Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Player FM - Internet Radio Done Right
Checked 3d ago
Added eighteen weeks ago
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Daily Security Review
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Daily Deals
Podcasts Worth a Listen
SPONSORED
T
Tinfoil Swans
1 Encore: Will Poulter, Dave Beran, and The Bear 52:22
52:22 
Play Later 
Play Later 
Lists 
Like 
Liked52:22
Play Later
Play Later
Lists
Like
LikedSeason 3 of the smash hit FX/Hulu show “The Bear” roared to life just days ago, but Will Poulter (the actor who plays fan-favorite Luca) and 2014 F&W Best New Chef Dave Beran had been prepping for weeks. Poulter — like his co-star Jeremy Allen White — staged with Beran at his Santa Monica restaurant Pasjoli to learn how to accurately portray a professional chef onscreen. The lessons went so well, Beran says he’d hire Poulter as a cook — even despite a messy mishap with a pastry bag. The two dished all about getting kitchen culture right on and offscreen, what it takes to be at the top of your craft, and the pure magic of a great restaurant service. Learn more about your ad choices. Visit podcastchoices.com/adchoices…
$21M Seized and DanaBot, Qakbot, and Bumblebee Disrupted in Operation Endgame Takedown
Manage episode 484409592 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ransomware ecosystem. Between May 19–22, authorities executed a sweeping takedown of 300 servers, neutralized 650 domains, and seized €3.5 million in cryptocurrency, adding to a total of €21.2 million seized over the course of the operation.
We explore how this phase zeroed in on Malware-as-a-Service (MaaS) and loader operations — the essential tools used by ransomware groups to infiltrate victims. Key malware families including DanaBot, Qakbot, Trickbot, Bumblebee, Lactrodectus, and Warmcookie were directly targeted.
This isn't just about servers and code — indictments were unsealed against 16 members of the DanaBot cybercrime gang, and the alleged leader of the Qakbot operation, responsible for compromising over 700,000 systems, has been charged. We also discuss the arrest of a crypter specialist for Conti and LockBit, illustrating the depth of the disruption.
You’ll also hear how intelligence from previous takedowns, like Smokeloader, led to follow-up arrests — a sign that this multi-phase operation is not only reactive but deeply strategic. Operation Endgame is proving that even as cybercriminals adapt, global law enforcement can strike harder, smarter, and with precision.
120 episodes
ShareManage episode 484409592 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In this episode, we break down the latest and most impactful phase of Operation Endgame, the international law enforcement campaign targeting the backbone of the ransomware ecosystem. Between May 19–22, authorities executed a sweeping takedown of 300 servers, neutralized 650 domains, and seized €3.5 million in cryptocurrency, adding to a total of €21.2 million seized over the course of the operation.
We explore how this phase zeroed in on Malware-as-a-Service (MaaS) and loader operations — the essential tools used by ransomware groups to infiltrate victims. Key malware families including DanaBot, Qakbot, Trickbot, Bumblebee, Lactrodectus, and Warmcookie were directly targeted.
This isn't just about servers and code — indictments were unsealed against 16 members of the DanaBot cybercrime gang, and the alleged leader of the Qakbot operation, responsible for compromising over 700,000 systems, has been charged. We also discuss the arrest of a crypter specialist for Conti and LockBit, illustrating the depth of the disruption.
You’ll also hear how intelligence from previous takedowns, like Smokeloader, led to follow-up arrests — a sign that this multi-phase operation is not only reactive but deeply strategic. Operation Endgame is proving that even as cybercriminals adapt, global law enforcement can strike harder, smarter, and with precision.
120 episodes
All episodes
×
D
Daily Security Review
1 Malware-as-Code: The Rise of DaaS on GitHub and the Collapse of Open-Source Trust 39:46
39:46 Play Later Play Later Lists Like Liked39:46
Play Later Play Later Lists Like LikedIn this episode, we dissect one of the most sophisticated ongoing cybercrime trends—malware campaigns weaponizing GitHub repositories to compromise developers, gamers, and even rival hackers. By abusing GitHub’s search functionality and reputation signals, threat actors are pushing backdoored code under the guise of popular tools, game cheats, and exploit kits. These malicious repositories often look legitimate, complete with automated commits, fake contributors, and modest star counts to avoid suspicion. We explore how Distribution-as-a-Service (DaaS) operations are driving these attacks, significantly lowering the barrier to entry for cybercriminals. Notable actors like “ischhfd83” and the “Stargazer Goblin” group have maintained thousands of malicious repositories, many embedding backdoors via PreBuild events, Python obfuscation, and Unicode deception techniques. Their payloads include info-stealers like Lumma and RATs like Remcos, with command-and-control often running through Telegram. We also examine the implications of the Coinbase-linked cascading supply chain attack, how even cybercriminals are falling victim, and what developers and security teams need to do now to detect red flags, verify source code, and stop blindly trusting stars and search rankings. If you’re relying on open-source tools, this episode could save you from compiling your next compromise.…
D
Daily Security Review
1 ClickFix: How Fake Browser Errors Became the Internet’s Most Dangerous Trap 47:15
47:15 Play Later Play Later Lists Like Liked47:15
Play Later Play Later Lists Like LikedIn this episode, we dive deep into ClickFix , also tracked as ClearFix or ClearFake —a highly effective and deceptive malware delivery tactic that emerged in early 2024. ClickFix exploits the human tendency to trust browser prompts by using fake error messages, CAPTCHA pages, and verification requests to convince users to execute malicious PowerShell commands via simple keyboard shortcuts. What makes ClickFix so dangerous? It’s “frictionless.” No exploits, no downloads—just user interaction. Attackers preload malware-laced commands into the clipboard and trick victims into running them through legitimate Windows tools like powershell.exe and mshta.exe, effectively bypassing traditional antivirus and EDR tools. This tactic is being leveraged by major threat groups including APT28 , MuddyWater , and TA571 , and is distributing malware like Stealc , Rhadamanthys , LummaC2 , NetSupport RAT , and even macOS stealers like AMOS and AppleProcessHub . We’ll unpack how ClickFix pages mimic trusted platforms like Google Meet, Zoom, TikTok, and cryptocurrency sites to exploit verification fatigue and deliver payloads silently via obfuscated scripts. You'll hear how attackers use LOLBins , JavaScript loaders , and ROT13-encoded payloads to hide their tracks, and why even experienced users are falling for this trick. We’ll also examine the distribution ecosystem , from malvertising and TikTok scams to fake GitHub issues and cracked game forums , and explore the traffers teams and threat actors monetizing this attack method at scale. If you think malware needs a download or a macro to infect a system, think again—ClickFix proves that all it takes is one careless paste . Stay tuned to learn: How the attack chain works step-by-step Why ClickFix is hard to detect and block Which threat actors are using it and how Real-world examples of malware campaigns using ClickFix What defenders and users can do to spot and stop these attacks This is one of the most insidious and scalable social engineering attacks of the decade—and it’s only just getting started.…
D
Daily Security Review
1 Exposed and Extorted: The ViLE Hackers and the Legal Gaps Enabling Doxing 47:31
47:31 Play Later Play Later Lists Like Liked47:31
Play Later Play Later Lists Like LikedCybercrime is rapidly evolving—and so are its tactics. In this episode, we dissect the findings of SoSafe’s Cybercrime Trends 2025 report and explore the six key trends reshaping the global threat landscape, including AI as an attack surface, multichannel intrusions, and the rising exploitation of personal identities. But we don’t stop at theory. We go deep into the real-world case of the ViLE hacking group—responsible for one of the most egregious doxing and extortion campaigns in recent memory. Hear how hackers breached a DEA portal using stolen police credentials, exfiltrated sensitive personal data, impersonated law enforcement to manipulate social media platforms, and threatened victims’ families unless paid. We also confront the darker side of doxing: how legal loopholes and insufficient protections leave victims—especially women and marginalized groups—exposed to psychological, reputational, and physical harm. From online harassment to SWATing incidents, this episode reveals the chilling consequences of unchecked digital exposure. Finally, we offer actionable insights for both organizations and individuals to build cyber resilience—from proactive employee training and AI-powered defense tools to reviewing digital footprints and involving families in cyber hygiene. This isn’t just about breaches and ransomware—it’s about human lives, eroded trust, and the urgent need to close the growing gap in cyber protection. Tune in to understand the stakes—and what must change.…
D
Daily Security Review
1 Chrome Under Fire: Three Zero-Days, One Month, and Nation-State Exploits 28:23
28:23 Play Later Play Later Lists Like Liked28:23
Play Later Play Later Lists Like LikedIn this episode, we dive deep into three actively exploited zero-day vulnerabilities discovered in Google Chrome in 2025, each of which was patched in rapid succession following targeted attacks. At the center is CVE-2025-5419, a high-severity out-of-bounds read/write flaw in the V8 JavaScript engine that allows attackers to exploit heap corruption through crafted HTML pages — and it’s already being weaponized in the wild. We also revisit CVE-2025-2783, a Chrome Mojo vulnerability used in Operation ForumTroll, a nation-state espionage campaign targeting Russian organizations. This flaw allowed attackers to bypass Chrome’s sandbox entirely with just one click on a phishing link. The third major zero-day, CVE-2025-4664, exposed gaps in Chrome's Loader component, permitting policy bypass and potential full account takeover. Join us as we analyze the technical root causes, discuss Google's mitigation strategies including emergency out-of-band patches and configuration changes, and explore the implications of these rapid-fire exploits in a threat landscape increasingly shaped by advanced persistent threats and browser-based vulnerabilities. We’ll also offer key takeaways for IT teams and CISOs on patching strategy, user awareness, and the critical role of update velocity in today's cybersecurity defense playbook.…
D
Daily Security Review
1 Australia Forces Transparency: The World’s First Mandatory Ransomware Payment Reporting Law 1:02:01
1:02:01 Play Later Play Later Lists Like Liked1:02:01
Play Later Play Later Lists Like LikedAustralia just made cyber history. On May 30, 2025, the nation became the first in the world to enforce mandatory ransomware payment reporting under the newly enacted Cyber Security Act 2024 . In this episode, we dissect what this means for businesses, law enforcement, and the global cybersecurity landscape. We break down the key aspects of the legislation, including which organizations are affected, what counts as a "ransomware payment," and the strict 72-hour deadline for reporting incidents to the Australian Signals Directorate. We'll also explore how the government intends to use this data to track attackers, strengthen national defenses, and drive policy change — without currently requiring public disclosure. But it’s not all praise. Critics argue the law imposes strict obligations without offering real help to victims. We examine concerns from cybersecurity experts about a lack of proactive support, the continued pressure to pay ransoms, and whether this initiative is more about optics than outcomes. Plus, we look at how this could influence other countries — including the UK — which are watching closely and debating similar moves. If your organization does business in Australia or wants to understand the global implications of ransomware regulation, this is the conversation you need to hear. Tune in as we unpack what might be the most consequential cybersecurity law of the year — and what’s coming next.…
D
Daily Security Review
1 $25M for AI Email Security: Trustifi’s Big Bet on the MSP Market 32:00
32:00 Play Later Play Later Lists Like Liked32:00
Play Later Play Later Lists Like LikedIn this episode, we dive into Trustifi’s recent $25 million Series A funding round, led by growth equity firm Camber Partners. Specializing in AI-powered email security, Trustifi has now raised a total of $29 million to accelerate its product development, go-to-market strategy, and global marketing initiatives—especially in the MSP space. We unpack what makes Trustifi’s platform stand out in a crowded cybersecurity market, from AI-driven threat detection and seamless Microsoft 365/Google Workspace integration to outbound encryption policies and account takeover protection. We also explore Camber Partners’ investment thesis and how their operational expertise is poised to help Trustifi scale. With CEO Rom Hendler’s roadmap and a growing need for intelligent, adaptable email security solutions, Trustifi is positioning itself at the intersection of AI innovation and rising cybersecurity threats. Tune in to learn how this funding round signals more than growth—it marks a strategic shift in how businesses protect their communications.…
D
Daily Security Review
1 Google Chrome vs. Failing CAs: The Policy Behind the Distrust 55:25
55:25 Play Later Play Later Lists Like Liked55:25
Play Later Play Later Lists Like LikedIn this episode, we dissect Google's recent and upcoming decisions to distrust several Certificate Authorities (CAs) within the Chrome Root Store, including Entrust, Chunghwa Telecom, and Netlock. These high-impact moves are rooted in Chrome's strict enforcement of compliance, transparency, and security standards for public trust. We explore the role of the Chrome Root Store and Certificate Verifier, the timeline and technical specifics of the CA distrust actions taking effect in November 2024 and August 2025, and the broader implications for enterprises and the Web Public Key Infrastructure (WebPKI). You'll hear how these changes affect certificate validation, enterprise overrides, and post-quantum cryptographic readiness. We also examine what these actions signal for the future of digital trust, CA accountability, and browser power dynamics. Tune in to understand how Chrome’s decisions are reshaping the rules of HTTPS trust and what enterprises must do now to stay ahead of disruptions.…
D
Daily Security Review
1 CVE-2025-48827 & 48828: How vBulletin’s API and Template Engine Got Weaponized 1:35:55
1:35:55 Play Later Play Later Lists Like Liked1:35:55
Play Later Play Later Lists Like LikedTwo critical, actively exploited vulnerabilities in vBulletin forum software— CVE-2025-48827 and CVE-2025-48828 —have put thousands of websites at immediate risk of full system compromise. In this episode, we dissect how these flaws, triggered by insecure usage of PHP’s Reflection API and abuse of vBulletin’s template engine, allow unauthenticated attackers to execute arbitrary PHP code and gain remote shell access. We’ll break down the exploit chain, from protected method invocation via malformed API calls to injection of malicious conditionals, enabling full Remote Code Execution (RCE) in vulnerable versions of vBulletin running PHP 8.1 or later. You’ll learn how attackers are currently weaponizing these bugs in the wild—leveraging public exploit code and scanning endpoints like /ajax/api/ad/replaceAdTemplate to plant backdoors. We also cover: Patch levels and which versions are safe (hint: upgrade to v6.1.1 now) Temporary mitigations for legacy vBulletin deployments IOC monitoring, containment strategies, and threat hunting advice Why dynamic method invocation should never be your access control boundary Lessons for developers and sysadmins on avoiding similar reflection-based pitfalls Whether you run a vBulletin forum or just want to understand the anatomy of a modern web RCE exploit, this episode is your front-row seat to one of 2025’s most serious application-layer vulnerabilities.…
D
Daily Security Review
1 JINX-0132: How Cryptojackers Hijacked DevOps Infrastructure via Nomad and Docker 1:07:22
1:07:22 Play Later Play Later Lists Like Liked1:07:22
Play Later Play Later Lists Like LikedIn this episode, we dissect the JINX-0132 cryptojacking campaign — a real-world example of how threat actors are exploiting cloud and DevOps environments to mine cryptocurrency at scale. We unpack how cybercriminals targeted misconfigured Docker APIs, publicly exposed HashiCorp Nomad and Consul servers, and vulnerable Gitea instances — turning enterprise-grade compute resources into crypto-mining farms, all while staying under the radar. This campaign marks the first publicly documented exploitation of HashiCorp Nomad in the wild. We discuss: How attackers used XMRig, cron jobs, and process-hiding tools to persist and evade detection The impact of misconfiguration and unpatched vulnerabilities in fast-moving DevOps workflows The financial and operational cost of unauthorized crypto mining in the cloud The role of DevSecOps in preventing these attacks, with actionable recommendations for securing your containers and runtimes Key practices to “shift left” and catch security flaws early in the software development lifecycle Why Cloud Workload Protection Platforms (CWPP) are becoming essential in defending modern cloud-native environments We also highlight best practices for hardening Docker images, avoiding privileged containers, monitoring system behavior, and responding to incidents with speed and precision.…
D
Daily Security Review
1 Password Hashes Leaked via Linux Crash Handlers: The Truth Behind CVE-2025-5054 & 4598 16:11
16:11 Play Later Play Later Lists Like Liked16:11
Play Later Play Later Lists Like LikedIn this episode, we unpack two newly disclosed Linux vulnerabilities—CVE-2025-5054 and CVE-2025-4598—discovered by the Qualys Threat Research Unit (TRU). These race condition flaws impact Ubuntu’s apport and Red Hat/Fedora’s systemd-coredump , exposing a little-known but critical attack vector: core dumps from crashed SUID programs. We dive into how these TOCTOU (Time-of-Check to Time-of-Use) race conditions let local attackers manipulate system timing to trick crash handlers into leaking sensitive data. While the CVSS score is a moderate 4.7, the implications are serious—core dumps can contain password hashes, encryption keys, or proprietary data from privileged processes. Join us as we discuss how the vulnerabilities work, which Linux distributions are affected, and how administrators can apply patches or disable SUID core dumps as a temporary fix. We also explore what this means for system hardening, local threat models, and the often-overlooked risk posed by debugging and crash-reporting tools.…
D
Daily Security Review
1 Multi-Stage Phishing Attacks Now Use Google Infrastructure—Here’s How 13:51
13:51 Play Later Play Later Lists Like Liked13:51
Play Later Play Later Lists Like LikedRecent phishing campaigns have entered a new phase—one where trust is weaponized. In this episode, we break down how cybercriminals are exploiting legitimate services like Google Apps Script and Google Firebase Storage to host phishing pages, evade detection, and steal credentials. Using cleverly crafted lures such as fake DocuSign notifications, invoice alerts, and even deceptive CAPTCHA prompts, these attackers are bypassing traditional email and web filters by operating under the guise of reputable platforms. We’ll dive into specific attack techniques, including multi-stage payload delivery using VBScript, clipboard hijacking with fake MP3 files, and the deployment of tools like NetBird and OpenSSH for persistent access. We’ll also explore the rise of Phishing-as-a-Service kits like Haozi that lower the barrier for launching these sophisticated campaigns. Finally, we cover key mitigation strategies—from detection platforms to user education—that organizations can adopt to stay ahead of these evolving threats. This episode is a must-listen for IT professionals, CISOs, and anyone tasked with defending against phishing and social engineering attacks in today’s high-trust, high-risk digital landscape.…
D
Daily Security Review
1 Inside the AVCheck Takedown: How Law Enforcement Disrupted a Key Cybercrime Tool 17:34
17:34 Play Later Play Later Lists Like Liked17:34
Play Later Play Later Lists Like LikedIn this episode, we unpack the international takedown of AVCheck, one of the largest counter antivirus (CAV) services used by cybercriminals to test and fine-tune malware before deployment. Led by Dutch authorities and supported by agencies from the U.S., Germany, France, and others, this operation marks a major win in Operation Endgame—a sweeping initiative targeting malware infrastructure, ransomware syndicates, and initial access brokers. AVCheck enabled attackers to simulate antivirus scans and ensure their payloads were virtually undetectable, making it a cornerstone of the modern malware development cycle. Authorities seized domains, servers, and a rich database of user information, some of which links AVCheck directly to notorious ransomware groups. The same investigation also exposed ties between AVCheck and crypting services like Cryptor.biz and Crypt.guru, underscoring how deeply integrated these dark web services are. We also explore the implications of this crackdown: how disrupting enabler services like AVCheck may prevent future cyberattacks, why ransomware groups are now shifting tactics—including potentially more violent threats—and what comes next as cybercriminals adapt. From undercover ops to fake login traps and forensic analysis, this episode covers the full scope of the AVCheck takedown and its impact on global cybercrime.…
D
Daily Security Review
1 ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect 15:06
15:06 Play Later Play Later Lists Like Liked15:06
Play Later Play Later Lists Like LikedConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to a sophisticated nation-state actor and linked to CVE-2025-3935, a critical ViewState code injection vulnerability that could allow Remote Code Execution (RCE). In this episode, we dissect what happened, why it matters, and what MSPs need to do right now. We cover the technical details behind CVE-2025-3935, including how attackers exploit machine keys to execute malicious payloads on vulnerable servers. You'll hear what ConnectWise has—and hasn't—shared publicly, why their communication is frustrating some users, and why many believe the impact might be broader than officially stated. We also examine the bigger picture: What does this mean for cybersecurity in the MSP ecosystem? How prepared are we for nation-state-level threats? And how can organizations improve patch management and incident response before the next zero-day is weaponized? Whether you're an MSP, a CISO, or an IT admin responsible for remote access tools, this is a breach you can’t afford to ignore. Tune in for expert analysis, community reactions, and actionable insights on securing your infrastructure.…
D
Daily Security Review
1 Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers 14:10
14:10 Play Later Play Later Lists Like Liked14:10
Play Later Play Later Lists Like LikedIn this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went wrong, we review reports from across the web detailing how the update wreaked havoc for Windows users running NVIDIA graphics cards—particularly those with multi-monitor setups using mixed refresh rates. We discuss the symptoms users experienced: severe flickering, video playback issues, and flashing web pages that rendered the browser unusable for many. We explore the underlying technical culprit—Firefox’s use of Windows DirectComposition surfaces instead of swapchains—and how this specific implementation conflicted with certain NVIDIA driver configurations. You'll also hear how Mozilla responded, from recommending a manual workaround through about:config, to issuing a rapid emergency update (version 139.0.1) that restored a blocklist to prevent the artifacts. We reflect on how this incident highlights the fragile intersection of GPU drivers, OS-level composition tools, and browser rendering pipelines. If you're running a multi-monitor rig with NVIDIA GPUs—or just interested in how complex modern browser rendering really is—this episode breaks it all down and explains how Mozilla handled a potentially reputation-damaging bug with transparency and speed.…
D
Daily Security Review
1 Unbound Raises $4M to Secure Generative AI in the Enterprise 20:08
20:08 Play Later Play Later Lists Like Liked20:08
Play Later Play Later Lists Like LikedIn this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in enterprise AI: how to stop employees from leaking sensitive data through ungoverned use of Generative AI tools. Unbound’s AI Gateway aims to be the missing link between rapid AI adoption and responsible usage—offering real-time redaction of sensitive prompts, intelligent model routing, and deep usage analytics. With early adopters already preventing thousands of data leaks and cutting AI costs by up to 70%, investors are betting big on governance infrastructure as the next AI gold rush. We discuss why Unbound’s funding isn’t just another startup headline—it’s a signal that AI governance is no longer optional. As companies like Sony suffer from preventable data exposures and shadow AI runs rampant inside enterprises, this episode explores how and why AI Gateways are poised to become a foundational layer of enterprise architecture.…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Daily Security Review
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Python Bytes is a weekly podcast hosted by Michael Kennedy and Brian Okken. The show is a short discussion on the headlines and noteworthy news in the Python, developer, and data science space.
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
