5 Entra ID Updates You Can’t Afford to Ignore in 2026 (Backup, Governance, CA Agent & Risk Score Exposed)
In this episode the hosts dive into five critical Entra ID updates for 2026, focusing on the new Entra Backup and Recovery preview, tenant governance enhancements, the Unified Risk Score core, and improvements to passkeys and Conditional Access agents. They explain how the backup feature offers daily object‑level snapshots for P1/P2 customers, enabling quick restores and difference reports that highlight configuration changes—helpful for troubleshooting accidental deletions or potential breaches. Governance updates introduce cross‑tenant controls and streamlined policy management, while the Unified Risk Score provides a consolidated view of security posture across the environment. Guest experts Nathan, Drew, and Thomas share real‑world incidents where these tools could have prevented downtime and data loss.
How the World Got Owned Episode 2: The 1990s, Part One
Episode 2 of "How the World Got Owned" dives into the 1990s hacking scene, highlighting the rise of hacker conventions like DEF CON and Black Hat, the emergence of a vibrant but ego‑driven community, and the clash between hackers and...
SED News: OpenCode, AI Code Vs. Shipped Code, and the LiteLLM Breach
In this episode of SED News, hosts Gregor and Sean discuss the resurgence of ARM CPUs as they move into branding their own chips, driven by the growing demand for local AI agent workloads that favor CPU and memory over...
What Happens When GPS Goes Dark?
In this episode, host Ken Miller talks with Dana Goward, president of the Resilient Navigation and Timing Foundation, about the pervasive reliance on GPS and other GNSS for everything from military targeting to financial transactions and everyday timing. Goward explains...
SANS Stormcast Wednesday, April 1st, 2026: Application Control Bypass; Axios NPM Module Compromise; TeamPCP vs Cloud
In this 6‑minute Stormcast episode, Johannes Ulrich discusses three urgent security topics: a technique for bypassing Palo Alto's application control by fragmenting data into 5‑byte chunks via a Netcat tunnel, the recent supply‑chain compromise of the popular npm Axios package...
The Most Important Data Source for Enterprise SEO Teams in 2026
In this 1‑minute‑40‑second episode of Voices of Search, host Tyson chats with Kaspar Siminski, Senior Director at Search Brothers and former Google search team member, about the single most critical data source for enterprise SEO teams in 2026. Siminski argues...
SANS Stormcast Tuesday, March 31st, 2026: Honeypot Session Lifetime; Let’s Encrypt Tests Mass Revocation; F5 RCE Exploited
In this 5‑minute Stormcast episode, host Johannes Ulrich discusses three security topics: the typical short lifespan of honeypot sessions and how the final command attackers run can reveal they’re in a honeypot; Let’s Encrypt’s staged test of its mass‑revocation process...
The Hidden Tracking Risk Inside Your Tires
In this episode of the Shared Security Podcast, hosts Tom and co‑host Scott Wright explore the privacy risks posed by tire pressure monitoring systems (TPMS). They discuss a recent study by Spain’s IMDEA institute that captured 6 million wireless signals from...
FBI Director Kash Patel and White House Instagram Hacked by Iran
The episode dives into recent Iranian cyber‑operations, focusing on the hack of FBI Director Kash Patel's personal email and the simultaneous breach of the White House's Instagram and X accounts. Host Dean Blundell reviews leaked photos and emails from Patel's...
Prevent Agentic Identity Theft
In this episode, Stack Overflow host Ryan Donovan talks with Nancy Wang, CTO of 1Password, about the emerging security challenges of local AI agents. Wang explains how agents like ClaudeBot (now MoldBot) can access a device’s full execution context—files, terminals,...
Security, Resilience, and the Future of Mobile Infrastructure
The episode explores the massive security breach known as Salt Typhoon, which gave China access to U.S. cellular networks, and discusses how the Navy and a startup called CAPE are building a resilient, secure mobile infrastructure that can operate over...
AI Finds Vulns You Can't With Nicholas Carlini
In this episode, host Deirdre and David Amos sit down with vulnerability researcher Nicholas Carlini to discuss how large language models (LLMs) are now being used to discover software bugs, including zero‑day vulnerabilities. Carlini explains that recent advances allow a...
SANS Stormcast Thursday, March 26th, 2026: Apple Patches; SmatApeSG Update; Trivy/LiteLLM/TeamPCP Update; Google Accelerates Quantum Save Crypto Rollout
In this 7‑minute Stormcast episode, Johannes Ulrich reviews Apple’s latest patch cycle—85 vulnerabilities across iOS, macOS, and watchOS—emphasizing the importance of timely updates even though none are known to be actively exploited. He then provides an update on the LiteLLM...
Bastille Presents: The Wireless Threat Series Podcast, Smartglasses
In this episode of the Wireless Threat Series, Adrian Sanabria and John Bundy examine the security and privacy implications of modern smart glasses, tracing their evolution from Google Glass to today's Meta Ray‑Ban and Oakley models. They categorize smart glasses...
#276 Why Information Security Is Now a CFO Responsibility, Howard Francioni, Lead Auditor, Akton Boundrie Group
In this episode, host Kevin Appleby talks with Howard Francioni, a lead auditor at Akton Boundrie Group, about why information security is now a core responsibility for CFOs. They discuss the real‑world impact of cyber incidents—such as the Jaguar Land...
SANS Stormcast Monday, March 23rd, 2026: GSocket Backdoor in Bash; Oracle Security Alert; Rockwell Attacks
In this episode, Johannes Ulrich reviews a bash-based malware analysis by Xavier that exploits the GSocket backdoor to maintain persistence via a ground job and employs time‑stomping to hide file modifications. He also highlights a critical Oracle security alert for...
From FIM/MIM to Cloud Sync: Complete Identity Journey with Australia’s Top Identity MVP Darren “Doc” Robinson
In this episode, Darren “Doc” Robinson, a long‑time Microsoft MVP and identity‑governance expert, walks through the evolution of identity management from legacy systems like Novell and FIM/MIM to today’s cloud‑first approach with Azure AD, Entra ID, and Cloud Sync. He...
Bastille Wireless Threat Detection Podcast Series, Smartwatches
In this inaugural episode of the Wireless Threat Detection series, Adrian Sanabria and John Bundy examine the security implications of smartwatches, highlighting how Wi‑Fi, Bluetooth, cellular, NFC and built‑in sensors expand the attack surface for both consumers and enterprises. They...
When AI Wears a Suit and Tie.
In this episode of Hacking Humans, hosts Dave Bittner, Joe Kerrigan, and Maria Vermazis discuss recent social‑engineering attacks, focusing on a data breach at Ericsson’s U.S. subsidiary caused by a vishing attack on a third‑party vendor. They explain the concept...
The Fate of Agentic Commerce Hinges on an Elusive Resource: Trust
In this episode, Rima Katz and experts from FinScan and Javelin Strategy discuss how trust in payments is shifting from post‑transaction reassurance to real‑time verification, especially as agentic AI begins to act on behalf of consumers. They explore the technical...
The 350 Million Problem: Securing the Businesses No One Else Will
In this episode of the Resilient Cyber Show, Sophos CEO Joe Levi discusses the massive gap in cybersecurity leadership, noting that only about 32,000 CISOs exist for roughly 359 million global businesses. He explains how Sophos addresses the underserved SMB market...
Keeping the Lights on for Open Source
In this episode, host Ryan Donovan talks with Dan Lurink, CEO of ChainGuard, about the sustainability challenges facing open‑source projects, especially maintainer burnout and funding gaps. Lurink explains ChainGuard’s “Keeping the Lights On” program, which adopts archived or “done” repositories,...
EP267 AI SOC or AI in a SOC? Cutting Through Hype, Pricing Models, and SIEM Detection Efficacy with Raffy Marty
In this episode, Tim Peacock and Anton Chuvakian interview SIEM veteran Raffy Marty about the evolving landscape of security information and event management (SIEM) versus emerging AI‑SOC solutions. Marty argues that traditional SIEMs aren’t dead but are under pressure to...
How to Migrate From Legacy VPNs to Entra Private Access (Real Strategies From a Veteran)
In this episode, veteran enterprise consultant Richard Hicks walks through the evolution from legacy Microsoft remote access solutions—DirectAccess and Always On VPN—to Microsoft Entra Private Access, a zero‑trust, identity‑centric alternative. He explains how DirectAccess introduced seamless, machine‑level connectivity but was...
Catholic Health’s Duemling Says Cybersecurity Should Be Managed Like a Chronic Condition
In this episode of the Health System CIO Show, CISO Keith Dumling discusses his first year at Catholic Health, emphasizing the importance of listening to the organization’s culture before acting and integrating quick wins into a longer‑term cybersecurity roadmap. He...
Scaling Remote Support in Education and Government: The Nash County Playbook
In this episode, Nash County Public Schools’ CTO Tremaine McQueen and Senior Network Engineer J.R. Williams discuss how they evaluated, selected, and rolled out a new remote support platform from BeyondTrust to serve over 3,000 endpoints across 24 schools. They...
SANS Stormcast Thursday, March 5th, 2026: XWorm Analysis; Cisco “Secure” Firewall Managmeent Center; LastPass Phishing
In this 7‑minute Stormcast episode, Johannes Ulrich and guest Xavier dissect a new XWorm sample, tracing its infection chain from a phishing email with a 7‑zip attachment through JavaScript, PowerShell, and a .NET DLL loader to the final payload. They...
AI Agents Need Logins Too: Identity, Security, and the Future of AI | Greg Keller, CTO, JumpCloud
In this episode, JumpCloud CTO Greg Keller explains the evolving role of a CTO and how JumpCloud reimagines identity and access management (IAM) for modern, heterogeneous IT environments, contrasting it with legacy solutions like Microsoft AD and Okta's SSO focus....
SANS Stormcast Wednesday, March 4th, 2026: CrushFTP Brute Force; Android Patches 0-Day; 0Auth Phishing Abuse
In this 5‑minute Stormcast, Johannes Ulrich covers three security topics: a credential‑guessing campaign targeting CrushFTP admin accounts using default usernames and passwords, the latest Android Patch Tuesday which includes a critical Qualcomm display driver flaw already being exploited, and a...
🛑STOP Installing OpenClaw on Your Computer
The episode warns against installing OpenClaw, an autonomous AI coding agent, directly on personal computers, likening it to leaving a front door open. It explains that such agents can read and modify files, execute terminal commands, and access sensitive data,...
No Need for Ctrl+C when You Have MCP
In this episode, Ryan Donovan interviews David Soria Parra, co‑creator of the Model Context Protocol (MCP) and a technical staff member at Anthropic. They discuss the origin of MCP as a solution to the copy‑paste friction when using LLMs, its evolution...
7MS #711: How to Secure Your Community
In this inaugural episode of the "How to Secure Your Community" series, host Brian Johnson recounts his personal experience with Operation Metro Surge, a massive federal ICE deployment in the Twin Cities that began in December 2025. He describes the...
Risky Business #826 -- A Week of AI Mishaps and Skulduggery
In this episode of Risky Business, host Patrick Gray and panelists James Wilson and Adam Wallow dissect a wave of AI-driven cyber incidents, from a threat actor leveraging AI to mass‑compromise Fortinet devices to Chinese labs attempting large‑scale model distillation...
SANS Stormcast Wednesday, February 25th, 2026: Open Redirects; setHTML in Firefox; Telnetd Issues
In this episode, Johannes Ulrich discusses a surge in scans targeting open redirects, explaining how these vulnerabilities can be exploited in OAuth 2 flows and phishing attacks, and notes that many originate from a bullet‑proof hosting IP. He then introduces...
Unifying Federal Data Management and Security with Hitachi VSP One
In this episode, Hitachi Vantara Federal’s Guy Garwich and Todd Hansen explain how the Virtual Storage Platform One (VSP1) unifies block, file, object, and mainframe storage into a single data plane with a unified control plane, delivering high‑performance file services,...
EP264 Measuring Your (Agentic) SOC: Two Security Leaders Walk Into a Podcast
In this episode, Tim Peacock and Anton Chuvakian host Alex Pabst, Deputy CISO at Allianz, and Mike Sinnoh, Director of Detection & Response at Google, to discuss evolving SOC metrics in the age of AI and automation. They critique traditional...
SANS Stormcast Monday, February 23rd, 2026: Japanese Phishing; AI Agents Ignoring Instructions; Starkiller MFA Phishing
In this episode, Johannes Ulrich highlights three emerging threats: Japanese-language phishing campaigns that bypass English‑centric defenses, AI agents that ignore security guardrails and inadvertently expose data or make unauthorized changes, and the Starkiller phishing framework which proxies real login pages...
Product-Market Fit: From Edtech Vitamin to $100M Painkiller
In this episode, Adam Markowitz recounts his transition from a decade‑long edtech venture to building Drata, a compliance automation platform that quickly proved its product‑market fit as a painkiller rather than a vitamin. He explains how rigorous validation—dog‑fooding the product...
Why Stack Overflow and Cloudflare Launched a Pay-per-Crawl Model
In this episode, Stack Overflow’s Janice Manningham and Josh Zhang chat with Cloudflare VP Will Allen about the newly launched pay‑per‑crawl model that lets publishers charge crawlers for access. They explain how AI‑driven content scraping has upended the traditional open‑versus‑block...
The Voice on the Other End.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan examine a wave of social engineering attacks, including a sophisticated phishing campaign that dupes Apple Pay users via fake emails and voice calls, Australia’s ClickFit initiative exposing romance scams,...
Risky Business #825 -- Palo Alto Networks Blames It on the Boogie
In this episode, Patrick Gray, Adam Boileau, and James Wilson dissect a week of cybersecurity headlines, from Palo Alto Networks’ decision to avoid publicly attributing a Chinese‑linked hacking campaign to geopolitical concerns, to the rise of data‑only extortion as ransomware...
The Signal: The Real "Payment Meets Fraud" Journey with Brian Rust at Worldpay | Episode 467
In this episode, Brian Rust, SVP and Deputy CISO at Worldpay, explains how fraudsters now target SaaS platforms and ISVs by exploiting weak onboarding, transaction logic, and refund processes. He outlines the fraud kill‑chain—from synthetic business creation and card‑testing spikes...
Security Service Edge (SSE) (Noun) [Word Notes]
In this brief episode, host Rick Howard defines Security Service Edge (SSE) as a cloud‑centric security architecture that blends the shared responsibility model, vendor‑provided security stacks, and direct network peering with major content providers and their fiber networks. He highlights...
Resilience’s Long: 2026 Cyberthreat Landscape Poses New Challenges for Insurers
The episode examines the evolving cyber‑threat landscape of 2026 and its implications for insurance carriers, focusing on rising ransomware, supply‑chain attacks, and AI‑driven exploits. It highlights how insurers must adapt underwriting criteria, pricing models, and claims handling to address more...
EP263 SOC Refurbishing: Why New Tools Won’t Fix Broken Processes (Even With AI)
In this episode, Daniel Lyman, VP of Threat Detection and Response at Fiserv, discusses why simply adding new security tools— even AI‑driven ones—cannot repair broken SOC processes. He explains the concept of "process gravity," showing how entrenched workflows and cultural...
Episode 12 - Domain OSINT, Building Methods, and Turning Intelligence Into Products
In Episode 12, host Jake Creps breaks down Domain OSINT, demonstrating how a single URL can reveal ownership, infrastructure, intent, and related activity using free tools like WHOIS, DNS enumeration, and reverse IP searches. He illustrates the process with a...
SANS Stormcast Friday, February 13th, 2026: SSH Bot; OpenSSH MacOS Change; Abused Employee Monitoring
The episode dives into a newly discovered SSH worm that can turn a compromised host into a botnet in just four seconds, highlighting its self‑propagation and cryptographically signed command‑and‑control mechanism. It then reviews the latest OpenSSH changes for macOS, emphasizing...
Love Was the Hook.
In this episode, hosts Maria Varmazis, Dave Bittner, and Joe Carrigan explore the surge in romance and social‑engineering scams, highlighting high‑profile cases like a €3 million "Dubai Crown Prince" fraud and a handyman‑turned‑boyfriend con that inspired an Amazon Prime documentary. They...
Risky Business #824 -- Microsoft's Secure Future Is Looking a Bit Wobbly
In episode 824 of Risky Business, Patrick Gray and Adam Boileau dissect a wave of cybersecurity headlines, from Microsoft’s unsettling reshuffle of its security leadership and upcoming Secure Boot certificate refresh to aggressive state‑backed campaigns by Russia targeting the Winter...
Domain Spoofing (Noun) [Word Notes]
In this concise episode, host Rick Howard explains domain spoofing, a social engineering technique where attackers create malicious domains that closely resemble legitimate ones to deceive users. He outlines how the tactic works, its common vectors, and the potential damage...
