ep. 95
Dr. Renée Burton , Vice President of Threat Intelligence from Infoblox , is sharing the team's work on "Deniability by Design: DNS-Driven Insights into a Malicious Ad Network." Infoblox returns with new threat actor research uncovering Vane Viper , a Cyprus-based holding company behind PropellerAds—one of the world’s largest advertising networks. The report reveals that Vane Viper isn’t just being exploited by criminals but operates as a criminal infrastructure itself, built to profit from fraud...
Nov 15, 2025•24 min•Season 9Ep. 402
Anthropic reports China-linked hackers used Claude AI in an automated espionage campaign. Google reconsiders its upcoming “Developer Verification” policy for Android. AT&T customers affected by two data breaches in 2024 can now file claims. Nearly 10,000 Washington Post employees were affected by a data breach. ASUS and Imunify360 patch critical flaws. DoorDash discloses a data breach. Checkout.com donates the ransom to researchers. Kraken ransomware benchmarks systems before encryption. Mik...
Nov 14, 2025•30 min•Season 10Ep. 2434
Operation Endgame expands global takedowns. The U.S. is creating a Scam Center Strike Force. Microsoft rolls out its delayed “Prevent screen capture” feature for Teams. Proton Pass patches a clickjacking flaw. Researchers uncover previously undisclosed zero-day flaws in both Citrix and Cisco Identity Services Engine. Android-based digital picture frames contain multiple critical vulnerabilities. Lumma Stealer rebounds after last month’s doxxing campaign. Our guest is Garrett Hoffman, Senior Mana...
Nov 13, 2025•29 min•Season 10Ep. 2433
Patch Tuesday. Google sues a “phishing-as-a-service” network linked to global SMS scams, and launches “private ai compute.” Hyundai notifies vehicle owners of a data breach. Amazon launches a bug bounty program for its AI models. The Rhadamanthys infostealer operation has been disrupted. An initial access broker is set to plead guilty in U.S. federal court. Our guest is Bob Maley, CSO from Black Kite, discussing a new AI assessment framework. “Bitcoin Queen’s” $7.3 billion crypto laundering empi...
Nov 12, 2025•31 min•Season 10Ep. 2432
Lieutenant Rob Sarver and Alex Gendzier are the authors of Warrior to Civilian: The Field Manual for the Hero's Journey , the definitive guide to transition to civilian life for veterans and their spouses and families. The book aims to provide actionable advice to veterans looking for work, while coaching those in hiring positions to give veterans the fair shake they deserve after serving our country. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow...
Nov 11, 2025•30 min•Season 1Ep. 80
Fraud has always been a consistent challenge. As the world has continued to become increasingly interconnected and as new technologies have become widely available, threat actors have continued to evolve their tactics. In this episode of CISO Perspectives, host Kim Jones sits down with Mel Lanning from the Better Business Bureau to discuss fraud and how it has been evolving in recent years. From exploiting cryptocurrencies to utilizing emerging technologies, Kim and Mel look into how threat ac...
Nov 11, 2025•37 min•Season 17Ep. 116
Ending the government shutdown revives an expired cybersecurity law. The DoD finalizes a new model for building U.S. military cyber forces. A North Korean APT exploits Google accounts for full device control. The EU dials back AI protections in response to pressure from Big Tech companies and the U.S. government. Researchers discover a critical vulnerability in the Monsta FTP web-based file management tool. The Landfall espionage campaign targets Samsung Galaxy devices in the Middle East. Five E...
Nov 10, 2025•30 min•Season 10Ep. 2431
Please enjoy this encore of Career Notes. Chief intelligence officer at Intel 471, Michael shares his story where he started as an actor and quickly changed over to intelligence and what the transition was like for him. Michael grew up wanting to be an actor and even was able to land some acting jobs, after going into the Marine Corps he decided to leave acting behind and start a new path in his journey. He says looking for a purpose really helped to shape him, saying "looking back on it, I feel...
Nov 09, 2025•8 min•Season 2Ep. 94
Tal Peleg , Senior Product Manager, and Coby Abrams , Cyber Security Researcher of Varonis , discussing their work and findings on Rusty Pearl - Remote Code Execution in Postgres Instances. The flaw could allow attackers to execute arbitrary commands on a database server’s operating system, leading to potential data theft, destruction, or lateral movement across networks. While the vulnerability existed in PostgreSQL, Amazon RDS and Aurora were not affected, thanks to built-in protections like S...
Nov 08, 2025•24 min•Season 9Ep. 401
The CBO was hacked by a suspected foreign actor. Experts worry Trump’s budget cuts weaken U.S. cyber defenses. Regulation shapes expectations. ClickFix evolves on macOS. Notorious cybercrime groups form a new “federated alliance.” Congressional leaders look to counter China’s influence in 6G networks. An EdTech firm pays $5.1 million to settle data breach claims. Nevada did not pay the ransom. Our guest is CEO and Co-Founder Ben Nunez from Evercoast, winner of the 8th Annual DataTribe Challenge....
Nov 07, 2025•21 min•Season 10Ep. 2430
Zero Trust has been top of mind for years, but how is AI changing what that actually looks like in practice? In this episode of CyberWire-X, Dave Bittner is joined by Deepen Desai , Chief Security Officer at Zscaler , to discuss the transformative impact of AI on Zero Trust security frameworks. The discussion outlines how AI enhances threat prevention, automates data discovery, and improves user experience while addressing the practical financial implications of adopting AI in security. Hear how...
Nov 06, 2025•23 min•Season 1Ep. 53
Cisco patches critical vulnerabilities in its Unified Contact Center Express (UCCX) software. CISA lays off 54 employees despite a federal court order halting workforce reductions. Gootloader malware returns. A South Korean telecom is accused of concealing a major malware breach. Russia’s Sandworm launches multiple wiper attacks against Ukraine. China hands out death sentences to scam compound kingpins. My guest is Dr. Sasha O'Connell, Senior Director for Cybersecurity Programs at Aspen Digital....
Nov 06, 2025•23 min•Season 10Ep. 2429
Operation “Chargeback” takes down global fraud networks. An investigation reveals the dangers of ADINT. M&S profits plunge after a cyberattack. Google patches a critical Android flaw. Asian prosecutors seize millions from an accused Cambodian scam kingpin. Ohio residents are still guessing water bills months after a cyberattack. Houston firefighters deny blame in city data breach. Nikkei reports a slack breach exposing 17,000 records.The Google–Wiz deal clears DOJ review. Ann Johnson welcome...
Nov 05, 2025•23 min•Season 10Ep. 2428
China-Linked hackers target Cisco firewalls. MIT Sloan withdraws controversial “AI-Driven Ransomware” paper. A new study questions the value of cybersecurity training. Hackers exploit OpenAI’s API as a malware command channel. Apple patches over 100 Security flaws across devices. A Florida-based operator of mental health and addiction treatment centers exposes sensitive patient information. OPM plans a “mass deferment” for Cybercorps scholars affected by the government shutdown. Lawmakers urge t...
Nov 04, 2025•25 min•Season 10Ep. 2427
When discussing privacy risks, many often look to implementing strong encryption, secure data storage practices, and data sanitization processes to help ensure sensitive information remains protected. Though these practices are good and should be prioritized, many often miss other key areas that need just as much focus. As the internet of things has only continued to grow larger and larger, so has the risk these devices inherently create as they collect and store more information than many would...
Nov 04, 2025•36 min•Season 17Ep. 115
The FCC plans to roll back cybersecurity mandates that followed Salt Typhoon. The alleged cybercriminal MrICQ has been extradited to the U.S. Ransomware negotiators are accused of conducting ransomware attacks. Ernst & Young accidentally exposed a 4-terabyte SQL Server backup. A hacker claims responsibility for last week’s University of Pennsylvania breach. The UK chronicles cyberattacks on Britain’s drinking water suppliers. Monday business brief. Our guest is Caleb Tolin, host of Rubrik's ...
Nov 03, 2025•26 min•Season 10Ep. 2426
Risk Management and Privacy Knowledge Leader at A-LIGN, Arti Lalwani shares her story from finance to risk management and how she made the transition. Arti started her career in finance after graduating with a finance degree. Quickly learning the field was not for her, she decided to dip her toes into the tech world. She credits her mentors for helping her and said "they were able to push me up and get me there faster than I even thought." Arti says that she would like to be a part, and hopes to...
Nov 02, 2025•8 min•Season 2Ep. 93
Today we are joined by Dario Pasquini , Principal Researcher at RSAC , sharing the team's work on WhenAIOpsBecome “AI Oops”: Subverting LLM-driven IT Operations via Telemetry Manipulation. A first-of-its-kind security analysis showing that LLM-driven AIOps agents can be tricked by manipulated telemetry, turning automation itself into a new attack vector. The researchers introduce AIOpsDoom, an automated reconnaissance + fuzzing + LLM-driven telemetry-injection attack that performs “adversarial r...
Nov 01, 2025•20 min•Season 9Ep. 400
CISA says cooperation between federal agencies and the private sector remains steady. Long-standing Linux kernel vulnerability in active ransomware campaigns confirmed. A Chinese-linked group targets diplomatic organizations in Hungary, Belgium, and other European nations. A government contractor breach exposes data of over 10 million Americans. Luxury fashion brands fall victim to impersonation scams. Phishing shifts from email to LinkedIn. Advocacy groups urge the FTC to block Meta from using ...
Oct 31, 2025•25 min•Season 10Ep. 2425
Happy Halloween from the team at N2K Networks! We hope you share in our Halloween tradition of listening to the Malware Mash. You can check out our video here . Lyrics I was coding in the lab late one night when my eyes beheld an eerie sight for my malware threat score began to rise and suddenly to my surprise... It did the Mash It did the Malware Mash The Malware Mash It was a botnet smash It did the Mash It caught on 'cause of Flash The Malware Mash It did the Malware Mash From the Stuxnet w...
Oct 31, 2025•3 min
A Texas telecom confirms a nation-state attack. A global outage disrupts Azure and Microsoft 365 services. Malicious npm packages steal sensitive data from Windows, Linux, and macOS systems. Hacktivists have breached multiple critical infrastructure systems across Canada. Major chipmakers spill the TEE. TP-Link home routers fall under federal scrutiny. Cloud Atlas targets Russia’s agricultural sector. Israel’s cloud computing deal with Google and Amazon allegedly includes a secret “winking mecha...
Oct 30, 2025•26 min•Season 10Ep. 2424
Explosions rock a shuttered Myanmar cybercrime hub. The Aisuru botnet shifts from DDoS to residential proxies. Dentsu confirms data theft at Merkle. Boston bans biometrics. Proton restores journalists’ email accounts after backlash. Memento labs admits Dante spyware is theirs. Australia accuses Microsoft of improperly forcing users into AI upgrades. CISA warns of active exploitation targeting manufacturing management software. A covert cyberattack during Trump’s first term disabled Venezuela’s i...
Oct 29, 2025•28 min•Season 10Ep. 2423
WSUS attacks escalate as emergency patch fails to fully contain exploited flaw. Schneider Electric and Emerson are listed among victims in the Oracle EBS cyberattack. Google debunks reports of a massive GMail breach. A new banking trojan mimics human behavior for stealth. Sweden’s power grid operator confirms a cyberattack. Italian spyware targets Russian and Belarusian organizations. The U.S. declines to sign the new UN cyber treaty. Ransomware payments fall to record lows. U.S. Cyber Chief cal...
Oct 28, 2025•25 min•Season 10Ep. 2422
Privacy is one of the most universally valued rights. Yet, despite its importance, data breaches exposing millions of people's sensitive information have become routine. Many have come to assume that their personal data has already been, or inevitably will be, compromised. Despite this reality, prioritizing privacy is more important than ever. In this episode of CISO Perspectives, host Kim Jones sits down with Kristy Westphal, the Global Security Director of Spirent Communications, to explore ...
Oct 28, 2025•42 min•Season 17Ep. 114
The UN launches the world’s first global treaty to combat cybercrime. A House Democrats’ job portal left security clearance data exposed online. A new data leak exposes 183 million email addresses and passwords. Threat actors target Discord users with an open-source red-team toolkit. A new campaign targets unpatched WordPress plugins. The City of Gloversville, New York, suffers a ransomware attack. Jen Easterly hopes AI could eliminate the buggy software that fuels cybercrime. A Connecticut heal...
Oct 27, 2025•25 min•Season 10Ep. 2421
