Best Dropzone Podcasts (2025)

1
Dropzone AI Secures $37M to Tackle Alert Fatigue with Autonomous SOC Analysts 17:11

21h ago17:11

17:11

In this episode, we dive into Dropzone AI’s landmark $37 million Series B funding round, bringing the company’s total raised to over $57 million. Backed by major investors, Dropzone AI is accelerating the development of its AI-powered SOC analysts — tools designed to autonomously investigate and resolve security alerts across critical threat catego…

1
Dropzone AI Brings Agentic Automation to Black Hat USA 2025 | A DROP ZONE AI Pre Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with Edward Wu Founder/CEO at Dropzone AI 20:07

10d ago20:07

20:07

As Black Hat USA 2025 approaches, the cybersecurity world is buzzing with innovation—and Dropzone AI is right at the center of it. With roots in Seattle and a mission to bring true intelligence into the security operations center (SOC), the Dropzone AI team is gearing up for a packed week in Las Vegas, from BSides to the AI Summit, and finally at S…

1
Critical Honeywell Experion PKS Vulnerabilities Threaten Global Industrial Control Systems 1:16:35

5h ago1:16:35

1:16:35

In this episode, we analyze the multiple vulnerabilities recently disclosed in Honeywell’s Experion Process Knowledge System (PKS), a widely deployed industrial control and automation solution that underpins operations in energy, chemical plants, manufacturing, healthcare, and transportation sectors worldwide. Reported by CISA and Positive Technolo…

1
Auto-Color Linux Malware Exploits SAP Zero-Day CVE-2025-31324 36:36

13m ago36:36

36:36

In this episode, we uncover the Auto-Color Linux malware, a stealthy and highly persistent Remote Access Trojan (RAT) that is rapidly emerging as one of the most dangerous threats of 2025. First identified by Palo Alto Networks’ Unit 42 and later analyzed by Darktrace, Auto-Color has now been linked to active exploitation of CVE-2025-31324, a criti…

1
Inside the July 2025 PyPI Phishing Scam: How Hackers Stole Developer Credentials 54:17

3h ago54:17

54:17

In this episode, we investigate the growing cybersecurity storm targeting the Python Package Index (PyPI) — the backbone of Python’s software distribution ecosystem. A recent phishing campaign in July 2025 has developers on high alert, as attackers impersonated PyPI using a deceptive domain (pypj.org) to trick maintainers into handing over their cr…

1
IoT Security Crisis: Dahua Smart Camera Vulnerabilities Expose Surveillance Systems 1:02:05

6h ago1:02:05

1:02:05

In this episode, we examine the alarming discovery of critical security vulnerabilities in Dahua smart cameras, one of the world’s most widely deployed surveillance systems. Researchers at Bitdefender uncovered two zero-click flaws — CVE-2025-31700 and CVE-2025-31701 — that allow unauthenticated remote attackers to gain root access to Dahua devices…

1
Creative Storytelling in the Age of AI: When Machines Learn to Dream and the Last Stand of Human Creativity | A Conversation with Maury Rogow | Redefining Society And Technology Podcast With Marco Ciappelli ... 48:05

1d ago48:05

48:05

⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com Title: Creative Storytelling in the Age of AI: When Machines Learn to Dream and the Last Stand of Human Creativity Guest: Maury Rogow CEO, Rip Media Group | I grow businesses with Ai + video storytelling. Honored to have 70k+ professionals & 800+ brands g…

1
Black Hat 2025: More Buzzwords, Same Breaches? | What’s Heating Up Before Black Hat 2025: Top Trends Set to Shake Up this Year’s Hacker Conference | An ITSPmagazine Webinar: On Location Coverage with Sean ... 1:00:22

1d ago1:00:22

1:00:22

In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025. Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shiftin…

1
Axonius Buys Cynerio for $100M+: Closing Healthcare’s Biggest Cybersecurity Blind Spot 1:36:30

1d ago1:36:30

1:36:30

In this episode, we explore Axonius’s landmark acquisition of Cynerio, a healthcare cybersecurity company specializing in protecting vulnerable medical devices like MRI machines, infusion pumps, and ventilators. The deal — valued at over $100 million in cash and stock — marks Axonius’s first-ever acquisition and signals a major strategic expansion …

1
Making Honeypots Useful Again: Identity Security, Deception, and the Art of Detection | A Conversation with Sean Metcalf | Redefining CyberSecurity with Sean Martin 31:48

1d ago31:48

31:48

⬥GUEST⬥ Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ Sean Metcalf, a frequen…

1
Critical Lenovo Firmware Flaws Expose Millions to Persistent UEFI Attacks 42:00

1d ago42:00

42:00

In this episode, we examine a critical firmware security crisis shaking Lenovo devices worldwide. Security researchers at Binarly have uncovered six serious vulnerabilities in the Insyde BIOS firmware used in Lenovo’s IdeaCentre and Yoga product lines. Four of these flaws, rated high severity, reside in the System Management Mode (SMM) — a privileg…

1
Promptfoo Secures $18.4M to Combat AI Security Threats in Generative AI 36:50

1d ago36:50

36:50

In this episode, we dive into Promptfoo’s groundbreaking $18.4 million Series A funding round, led by Insight Partners and supported by Andreessen Horowitz, bringing the AI security startup’s total funding to $23.4 million. Founded in 2024, Promptfoo has quickly emerged as a leader in securing Large Language Models (LLMs) and generative AI applicat…

1
1.1 Million Private Messages Leaked: Inside the Tea App Privacy Disaster 23:58

2d ago23:58

23:58

A platform designed to protect women’s safety in dating has instead become a nightmare for its users. In this episode, we uncover the catastrophic Tea app data breach, which exposed more than 59 GB of highly sensitive user data due to a fundamental security failure: a completely public Firebase storage bucket with no authentication, no encryption, …

1
Job Scams, Corporate Espionage, and Digital Deception: Inside the Deepfake Crisis 1:16:30

2d ago1:16:30

1:16:30

Deepfake technology has evolved from a fringe novelty into one of the most serious cybersecurity and national security threats of our time. In this episode, we examine how artificial intelligence–generated synthetic media is being weaponized to impersonate CEOs, manipulate elections, infiltrate corporate networks, and damage reputations worldwide. …

1
Microsoft Exposes Major macOS Flaws in Transparency, Consent, and Control 1:23:13

2d ago1:23:13

1:23:13

In this episode, we dive deep into Microsoft Threat Intelligence’s latest findings on two critical macOS vulnerabilities that shook Apple’s privacy defenses. The flaws, identified as CVE-2025-31199 (Sploitlight) and CVE-2024-44133 (HM Surf), specifically targeted Apple’s Transparency, Consent, and Control (TCC) framework, the system designed to gua…

1
Aeroflot in Chaos: How Hackers Crippled Russia’s Flagship Airline 24:25

3d ago24:25

24:25

On July 28, 2025, Aeroflot—Russia’s largest state-owned airline—was brought to its knees in one of the most severe cyberattacks since the country’s invasion of Ukraine in 2022. The sophisticated assault, carried out by Ukrainian hacktivist group Silent Crow and the Belarusian Cyber-Partisans, led to the cancellation of more than 100 flights, strand…

1
Supply Chain Transparency Isn’t Just Technical—It’s a Business Imperative | A LevelBlue Brand Story with Theresa Lanowitz 36:18

4d ago36:18

36:18

As digital infrastructure becomes increasingly interwoven with third-party code, APIs, and AI-generated components, organizations are realizing they can’t ignore the origins—or the risks—of their software. Theresa Lanowitz, Chief Evangelist at LevelBlue, joins Sean Martin and Marco Ciappelli to unpack why software supply chain visibility has become…

1
ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John Lilliston ... 17:51

4d ago17:51

17:51

ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John Lilliston Join ITSP Magazine's Marco Ciappelli and Sean Martin as they preview ThreatLocker's exciting Black Hat 2025 presence with Detect Product Direc…

1
Neferpitou Claims Cyberattack on French Naval Defense Giant 44:17

3d ago44:17

44:17

French defense contractor Naval Group, a cornerstone of Europe’s naval defense industry, is facing a high-stakes cybersecurity crisis. A threat actor known as “Neferpitou” claims to have exfiltrated 1TB of sensitive data, including combat management system (CMS) source code for submarines and frigates, technical documents, developer virtual machine…

1
Root Evidence Launches With $12.5M to Redefine Vulnerability Management 36:51

3d ago36:51

36:51

In July 2025, a team of seasoned cybersecurity leaders launched Root Evidence, a Boise-based startup with a mission to revolutionize how organizations tackle vulnerability management. Armed with $12.5 million in seed funding led by Ballistic Ventures, founders Jeremiah Grossman, Robert Hansen, Heather Konold, and Lex Arquette are setting out to fix…

1
NASCAR Hit by Medusa Ransomware: 1TB of Data Stolen in April 2025 Cyberattack 41:21

3d ago41:21

41:21

In April 2025, NASCAR became the latest victim of a major cyberattack, with hackers infiltrating its network between March 31 and April 3. During the breach, personal information—including names and Social Security numbers—was exfiltrated from NASCAR’s systems. In response, the organization has notified affected individuals, activated its incident …

1
Scattered Spider Strikes Again: Inside the VMware ESXi Ransomware Tactics 55:59

3d ago55:59

55:59

In this episode, we examine the sophisticated operations of Scattered Spider—also known as Muddled Libra, UNC3944, and Octo Tempest—a financially motivated cybercriminal group that has redefined the ransomware threat landscape. Recently highlighted by Google’s Threat Intelligence Group (GTIG), Scattered Spider has escalated its attacks by targeting…

1
Koske Malware Hides in Panda Images, Weaponizes AI to Target Linux 44:03

6d ago44:03

44:03

A new and highly sophisticated malware strain named Koske is redefining the threat landscape for Linux environments. Suspected to be partially developed using artificial intelligence, Koske introduces novel and highly evasive techniques, blending image files, rootkits, and adaptive cryptomining logic to create a stealthy and persistent backdoor int…

1
Operation Checkmate: BlackSuit Ransomware’s Dark Web Sites Seized 39:19

6d ago39:19

39:19

BlackSuit, the ransomware strain known for crippling critical sectors and demanding multi-million dollar payouts, has just suffered a devastating blow. In a coordinated international law enforcement operation codenamed "Operation Checkmate," authorities—including the U.S. Department of Justice, Homeland Security Investigations, FBI, Europol, the UK…

1
Coyote Malware Exploits Microsoft UI Automation in First-Ever Wild Attack 34:14

6d ago34:14

34:14

A new banking trojan called Coyote has emerged as a groundbreaking cyber threat, becoming the first known malware in the wild to exploit Microsoft’s User Interface Automation (UIA) framework—an accessibility tool originally designed to help users interact with Windows interfaces. But in the hands of attackers, UIA becomes a weapon of stealth and pr…

1
No Fix Coming: Remote Code Execution Flaw in 1,300 LG Security Cameras 31:12

6d ago31:12

31:12

A newly disclosed critical vulnerability, CVE-2025-7742, is putting hundreds of LG Innotek LNV5110R security cameras at risk around the world—including within critical infrastructure. This high-severity authentication bypass flaw allows remote attackers to gain full administrative control without credentials, giving them access to live camera feeds…

1
From Black Hat to Black Sabbath / Ozzy: AI Agents and Guitars (again!) + Entry Level Cybersecurity Jobs, Robots Evolution, and the Weekly Recap You Didn’t Expect | Random and Unscripted Weekly Update with ... 49:44

8d ago49:44

49:44

ITSPmagazine Weekly Update | From Black Hat to Black Sabbath / Ozzy: AI Agents and Guitars (again!) + Entry Level Cybersecurity Jobs, Robots Evolution, and the Weekly Recap You Didn’t Expect - On Marco & Sean's Random & Unscripted Podcast __________________ Marco Ciappelli and Sean Martin are back with another random and unscripted weekly recap—fro…

1
Bots, APIs, and Runtime Risk: What Exposures Are Driving AI Security Innovation in 2025 | An Akamai Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with Rupesh Chokshi 21:47

8d ago21:47

21:47

Ahead of Black Hat USA 2025, Sean Martin and Marco Ciappelli sit down once again with Rupesh Chokshi, Senior Vice President and General Manager of the Application Security Group at Akamai, for a forward-looking conversation on the state of AI security. From new threat trends to enterprise missteps, Rupesh lays out three focal points for this year’s…

1
ToolShell Exploited: China-Linked Hackers Breach NNSA and U.S. Government Networks 1:14:36

10d ago1:14:36

1:14:36

In one of the most concerning state-sponsored cyber incidents of the year, Chinese hackers exploited zero-day vulnerabilities in Microsoft SharePoint to breach the networks of the National Nuclear Security Administration (NNSA)—the U.S. agency responsible for managing the nation's nuclear arsenal. The attackers, part of a suspected Chinese state-sp…

1
Massive NPM Breach: Malicious Packages Spread via Compromised Maintainer Accounts 41:44

8d ago41:44

41:44

In this episode, we expose the alarming supply chain attack that compromised millions of JavaScript projects across the globe. This sophisticated breach targeted the NPM ecosystem, infecting widely-used packages like eslint-config-prettier and is, through a coordinated phishing campaign and the exploitation of non-expiring legacy access tokens. Att…

1
Clorox Sues Cognizant Over $356M Cyberattack: Who's Really to Blame? 44:38

7d ago44:38

44:38

In one of the most dramatic cybersecurity legal battles of the past year, Clorox has filed a lawsuit against IT services giant Cognizant, accusing the company of gross negligence that allegedly enabled a catastrophic 2023 cyberattack. The breach wreaked havoc on Clorox's operations—causing widespread product shortages, a multibillion-dollar hit to …

1
HeroDevs Secures $125M to Extend Life of Critical Open Source Software 35:36

7d ago35:36

35:36

In this episode, we dive deep into HeroDevs' recent $125 million strategic growth investment, a move that signals a major expansion in the fight against the vulnerabilities of end-of-life (EOL) open source software. Based in Salt Lake City, HeroDevs has carved out a critical niche—providing "Never-Ending Support" (NES) to ensure security, complianc…

1
How to Hack Global Activism with Tech, Music, and Purpose: A Conversation with Michael Sheldrick, Co-Founder of Global Citizen and Author of the book: “From Ideas to Impact” | Redefining Society And Technology ... 49:05

9d ago49:05

49:05

⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com Title: How to hack Global Activism with Tech, Music, and Purpose: A Conversation with Michael Sheldrick, Co-Founder of Global Citizen and Author of “From Ideas to Impact” Guest: Michael Sheldrick Co-Founder, Global Citizen | Author of “From Ideas to Impac…

1
UK Moves to Ban Ransomware Payments for Public Sector and Critical Infrastructure 48:22

8d ago48:22

48:22

In a landmark move to disrupt the financial engine powering ransomware attacks, the United Kingdom is pushing forward with legislation that would ban ransom payments across the public sector and critical national infrastructure (CNI). This sweeping proposal covers everything from local councils and schools to healthcare providers like the NHS, aimi…

1
Hiring for the Present Is Hurting the Future of Cybersecurity: Why “Entry-Level” Rarely Means Entry | A Conversation with John Salomon | Redefining CyberSecurity with Sean Martin 41:38

10d ago41:38

41:38

⬥GUEST⬥ John Salomon, Board Member, Cybersecurity Advisors Network (CyAN) | On LinkedIn: https://www.linkedin.com/in/johnsalomon/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ The cybersecur…

1
New SysAid Vulnerabilities Added to CISA’s KEV List: XXE Flaws Could Enable RCE 26:10

8d ago26:10

26:10

Two newly added vulnerabilities in SysAid’s On-Prem IT support software — CVE-2025-2775 and CVE-2025-2776 — have officially joined the Cybersecurity and Infrastructure Security Agency (CISA)’s Known Exploited Vulnerabilities (KEV) catalog, signaling increased concern around their potential abuse. While there are no confirmed reports of public explo…

1
Lumma Stealer Returns: Malware-as-a-Service Resurges After Global Takedown 44:16

8d ago44:16

44:16

In this episode, we unpack the rapid and concerning resurgence of Lumma Stealer, a sophisticated Malware-as-a-Service (MaaS) platform, just months after a major international takedown. Despite Microsoft, the FBI, Europol, and global partners dismantling over 2,500 malicious domains and seizing critical infrastructure in May 2025, Lumma Stealer has …

1
Cisco ISE Critical Flaws Now Actively Exploited: No Workarounds, Just Root Access 37:32

9d ago37:32

37:32

Hackers are actively exploiting a trio of critical zero-day vulnerabilities in Cisco’s Identity Services Engine (ISE) and Passive Identity Connector (ISE-PIC), prompting urgent patching directives from the company. The flaws — CVE-2025-20281, CVE-2025-20282, and CVE-2025-20337 — each carry a maximum CVSS severity score of 10.0, indicating the highe…

1
ToolShell: SharePoint Zero-Day Chain Gives Hackers Full Remote Access 58:23

9d ago58:23

58:23

A new wave of zero-day attacks—collectively known as ToolShell—is actively targeting Microsoft SharePoint servers, with two vulnerabilities (CVE-2025-53770 and CVE-2025-53771) allowing unauthenticated remote code execution and identity control bypass. First observed in high-value targets across government, critical infrastructure, and manufacturing…

1
CVE-2025-54309: CrushFTP Zero-Day Exploited in Global Admin Access Attacks 22:13

9d ago22:13

22:13

A critical zero-day vulnerability in CrushFTP (CVE-2025-54309) is being actively exploited, giving attackers administrative access to over a thousand unpatched servers globally. This severe security flaw—caused by improper validation in the AS2 protocol—has exposed enterprise-managed file transfer (MFT) systems across the US, Europe, and Canada. Se…

1
Resonance and Reinvention: Crafting Sound from Salvaged History | A Conversation with Cindy Hulej | Music Evolves with Sean Martin 24:19

11d ago24:19

24:19

Guest and Host Guest: Cindy Hulej, Luthier/Artist | Website: https://www.cindyguitars.com/ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Show Notes What happens when the story of a city becomes part of the music we make? In this episode of Mu…

1
Dell Breach by World Leaks: Extortion Attempt Hits Demo Platform 23:49

9d ago23:49

23:49

Dell Technologies is the latest target in a growing trend of data extortion attacks as threat actors pivot away from traditional ransomware. The cybercrime group known as World Leaks—a rebrand of the former Hunters International gang—has claimed responsibility for breaching Dell’s Customer Solution Centers (CSC), a sandbox environment used primaril…

1
Black Hat USA 2025: AI, Investment, and the Expanding Scope of Cybersecurity | Our Traditional Pre-Event Kick-Off Conversation with Steve Wylie | On Location Coverage with Sean Martin and Marco Ciappelli ... 26:51

11d ago26:51

26:51

As Black Hat USA 2025 approaches, General Manager Steve Wylie joins Sean Martin and Marco Ciappelli for the annual pre-conference conversation to highlight what’s new—and what’s next—for one of cybersecurity’s most iconic events. This year’s themes and expansions signal a strong return to growth, technical depth, and strategic investment. AI Everyw…

1
Critical VPN Vulnerability: ExpressVPN Exposed IPs via RDP Misrouting 59:16

10d ago59:16

59:16

A critical vulnerability in ExpressVPN’s Windows client has put a spotlight on the often-overlooked dangers of debug code making its way into production software. This episode dives into how a debug configuration error allowed Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users’ real IP addresses and compromis…

1
Dior Data Breach Exposes U.S. Customer Info in LVMH Vendor Attack 41:11

10d ago41:11

41:11

In this episode, we unpack the January 2025 data breach at Dior, the iconic luxury fashion house, which exposed sensitive personal information of U.S. customers—including names, addresses, and even Social Security and passport numbers. Although payment data remained secure, the incident's impact is substantial, both in terms of customer trust and c…

1
The Proof Is in the Posture: What Real Security Maturity Looks Like | A HITRUST Brand Story with Bimal Sheth and Vincent Bennekers 46:01

11d ago46:01

46:01

The HITRUST 2025 Trust Report sheds light on a critical question organizations continue to ask: can you really rely on a certification to mean what it says? According to Vincent Bennekers, Vice President of Quality, and Bimal Sheth, Executive Vice President of Standards Development and Assurance Operations at HITRUST, the answer comes down to one w…

1
StrongestLayer Raises $5.2M to Fight AI-Powered Phishing with TRACE 52:49

13d ago52:49

52:49

In an era where generative AI is being used not just for productivity but for precision cybercrime, a San Francisco-based startup, StrongestLayer, is taking a bold stand. Backed by $5.2 million in seed funding from Sorenson Capital and others, the company is pioneering a radically new approach to cybersecurity with its AI-native platform TRACE (Thr…

1
750,000 Records Exposed: Inside the TADTS Data Breach by BianLian 1:03:29

10d ago1:03:29

1:03:29

In July 2024, The Alcohol & Drug Testing Service (TADTS), a Texas-based company handling sensitive employment-related data, suffered a catastrophic data breach. Nearly 750,000 individuals had personal information compromised—Social Security numbers, financial data, driver’s licenses, health insurance info, and even biometric identifiers. The attack…

1
SS7 Is Still Broken: How Surveillance Firms Are Bypassing Telco Defenses 50:12

10d ago50:12

50:12

A new attack technique is exposing just how vulnerable global mobile networks remain in 2025. Cybersecurity firm Enea has discovered a surveillance operation that bypasses SS7 firewalls by exploiting a subtle weakness in the TCAP encoding layer—allowing stealth location tracking of mobile users across borders. The method? Tampering with the IMSI fi…

1
The Hybrid Species — When Technology Becomes Human, and Humans Become Technology | A Musing On Society & Technology Newsletter Written By Marco Ciappelli | Read by TAPE3 10:53

14d ago10:53

10:53

⸻ Podcast: Redefining Society and Technology https://redefiningsocietyandtechnologypodcast.com _____________________________ This Episode’s Sponsors BlackCloak provides concierge cybersecurity protection to corporate executives and high-net-worth individuals to protect against hacking, reputational loss, financial loss, and the impacts of a corpora…

Podcasts Worth a Listen

Dropzone Podcasts

Podcasts Worth a Listen

Quick Reference Guide