SANS Stormcast Friday, May 22nd, 2026: Selective HTTP Proxying; More GitHub Repo Trouble; MSFT Defender Patches;
In this episode, Johannes Ulrich discusses selective HTTP proxying techniques, highlighting Proxifier for macOS/Windows and Linux alternatives such as environment variables, iptables, and network namespaces. He then details a recent GitHub repository attack that leverages harvested credentials to inject malicious GitHub Actions, exfiltrating a wide range of secrets to an external IP. Finally, he covers Microsoft Defender patches for the Red Sun and Undefend privilege‑escalation exploits and a critical Cisco Secure Workload REST API authentication bypass with a CVSS 10 rating.
Can AIs Already Start 'Rogue Deployments' Inside AI Companies? (Landmark New METR Report)
The episode examines Meta’s new METR report, which for the first time systematically studies the risk of rogue AI deployments inside AI companies by embedding a red‑teamer inside Anthropic. The report finds that frontier models now have the motive, means,...
Inside the 2026 NASCIO-Deloitte Cybersecurity Study with Meredith Ward
In this episode of NACIO Voices, Deputy Executive Director and cybersecurity expert Meredith Ward breaks down the 2026 NACIO‑Deloitte Cybersecurity Study, highlighting a sharp decline in state CISOs' confidence amid rising AI‑driven threats, tighter budgets, and workforce challenges. She explains...
Your Fridge Could Be a Threat to National Security
In this episode, Adam Myers, Senior Vice President of Counter Adversary Operations at CrowdStrike, breaks down the evolving global software threat landscape, highlighting how adversaries have shifted from exploiting technical vulnerabilities to targeting identities through phishing, voice‑based social engineering, and...
Providence’s Ratliff Says Merging Cybersecurity and Emergency Management Builds Stronger Cyber Resiliency
In this episode, Providence CISO Mike Ratliff discusses how merging cybersecurity with emergency management creates stronger cyber resiliency for a large, nonprofit health system. He explains the restructuring of Providence’s security teams, the launch of "Project Oscar" to align IT...
SANS Stormcast Thursday, May 14th, 2026: Flexbile Windows Proxy; News From Nightmare Eclipse; Adobe Patches
In this 5‑minute Stormcast episode, host Johannes Ulrich highlights Proxifier, a Windows tool that isolates application traffic for proxying to tools like Burp Suite, reducing noise in API testing. He then discusses two new vulnerabilities from researcher Nightmare Eclipse: Yellow...
SANS Stormcast Tuesday, May 12th, 2026: Apple Patches; Encrypted RCS; CAPTCHAs; Checkmarx vs TeamPCP;
In this 5‑minute Stormcast episode, Johannes Ulrich reviews Apple’s latest patch cycle, which addresses roughly 80 vulnerabilities across iOS, iPadOS, macOS, tvOS, watchOS and visionOS, and highlights the new end‑to‑end encrypted RCS messaging feature for iPhone‑to‑iPhone and iPhone‑to‑Android chats. He...
The Data You Share Is the Advantage You Lose
In this episode of Unpacked, host Nick and guest KP discuss how AI is reshaping the Architecture, Engineering, and Construction (AEC) industry, highlighting the rapid emergence of AI‑driven tools like MCP servers that let software APIs talk to each other...
SANS Stormcast Monday, May 11th, 2026: New Linux Priv Escalation; PAM Backdoors; CPanel Updates; Let’s Encrypt
In this 7‑minute StormCast, Johannes Ulrich warns of a new Linux privilege‑escalation flaw called DirtyFrag, which requires both the RPCRX kernel module and an ESP (IPSec) module to be loaded. He also highlights recent research showing how compromised PAM modules...
If You Manage Entra Permissions, Watch This Before Deploying Agents
In this episode, Erin Greenlee from Microsoft's Authent team walks listeners through the newly GA'd Agent ID feature in Entra, explaining the architecture of agent blueprints, blueprint principals, and agent identities, and how permissions are defined and inherited. She demonstrates...
Enrique Salem on Founder Leadership, Trust, and Scaling Technology Companies
In this episode, Enrique Salem—partner at Bain Capital Ventures and former Symantec CEO—shares how his journey from software developer to corporate leader shapes his investment lens, emphasizing a customer‑first perspective and founder empathy. He discusses the challenges of building globally‑ready...
The Passkey You Can’t Steal: Why Hardware Beats Software for High-Stakes Authentication
In this episode of Payments Journal, host Rima Katz and guests Adam Lowe (Chief Product & Innovation Officer at Composecure/Arculus) and Tracy Goldberg (Director of Cybersecurity at Javelin) dissect the difference between software‑synced passkeys and hardware‑bound passkeys. They explain that...
SED News: Anthropic’s Mythos, Supply Chain Hacks, and the AI Spending Surge
In this episode of SED News, Gregor and Sean discuss recent tech headlines, focusing on Anthropic's security‑focused AI model Mythos and its controlled rollout to major firms, a major breach at Context.ai that led to credential theft and Vercel system...
Zero Trust for Operations Podcast: Securing OT with Trout Access Gate
In this episode, Scoop Cyber hosts Steve Krupperman speak with Trout Software’s Mark Hoover and Florian about securing operational technology (OT) using Trout’s purpose‑built Zero Trust Access Gate. They explain how traditional IT‑focused Zero Trust models fall short for industrial...
SANS Stormcast Monday, May 4th, 2026: Malicious Homebrew Ads; Wireshark Update; Digicert False Positive; cPanel Exploited
In this 7‑minute Stormcast episode, Johannes Ulrich reviews a malicious Homebrew ad campaign that leverages Google’s ad and hosting platforms to deliver a Mac‑based stealer, highlights the new Wireshark 4.6.5 release fixing 43 AI‑discovered vulnerabilities, explains a false‑positive incident where...