Coalition’s Toomey: Rising Cyber Interconnectedness Pushes Insurers to Boost Detection, Response
In this episode, AM Best’s Toomey discusses how the growing cyber interconnectedness among businesses is forcing insurers to enhance their detection and response capabilities. He highlights the rising frequency and complexity of cyber incidents, the need for real‑time monitoring, and the importance of collaborative threat intelligence sharing. Toomey also emphasizes that insurers must invest in advanced analytics and incident response teams to stay ahead of evolving threats, while balancing cost and regulatory expectations.
EP262 Freedom, Responsibility, and the Federated Guardrails: A New Model for Modern Security
In this episode, Global CISO Alex Shulman‑Peleg argues that the traditional, centralized security model is obsolete in the cloud‑native and AI‑driven era, advocating for a federated "freedom and responsibility" approach where engineers own security outcomes. He likens security to code...
The Timewarp Attack: A Long-Term Threat to Bitcoin Consensus W/ Core Dev Antoine Poinsot
In this episode, Bitcoin Core developer Antoine Poinsot explains the “off‑by‑one” Timewarp bug and how it can be exploited to bloat the blockchain, increase validation costs, and give mining cartels a competitive edge. He outlines the Great Consensus Cleanup—a set...
SANS Stormcast Thursday, February 5th, 2026: Malicious Scripts; Synectix Vuln; Google Chrome; Google Looker;
In this Stormcast episode, the hosts discuss a multi‑stage malicious script that injects into Chrome, downloads a seemingly benign wallpaper image, and then installs additional payloads like Xworm to evade AV detection. They highlight a critical, unauthenticated web‑admin vulnerability (CVE‑2026‑1633)...
How the SCAM Act Would Encourage Platforms to Go After Scammers
In this episode, Paul Benda explains the SCAM Act introduced by Senators Ruben Gallego and Bernie Moreno, which would impose new know‑your‑customer and ad‑takedown obligations on major tech platforms that profit from fraudulent advertising. He outlines why current market incentives...
The Signal: What's New for Platforms & Payments Featuring Matt Downs of Global Payments | Episode 463
In this episode, Matt Downs, President of Integrated and Platforms at Global Payments, discusses the major shifts in platform payments as the industry heads toward 2026, emphasizing that payments have become a growth engine rather than a mere feature. He...
![When Legit Is the Trick: Phishing’s Sneaky New Moves. [OMITB]](/cdn-cgi/image/width=1200,quality=75,format=auto,fit=cover/https://megaphone.imgix.net/podcasts/8797f03a-a50b-11ea-b6c0-87ebb093948d/image/hacking-humans-cover-art-cw.png?ixlib=rails-4.3.1&max-w=3000&max-h=3000&fit=crop&auto=format,compress)
When Legit Is the Trick: Phishing’s Sneaky New Moves. [OMITB]
In this episode of Only Malware in the Building, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski explore how attackers are weaponizing legitimate Microsoft services to make phishing campaigns harder to detect. They break down two...
Secure Web Gateway (Noun) [Word Notes]
In this brief episode, host Rick Howard defines a Secure Web Gateway (SWG) as a layer‑seven firewall positioned at the network perimeter to enforce security policies and conduct detection and prevention tasks. He highlights the SWG’s role in inspecting web...
EP261 No More Aspiration: Scaling a Modern SOC with Real AI Agents
In this episode, Dennis Chow, Director of Detection Engineering at UKG, discusses the shift from static LLM chatbots to autonomous AI agents within a modern SOC, outlining a three‑tier model that treats agents as application‑level logic requiring robust identity, authorization,...
Python Cryptography Breaks Up with OpenSSL with Paul Kehrer and Alex Gaynor
In this episode, Alex Gaynor and Paul Kehrer discuss the Python cryptography library’s decision to move away from OpenSSL as its primary backend, citing long‑standing maintenance headaches and architectural constraints. They explain the technical challenges they faced with OpenSSL’s API...
Why the Future of Financial Fraud Prevention Is Passwordless
In this episode, Dr. Adam Lowe of CompoSecure/Arculus and fraud analyst Suzanne Sando discuss the surge in AI‑driven financial fraud and why traditional passwords are no longer sufficient. They highlight how retailers like eBay and Amazon are moving to password‑less...
Cold Weather, Hot Scams.
In this episode, the hosts dissect recent social‑engineering attacks, covering a Verizon outage‑related credit scam, a rare case where a victim recovered nearly $1 million after a cyber fraud, and a surge of Ozembic/GLP‑1 weight‑loss drug scams targeting Wisconsin consumers with...
The Future of Hardware and Software Integration - Rand Hindi | ATC #596
In this episode, Stephen Sargeant interviews Rand Hindi, CEO of Zama, about the company's work on Fully Homomorphic Encryption (FHE) for Web3. They explore how FHE enables confidential transactions on public blockchains such as Ethereum and Solana without sacrificing security...
Risky Business #822 -- France Will Ditch American Tech over Security Risks
In this episode Patrick Gray and Adam Boileau review a week of cybersecurity headlines, highlighting France’s decision to replace US collaboration tools like Microsoft Teams and Zoom with a sovereign platform, and China’s alleged “Salt Typhoon” operation that spied on...
SANS Stormcast Wednesday, January 28th, 2026: Romance Scams; DoS Vuln in React Server Components; OpenSSL Patch; Kubernetes Priv Confusion
The episode covers four security topics: the early tactics of romance scams as detailed in a guest diary, a newly released denial‑of‑service fix for React Server Components, critical OpenSSL updates that patch a remote‑code‑execution flaw, and a Kubernetes Helm chart...
The Future of Everything: What CEOs of Circle, CrowdStrike & More See Coming in 2026
In this episode, the All‑In hosts interview four CEOs about the landscape they expect in 2026. Jeremy Allaire of Circle discusses the post‑GENIUS Act stablecoin environment, interest‑rate pressures and how AI will reshape money. George Kurtz of CrowdStrike warns that...
Scammers Gonna Scam.
In this episode, hosts Dave Bittner, Joe Carrigan, and Maria Varmazis dissect recent social‑engineering threats, from politically‑charged SendGrid phishing campaigns to a crackdown on Southeast Asian scam networks after the arrest of alleged kingpin Chen Zhi. They share real‑world anecdotes,...
SANS Stormcast Thursday, January 22nd, 2026: Visual Studio Code Scripts; Cisco Unified Comm and Zoom Vuln; Insufficient Fortinet Patch; SANS...
In this episode, Johannes Ullrich highlights four critical security issues: the risk of automatic script execution in Visual Studio Code via tasks.json files, a critical remote code execution flaw in Cisco Unified Communications products, a high‑severity command‑injection vulnerability in Zoom's...
Risky Business #821 -- Wiz Researchers Could Have Owned Every AWS Customer
In episode #821 of Risky Business, hosts Patrick Gray and Adam Boileau, joined by BBC World Cyber Correspondent Joe Tidy, dissect a week of cyber news ranging from alleged U.S. attacks on Venezuela’s power grid to a major AWS console...
Intrusion Detection System (Noun) [Word Notes]
In this episode, host Rick Howard explains what an Intrusion Detection System (IDS) is—a technology that monitors network traffic for malicious activity and either alerts administrators or blocks threats. He highlights the dual roles of detection and prevention, emphasizing how...
EP259 Why Google Built a Security LLM and How It Beats the Generalists
In EP259, Distinguished Scientist Elie Burstein from Google DeepMind explains why Google built a security‑focused large language model (SecLLM) and how it outperforms generic LLMs for threat detection, code review, and incident response. He details the model’s specialized training data,...
The Future of Risk: Integrating AI and Human Intelligence for Proactive Mitigation with Garry Singh
In this 29‑minute episode, Garry Singh, President of IIRIS Consulting, explains how AI can shift risk management from a reactive to a predictive discipline. He outlines practical steps for leaders to embed machine learning into risk identification, while emphasizing the...
When a Scammer Meets the Force.
The episode reviews the latest social engineering threats, highlighting CrowdStrike's 2025 Global Threat Report which notes faster breach times, a rise in vishing and account abuse, and a shift toward malware‑free intrusions. It then examines the industrialization of "pig‑butchering" romance...
SANS Stormcast Wednesday, January 14th, 2026: Microsoft, Adobe and Fortinet Patches; ConsentFix
The episode reviews Microsoft’s January Patch Tuesday (113 fixes, including one actively exploited and eight critical bugs), Adobe’s updates for ColdFusion and Acrobat Reader, and two Fortinet advisories covering an unauthenticated heap overflow and an SSRF issue. It also highlights...
MFA Prompt Bombing (Noun) [Word Notes]
In this brief episode, host Rick Howard defines "MFA prompt bombing" as a technique where attackers flood a user with authentication prompts until they approve one out of frustration, effectively bypassing multifactor authentication. He highlights the growing relevance of this...
7MS #709: Second Impressions of Twingate
In this episode the host revisits Twingate, focusing on the new Twingate LXC connector and how it’s been deployed to replace most remote access to datacenter servers and pentest dropboxes. He shares practical observations on performance, security benefits, and the...
It's Just Too Good to Be True.
The episode covers a wave of social‑engineering threats targeting holiday travelers, charitable donors, and taxpayers, highlighting fake booking sites, fraudulent cancer‑research crowdfunding, and IRS‑impersonation scams that promise "too‑good‑to‑be‑true" refunds. Hosts share real‑world examples—a suspicious nonprofit chair email, a BBC investigation...
SANS Stormcast Thursday, January 8th, 2026: HTML QR Code Phishing; N8n Vulnerability; Powerbank Feature Creep
The episode highlights three emerging security concerns: attackers are embedding QR codes as HTML tables to bypass email filters and lure victims to mobile phishing sites; multiple critical vulnerabilities in the automation platform n8n, including an unauthenticated remote code execution...
SANS Stormcast Wednesday, January 7th, 2026: Tailsnitch Review; D-Link DSL EoL Vuln; TOTOLINK Unpatched Vuln
The episode reviews TailSnitch, an open‑source Go tool that audits TailScale VPN configurations, highlighting its ease of use, sensible severity ratings, and optional auto‑fix feature. It then warns about a actively‑exploited command‑injection flaw in legacy D‑Link DSL modems via an...
How the World Got Owned Episode 1: The 1980s
In Episode 1, hosts Patrick Gray and Amberleigh Jack explore the formative era of 1980s hacking, recounting life on ARPANET, the rise of the 414s, the infamous Morris Worm, and the parallel hunt for German hackers alongside Clifford Stoll’s Cuckoo’s...
IQT The Quantum Dragon Podcast Episode 78 – “Open a Secure Channel.”
In this episode, Ryan Lafler of Quantum Corridor and Terry Cronin of Toshiba discuss their landmark demonstration of cross‑state Quantum Key Distribution (QKD) over a live commercial metro fiber network, highlighting its significance for scaling secure communications across state lines....
Poisoned at the Source. [OMITB]
In this episode, Selena Larson, Keith Mularski, and Dave Bittner examine supply‑chain attacks, focusing on a large‑scale Android malware campaign that embeds malicious code in firmware and reseller‑installed system images before devices reach consumers. They compare this threat to other...
SANS Stormcast Tuesday, January 6th, 2026: IPKVM Risks; Tailsnitch; Net-SNMP Vuln;
The episode highlights three emerging security concerns: the growing use of inexpensive IP KVM devices that often expose out‑of‑band access to the internet, the release of TailSnitch—a tool that audits TailScale configurations for misconfigurations, and a critical buffer‑overflow vulnerability (CVSS 9.8) in...
EP257 Beyond the 'Kaboom': What Actually Breaks When OT Meets the Cloud?
In this episode, Chris Sistrunk explains that the biggest OT risks now stem from routine IT‑style attacks—often “living‑off‑the‑land” exploits on engineering workstations—rather than dramatic malware like Stuxnet, as organizations connect industrial systems to the cloud for telemetry and AI. He...
SANS Stormcast Monday, January 5th, 2026: MongoBleed/React2Shell Recap; Crypto Scams; DNS Stats; Old Fortinet Vulns
The episode recaps recent security news, highlighting ongoing activity of the React2Shell exploit and the need to patch and isolate MongoDB servers against the MongoBleed vulnerability. It warns about classic advance‑fee cryptocurrency scams promising large payouts, and shares a practical...
7MS #708: Tales of Pentest Fail – Part 6
In this episode, the host recounts a recent web application penetration test that went disastrously wrong, highlighting the missteps and unexpected challenges that can arise during a pentest. The story underscores the importance of thorough planning, clear communication with clients,...
Hot Sauce and Hot Takes: An Only Malware in the Building Special.
In this special in‑studio episode, hosts Selena Larson, Dave Bittner, and former FBI cybercrime investigator Keith Mularski tackle a hot‑wings challenge while fielding personal and career‑focused questions, offering listeners a candid look at their backgrounds and the moments that shaped...
The IACR Can't Decrypt with Matt Bernhard
The episode examines the IACR's botched Helios election, where a key management failure forced the organization to discard the vote and schedule a new election. Guest Matt Bernhard, an expert in secure voting systems, explains how Helios' homomorphic encryption works,...
AI Surveillance: Unmasking Flock Safety’s Insecurities
The episode examines the security and privacy flaws of Flock Safety’s AI‑driven license‑plate readers and gunshot‑detection cameras, which are now installed in thousands of U.S. communities. Independent researcher Jon Gaines and activist‑musician Benn Jordan reveal dozens of software vulnerabilities—including outdated...
SANS Stormcast Sunday, December 28th, 2025: MongoDB Unauthenticated Memory Leak CVE-2025-14847
The episode warns that a critical MongoDB memory‑disclosure vulnerability (CVE‑2025‑14847), likened to Heartbleed, was patched on December 24 but is already being exploited in the wild. The flaw lets attackers manipulate BSON length fields to retrieve arbitrary memory, potentially exposing...
Scammers Are Recruiting.
The episode spotlights a surge in social engineering threats, beginning with a conference scam warning and a retired federal investigator's "Scammer Psychological Kill Chain" framework for detecting attacks. It highlights a 1,000% rise in job scams targeting desperate job seekers,...
SANS Stormcast Monday, December 22nd, 2025: TLS Callbacks; FreeBSD RCE; NIST Time Server Issues
The episode covers three security topics: TLS callbacks (Thread Local Storage) used by malware to execute code before a program's main function, a critical FreeBSD remote code execution flaw in the rtsold daemon that parses unsanitized DNS search lists from...
SANS Stormcast Friday, December 19th, 2025: Less Vulnerabie Devices; Critical OneView Vulnerablity; Trufflehog Finds JWTs
The episode highlights a positive trend of fewer publicly exposed industrial control system devices and a roughly 50% drop in SSL 2.0/3.0 exposure, indicating improved server hygiene. It warns about a critical, unauthenticated remote‑code‑execution flaw in Hewlett‑Packard Enterprise OneView (CVSS 10.0) that...
Trust No Link, My Darling.
The episode covers the latest social engineering threats, from AI‑driven virtual kidnapping extortion and celebrity impersonation scams to Google’s dual strategy of suing phishing operations while supporting new anti‑scam legislation and AI tools. It offers practical home‑network advice, emphasizing IoT...
SANS Stormcast Thursday, December 18th, 2025: More React2Shell; Donicwall and Cisco Patch; Updated Chrome Advisory
The episode highlights evolving React2Shell attacks that now target less‑common endpoints and non‑Next.js applications, urging operators to assume compromise if systems remain unpatched. It also covers active exploits in Cisco Secure Email Gateway (UAT‑9686) and a SonicWall SMA1000 local privilege...
Microsegmentation (Noun) [Word Notes]
The episode defines microsegmentation as a zero‑trust security method that isolates individual application workloads, enabling granular protection for each. It highlights how this approach reduces lateral movement risks within networks and supports compliance by enforcing policy at the workload level....
SANS Stormcast Tuesday, December 16th, 2025: Current React2Shell Example; SAML Woes; MSMQ Issues After Patch;
The episode reviews recent activity around the React2Shell exploit, noting that while variants continue to appear in SANS honeypots, the technique is largely mature and even Iranian actors are now merely scanning for it. It then delves into ongoing SAML...
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches
The episode covered four main topics: how malware can exploit DLL entry points that run on load, the resurgence of ClickFix attacks using the obsolete finger command over port 79, a massive Apple patch addressing 48 vulnerabilities—including two actively exploited...
7MS #705: A Phishing Campaign Fail Tale
In this episode, the host recounts a recent phishing campaign that initially attracted many victims but was abruptly terminated, highlighting how even well‑executed attacks can fail due to unforeseen factors. The discussion underscores the importance of understanding the broader attack...
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
The episode covers three main topics: running the Gemma 3 AI model locally on modest hardware, a newly patched but undisclosed Chrome zero‑day vulnerability, and the SOAPwn flaw that lets attackers exploit .NET SOAP services via malicious file:// URLs. Guy Bruneau’s...
