Mark Manglicmot, SVP of Security Services from Arctic Wolf, is sharing their research on "Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerShell stager to deploy a Java-based backdoor, dubbed Cleopatra, which features in-memory file storage...
Feb 08, 2025•22 min•Transcript available on Metacast Security concerns grow over DOGE’s use of AI. The British government demands access to encrypted iCloud accounts. Researchers identify critical vulnerabilities in the DeepSeek iOS app. Microsoft Edge uses AI to block scareware. A phishing campaign targets Facebook users with fake copyright infringement notices. Researchers discover malicious machine learning models on Hugging Face. A major data broker faces yet-another data breach lawsuit. CISA warns of a critical Microsoft Outlook vulnerability...
Feb 07, 2025•37 min•Transcript available on Metacast Chaos and security concerns continue in Washington. Spanish authorities arrest a man suspected of hacking NATO, the UN, and the US Army. A major U.S. hiring platform exposes millions of resumes. Another British engineering firm suffers a cyberattack. Cisco patches multiple vulnerabilities. Cybercriminals exploit SVG files in phishing attacks. SparkCat SDK targets cryptocurrency via Android and iOS apps. CISA directs federal agencies to patch a high-severity Linux kernel flaw. Thailand leaves sca...
Feb 06, 2025•44 min•Transcript available on Metacast The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated routers. A former Google engineer faces multiple charges for alleged corporate espionage. CISA issues ni...
Feb 05, 2025•33 min•Transcript available on Metacast DOGE’s unchecked access to federal networks sparks major cybersecurity fears. Senator Hawley’s AI ban targets China and raises free speech concerns. Apple service ticket portal vulnerability exposed millions of users’ data. North Korean ‘FlexibleFerret’ malware targets macos via job scams and fake zoom apps. February 2025 android security update fixes 48 vulnerabilities, including exploited zero-day. Grubhub data breach exposes customer and driver information. Abandoned cloud infrastructure crea...
Feb 04, 2025•33 min•Transcript available on Metacast Federal agencies become battlegrounds in an unprecedented power struggle. XE Group evolves from credit-card skimming to exploiting zero-day vulnerabilities. WhatsApp uncovers a zero-click spyware attack linked to an Israeli firm.Texas expands its ban on Chinese-backed AI and social media apps. Data breaches expose the personal and medical information of over a million people.NVIDIA patches multiple critical vulnerabilities. Arm discloses critical vulnerabilities affecting its Mali GPU Kernel Dri...
Feb 03, 2025•32 min•Transcript available on Metacast Please enjoy this encore episode with Principal Research Scientist for Human Behavior at Forcepoint, Margaret Cunningham. She shares her story of how she landed in cybersecurity. With a background in psychology and counseling and not feeling that one-on-one counseling was her thing, Margaret had a transformational moment in her PhD program in applied experimental technology when she realized she could "provide helping services and good work services at a broader scale." Margaret found her profes...
Feb 02, 2025•7 min•Ep 53•Transcript available on Metacast This week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the...
Feb 01, 2025•27 min•Transcript available on Metacast Authorities dismantle a Pakistan-based cybercrime network. Lawmakers question the feasibility of establishing a U.S. Cyber Force as a standalone military branch. The DOJ sues to block HPE’s acquisition of Juniper Networks. Tangerine Turkey deploys cryptomining malware. Major healthcare providers send breach notifications. Norwegian police seize a Russian-crewed ship suspected of damaging a communications cable. Researchers discover critical vulnerabilities in GitHub Copilot. D-Link patches a cri...
Jan 31, 2025•37 min•Transcript available on Metacast International law enforcement takes down a pair of notorious hacking forums. Wiz discovers an open DeepSeek database. Time Bandit jailbreaks ChatGPT. Ransomware hits one of the largest U.S. blood centers. A cyberattack takes the South African Weather Service offline. Researchers describe a new “browser syncjacking” attack. TeamViewer patches a high-severity privilege escalation flaw. Over three dozen industry groups urge Congress to pass a national data privacy law. CISA faces an uncertain futur...
Jan 30, 2025•39 min•Transcript available on Metacast Hackers linked to China and Iran are using AI to enhance cyberattacks. An AI-powered messaging tool for Slack and Discord is reportedly leaking user data. British engineering giant Smiths Group suffers a cyberattack. Rockwell Automation details critical and high-severity vulnerabilities. Researchers warn of new side-channel vulnerabilities in Apple CPUs. The Hellcat ransomware gang looks to humiliate its victims. SparkRAT targets macOS users and government entities. Flashpoint looks at FleshStea...
Jan 29, 2025•33 min•Transcript available on Metacast DeepSeek blames DDoS for recent outages. Hackers behind last year’s AT&T data breach targeted members of the Trump family, Kamala Harris, and Marco Rubio’s wife.The EU sanctions Russians for cyberattacks against Estonia. ENGlobal confirms personal information was taken in last year’s ransomware attack. CISA issues a critical warning about a SonicWall vulnerability actively exploited. A large-scale phishing campaign exploits users’ trust in PDF files and the USPS. Apple patches a zero-day affecti...
Jan 28, 2025•34 min•Transcript available on Metacast Chinese AI startup DeepSeek shakes up the market. Trump freezes cyber diplomacy funding and puts a vital U.S.-EU data-sharing agreement at risk. A trojanized RAT targets script kiddies. U.K. telecom giant TalkTalk investigates a data breach. Researchers uncover a critical flaw in Meta’s Llama Stack AI framework. Attackers leverage hidden text salting in emails. The “FlowerStorm” phishing framework targets multiple brands to steal customer credentials. A critical zero-day hits SonicWall VPN appli...
Jan 27, 2025•36 min•Transcript available on Metacast Please enjoy this encore episode with VP of Information Security at Barracuda Dave Farrow, and how he shares how a teenage surfer fell in love with software development and made his way in the cybersecurity field. Dave chose to study electrical engineering in college because he wanted to learn something that didn't make sense to him. He says he's done things in his career that he said he'd never do: for example, he went into and fell in love with software development. Taking on leadership of a b...
Jan 26, 2025•8 min•Transcript available on Metacast This week, we are joined by Ismael Valenzuela, VP of Threat Research & Intelligence, and Jacob Faires, Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41. The newly introduced DeepData framework, a modular Windows-based surveillance...
Jan 25, 2025•26 min•Transcript available on Metacast A federal court finds the FBI’s warrantless section 702 searches unconstitutional. The DOJ charges five in a fake IT worker scheme. The Texas Attorney General expands his investigation into automakers’ data sharing. CISA highlights vulnerabilities in the aircraft collision avoidance system. Estonia will host Europe's new space cybersecurity testing ground. Hackers use hardware breakpoints to evade EDR detection. Subaru’s Starlink connected vehicle service exposed sensitive customer and vehicle d...
Jan 24, 2025•35 min•Transcript available on Metacast CISA and FBI detail exploit chains used by Chinese hackers to compromise Ivanti Cloud Service Appliances. Energy systems in Central Europe use unencrypted radio signals. A critical SonicWall vulnerability is under active exploitation. The Nnice ransomware strain isn’t. Cisco discloses a critical vulnerability in its Meeting Management tool. GhostGPT is a new malicious generative AI chatbot. ClamAV patches critical vulnerabilities in the open-source anti-virus engine. A new report questions the e...
Jan 23, 2025•40 min•Transcript available on Metacast The latest cyber moves from the Trump White House. Pompompurin faces resentencing. An attack on a government IT contractor impacts Medicaid, child support, and food assistance programs. Helldown ransomware targets unpatched Zyxel firewalls. Murdoc is a new Mirai botnet variant. Cloudflare maps the DDoS landscape. North Korea’s Lazarus group uses fake job interviews to deploy malware. Hackers are abusing Google ads to spread AmosStealer malware. Pwn2Own Automotive awards over $382,000 on its firs...
Jan 22, 2025•36 min•Ep 2229•Transcript available on Metacast President Trump rolls back AI regulations and throws TikTok a lifeline. Attackers pose as Ukraine’s CERT-UA tech support. A critical vulnerability is found in the Brave browser. Sophos observes hacking groups abusing Microsoft 365 services and exploiting default Microsoft Teams settings. Researchers uncover critical flaws in tunneling protocols. A breach exposes personal information of thousands of students and educators. Oracle patches 320 security vulnerabilities. Kaspersky reveals over a doze...
Jan 21, 2025•44 min•Ep 2228•Transcript available on Metacast You can learn more about AWS in Orbit at space.n2k.com/aws. Our guests today are Araz Feyzi, Co-founder and CTO at Kayhan Space and Tim Sills, Lead Security Solutions Architect at AWS for Aerospace and Satellite. Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. Selected Reading AWS Aerospace and Satellite Audience Survey We want to hear from you! Please complete our short survey. It’ll help us get better and delive...
Jan 20, 2025•28 min•Ep 16•Transcript available on Metacast Please enjoy this encore of the Managing Director at Cerberus Sentinel, Chief Compliance Officer and the President of TalaTek, Baan Alsinawi as she shares her cybersecurity journey from a teenager who wanted to understand computers and held several positions in IT from help desk to systems engineering and cybersecurity. Founding her own business focusing on compliance, Baan says she spends maybe only 20% of her day on technical tasks and that there is always so more to do. Finding the right peop...
Jan 19, 2025•8 min•Ep 51•Transcript available on Metacast Nati Tal, Head of Guardio Labs, sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking. Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiti...
Jan 18, 2025•25 min•Ep 361•Transcript available on Metacast The FBI warns agents of hacked call and text logs. The US Treasury sanctions entities tied to North Korea’s fake IT worker operations. Russian hacking group Star Blizzard attempted to infiltrate WhatsApp accounts of nonprofits supporting Ukraine. Yubico discloses a critical vulnerability in its Pluggable Authentication Module)software. Google releases an open-source library for software composition analysis. CISA hopes to close the software understanding gap. Pumakit targets critical infrastruct...
Jan 17, 2025•40 min•Ep 2227•Transcript available on Metacast President Biden issues a comprehensive cybersecurity executive order. Updates on Silk Typhoon’s US Treasury breach. A Chinese telecom hardware firm is under FBI investigation. A critical vulnerability has been found in the UEFI Secure Boot mechanism. California-based cannabis brand Stiiizy suffers a data breach. North Korea’s Lazarus Group lures freelance developers. The FTC highlights major security failures at web hosting giant GoDaddy. Veeam patches a critical vulnerability in their Backup fo...
Jan 16, 2025•35 min•Ep 2226•Transcript available on Metacast The FBI deletes PlugX malware from thousands of U.S. computers. Researchers uncover vulnerabilities in Windows 11 allowing attackers to bypass protections and execute code at the kernel level. A look at (a busy) Patch Tuesday. Researchers uncovered six critical vulnerabilities in a popular Linux file transfer tool. Texas sues Allstate for allegedly collecting, using, and selling driving data without proper consent. An executive order enables AI developers to build data centers on federal lands. ...
Jan 15, 2025•36 min•Ep 2225•Transcript available on Metacast A draft cybersecurity executive order from the Biden administration seeks to bolster defenses. Researchers identify a “mass exploitation campaign” targeting Fortinet firewalls. A Chinese-language illicit online marketplace is growing at an alarming rate. CISA urges patching of a second BeyondTrust vulnerability. The UK proposes banning ransomware payments by public sector and critical infrastructure organizations. A critical flaw in Google’s authentication flow exposes millions to unauthorized a...
Jan 14, 2025•35 min•Ep 2224•Transcript available on Metacast An MFA outage affects Microsoft 365 Office apps. The Biden administration introduces new export controls to block adversaries from accessing advanced AI chips. A Dutch university cancels lectures after a cyberattack. Three Russian nationals have been indicted for operating cryptocurrency mixers. Juniper Networks releases security updates for Junos OS. Spain’s largest telecommunications company confirms a data breach. The “Banshee” infostealer leverages a stolen Apple encryption algorithm. Resear...
Jan 13, 2025•35 min•Ep 2223•Transcript available on Metacast Please enjoy this encore episode, where we are joined by Senior Security Officer at Centers for Medicare and Medicaid Services Michael Bishop Jr. as he shares his journey from Army infantryman deployed to Iraq to working in cybersecurity. After 12 years in the U.S. Army, Mike found himself in a rough spot. Looking for work and having some personal challenges, Mike's mentor, an Army officer he met while enlisted, recognized Mike's struggles and helped to nudge him toward cybersecurity. Mike credi...
Jan 11, 2025•7 min•Ep 50•Transcript available on Metacast This week, we are joined by Kyla Cardona and Aurora Johnson from SpyCloud discussing their research "China’s Surveillance State Is Selling Citizen Data as a Side Hustle." Chinese technology companies, under CCP mandate, collect vast amounts of data on citizens, creating opportunities for corrupt insiders to steal and resell this information on dark markets. These stolen datasets, aggregated into "Social Work Libraries" (SGKs), mirror lower-tech versions of CCP internal security databases. Kyla a...
Jan 11, 2025•35 min•Ep 339•Transcript available on Metacast New details emerge about Chinese hackers breaching the US Treasury Department. The Supreme Court considers the TikTok ban. Chinese hackers exploit a zero-day flaw in Ivanti Connect Secure VPN. A new credit card skimmer malware targets WordPress checkout pages. The Banshee macOS info-stealer has been updated. A California health services organization reports a data breach. A Florida firm pays a $337,750 HIPAA settlement following a 2018 breach. Samsung patches Android devices. A Proton Mail outag...
Jan 10, 2025•33 min•Ep 2226•Transcript available on Metacast 
