Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
Checked 2d ago
Added fifteen weeks ago
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Daily Security Review
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Podcasts Worth a Listen
SPONSORED
W
We Have The Receipts
1 Battle Camp S1: Reality Rivalries with Dana Moon & QT 1:00:36
1:00:36 
Play Later 
Play Later 
Lists 
Like 
Liked1:00:36
Play Later
Play Later
Lists
Like
LikedDo you have fond childhood memories of summer camp? For a chance at $250,000, campers must compete in a series of summer camp-themed challenges to prove that they are unbeatable, unhateable, and unbreakable. Host Chris Burns is joined by the multi-talented comedian Dana Moon to recap the first five episodes of season one of Battle Camp . Plus, Quori-Tyler (aka QT) joins the podcast to dish on the camp gossip, team dynamics, and the Watson to her Sherlock Holmes. Leave us a voice message at www.speakpipe.com/WeHaveTheReceipts Text us at (929) 487-3621 DM Chris @FatCarrieBradshaw on Instagram Follow We Have The Receipts wherever you listen, so you never miss an episode. Listen to more from Netflix Podcasts.…
Hard-Coded Havoc: The Fatal Flaws in Planet’s Network Devices
Manage episode 479696415 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with no credentials required.
In this urgent episode, we dissect:
🔓 The 5 worst flaws (CVSS 9.3+)—from hard-coded database passwords to pre-auth command injection—discovered by Immersive Labs’ Kev Breen.
🏭 Why factories and critical infrastructure are prime targets: These switches are widely used in manufacturing, energy, and OT environments.
💻 How hackers exploit them:
- MongoDB exposed? Default creds (planet:123456) let attackers dump configs.
- Bypass auth entirely with a malformed URL parameter (/dispatcher.cgi?cmd=532&ip_URL=;).
- Intercept device communications due to hard-coded keys.
🛡️ CISA’s emergency advisory (ICSA-25-114-06)—and why patching WGS, NMS, and UNI-NMS devices is non-negotiable.
🔍 The researcher’s journey: How a home lab, firmware analysis, and a lucky accident uncovered these flaws.
If your network relies on Planet Technology switches, this episode is a wake-up call. Tune in before attackers beat you to the patch.
81 episodes
ShareManage episode 479696415 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
A wave of critical vulnerabilities in Planet Technology’s industrial switches and network management systems could let attackers hijack devices, steal data, and sabotage industrial networks—with no credentials required.
In this urgent episode, we dissect:
🔓 The 5 worst flaws (CVSS 9.3+)—from hard-coded database passwords to pre-auth command injection—discovered by Immersive Labs’ Kev Breen.
🏭 Why factories and critical infrastructure are prime targets: These switches are widely used in manufacturing, energy, and OT environments.
💻 How hackers exploit them:
- MongoDB exposed? Default creds (planet:123456) let attackers dump configs.
- Bypass auth entirely with a malformed URL parameter (/dispatcher.cgi?cmd=532&ip_URL=;).
- Intercept device communications due to hard-coded keys.
🛡️ CISA’s emergency advisory (ICSA-25-114-06)—and why patching WGS, NMS, and UNI-NMS devices is non-negotiable.
🔍 The researcher’s journey: How a home lab, firmware analysis, and a lucky accident uncovered these flaws.
If your network relies on Planet Technology switches, this episode is a wake-up call. Tune in before attackers beat you to the patch.
81 episodes
All episodes
×
D
Daily Security Review
1 Chrome's New Vulnerability CVE-2025-4664: A Security Flaw That Can Lead to Account Takeover 9:19
9:19 Play Later Play Later Lists Like Liked9:19
Play Later Play Later Lists Like LikedIn this episode, we take an in-depth look at the newly discovered CVE-2025-4664 vulnerability in Google Chrome’s Loader component. This high-severity security flaw is affecting not only Chrome but also other Chromium-based browsers, including Microsoft Edge, Brave, Opera, and Vivaldi. The issue lies in insufficient policy enforcement within the browser’s Loader, enabling attackers to manipulate the referrer-policy and leak sensitive cross-origin data, potentially leading to full account takeovers. We discuss the technical details of the exploit, focusing on how attackers leverage the Link header to set the referrer-policy to unsafe-url, thus capturing full URLs with sensitive query parameters, such as OAuth tokens and session identifiers. These parameters, once intercepted, can give attackers unauthorized access to user accounts. The podcast also addresses the confirmed existence of active exploits "in the wild" and why immediate patching is crucial, particularly after Google’s emergency update for Chrome. With CVE-2025-4664 now included in CISA’s Known Exploited Vulnerabilities Catalog, the urgency of addressing this issue becomes even more pressing. We will also cover recommended mitigation strategies, including the need for secure HTTP headers, real-time traffic monitoring, and third-party resource audits to prevent exploitation attempts. Join us as we break down this critical vulnerability and provide actionable advice on how to stay secure in light of CVE-2025-4664.…
D
Daily Security Review
1 Scattered Spider Targets UK and US Retailers: The Growing Threat to Major Brands 11:52
11:52 Play Later Play Later Lists Like Liked11:52
Play Later Play Later Lists Like LikedIn this episode, we dive deep into the recent wave of cyberattacks plaguing major UK retailers such as Marks & Spencer, Co-op, and Harrods, with a special focus on the threat group behind them: Scattered Spider (also known as UNC3944, Muddled Libra, and several other aliases). We'll explore how this loosely coordinated cybercriminal group has expanded its operations from targeting casinos to now focusing on the retail sector, including a growing presence in the US market. Scattered Spider’s unique blend of sophisticated social engineering tactics, including vishing, phishing, and MFA bypass strategies, has made them a formidable threat to retailers worldwide. Their use of the DragonForce ransomware—aimed at encrypting critical systems—has already disrupted operations, with significant impacts on M&S and Co-op, from stolen customer data to operational shutdowns. We'll also discuss the group's evolving tactics, such as rapid phishing domain rotation and "Rickrolling" as a means of evading detection, as well as their ability to operate even after arrests in late 2024. With retail under constant threat, we’ll highlight expert recommendations for bolstering defenses, from strengthening IT help desk protocols to improving MFA and phishing detection systems. Join us for a critical analysis of how Scattered Spider is reshaping the landscape of cybersecurity threats in retail and how organizations can take action to prevent falling victim to these increasingly sophisticated attacks.…
D
Daily Security Review
1 Proofpoint Acquires Hornetsecurity for $1B: A New Era in Microsoft 365 Security 10:18
10:18 Play Later Play Later Lists Like Liked10:18
Play Later Play Later Lists Like LikedIn a major move within the cybersecurity space, Proofpoint has announced the acquisition of Hornetsecurity for over $1 billion. This deal significantly strengthens Proofpoint’s foothold in Microsoft 365 security, while expanding its reach into the small and mid-sized business (SMB) market through Hornetsecurity’s extensive network of managed service providers (MSPs) in Europe. In today’s episode, we break down how this acquisition enhances Proofpoint’s portfolio of AI-powered security solutions, including Hornetsecurity’s flagship product, 365 Total Protection. We dive into the strategic impact on SMBs and MSPs, explore the growing need for human-centric security, and discuss how this acquisition sets Proofpoint up for dominance in the Microsoft 365 security space. Plus, we analyze the ongoing trend of consolidation in the cybersecurity industry and what it means for the future of cybersecurity innovation.…
D
Daily Security Review
1 Exploited in the Wild: SAP NetWeaver Zero-Days Hit Fortune 500 22:55
22:55 Play Later Play Later Lists Like Liked22:55
Play Later Play Later Lists Like LikedIn this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. Threat actors have been leveraging these flaws since January 2025 to gain unauthenticated access, upload malicious web shells, and ultimately achieve remote code execution by chaining an insecure deserialization bug. With over 2,000 vulnerable SAP NetWeaver servers exposed online—including deployments at more than 20 Fortune 500 and Global 500 companies—the impact is massive. We break down how the attack chain works, the tools being deployed (like Brute Ratel), and what this says about modern supply chain security. We also examine the role of Chinese threat actor Chaya_004 and the response from the U.S. government, including CISA’s mandate for federal agencies to patch by May 20. Plus, we discuss SAP’s mitigation guidance and the broader implications of enterprise software zero-days in an increasingly hostile cyber threat landscape. Tune in to understand why this campaign could be one of the most consequential enterprise breaches of 2025—and what security teams must do now.…
D
Daily Security Review
1 Checkout Chaos: Inside the £3.5 Million-a-Day M&S Cyber-Shutdown 16:19
16:19 Play Later Play Later Lists Like Liked16:19
Play Later Play Later Lists Like LikedThe recent ransomware attack on Marks & Spencer (M&S) is a sobering example of the evolving cyber threat landscape confronting the retail industry. In this episode, we unpack how one of the UK's most iconic retailers fell victim to a sophisticated cybercriminal group known as Scattered Spider. This group, recognized for its advanced social engineering tactics, reportedly infiltrated M&S systems, stole customer data, and encrypted critical VMware ESXi infrastructure—disrupting store operations, wiping out millions in online revenue, and shaking investor confidence. We dive deep into how threat actors like Scattered Spider gain initial access—leveraging phishing, SIM swapping, MFA fatigue, and vishing—to breach even mature IT environments. The attackers exploited Active Directory and targeted virtual infrastructure, maximizing both disruption and ransom leverage. We also explore the anatomy of modern ransomware campaigns and how social engineering remains the single most effective tool in a hacker’s playbook. Beyond the breach, we discuss why retail is now the fourth most targeted sector, what technical and organizational defenses could have prevented this, and the regulatory consequences businesses face after a data leak. From the need for modern Active Directory security to the importance of incident response and breach notification protocols, this episode offers a comprehensive analysis—and practical takeaways—for CISOs, IT leaders, and security professionals across all industries.…
D
Daily Security Review
1 Targeted iOS Attacks: The Zero-Days Apple Had to Patch Fast 10:09
10:09 Play Later Play Later Lists Like Liked10:09
Play Later Play Later Lists Like LikedIn this episode, we break down Apple’s massive May 2025 security update blitz—a sweeping patch release that spanned iOS, macOS, iPadOS, tvOS, visionOS, and watchOS. The urgency? Two zero-day vulnerabilities, CVE-2025-31200 (Core Audio) and CVE-2025-31201 (Core Media), were already under active exploitation in what experts are calling “extremely sophisticated, targeted attacks.” We’ll dig into the technical details of these zero-days, explore who might be behind the attacks, and explain how they allowed malicious audio and media files to potentially execute arbitrary code on unpatched Apple devices. Beyond the zero-days, Apple’s updates patched over 30 serious vulnerabilities affecting components such as WebKit, CoreGraphics, AirDrop, and the Kernel. We’ll also examine new revelations: A side-channel attack dubbed SysBumps that bypasses kernel-level protections on Apple Silicon Macs Security enhancements in the Notes app aimed at preventing unauthorized access And the first-ever security update for Apple’s C1 modem—a possible sign of increasing focus on baseband-level threats. We also spotlight the researchers and red teams from around the world—including India, Korea, and China—whose findings were acknowledged in Apple’s advisories. If you're an Apple user, security analyst, or IT admin, this is a critical episode: we’ll tell you what’s been patched, what’s still concerning, and what you should do next.…
D
Daily Security Review
1 Texas vs Google: The $1.4 Billion Wake-Up Call for Data Privacy Violations 10:35
10:35 Play Later Play Later Lists Like Liked10:35
Play Later Play Later Lists Like LikedIn this episode, we unpack the groundbreaking $1.4 billion privacy settlement between Google and the state of Texas—now the largest of its kind in U.S. history. This isn't just about numbers; it's about how data privacy enforcement is shifting dramatically at the state level in the absence of federal legislation. We dive deep into the Texas Capture or Use of Biometric Identifier Act (CUBI), the cornerstone of this case, and explain how it mandates informed consent before companies can collect biometric data like voiceprints and facial geometry. You'll learn how Google’s alleged misuse of biometric data—combined with misleading claims about browser "incognito mode"—landed it in legal hot water. We also explore the growing global trend toward comprehensive data protection laws, including new regulations in India, Vietnam, and the Middle East, and how U.S. states are stepping in to fill the federal privacy gap. And if you've ever relied on "private browsing" for anonymity, think again—this episode reveals what incognito mode does and doesn’t protect you from. From biometric surveillance to browser misconceptions, we break down what this settlement means for consumers, companies, and the future of data governance—and why Texas has become the unlikely champion of digital privacy enforcement.…
D
Daily Security Review
1 Marbled Dust's Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces 9:40
9:40 Play Later Play Later Lists Like Liked9:40
Play Later Play Later Lists Like LikedIn April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the Output Messenger platform—a self-hosted enterprise chat application. This vulnerability (CVE-2025-27920) resides in the Output Messenger Server Manager and allows attackers to upload malicious files, such as GoLang-based backdoors, facilitating extensive data exfiltration. The primary targets of this campaign are individuals and entities affiliated with the Kurdish military in Iraq, aligning with Marbled Dust's ongoing geopolitical focus. This podcast dives deep into the technical aspects of the attack, which begins with authenticated access to the vulnerable Output Messenger platform. Once inside, the threat actors exploit the directory traversal flaw to upload malicious scripts to the system’s startup folder, ensuring persistence through GoLang backdoors. We’ll explore how the group's new capabilities represent a shift in their technical prowess—signifying a departure from their prior reliance on known vulnerabilities and DNS manipulation to the use of a true zero-day exploit. We will also break down the security implications of such attacks, shedding light on the criticality of regular software patching, especially for enterprise applications that may not be as heavily scrutinized as other more popular platforms. The podcast will also cover Marbled Dust’s historical tactics, their continued evolution, and the need for enhanced security practices—especially in regions with high geopolitical stakes like the Middle East. How can organizations better secure their internal messaging systems and implement the necessary countermeasures? Tune in to get the full analysis and recommendations for defending against such sophisticated cyber espionage tactics.…
D
Daily Security Review
1 TeleMessage Exploit: Inside the Messaging Flaw That Hit Coinbase and CBP 14:14
14:14 Play Later Play Later Lists Like Liked14:14
Play Later Play Later Lists Like LikedIn this episode, we dissect CVE-2025-47729, a critical vulnerability in TeleMessage , a message archiving app recently thrust into the spotlight due to its use by former National Security Advisor Mike Waltz. Following Waltz’s controversial tenure—marked by the "Signalgate" leak and the subsequent appearance of TeleMessage on his phone—researchers uncovered a major flaw: a lack of end-to-end encryption between the app and its archive server. Hackers have exploited this flaw in the wild, accessing unencrypted chat logs—including internal communications from Coinbase and a list of Customs and Border Protection employees. The breach has raised red flags at the federal level, with CISA adding CVE-2025-47729 to its Known Exploited Vulnerabilities (KEV) catalog, mandating urgent action from federal agencies. We explore: How TeleMessage works and why it was adopted in sensitive government contexts What independent code analysis revealed about its flawed encryption model What was stolen—and what wasn’t—in the confirmed breaches Smarsh’s response and the suspension of TeleMessage services Why CISA is effectively advising users to stop using the app altogether Whether you’re in cybersecurity, compliance, or just concerned about how message archiving can become a liability, this episode lays out the facts—and the failures—behind the latest messaging app security scandal.…
D
Daily Security Review
1 Backdoored by ‘Cheap’ AI: How Fake npm Packages Compromised Cursor IDE 25:18
25:18 Play Later Play Later Lists Like Liked25:18
Play Later Play Later Lists Like LikedA new supply chain attack has emerged—this time targeting macOS users of the Cursor AI code editor through rogue npm packages. In this episode, we break down how threat actors published malicious modules—sw-cur, sw-cur1, and aiide-cur—promising cheap access to Cursor's AI features. Once installed, these packages function as backdoors, stealing credentials, modifying critical application files like main.js, disabling updates, and granting persistent remote access. We’ll discuss how the attackers used social engineering tactics around “cost savings” to compromise trust, the technical breakdown of the malware’s behavior, and what this means for developers and enterprises relying on modern IDEs. With over 3,200 downloads before detection, this campaign represents a significant escalation in supply chain threats. Join us as we explore: The mechanics of the backdoor and how persistence was achieved The risks of lateral movement in enterprise CI/CD environments What this attack says about the future of developer-focused malware Real-world remediation steps and how to protect your development environments Whether you're a developer, CISO, or security researcher, this episode will give you a sharp look into a growing and deeply concerning attack vector.…
D
Daily Security Review
1 160,000 Victims Later: The Aspire USA Breach Under Valsoft’s Watch 9:23
9:23 Play Later Play Later Lists Like Liked9:23
Play Later Play Later Lists Like LikedIn this episode, we break down the February 2025 data breach that hit Valsoft Corporation, operating under the name AllTrust, through its subsidiary Aspire USA. Over 160,000 individuals are potentially impacted, with exposed data including Social Security numbers, driver’s license information, and financial account details. We explore how the breach unfolded over a three-day window, the steps Aspire took to interrupt an in-progress data transfer, and how long it took to notify affected individuals. We'll also examine the legal implications now facing Valsoft, including multiple law firm investigations and the potential for class action lawsuits. Additionally, we cover what this breach reveals about current cybersecurity practices in companies handling PII and how consumers can protect themselves when their data is exposed. From SOC2 compliance claims to the offer of free credit monitoring, we question whether the company’s response was adequate—or merely reactive. Was this breach preventable? And what can other companies learn from Valsoft’s handling of it? Tune in for a hard look at one of 2025’s most notable PII exposure incidents.…
D
Daily Security Review
1 rand-user-agent: The NPM Package That Opened a Backdoor 15:04
15:04 Play Later Play Later Lists Like Liked15:04
Play Later Play Later Lists Like LikedIn this episode, we break down the recent compromise of the rand-user-agent NPM package—an attack that quietly turned a once-trusted JavaScript library into a delivery mechanism for a Remote Access Trojan (RAT). The attacker exploited the package’s deprecated but still-popular status, publishing malicious versions that never appeared in the GitHub repo. We discuss how the threat actor used obfuscated code, off-screen whitespace tricks, and a Windows-specific PATH hijack to hide their RAT, which established a command-and-control (C2) channel capable of remote shell access, file uploads, and command execution. You’ll also hear how this incident fits into broader trends of CI/CD pipeline poisoning and software supply chain attacks—and what developers, security teams, and enterprises should do to avoid being the next target.…
D
Daily Security Review
1 PipeMagic, Procdump, and Privilege Escalation: Tracking the Windows CLFS Exploit Chain 19:21
19:21 Play Later Play Later Lists Like Liked19:21
Play Later Play Later Lists Like LikedA zero-day vulnerability in the Windows Common Log File System (CLFS), tracked as CVE-2025-29824 , became the center of a global cybersecurity storm when it was exploited in the wild before Microsoft patched it on April 8, 2025. In this episode, we take a deep dive into how this elevation of privilege exploit allowed attackers to gain SYSTEM-level access and deploy ransomware payloads —including the RansomEXX family —across industries and continents. We’ll break down the exploitation timeline, reveal how the PipeMagic backdoor was used as a launchpad, and analyze how attackers injected malicious payloads into Windows processes like winlogon.exe to dump credentials and maintain persistence. Our discussion also covers attribution insights, with Storm-2460 and actors associated with Play ransomware identified as users of this exploit, underscoring how the tool may have circulated in underground channels before the patch. With insights from Microsoft, Symantec, Kaspersky, and Arctic Wolf, this episode unpacks the technical mechanism , post-exploitation behavior , and defensive recommendations , including why some versions of Windows 11 were immune and what security teams should do to harden their environments moving forward. Whether you're in IT, finance, software, or retail—this episode has vital intel on defending against emerging threats in a rapidly evolving ransomware landscape.…
D
Daily Security Review
1 Pegasus Spyware, WhatsApp v. NSO Group, and the Global Battle for Data Privacy 21:26
21:26 Play Later Play Later Lists Like Liked21:26
Play Later Play Later Lists Like LikedIn this episode, we dive deep into the legal, technical, and geopolitical implications of the U.S. court ruling in WhatsApp v. NSO Group —a landmark case in the global effort to hold spyware developers accountable. The conversation unpacks the court’s decision to award over $167 million in damages to WhatsApp for the unauthorized deployment of Pegasus spyware, highlighting violations of anti-hacking laws and terms of service. We explore how this ruling may impact the resilience of the commercial spyware industry, the potential chilling effect on investors, and the mounting legal pressures facing firms like NSO Group. We also examine the complexities of asserting jurisdiction in cross-border cyber cases, and why evidentiary sanctions—rather than clear precedents—still leave significant gaps in regulating spyware abuse. Beyond the courtroom, we discuss Pegasus's widespread reported use by state actors against journalists, activists, and political figures, and the serious human rights concerns this raises. The episode also connects the dots between spyware and the broader cybersecurity threat landscape, from ransomware to state-sponsored APT groups. Finally, we zoom in on the global regulatory response, spotlighting Indonesia’s newly enacted Personal Data Protection Law and how such frameworks are emerging worldwide to govern digital surveillance, data transfers, and privacy rights. This episode provides critical insight into how law, technology, and human rights intersect in the age of digital surveillance—and what’s next for global cybersecurity policy.…
D
Daily Security Review
1 How CodeAnt AI is Automating Code Reviews for 50+ Dev Teams 17:37
17:37 Play Later Play Later Lists Like Liked17:37
Play Later Play Later Lists Like LikedAI tools are generating more code than ever — but who’s reviewing it? In this episode, we spotlight CodeAnt AI, the fast-growing platform built to solve the growing code review bottleneck created by AI-assisted development. You’ll learn how CodeAnt AI: Cuts review time and post-deployment bugs by over 50% Uses a proprietary language-agnostic AST engine to analyze 30+ programming languages Powers one-click security and quality fixes for Fortune 1000 dev teams Offers on-prem deployment for security-sensitive organizations Secured $2M in funding and a $20M valuation with backing from Y Combinator and others We also break down the core components of software code quality—readability, maintainability, reliability, efficiency, and security—and how AI is changing how enterprises scale development. If you're serious about faster, more secure code delivery, this episode is a must-listen.…
D
Daily Security Review
1 The Langflow Breach: How a Popular AI Tool Opened the Door to Hackers 13:22
13:22 Play Later Play Later Lists Like Liked13:22
Play Later Play Later Lists Like LikedA newly disclosed zero-day vulnerability, CVE-2025-3248, is being actively exploited in the wild—and it's targeting Langflow, a popular open-source framework for building AI-powered applications. In this episode, we unpack how a missing authentication check in the /api/v1/validate/code endpoint allowed remote attackers to run arbitrary code on unpatched servers. With a critical CVSS score of 9.8 and confirmation from CISA's Known Exploited Vulnerabilities Catalog, this flaw has serious implications for organizations using versions prior to 1.3.0. We explore the technical mechanics behind the exploit—including abuse of Python decorators and default arguments—and highlight evidence of real-world attacks detected by honeypots and TOR-sourced payloads. Whether you're running Langflow or managing open-source AI tools, this is a wake-up call for patching, hardening, and reassessing how you expose development platforms to the internet. Stay ahead of the threat. Tune in now to learn what went wrong, what’s being done, and what you can do to protect your infrastructure.…
D
Daily Security Review
1 Mirai Reloaded: Why CVE-2024-7399 Still Haunts Samsung Servers 14:26
14:26 Play Later Play Later Lists Like Liked14:26
Play Later Play Later Lists Like LikedIn this episode, we break down the active exploitation of CVE-2024-7399, a critical path traversal and arbitrary file upload vulnerability in Samsung MagicINFO 9 Server. Despite a patch released in August 2024 (version 21.1050 and later), many systems remain exposed — and threat actors are taking full advantage. We explore how attackers are exploiting this flaw to gain system-level access, upload malicious .jsp files, and deploy Mirai botnet variants. You'll hear insights from key cybersecurity sources including Arctic Wolf, The Hacker News, and the Internet Storm Center, who confirm widespread targeting of unpatched MagicINFO servers. Listeners will learn about: How the vulnerability works and why it’s dangerous The tactics used to upload and execute botnet scripts The real-world impact of compromised digital signage networks Why patching, access controls, and secure file handling are critical for IoT and CMS systems Whether you're an infosec pro, IT admin, or digital signage operator, this episode delivers everything you need to know about CVE-2024-7399, its implications, and how to stay protected in an increasingly botnet-riddled world.…
D
Daily Security Review
1 CVE-2025-31324: A Critical SAP Zero-Day in Active Exploitation 12:13
12:13 Play Later Play Later Lists Like Liked12:13
Play Later Play Later Lists Like LikedA critical zero-day vulnerability — CVE-2025-31324 — is shaking the enterprise tech world. In this episode, we dive deep into the alarming exploit targeting SAP NetWeaver Java systems, specifically the Visual Composer component, now under active attack. This vulnerability enables unauthorized file uploads, which attackers are using to deploy webshells, cryptominers (like XMRig), and potential infostealers. Threat actors are already exploiting this flaw in the wild, as confirmed by leading cybersecurity firms and SAP itself. You’ll hear: How attackers are weaponizing CVE-2025-31324 for remote code execution Real-world attack activity detected as early as April 26, 2025 Tools and indicators of compromise (IOCs) released by SAP, Onapsis, Mandiant, Pathlock, and WithSecure What defenders need to do right now to patch or mitigate Why experts expect a second wave of attacks, as exploit code circulates publicly We also cover: The CVSS 10.0 criticality score and what it means How attackers are using Living Off the Land (LOL) techniques, such as certutil, for lateral movement SAP’s emergency patch (Note #3594142) and temporary mitigation strategies If your organization uses SAP, this is must-listen content. Even if it doesn’t, this episode is a masterclass in how fast zero-days go from discovery to weaponization — and how defenders can keep up. 🔐 Patching isn't optional anymore — it's urgent.…
D
Daily Security Review
1 Another Day, Another Commvault Zero-Day: RCE, Path Traversal, and KEV Inclusions 12:00
12:00 Play Later Play Later Lists Like Liked12:00
Play Later Play Later Lists Like LikedIn this episode, we break down the anatomy of some of the most critical vulnerabilities threatening enterprise systems in 2025 — and the real-world attacks already exploiting them. We explore how seemingly small issues like path traversal can escalate into full remote code execution (RCE), and how threat actors are chaining vulnerabilities to bypass authentication and compromise systems. We’ll examine CVE-2025-34028 in Commvault Command Center and CVE-2025-32432 in Craft CMS, both added to CISA’s Known Exploited Vulnerabilities (KEV) catalog after confirmed in-the-wild exploitation. You'll hear how attackers are abusing unfiltered file paths, uploading malicious files, and exploiting image processing features to take control of servers — all without authentication. We also talk about the architectural reasons why arbitrary code execution (ACE) is so dangerous, how the Von Neumann model enables this class of exploits, and why input validation and patching are non-negotiable. This is a must-listen if you’re responsible for patching, monitoring, or securing web apps and core business platforms. ✅ Topics Covered: ACE vs. RCE: What’s the difference and why it matters How path traversal works and how it’s exploited Breakdown of recent Craft CMS and Commvault vulnerabilities Why chained exploits are increasing in real-world attacks CISA’s KEV catalog and what it means for your patching priorities Mitigation steps that actually work — from WAF rules to file-integrity monitoring…
D
Daily Security Review
1 Kelly Benefits Breach: What 413,000 Exposed Records Teach Us About Cybersecurity 13:31
13:31 Play Later Play Later Lists Like Liked13:31
Play Later Play Later Lists Like LikedIn this episode, we dive deep into the massive data breach at Kelly Benefits, a payroll and benefits administrator that exposed the sensitive personal data of over 413,000 individuals. We break down what happened, what data was compromised, and how the breach escalated from 32,000 initially impacted people to hundreds of thousands across the country. We also explore the broader implications of the breach: the rising threat to payroll and HR systems, the legal aftermath including class-action lawsuits, and what organizations must do to protect employee data. Drawing from official guidance by the U.S. Department of Labor, we outline 12 essential cybersecurity best practices—covering everything from risk assessments and third-party audits to multi-factor authentication and encryption protocols. Finally, we talk directly to individuals who may be affected, highlighting steps recommended by Experian for dealing with Social Security number theft, including credit freezes, fraud alerts, and identity protection tips. Whether you’re a business leader, IT professional, or concerned employee, this episode unpacks how preventable this breach was—and how your organization can avoid being next.…
D
Daily Security Review
1 $491M Budget Cut: The White House Move That Could Reshape CISA 18:57
18:57 Play Later Play Later Lists Like Liked18:57
Play Later Play Later Lists Like LikedIn this episode, we unpack the rising tensions surrounding the Cybersecurity and Infrastructure Security Agency (CISA) as it faces proposed budget cuts, looming layoffs, and growing criticism over alleged mission overreach. While CISA continues to champion its role in defending national infrastructure and guiding cyber resilience, reports of domestic speech monitoring—particularly around elections and COVID-19—have ignited political backlash and civil liberties concerns. We explore the facts behind the funding crisis, examine the claims of censorship, and consider what’s at stake for U.S. cyber defense as trust in the agency erodes. Is CISA evolving beyond its mandate, or being strategically undermined? Tune in for a deep dive into one of the most polarizing issues in national cybersecurity today.…
D
Daily Security Review
1 TikTok Fined €530M: GDPR Breach Over Data Transfers to China 20:39
20:39 Play Later Play Later Lists Like Liked20:39
Play Later Play Later Lists Like LikedThe Irish Data Protection Commission (DPC) has fined TikTok a staggering €530 million ($601 million) for violating the GDPR by transferring European user data to China without ensuring equivalent protection standards. This landmark decision marks one of the largest fines under GDPR and places a spotlight on the persistent challenge of cross-border data transfers—particularly to jurisdictions like China with divergent national security and surveillance laws. In this episode, we break down the DPC’s findings, which include TikTok’s failure to verify that Chinese legal protections matched EU standards, inadequate assessments of Chinese laws, and a lack of transparency in its privacy policies. The fine also follows TikTok’s admission in 2025 that some EEA user data was in fact stored in China—contradicting earlier statements and raising the possibility of further regulatory action. We’ll also examine TikTok’s defense, including its multi-billion-euro "Project Clover" initiative, and its warnings about the ruling’s potential implications for all global businesses operating in the EU. From privacy law to data localization, this episode explores the evolving landscape of international data governance, what this decision means for GDPR enforcement in 2025, and why every global company should be paying attention.…
D
Daily Security Review
1 Endor Labs Raises $93M to Cut AppSec Noise and Secure the Software Supply Chain 12:14
12:14 Play Later Play Later Lists Like Liked12:14
Play Later Play Later Lists Like LikedIn this episode, we explore the security challenges of the AI-driven software era and how Endor Labs is reshaping application security for the modern development landscape. With $93 million raised in an oversubscribed Series B round and 30x ARR growth in just 18 months, Endor Labs is rapidly emerging as a market leader in securing AI-generated and open-source code. We dive into the platform’s unique approach—combining SCA, SAST, Secrets Detection, CI/CD, and Container Scanning with reachability analysis and AI-powered code review. These capabilities allow Endor Labs to cut through the noise of false positives and zero in on real, architectural risks—like unauthenticated admin endpoints introduced by AI-generated code. You'll also hear how Endor Labs enables developer-friendly workflows and integrates security into the development lifecycle—turning AppSec from a bottleneck into a catalyst. We discuss their evaluation framework for open-source dependencies, the growing risks of transitive vulnerabilities, and how AI Code Governance is essential for ensuring code reliability, quality, and security at scale. Whether you're a CISO, a DevSecOps leader, or a developer navigating the AI coding wave, this episode unpacks why the future of secure software starts with smarter tools, deeper insights, and platforms purpose-built for this new era.…
D
Daily Security Review
1 CVE-2025-3928: How One Vulnerability Breached Commvault’s Azure Stack 14:03
14:03 Play Later Play Later Lists Like Liked14:03
Play Later Play Later Lists Like LikedIn this episode, we take a deep dive into CVE-2025-3928—a critical vulnerability in the Commvault Web Server that enables remote attackers to deploy and execute webshells after obtaining valid credentials. This flaw, rated 8.8 on the CVSS 3.1 scale, was exploited as a zero-day by a suspected nation-state actor in February 2025 to breach Commvault’s Azure cloud environment. We unpack how the attack unfolded, what made this vulnerability so dangerous, and why the breach didn’t impact customer backup data but still triggered major concern across the cybersecurity community. The discussion also covers how webshells work, why authenticated access was a key part of the exploit chain, and the steps Commvault took to contain and remediate the breach. You'll also learn what it means when CISA adds a CVE to its Known Exploited Vulnerabilities (KEV) catalog, and what agencies—and private enterprises—should do in response. We’ll explore Commvault’s guidance around patching, credential rotation, IP blocklists, and how Conditional Access Policies in Azure AD/Entra ID can mitigate similar attacks in the future. Finally, we’ll look at the broader implications of the incident, including the role of cybersecurity incident response planning (CSIRP) and the increasing use of zero-trust models to defend cloud workloads against sophisticated actors.…
D
Daily Security Review
1 Nova Scotia Power, a Canadian Utility, Breached: A Global Warning for Critical Infrastructure 11:46
11:46 Play Later Play Later Lists Like Liked11:46
Play Later Play Later Lists Like LikedOn April 25, 2025, Nova Scotia Power, the province’s primary electricity provider, confirmed what many suspected: a cyber incident involving unauthorized access had compromised customer data. But what looked at first like an isolated disruption is, in reality, a single node in a much broader—and much more dangerous—global pattern. In this episode, we dive deep into the Nova Scotia Power breach, exploring how attackers forced IT shutdowns, exposed personal customer data, and sparked a crisis of trust in utility providers. Was this ransomware, espionage, or reconnaissance? Why did it coincide with power instability in Spain and Portugal? And why did it happen just as the utility was seeking millions in cybersecurity funding? From Canada’s Atlantic coast to Denmark, Saudi Arabia, and the U.S., energy infrastructure is under relentless digital siege. We analyze the tactics of cybercrime groups, nation-state actors, and hacktivists who are exploiting the power sector’s deep reliance on remote access, cloud services, and third-party vendors. This is more than a tech story—it’s a national security issue. With quotes from cybersecurity experts and intelligence sources, we unravel the silent war happening behind the scenes. You’ll learn why utilities downplay these threats, how attacker motives are shifting, and why Nova Scotia may have been targeted not as a high-value asset, but as a low-friction testbed for future disruption. Because when the lights go out, the real danger might not be the darkness—it might be what we weren’t told.…
D
Daily Security Review
1 SentinelOne Discloses Ongoing Attacks by Nation-State Hackers and Ransomware Gangs 10:50
10:50 Play Later Play Later Lists Like Liked10:50
Play Later Play Later Lists Like LikedIn a rare move, SentinelOne has publicly confirmed that it is under persistent attack from nation-state threat actors and ransomware gangs. This episode breaks down their recent report detailing how these adversaries—some believed to be backed by China and North Korea—are targeting SentinelOne to gain insight into how thousands of environments are protected. We explore how these campaigns go beyond passive espionage. From elaborate social engineering to credential theft, adversaries are trying to infiltrate SentinelOne’s systems directly, including through fake job applications from North Korean IT operatives. We also discuss the implications of this disclosure: why SentinelOne chose to speak out, what it means for the rest of the cybersecurity industry, and what businesses should learn from this level of transparency. This is not just a story about cyberattacks—it’s about trust, vendor risk, and the growing reality that even the protectors need protecting.…
D
Daily Security Review
1 OpenEoX and the Future of End-of-Life Standardization in IT 12:01
12:01 Play Later Play Later Lists Like Liked12:01
Play Later Play Later Lists Like LikedIn this episode, we unpack the evolving landscape of Product Lifecycle Management (PLM) and why it's become a strategic cornerstone in modern IT environments. From conception to retirement, managing a product’s lifecycle is now about more than just operations—it's about security, compliance, innovation, and cost. We explore the critical milestones of End-of-Life (EOL) and End-of-Support (EOS)—moments where products either stop receiving updates or lose all support, including vital security patches. These transition points can expose organizations to serious cybersecurity threats and operational failures if not proactively managed. But managing them isn't easy—information is often fragmented, inconsistently defined, and scattered across vendors. Enter OpenEoX, a groundbreaking initiative led by industry giants and government stakeholders, under the OASIS Open framework. OpenEoX aims to standardize how EOL/EOS data is defined, shared, and used—offering a blueprint to reduce tech debt, enhance risk visibility, and simplify lifecycle tracking across software, hardware, and even AI models. We also spotlight lifecycle intelligence tools like ScalePad Lifecycle Manager and the Qualys Tech Debt Report, which help MSPs and enterprise IT teams track asset health, identify security gaps, and make informed upgrade decisions. If you're in IT, cybersecurity, asset management, or product development, this conversation will change the way you look at product sunsets—and how to plan for them.…
D
Daily Security Review
1 LayerX Secures $45M Total to Battle Data Leaks, One Browser at a Time 24:46
24:46 Play Later Play Later Lists Like Liked24:46
Play Later Play Later Lists Like LikedLayerX just raised another $11 million — and it’s not to build another antivirus. With $45 million in total funding, the company is betting that your browser is the most vulnerable—and most overlooked—part of your cybersecurity stack. In this episode, we explore how LayerX turns everyday browsers like Chrome and Firefox into intelligent defense agents using machine learning. Their extension monitors behavior in real time, blocks malicious extensions, prevents data leaks, and even neutralizes threats embedded in legitimate web pages. Unlike traditional security tools that miss browser-layer threats or slow users down, LayerX promises near-zero performance impact while handling risks from AI-powered phishing, SaaS misuse, and shadow IT. We dig into what makes their AI engine different, how they address growing SaaS vulnerabilities, and why securing the browser may be the key to surviving the next generation of cyberattacks. Is LayerX the new face of enterprise security? Or just the first wave in a browser-based security revolution? Tune in to find out.…
D
Daily Security Review
1 $10.5M to Fight AI-Phishing: The Rise of Pistachio’s Cybersecurity Training Platform 13:04
13:04 Play Later Play Later Lists Like Liked13:04
Play Later Play Later Lists Like LikedIn this episode, we dive into the story of Pistachio , the Norwegian cybersecurity startup that just raised $7 million in new funding—bringing its total to $10.5 million. Pistachio isn’t building another firewall or antivirus tool; it’s targeting the weakest link in most security systems: people . With AI-powered phishing attacks becoming increasingly personalized and harder to detect, Pistachio’s solution is to fight AI with AI. Their platform automates adaptive cybersecurity training and simulates attacks based on real-world tactics. By analyzing user behavior, Pistachio personalizes learning paths to teach employees how to spot scams embedded in emails, QR codes, fake browser windows, and even deepfake calls. Now used by over 600 companies across 16 countries , and running over 2 million simulations annually , Pistachio is scaling its mission to North America. We unpack how they’re using AI to deliver smarter security awareness training—and why investors are betting on them to outpace the rapidly evolving threat landscape.…
D
Daily Security Review
1 AirBorne: How a Zero-Click Bug Threatens Millions of Apple and Third-Party Devices 14:23
14:23 Play Later Play Later Lists Like Liked14:23
Play Later Play Later Lists Like LikedIn this episode, we dive deep into AirBorne — a critical set of vulnerabilities in Apple’s AirPlay protocol and SDK, recently uncovered by security researchers at Oligo. These flaws enable zero-click, wormable remote code execution (RCE) attacks across iPhones, Macs, Apple TVs, CarPlay systems, and millions of third-party devices. Even more alarming: attackers don’t need physical access or user interaction. Just a shared network. We break down how vulnerabilities like CVE-2025-24252 and CVE-2025-24132 open the door for malware to silently hop from one device to another, the risk of eavesdropping and data theft via CarPlay, and why third-party device patching could take years — if it happens at all. From local file reads to MITM attacks, join us as we explore how these AirPlay flaws became one of the most significant Apple security stories of the year, what Apple has done so far, and what users and enterprises must do to stay protected.…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Similar to Daily Security Review
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
An open show powered by community LINUX Unplugged takes the best attributes of open collaboration and turns it into a weekly show about Linux.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
