Jan 29, 2025 | Podcast
https://www.darkreading.com/cyber-risk/security-needs-start-saying-no-again For years, cybersecurity teams were often perceived as the “Department of No,” constantly blocking initiatives due to security concerns. However, in an effort to demonstrate value...
Jan 28, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/hundreds-of-fake-reddit-sites-push-lumma-stealer-malware Cybercriminals are leveraging hundreds of fake Reddit and WeTransfer websites to distribute the Lumma Stealer malware. These deceptive websites mimic the appearance...
Jan 27, 2025 | Podcast
https://samcurry.net/hacking-subaru A critical security vulnerability in Subaru’s Starlink service could have allowed attackers to remotely control and track vehicles in the United States, Canada, and Japan. The flaw, discovered by security researchers Sam Curry...
Jan 24, 2025 | Podcast
https://blog.sekoia.io/targeted-supply-chain-attack-against-chrome-browser-extensions A sophisticated supply chain attack has targeted Chrome extension developers, compromising dozens of extensions and potentially impacting millions of users. The campaign involved...
Jan 23, 2025 | Podcast
https://krebsonsecurity.com/2025/01/mastercard-dns-error-went-unnoticed-for-years A critical error in MasterCard’s domain name system (DNS) configuration went unnoticed for nearly five years. This misconfiguration could have allowed attackers to intercept or...
Jan 22, 2025 | Podcast
https://www.bleepingcomputer.com/news/security/7-zip-fixes-bug-that-bypasses-the-windows-motw-security-mechanism-patch-now 7-Zip users are urged to update to the latest version (24.09) immediately to address a critical security vulnerability (CVE-2025-0411). This flaw...
Jan 21, 2025 | Podcast
Ross Ulbricht's Xitter is being spammed with accounts which appear to be associated with him (image 1). However, the accounts are not. When you try to view the "official" Ross Ulbricht Telegram channel it asks to verify your identity (image 2). It gives...
Jan 21, 2025 | Podcast
If you’ve been in AppSec for a while, you’ve probably heard of Security Champions. Maybe you’ve even tried to implement a program. But here’s the thing – most of these programs fail within the first year. Today, we’re going to tell you...
Jan 20, 2025 | Podcast
https://blog.cloudflare.com/ddos-threat-report-for-2024-q4 Cloudflare has mitigated the largest DDoS attack ever recorded, peaking at a staggering 5.6 terabits per second (Tbps).1 This UDP-based attack, launched by a Mirai-based botnet of over 13,000 compromised...
Jan 17, 2025 | Podcast
https://research.checkpoint.com/2025/funksec-alleged-top-ransomware-group-powered-by-ai FunkSec, a recently emerged ransomware group, has taken the cybersecurity world by storm with its aggressive tactics and claims of over 85 victims in just a month. However, a...
