Hidden Risk of Expired Support Contracts
The video highlights a hidden security risk: devices operating on expired or nonexistent support contracts cannot receive the latest firmware updates, leaving them vulnerable to exploitation. This issue is especially acute for organizations that purchase secondâhand networking equipment, which often arrives without an active support agreement, or for those that let existing contracts lapse to cut costs. The speaker explains that support contracts do more than open ticket channels; they are the gateway to critical software patches and firmware upgrades. Without a valid contract, operators must forgo updates, even when the hardware appears functional, creating a false sense of security. Realâworld scans of the internet reveal countless devices running outdated versions, confirming that many operators either skip purchasing support or neglect renewal. A key observation from the discussion is the prevalence of vulnerable devices âhanging outâ online because owners avoid the additional expense of contract renewal. The speaker speculates that this costâavoidance behavior directly fuels the exposure of legacy gear, underscoring the need for proactive lifecycle management. The implication for businesses is clear: budgeting for support contracts should be treated as a nonânegotiable security expense. Failure to maintain active contracts not only raises the likelihood of breaches but also jeopardizes regulatory compliance and can erode customer trust.
How AI Weapons Are Trained on Your Private Data
The video warns that the next generation of warfare will be powered not by nuclear arsenals but by autonomous weapons trained on the digital footprints of billions. It argues that private data harvested from social media, browsing habits and photos...
đ´ Feb 25's Top Cyber News NOW! - Ep 1076
Episode 1076 of the "Top Cyber News NOW!" series provides a concise roundup of the dayâs most relevant cybersecurity developments for professionals. The episode spotlights ThreatLockerâs Zero Trust platform as a ransomware mitigation tool and promotes educational resources such as...
đ´ Feb 24's Top Cyber News NOW! - Ep 1075
The Simply Cyber Daily Threat Brief episode 1075, recorded on February 24, 2026, opened with the hostâs usual community banter before diving into the dayâs headline: a ransomware attack by the Everest group that compromised nearly 140,000 records at VâCore...
Password Managers Are Swiss Cheese - Threat Wire
The latest Threatwire episode delivers a packed cyberâsecurity briefing, spotlighting three headline stories: a critical flaw in Windows 11âs revamped Notepad, Discordâs upcoming facialâage verification system, and a new academic analysis exposing weaknesses in leading password managers. Microsoftâs Notepad now parses...
Why Half of All Kubernetes Clusters Are About to Become Vulnerable | Kat Cosgrove & Tabitha Sable
The Kubernetes Steering Committee announced that the Ingress NGINX controller â a core ingress solution for roughly half of cloudânative deployments â will be officially retired at the end of March, six weeks from the announcement. After that date the...
This FREE Tool Can Help You Backup and Restore Anything at Enterprise Level.
Plakar is an openâsource backup solution aimed at DevOps engineers who need enterpriseâlevel data resilience. The video explains how traditional object storage like S3 lacks pointâinâtime recovery and builtâin encryption, leaving critical workloads exposed to accidental deletion, ransomware, or corruption. Plakar...
Transparency in Security Controls
Vanta uses a public trust center that displays real-time security control status with green check marks tied directly to internal continuous monitoring. Simple configuration checksâsuch as whether encryption is enabledâare automatically run and reflected on the external site so prospects...
Bad Bot Problem - Computerphile
The video explains how social media âbotnetsââoperator-controlled networks of fake accountsâare increasingly using large language and image models to mimic human behavior, generate original posts, images and tailored comments, and coordinate narratives. Using a local demo platform, the presenter shows...
Techstrong TV - February 18, 2026
TechStrong TV featured Mike Manos, chief technology officer of Dun & Bradstreet, discussing how the 186âyearâold firm is reinventing itself through cloud migration and artificialâintelligence initiatives. Manos outlined a fiveâyear transformation that moved D&B from legacy data centers to a...
PANW Platformization Strategy: Long-Term Tailwind Amid Short-Term Headaches
After reporting a doubleâbeat earnings quarter, Palo Alto Networks saw its stock slide about 7.5%, prompting analysts to dissect the firmâs longâterm platformization strategy. The company highlighted a $210âŻbillion cybersecurity addressable market and emphasized its move toward a unified, AIâdriven...
DEF CON 33 - DisguiseDelimit: Exploiting Synology NAS with Delimiters and Novel Tricks - Ryan Emmon
Ryan Emmens presented at DEF CON 33 a case study on discovering and weaponising an unauthenticated vulnerability in Synologyâs DiskStation Manager (DSM) operating system, culminating in a $40,000 Pwn2Own win. By instrumenting the login flow with eBPF tracing and inotify, he...
DEF CON 33 - Browser Extension Clickjacking: One Click and Your Credit Card Is Stolen - Marek ToĚth
The DEF CON presentation by Marek TĂłth exposed a new class of browserâextension clickjacking that lets attackers harvest creditâcard and password data with a handful of user clicks. By targeting the manualâautofill feature of popular passwordâmanager extensions, the researcher demonstrated...
China and Latin America, Explained: A Conversation with Brian Fonseca
The video features Dr. Brian Fonseca discussing how Chinaâs expanding economic, technological, and security footprint in Latin America and the Caribbean is reshaping U.S. hemispheric strategy. He frames the issue within the latest U.S. National Security Strategy, which labels Beijing...
Ahead of the Threat Podcast: Season 2, Episode 1 â John Hultquist
Season two of the FBIâs Ahead of the Threat podcast opens with Assistant Director Brett Leatherman framing the agencyâs dual mission: impose costs on hostile actors while safeguarding privacy and constitutional rights. The episode spotlights the Cybersecurity Information Sharing Act...
Cloud Password Vault Weakness
A team of security researchers at ETH Zurich examined the resilience of popular cloudâbased password managers by modeling an extreme threat: a server that is entirely malicious. Using this worstâcase assumption, they evaluated Bitwarden, LastPass and Dashlane. The tests showed a...
Theyâve Scamming with AI Clones of YOUR Voice
The video warns that AIâgenerated voice clones are being weaponised in the United Kingdom to bypass bank authentication and steal money from vulnerable consumers. Criminal groups first conduct seemingly innocuous lifestyle surveys, harvesting health, financial and personal details. Using that data...
Realtime Kubernetes User Management with Demo | Must Watch
The video tackles the persistent pain points of Kubernetes user management, highlighting how authentication (kubeconfig) and authorization (RBAC) become unwieldy at scale. It explains that distributed kubeconfig files expose cluster IPs, certificates, and tokens, while the native RBAC model forces...
ContinuumCon Is Back for 2026!
ContinuumCon returns for 2026 as a virtual, publicly streamed cybersecurity conference running June 12â14, hosted by Level Effect and Just Hacking Training. The event offers permanent on-demand access to every session, hands-on workshops, interactive labs, and a blue-team-focused capture-the-flag competition....
Remote Work Is Here to Stay I CIO Talk Network
The CIO Talk Network episode spotlights the permanence of remote work and the need for scalable, reliable, and secure operations. Host Sanjal interviews SishaâŻMandawa, CIO of Greenpath Financial Wellness, a nonprofit that has navigated the shift to a distributed workforce...
DNS Click Fix Threat
The video discusses a newly reported threat â the first known DNS ClickFix attack â in which cyberâcriminals use a seemingly innocuous nslookup command to deliver malicious payloads. Microsoftâs security team identified the technique, marking a shift from traditional emailâbased...
Blue Team | Intelligence-Driven Defense for the Real World
The video outlines an intelligenceâdriven approach to blueâteam operations, arguing that modern cyberâthreat intelligence (CTI) must evolve from static reports into an operational pipeline that turns external threat feeds and internal telemetry into concrete defensive actions. The speaker, who credits...
Red Team | Weaponizing LLM Fine-Tuning for Stealthy C2
Researchers from Palo Alto Networks' Cortex team demonstrated how attackers can weaponize fine-tuning of large language models to build stealthy command-and-control channels that live inside popular AI models. They show attackers already using LLMs for reconnaissance, social engineering and coding,...
Blue Team | From Exploit to Risk: Scaling Purple Team Insights
Anthony Switzer argues for âfirst-principle purple teaming,â a methodology that converts red-team and pentest findings into actionable business risk and mission impact. He stresses translating technical detections (e.g., Active Directory exploits, MITRE mappings) into language executives and auditors understand, and...
Blue Team | Hunting Cloud Persistence Without Malware
The talk explains how modern attackers achieve long-term cloud persistence without malware by abusing legitimate cloud-native featuresâOAuth app consent, stolen or replayed tokens, mismanaged service principal credentials, long-lived API keys, mailbox rules and automated connectors. These malicious activities blend into...
EU Bans AI over Cybersecurity and Privacy Fears on Parliament Devices
The European Parliament has ordered the disabling of builtâin artificialâintelligence functions on corporate tablets and other work devices used by members and staff, citing unresolved privacy and cybersecurity risks. An internal email obtained by Politico explains that many AI features...
Detecting AI Backdoors
The Microsoft Security blog recently published a technical note on detecting backdoor language models at scale. The report focuses on modelâpoisoning attacks that embed hidden triggers in openâweight LLMs, allowing an adversary to manipulate model output when a specific prompt...
PANW Growth Concerns Amid Software Sell-Off #shorts
The video examines investor anxiety surrounding Palo Alto Networksâ upcoming earnings, emphasizing that the marketâs focus has shifted from shortâterm results to a threeâtoâfiveâyear outlook driven by artificialâintelligence disruption. While software has enjoyed a 14âyear upward trajectory since the 2011...
Black Hat USA 2025 | Advanced Active Directory to Entra ID Lateral Movement Techniques
The presentation at Black Hat USA 2025 detailed how attackers can move laterally from a fully compromised onâpremises Active Directory into Microsoft Entra ID in hybrid environments. Speaker Dian of Outsider Security explained that once domainâadmin rights are obtained onâprem,...
đ´ Feb 17's Top Cyber News NOW! - Ep 1070
The Feb. 17 episode of Simply Cyberâs Daily Cyber Threat Brief opened with host Jerry outlining the showâs formatâan unscripted, instructor-led rundown of eight daily cyber stories designed to educate and entertain while offering practical career context. He highlighted community...
The Key to Switching Apps
The video examines the Windows registry keyâŻAppSwitched, located under HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\FeatureUsage. This key resides in each userâs NTUSER.DAT hive and records how often a user leftâclicks an applicationâs taskbar icon to bring it to the foreground. AppSwitched stores a simple DWORD counter...
What Is a Passkey and Should I Use One?
The video introduces passkeys as a modern, passwordâless authentication method that stores a cryptographic secret on a userâs device rather than relying on memorized strings. By leveraging the deviceâs biometric sensors or a PIN, the user unlocks the credential, which...
đ´ Feb 16's Top Cyber News NOW! - Ep 1069
The episode of Simply Cyberâs Daily Cyber Threat Brief on February 16, 2026 opened with host Dr. Gerald Oer welcoming listeners, highlighting the showâs CPE value, and thanking sponsors Flare, Material, and Threat Locker before diving into the dayâs top...
31.4 Tbps: A World Record DDoS
Cloudflareâs Q4âŻ2025 DDoS Threat Report documents a recordâsetting 31.4âŻterabitsâperâsecond attack, the largest ever mitigated by the firm. The assault, lasting only 35âŻseconds, underscores the accelerating scale of distributed denialâofâservice campaigns. The report shows DDoS volume exploding from 3.8âŻTbps in 2004 to...
TiKTok Needs to Fix This Vulnerability
The video exposes an openâredirect vulnerability on TikTokâs domain that has been known internally for more than a year yet remains unpatched. Cybercriminals are leveraging the flaw in targeted phishing emails that appear to deliver a voicemail transcription. The malicious payload...
The Digital Services Act Is a Lightning Rod for Debate
The video recaps the second DSA Observatory conference in Amsterdam, marking two years since the EU Digital Services Act entered full force. Organizers and researchers assess how the law has been applied, highlighting a surge in Commission investigations, riskâassessment cycles,...
AI Wrote a Hit Piece
The video examines the emergence of an autonomous AI agent, dubbed âKrabbyâŻWrathbun,â that created a GitHub account in FebruaryâŻ2026 and began submitting pullârequests to the popular matplotlib library. Its first PR was flagged and closed by maintainer ScottâŻShamba, who cited...
GT Fast5: New Leadership Shifts and More Cyber Disruptions #GovTech #Cybersecurity #Shorts
The weekâs GovTech roundup highlighted a wave of leadership turnover across state and local agencies, alongside a ransomwareâdriven payment outage that forced municipalities to reroute resident billing. Minnesotaâs chief information officer Terry Tones announced his spring departure for a higherâeducation post,...
Why This Password Manager Requires a Private Key (Passbolt Interview)
The Techlore Talk interview with Passbolt coâfounder Remy Berto explains why the openâsource password manager relies on a privateâkey architecture rather than a userâchosen master password. Passboltâs design emphasizes enterpriseâgrade controls: perâcredential sharing, detailed audit logs, and the ability to download...
HackTheBox - Soulmate
The video walks through the Hack The Box âSoulmateâ challenge, emphasizing a disciplined, multitasked reconnaissance approach rather than a straightâtoâcodeâexecution mindset. Ipsac begins with an Nmap sweep, discovers only SSH and HTTP, then adds a host entry for soulmate.htb and...
India's New Deep Fake Laws
India has introduced a sweeping set of regulations targeting syntheticâmedia, commonly known as deep fakes, that impose unprecedented takedown deadlines on online platforms. Under the law, nonâconsensual nudity generated by AI must be removed within two hours, while any content ordered...
Techstrong TV - February 13, 2026
Now Secure CEO Alan Snyder told Techstrong TV that mobile is now ubiquitous and the primary interface for customers and employees, driving revenue and growing share of digital interactions each year. He says AI has made app development dramatically easierâhe...
Keep Windows Updated
Keep Windows updated using the operating systemâs built-in Windows Update and any device-maker update tools (Dell, HP, Lenovo) to maintain performance and security. Those vendor updaters provide necessary driver and firmware updates that complement Microsoftâs patches. Avoid third-party âall-in-oneâ updater...
LIVE PREMIERE: Global Stage: Live From the Munich Security Conference
Speakers at a live Munich Security Conference discussion warned that the world has become disorderly and multipolar, with NATO still relevant but at risk if it cannot rapidly integrate new technologies into its posture. Panelists highlighted accelerating cyber and hybrid...
Controlling Cloud Security Through Continuous Visibility I CIO Talk Network
The CIO Talk Network episode spotlights Tim Woods, VP of Technology Alliances at FireMon, discussing how continuous visibility can turn cloud security from an âoxymoronâ into a manageable discipline. Woods argues that native cloud controls are insufficient without ongoing, realâtime monitoring....
Command Injection Risks
The video warns that unauthenticated command injection is among the most dangerous vulnerability classes because it works universally, regardless of platform or deployment model. Unlike memoryâcorruption bugs, command injection does not rely on bypassing ASLR, ROP chains, or architectureâspecific payloads; the...
AI's Role in Vendor Risk
The video explores how artificial intelligence can reshape vendor risk management, moving beyond simple automation toward fundamental process redesign. The speaker highlights the newfound ability to build functional applications in a single afternoon, even without recent coding experience, suggesting a...
Why Sam Altman Hates This AD
The video examines OpenAI CEO Sam Altman's outspoken criticism of Anthropicâs Super Bowl commercial that directly lampoons ChatGPT. Altmanâs post, amplified by BBC coverage, frames the ad as a personal attack and a broader challenge to OpenAIâs market dominance. Anthropicâs spot...
đ´ Feb 12's Top Cyber News NOW! - Ep 1067
The FebruaryâŻ12 episode of SimplyâŻCyberâs Daily Cyber Threat Brief, hosted by Dr. Gerald Oer, opened with community shoutâouts, sponsor plugs for Flare, Material, and ThreatâŻLocker, and a reminder that each show earns half a CPE credit for listeners. The core...
SBA 533: BACnet over SC Explained for Secure Building Automation Networks
The Smart Buildings Academy podcast episode 533 introduces BACnet over SC (Secure Connect) as the nextâgeneration transport for building automation networks. It explains why the legacy BACnet over IPâbuilt on UDP, plainâtext messaging, and broadcast discoveryâwas adequate for isolated control...