Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
Checked 2d ago
Added sixteen weeks ago
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
Similar to Daily Security Review
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Join us for a special hang stream!
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
))
Podcasts Worth a Listen
SPONSORED
<
<div class="span index">1</div> <span><a class="" data-remote="true" data-type="html" href="/series/motivational-speeches-inspiration-real-talk-with-reginald-d-motivational-speechesinspirational-stories">Motivational Speeches, Inspiration & Real Talk with Reginald D (Motivational Speeches/Inspirational Stories)</a></span>
1 Motivational Speeches, Inspiration & Real Talk with Reginald D (Motivational Speeches/Inspirational Stories)
Your Weekly Boost of Motivation and Faith-Based Inspiration! Welcome to Real Talk With Reginald D , a top-rated motivational/inspirational podcast hosted by Minister, Motivational Coach, and Motivational/Inspirational and spirituality Speaker, Reginald D. Sherman . This motivational/inspirational podcast is your go-to source for powerful motivational speeches, inspirational stories, transformative advice, and faith-based wisdom to help you overcome life’s challenges and unlock your extraordinary potential. Every Tuesday, Reginald D delivers powerful impactful motivational speeches that will motivate and inspire you on your journey. And, on Fridays, engaging inspirational interviews with dynamic guests—from CEOs and athletes to artists, activists, and everyday individuals—sharing their personal journeys of triumph, purpose, and perseverance. Each episode is packed with raw, unfiltered insights to ignite your passion, strengthen your faith, and inspire and motivate you to pursue a life of meaning and success. Real Talk With Reginald D goes beyond motivation; it’s a platform for self-discovery, empowerment, and transformation. Whether you're conquering obstacles, chasing dreams, or seeking purpose, Reginald D provides the guidance and encouragement to help you rise above and embrace the incredible potential within yourself. Why Listen? Gain weekly motivation and inspiration to conquer anything. Learn faith-based strategies for personal growth and resilience. Hear riveting motivational/inspirational stories of success and perseverance from diverse guests. Discover practical tools for creating a life filled with purpose and joy. "The only limits that exist are the ones we impose upon ourselves." — Reginald D #Motivation #motivational speeches #motivational #ChristianMotivation #MotivationalSpeaker #motivational/inspirational #inspirational
Marbled Dust's Zero-Day Exploit: Unveiling a Türkiye-linked Espionage Campaign Against Kurdish Forces
Manage episode 482554400 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the Output Messenger platform—a self-hosted enterprise chat application. This vulnerability (CVE-2025-27920) resides in the Output Messenger Server Manager and allows attackers to upload malicious files, such as GoLang-based backdoors, facilitating extensive data exfiltration. The primary targets of this campaign are individuals and entities affiliated with the Kurdish military in Iraq, aligning with Marbled Dust's ongoing geopolitical focus.
This podcast dives deep into the technical aspects of the attack, which begins with authenticated access to the vulnerable Output Messenger platform. Once inside, the threat actors exploit the directory traversal flaw to upload malicious scripts to the system’s startup folder, ensuring persistence through GoLang backdoors. We’ll explore how the group's new capabilities represent a shift in their technical prowess—signifying a departure from their prior reliance on known vulnerabilities and DNS manipulation to the use of a true zero-day exploit.
We will also break down the security implications of such attacks, shedding light on the criticality of regular software patching, especially for enterprise applications that may not be as heavily scrutinized as other more popular platforms. The podcast will also cover Marbled Dust’s historical tactics, their continued evolution, and the need for enhanced security practices—especially in regions with high geopolitical stakes like the Middle East. How can organizations better secure their internal messaging systems and implement the necessary countermeasures? Tune in to get the full analysis and recommendations for defending against such sophisticated cyber espionage tactics.
108 episodes
Share
Manage episode 482554400 series 3645080
Content provided by Daily Security Review. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Daily Security Review or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://ppacc.player.fm/legal.
In April 2024, a sophisticated cyber espionage campaign orchestrated by the Türkiye-linked hacker group, Marbled Dust, began exploiting a previously unknown zero-day vulnerability in the Output Messenger platform—a self-hosted enterprise chat application. This vulnerability (CVE-2025-27920) resides in the Output Messenger Server Manager and allows attackers to upload malicious files, such as GoLang-based backdoors, facilitating extensive data exfiltration. The primary targets of this campaign are individuals and entities affiliated with the Kurdish military in Iraq, aligning with Marbled Dust's ongoing geopolitical focus.
This podcast dives deep into the technical aspects of the attack, which begins with authenticated access to the vulnerable Output Messenger platform. Once inside, the threat actors exploit the directory traversal flaw to upload malicious scripts to the system’s startup folder, ensuring persistence through GoLang backdoors. We’ll explore how the group's new capabilities represent a shift in their technical prowess—signifying a departure from their prior reliance on known vulnerabilities and DNS manipulation to the use of a true zero-day exploit.
We will also break down the security implications of such attacks, shedding light on the criticality of regular software patching, especially for enterprise applications that may not be as heavily scrutinized as other more popular platforms. The podcast will also cover Marbled Dust’s historical tactics, their continued evolution, and the need for enhanced security practices—especially in regions with high geopolitical stakes like the Middle East. How can organizations better secure their internal messaging systems and implement the necessary countermeasures? Tune in to get the full analysis and recommendations for defending against such sophisticated cyber espionage tactics.
108 episodes
All episodes
×
D
Daily Security Review
1 ConnectWise Breach: Nation-State Exploits CVE-2025-3935 in ScreenConnect 15:06
15:06 
Play Later 
Play Later 
Lists 
Like 
Liked15:06
Play Later Play Later Lists Like LikedConnectWise has confirmed a cyberattack targeting ScreenConnect, its remote access solution used by thousands of Managed Service Providers (MSPs). The breach is reportedly tied to a sophisticated nation-state actor and linked to CVE-2025-3935, a critical ViewState code injection vulnerability that could allow Remote Code Execution (RCE). In this episode, we dissect what happened, why it matters, and what MSPs need to do right now. We cover the technical details behind CVE-2025-3935, including how attackers exploit machine keys to execute malicious payloads on vulnerable servers. You'll hear what ConnectWise has—and hasn't—shared publicly, why their communication is frustrating some users, and why many believe the impact might be broader than officially stated. We also examine the bigger picture: What does this mean for cybersecurity in the MSP ecosystem? How prepared are we for nation-state-level threats? And how can organizations improve patch management and incident response before the next zero-day is weaponized? Whether you're an MSP, a CISO, or an IT admin responsible for remote access tools, this is a breach you can’t afford to ignore. Tune in for expert analysis, community reactions, and actionable insights on securing your infrastructure.…
D
Daily Security Review
1 Browser vs. GPU: Firefox 139 Collides with NVIDIA Drivers 14:10
14:10 Play Later Play Later Lists Like Liked14:10
Play Later Play Later Lists Like LikedIn this episode, we dive into the graphical corruption saga triggered by Firefox version 139, released on May 27, 2025. Aimed at uncovering what went wrong, we review reports from across the web detailing how the update wreaked havoc for Windows users running NVIDIA graphics cards—particularly those with multi-monitor setups using mixed refresh rates. We discuss the symptoms users experienced: severe flickering, video playback issues, and flashing web pages that rendered the browser unusable for many. We explore the underlying technical culprit—Firefox’s use of Windows DirectComposition surfaces instead of swapchains—and how this specific implementation conflicted with certain NVIDIA driver configurations. You'll also hear how Mozilla responded, from recommending a manual workaround through about:config, to issuing a rapid emergency update (version 139.0.1) that restored a blocklist to prevent the artifacts. We reflect on how this incident highlights the fragile intersection of GPU drivers, OS-level composition tools, and browser rendering pipelines. If you're running a multi-monitor rig with NVIDIA GPUs—or just interested in how complex modern browser rendering really is—this episode breaks it all down and explains how Mozilla handled a potentially reputation-damaging bug with transparency and speed.…
D
Daily Security Review
1 Unbound Raises $4M to Secure Generative AI in the Enterprise 20:08
20:08 Play Later Play Later Lists Like Liked20:08
Play Later Play Later Lists Like LikedIn this episode, we break down the recent $4 million seed funding round for Unbound, a startup tackling one of the biggest unsolved problems in enterprise AI: how to stop employees from leaking sensitive data through ungoverned use of Generative AI tools. Unbound’s AI Gateway aims to be the missing link between rapid AI adoption and responsible usage—offering real-time redaction of sensitive prompts, intelligent model routing, and deep usage analytics. With early adopters already preventing thousands of data leaks and cutting AI costs by up to 70%, investors are betting big on governance infrastructure as the next AI gold rush. We discuss why Unbound’s funding isn’t just another startup headline—it’s a signal that AI governance is no longer optional. As companies like Sony suffer from preventable data exposures and shadow AI runs rampant inside enterprises, this episode explores how and why AI Gateways are poised to become a foundational layer of enterprise architecture.…
D
Daily Security Review
1 Windows Updates, Reimagined: Inside Microsoft’s Unified Orchestration Push 16:18
16:18 Play Later Play Later Lists Like Liked16:18
Play Later Play Later Lists Like LikedMicrosoft is taking direct aim at one of the biggest pain points in the Windows ecosystem: update fragmentation. In this episode, we dive deep into the details of Microsoft’s newly announced Windows-native update orchestration platform , currently in private preview. We explore how this unified infrastructure aims to centralize updates for all apps, drivers, and core OS components under the familiar Windows Update umbrella—bringing it more in line with the seamless update experiences of Android and macOS. We’ll discuss the root of the fragmentation problem, how third-party apps currently operate in silos, and the operational headaches this causes for end-users and IT administrators alike. You'll learn how the new platform works, how developers can integrate with it using WinRT APIs and PowerShell, and what benefits it promises—from better reliability and performance optimization to unified logging and smarter scheduling. We also cover critical challenges ahead, including developer adoption, concerns over user control, potential security risks, and the implications of centralizing such a crucial system function. Plus, we touch on current tools like the PSWindowsUpdate PowerShell module and platforms like Action1 that are helping bridge the update management gap today—until Microsoft’s new platform becomes mainstream. Whether you're a sysadmin, a developer, or just someone tired of juggling app update popups, this episode breaks down what’s coming and why it matters.…
D
Daily Security Review
1 Systemd as a Weapon: How PumaBot Exploits Linux Persistence 18:38
18:38 Play Later Play Later Lists Like Liked18:38
Play Later Play Later Lists Like LikedLinux systems are under siege—particularly in the world of IoT and internet-exposed servers. In this episode, we dissect PumaBot, a new GoLang-based botnet that's turning Linux IoT devices into cryptomining workhorses. We’ll break down how attackers brute-force SSH credentials, install malware disguised as legitimate services, and use systemd for stealthy persistence. We dive deep into ATT&CK technique T1501, where systemd services like redis.service or mysqI.service are hijacked or maliciously created to ensure malware survives system reboots. You'll learn how adversaries leverage GoLang’s cross-platform strengths and embed rootkits like pam_unix.so to capture credentials, all while evading detection with environment fingerprinting. We also explore the broader implications: how cryptojacking continues to rise, what SSH brute-forcing says about current security hygiene, and why IoT devices remain a weak link in enterprise infrastructure. If you manage Linux systems or deploy connected devices, this episode is your tactical briefing on the latest threats—and what to look out for before your CPU cycles are stolen for someone else's crypto wallet.…
D
Daily Security Review
1 The LexisNexis Breach: 364,000 Records Exposed via GitHub 17:22
17:22 Play Later Play Later Lists Like Liked17:22
Play Later Play Later Lists Like LikedOn December 25, 2024, while most businesses were offline, a serious data breach struck LexisNexis Risk Solutions—exposing the personal data of over 360,000 individuals. The twist? The attack vector wasn’t a direct hack, but an indirect compromise through a third-party GitHub repository. Even more concerning, the breach went undetected until April 1, 2025. In this episode, we break down the timeline, scope, and implications of the LexisNexis incident. We examine how the company’s own privacy principles—centered on accountability, security, and privacy-by-design—stack up against what actually happened. We’ll also explore: The role of third-party platforms in modern breaches Why detection delays remain a persistent issue How this breach compares with past major incidents, like Equifax and Yahoo What this means for the future of privacy frameworks and enterprise security postures As data breaches become increasingly common and complex, this case raises critical questions: Are published privacy principles enough? And what can companies do to truly align policy with practice? 🔐 Tune in to find out—and what enterprises must do to avoid being next.…
D
Daily Security Review
1 Ransomware Hits MathWorks: Week-Long Outage Disrupts Millions 12:30
12:30 Play Later Play Later Lists Like Liked12:30
Play Later Play Later Lists Like LikedOn this episode, we dissect the ransomware attack that brought MathWorks—a cornerstone software provider for engineers, scientists, and educators—to a grinding halt. The attack, which began on May 18, 2025, and was officially confirmed on May 26, crippled a wide range of customer-facing and internal systems, from MATLAB Online and ThingSpeak to license distribution and downloads. We examine the timeline of the incident, MathWorks’ response, and what services remain down or degraded even as restoration efforts continue. With over 5 million users and customers across 100,000 organizations, the outage has triggered a wave of disruptions—especially for students relying on MATLAB Online during finals week. We also explore the silence from ransomware groups, speculate on whether a ransom was paid, and discuss why this significant attack has received surprisingly little media coverage. Is MathWorks buying time behind closed doors, or is this another sign of growing sophistication among ransomware gangs? Tune in for a comprehensive breakdown of the incident, the user impact, and the broader implications in today’s escalating ransomware threat landscape.…
D
Daily Security Review
1 Zscaler Acquires Red Canary: What It Means for AI-Powered Security Operations 14:27
14:27 Play Later Play Later Lists Like Liked14:27
Play Later Play Later Lists Like LikedThe cybersecurity market is booming, projected to triple in size from $215 billion in 2025 to $697 billion by 2035. This explosive growth is being fueled by rising cyber threats, the digital transformation of global businesses, and an urgent need for advanced security operations. One of the clearest signals of this momentum? Zscaler’s acquisition of Red Canary—a leading Managed Detection and Response (MDR) provider. In this episode, we unpack Zscaler’s strategic decision to acquire Red Canary and what it reveals about the evolving cybersecurity landscape. We explore how this move reflects a broader M&A trend in the sector, where large players are aggressively acquiring innovative startups to enhance their detection capabilities and talent pool. With access to 500 billion daily data transactions via Zscaler’s Zero Trust Exchange, Red Canary is poised to supercharge its threat detection accuracy and speed. We’ll break down how MDR differs from traditional MSSPs and EDR, why it's now considered a critical service for enterprises, and how AI-driven security operations are becoming the new normal. Plus, we dive into how Zscaler’s zero trust architecture is simplifying post-acquisition integration, allowing for faster value realization with less risk. Tune in for a deep-dive look at one of the most significant cybersecurity deals of 2025—and what it means for the future of AI, MDR, and the multi-billion-dollar battle to secure the digital world.…
D
Daily Security Review
1 DragonForce Breaches MSPs via SimpleHelp Flaws: Inside CVE-2024-57726 16:47
16:47 Play Later Play Later Lists Like Liked16:47
Play Later Play Later Lists Like LikedIn this episode, we unpack a critical supply chain breach that’s rattled the cybersecurity world: the exploitation of multiple zero-day vulnerabilities in SimpleHelp Remote Support Software — most notably CVE-2024-57726, a privilege escalation flaw scored 9.9 by the NVD. Threat actors linked to the DragonForce ransomware operation and the Scattered Spider group are actively leveraging these vulnerabilities to infiltrate Managed Service Providers (MSPs), hijack their remote management infrastructure, and deploy ransomware to downstream clients. We break down how these bugs were chained to gain admin-level control, upload malicious files, steal data, and deliver double-extortion payloads. You'll hear how attackers turned SimpleHelp’s legitimate access capabilities into a mass distribution weapon — transforming a trusted MSP tool into a delivery vehicle for destruction. We also explore the role of Scattered Spider as an access broker and social engineering powerhouse, using SIM swapping, MFA fatigue, and cloud exploitation to support this campaign. We analyze real-world impact, including UK retail disruptions, and examine how delayed patching, inadequate segmentation, and poor monitoring allowed this breach to cascade across environments. Finally, we’ll share urgent mitigation steps for MSPs and enterprises using RMM software — before they become the next victim. 🔒 Whether you’re in IT security, part of an MSP, or manage remote support software, this is one episode you can't afford to miss.…
D
Daily Security Review
1 Fentanyl, Firearms, and $200M in Crypto: Dark Web Crime Meets Global Law Enforcement 13:50
13:50 Play Later Play Later Lists Like Liked13:50
Play Later Play Later Lists Like LikedThis episode dives deep into Operation RapTor, one of the largest international crackdowns on dark web crime to date. We analyze how coordinated law enforcement actions across ten countries led to the arrest of 270 individuals, the seizure of $200 million in currency and digital assets, and the dismantling of major darknet marketplaces including Incognito, Tor2Door, and Bohemia. We explore the persistence and evolution of dark web crime—how vendors are adapting by migrating to smaller, single-vendor shops, and why drug trafficking, particularly involving fentanyl, remains the dominant force in the underground digital economy. The discussion covers high-profile convictions tied to counterfeit Adderall and fentanyl-laced pills, the use of encrypted apps and cryptocurrency in laundering operations, and how criminals turn industrial pill presses into deadly enterprise tools. We also unpack the central role of cryptocurrency in enabling and concealing illicit transactions and the growing need for law enforcement expertise in digital asset tracing and seizure. Plus, we examine lesser-known areas like the counterfeit goods market on the dark web—from luxury watches to electronics—and how its makeup diverges significantly from traditional customs seizures. As global policing efforts intensify, what does the future hold for dark web marketplaces, and how can intelligence agencies, regulators, and tech experts stay ahead? Tune in as we dissect the trends, threats, and technological arms race shaping the next era of cybercrime enforcement.…
D
Daily Security Review
1 Marlboro-Chesterfield Pathology Ransomware Breach: 235,000 Patients Affected 12:27
12:27 Play Later Play Later Lists Like Liked12:27
Play Later Play Later Lists Like LikedIn this episode, we take a deep dive into the recent Marlboro-Chesterfield Pathology (MCP) ransomware attack—one of the most significant healthcare breaches of 2025. On January 16th, MCP detected unauthorized activity on its internal systems. Just days later, the SAFEPAY ransomware group claimed responsibility, posting stolen data—over 30GB of sensitive information affecting 235,911 individuals—on the dark web. We examine what data was exposed, the organization’s response, and the broader implications for cybersecurity in the healthcare sector. From PII and PHI leakage to the potential legal fallout and reputational damage, this breach underscores persistent vulnerabilities in outdated infrastructure, third-party integrations, and underfunded security protocols. We also explore the critical role of the Cybersecurity and Infrastructure Security Agency (CISA), how organizations can adopt “secure by design” principles, and what proactive steps healthcare providers can take to protect their patients and operations. Was a ransom paid? What lessons can other providers learn from this breach? Tune in to find out.…
D
Daily Security Review
1 How Infostealers Like Stealc Use TikTok Accounts to Exfiltrate Stolen Data 22:54
22:54 Play Later Play Later Lists Like Liked22:54
Play Later Play Later Lists Like LikedIn this episode, we dive deep into the underground cybercrime ecosystem powering the surge of modern infostealers—Stealc, Vidar, and LummaC2. These malware strains aren't just code—they're full-service products sold as Malware-as-a-Service (MaaS), giving even low-skilled attackers access to powerful data theft tools. We break down how these stealers are delivered through clever deception tactics like ClickFix, which uses fake pop-ups on shady streaming sites to trick users into pasting malicious PowerShell commands. We also explore drive-by downloads masquerading as cracked software and how attackers abuse legitimate tools like mshta and PowerShell to silently deploy and persist infostealers on victim machines. From obfuscation techniques that thwart static analysis to the use of browser-based panels that manage infections and exfiltrated data, we reveal how these stealers target everything from browser credentials to cryptocurrency wallets and messaging apps. We’ll also unpack the advanced persistence methods and evasion techniques being deployed—including anti-VM checks, script encoding, and dynamic WinAPI loading. With new variants like Stealc V2 introducing MSI-based payloads, streamlined C2 communication, and multi-monitor screenshot capture, defenders face an increasingly complex landscape. We discuss how behavioral detection, threat intelligence, and advanced obfuscation detection techniques like Logistic Regression with Gradient Descent are becoming essential in combating these evolving threats. Tune in for a frontline briefing on how infostealers operate today—and what it will take to stop them.…
D
Daily Security Review
1 The Great Screenshot Scandal: Microsoft Recall and Signal’s DRM Shield 28:34
28:34 Play Later Play Later Lists Like Liked28:34
Play Later Play Later Lists Like LikedIn this episode, we dive deep into the growing tension between AI innovation and data privacy through the lens of a major controversy: Microsoft’s Windows 11 Recall feature. Designed to screenshot nearly everything a user does every few seconds, Recall creates a searchable visual archive of on-screen activity. But while Microsoft claims it enhances productivity, critics call it “spyware,” “creepy,” and a “privacy nightmare.” Leading the charge against Recall is Signal Messenger, which has deployed a DRM-based screen security fix to block Recall from capturing its app’s content—an unprecedented move in the realm of desktop applications. Signal’s action isn’t just a technical patch; it's a bold statement in the escalating debate about surveillance, user control, and the unchecked power of AI-enabled features. We explore how this confrontation underscores broader issues: AI’s ability to infer sensitive information from mundane data, the gaps in global data protection frameworks, and the urgent need for stronger developer tools and user-centric privacy controls. We also discuss the ethical and legal implications of AI systems that transform ephemeral user behavior into permanent, searchable records—often without full consent. This isn't just about one controversial feature—it's a microcosm of the privacy challenges we're all about to face. Whether you're a developer, privacy advocate, or just someone who values control over your digital life, this episode will change how you think about the systems you use every day.…
D
Daily Security Review
1 Bumblebee Malware Returns: IT Pros Targeted Through SEO Poisoning and Typosquatting 28:48
28:48 Play Later Play Later Lists Like Liked28:48
Play Later Play Later Lists Like LikedIn this episode, we break down the resurgence of the Bumblebee malware loader and its latest distribution method: blackhat SEO campaigns and trojanized software installers. By mimicking legitimate download pages through typosquatted domains and poisoning Bing search results, attackers are tricking IT professionals into unknowingly infecting their own networks. We explore how malware is being embedded into fake versions of tools like Milestone XProtect, RVTools, WinMTR, and Zenmap—critical software often run with administrative privileges. Once executed, these installers silently load Bumblebee, enabling attackers to deploy ransomware, infostealers, or Cobalt Strike payloads. You’ll also hear about: Why Bumblebee’s return fills the gap left by QBot’s takedown The anatomy of the campaign’s DLL side-loading and use of legitimate Windows binaries Real-world indicators of compromise (IoCs) and typosquatted domains to watch out for How a DDoS attack on the real RVTools website added to the confusion What security teams must do now to mitigate and respond If your IT department uses any of the targeted tools, don’t miss this urgent discussion on one of the most deceptive malware delivery strategies we’ve seen this year.…
D
Daily Security Review
1 FBI Warns of Luna Moth Tactics: Inside the Silent Ransom Group’s Law Firm Attacks 14:45
14:45 Play Later Play Later Lists Like Liked14:45
Play Later Play Later Lists Like LikedIn this episode, we dive into the evolving tactics of the Silent Ransom Group (SRG)—also known as Luna Moth—a cybercriminal outfit that has shifted from traditional phishing to a new, more deceptive strategy: impersonating IT support over the phone. Their latest victims? U.S. law firms, targeted for the sensitive data they hold and the large financial transactions they handle. We explore how SRG uses legitimate remote access tools like Zoho Assist and AnyDesk to silently exfiltrate data while avoiding antivirus detection. Once the data is stolen, the group threatens to publish it unless a ransom is paid—causing severe financial and reputational harm to their victims. This episode also covers critical defense strategies including the importance of cybersecurity awareness training, robust data backup plans, and the deployment of multifactor authentication (MFA)—with a special focus on Microsoft Entra MFA. We’ll break down how Conditional Access policies and modern authentication methods can prevent breaches, even when credentials are compromised. Whether you're in legal, IT, or risk management, this is a wake-up call you don’t want to miss. Learn how to detect the signs of SRG activity and protect your organization before the phone rings.…
Welcome to Player FM!
Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.
Daily Deals
Daily Deals
Similar to Daily Security Review
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
Join us for a special hang stream!
…
continue reading
Player FM - Podcast App
Go offline with the Player FM app!
Go offline with the Player FM app!
