Cover image of The Threatpost Podcast
(19)
Technology
News
Tech News

The Threatpost Podcast

Updated 2 months ago

Technology
News
Tech News
Read more

Threatpost writers Mike Mimoso and Chris Brook discuss security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.

Read more

Threatpost writers Mike Mimoso and Chris Brook discuss security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.

iTunes Ratings

19 Ratings
Average Ratings
9
5
4
0
1

Threatpost

By Uncleduke911 - May 30 2019
Read more
Note to podcasters: chose a room with carpets and soft wall surfaces. Use a quality unidirectional mic. Sit closer to mic. Otherwise it’s too fatiguing to listen to your fine podcast. 5G program continues to demonstrate producer indifference to poor audio quality.

Content is usually good, but sound quality makes it unlistenable

By LarryWest42 - Aug 11 2018
Read more
I just noticed earlier reviewers complained about the sound, too. The sound quality is very harsh, no attempt to made to balance volume level, there are easily preventable noises in many episodes. There are literally podcasts made by high school kids who do a better job on the sound quality. Lindsay, Tom: this problem didn't start with you, but it seems to have become worse this year. Why not treat this as news content that you're proud of? Take a class, learn from on-line videos, consult an audiophile friend, ... something.

iTunes Ratings

19 Ratings
Average Ratings
9
5
4
0
1

Threatpost

By Uncleduke911 - May 30 2019
Read more
Note to podcasters: chose a room with carpets and soft wall surfaces. Use a quality unidirectional mic. Sit closer to mic. Otherwise it’s too fatiguing to listen to your fine podcast. 5G program continues to demonstrate producer indifference to poor audio quality.

Content is usually good, but sound quality makes it unlistenable

By LarryWest42 - Aug 11 2018
Read more
I just noticed earlier reviewers complained about the sound, too. The sound quality is very harsh, no attempt to made to balance volume level, there are easily preventable noises in many episodes. There are literally podcasts made by high school kids who do a better job on the sound quality. Lindsay, Tom: this problem didn't start with you, but it seems to have become worse this year. Why not treat this as news content that you're proud of? Take a class, learn from on-line videos, consult an audiophile friend, ... something.
Cover image of The Threatpost Podcast

The Threatpost Podcast

Latest release on Aug 13, 2020

Read more

Threatpost writers Mike Mimoso and Chris Brook discuss security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.

Rank #1: The Threatpost Podcast: RSA Conference 2019 Recap

Podcast cover
Read more

The Threatpost team touches base at the RSA Conference this year in San Francisco to discuss breaking news from the show and their favorite topics and trends that they saw.

Mar 07 2019

13mins

Play

Rank #2: News Wrap Podcast For June 14

Podcast cover
Read more

Beyond Patch Tuesday, this week was crammed with privacy and security related news. In this week's Threatpost podcast, editors Tara Seals and Lindsey O'Donnell discussed the top news from the week. That includes:

  • A federal lawsuit alleging that Amazon is recording children who use its Alexa devices, without their consent or knowledge.
  • Telegram's CEO pointing the finger squarely at Chinaas the culprit responsible for the distributed denial of service (DDoS) attack that it suffered on Wednesday.
  • A critical flawin the popular note-taking Evernote extension could have allowed attackers to steal personal data – including emails and financial transactions – of millions.

Jun 14 2019

16mins

Play

Rank #3: The Threatpost Podcast: The Norsk Hydro Cyberattack and Manufacturing Security

Podcast cover
Read more

Norway-based Norsk Hydro announced on Tuesday morning it was victim to a serious ransomware attack, which has forced the global aluminum producer to shut down or isolate several plants and send several more into manual mode, the company said on Tuesday morning.

Threatpost talked to Phil Neray, the VP of Industrial Cybersecurity at CyberX, about how manufacturing firms can avoid a similar cyberattack that Norsk Hydro has undergone.

Mar 19 2019

22mins

Play

Rank #4: The Threatpost Podcast: Tom Kellermann on Top Financial Threats

Podcast cover
Read more

Lindsey O'Donnell with Threatpost talked to Tom Kellermann, Chief Cybersecurity Officer at Carbon Black. Carbon Black at RSA this year unveiled a new report outlining the top attacks that financial firms are facing. According to the report, 67 percent of surveyed financial institutions have reported an increase in cyberattacks over the past 12 months. Kellermann discusses the report's findings and key takeaways.

Mar 06 2019

17mins

Play

Rank #5: Vivin Nets Thousands of Dollars Using Cryptomining Malware

Podcast cover
Read more

Threatpost talks to Nick Biasini, a threat researcher at Cisco Talos, about a recently-uncovered threat actor, dubbed Vivin, has made thousands of U.S. dollars through a large-scale cryptomining campaign.

Jan 22 2020

14mins

Play

Rank #6: News Wrap Podcast For June 21

Podcast cover
Read more

Beyond the regular humdrum of security vulnerabilities and patches this week, a slew of stories covered varying topics ranging from NASA to Tinder. The Threatpost team broke down the top stories of the week, including:

  • A ransomware webinar hosted by Threatpost editor Tara Seals, which included experts from Recorded Future, Malwarebytes and Moss Adams. The webinar looked at the top ransomware trends and threats, and outlined how enterprises can protect themselves.
  • A Florida city hit three weeks ago by a ransomware attack voted this week to pay the hackers a ransom of $600,000.
  • A Threatpost feature, that looked at top dating apps like Match.com and Tinder, found that the services are collecting and sharing a disturbing range  of data, from chat messages to sexual orientation.
  • Rampant security-operations bungling allowed cyberattackers to infiltrate NASA's JPL network, which carries human mission data.

Jun 21 2019

19mins

Play

Rank #7: News Wrap: Coronavirus Scams, Work From Home Security Woes, Pwn2Own

Podcast cover
Read more

For the week ended March 20, Threatpost editors break down the top security stories, including:

  • The various cybercriminal activity - from malware, phishing and other scams - tapping into the coronavirus pandemic
  • The security risks of businesses working from home due to the virus' spread
  • Privacy concerns as more governments use facial recognition and mobile apps for tracking the virus  
  • The results of Pwn2Own, which took place this week

Mar 20 2020

12mins

Play

Rank #8: Sponsored Podcast: Vendors, Suppliers, Partners -- Oh My! Who Will Increase Your Risk of Account Takeover?

Podcast cover
Read more

In this sponsored podcast, Threatpost podcast host Cody Hackett talks to Chip Witt, head of product strategy at SpyCloud, about the account takeover risks posed by third parties. 

Your users’ login credentials are available for sale on the criminal underground -- and criminals know it. For the third year running, the 2019 Verizon Data Breach Report calls out the use of weak and stolen credentials as the most common hacking tactic. 

The best way to protect your organization is to reset stolen employee and consumer credentials before criminals have a chance to use them against you. But what about partners and vendors, who may have access to your network, your customer data, or your IP? If you have these types of direct relationships, you may have additional exposures. 

Oct 09 2019

23mins

Play

Rank #9: Black Hat USA 2019 Preview

Podcast cover
Read more

Las Vegas - Despite bizarre reports of a grasshopper infestation, Black Hat USA 2019 and DEF CON are set to kick off next week in Las Vegas, bringing on a rainstorm of sessions, keynotes and security-themed villages.

The Threatpost team, which will be on the frontlines of next week's shows, discuss what is sticking out to them - from the keynote given by Dino Dai Zovi with Square, "Every Security Team is a Software Team Now," to key sessions and vulnerabilities disclosed in iPhones, 5G and IoT devices.

Jul 31 2019

21mins

Play

Rank #10: IoT Device Security: The Good, The Bad and The Ugly

Podcast cover
Read more

A recent 2020 IoT report found that more than half of IoT devices are vulnerable to medium- or high-severity attacks, making IoT the low-hanging fruit for attackers.

Threatpost talks to Ryan Olson, vice president of Threat Intelligence for Unit 42 at Palo Alto Networks, and May Wang, senior distinguished engineer at Palo Alto Networks and former Zingbox CTO, about the top IoT threats.

Mar 11 2020

25mins

Play

Rank #11: News Wrap: Deepfake CEO Voice Scam, Facebook Data Breach

Podcast cover
Read more

In this week's news wrap ended Sept. 6, the Threatpost team breaks down the biggest news of the week, including:

  • Cybercrooks successfully fooling a company into a large wire transfer using an AI-powered deepfakeof a chief executive's voice (and Facebook, Microsoft and a number of universities joining forces to sponsor a contestpromoting research and development to combat deepfakes)
  • A leaky server exposing phone numbers linked to the Facebook accountsof hundreds of millions of users in the latest privacy gaffe for the social media giant.
  • Facebook allowing its users to opt-out of the Tag Suggestions feature, while at the same time attempting to help users better understand what the feature does.
  • The challenges behind patch management, and why 80 percent of enterprise applications have at least one unpatched vulnerability in them.

Sep 06 2019

21mins

Play

Rank #12: Black Friday Scams, Malware Running Rampant

Podcast cover
Read more

Black Friday and Cyber Monday-related scams are nothing new - but researchers warn that this year,  they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data.

A research report released Tuesday by ZeroFOX uncovered some of the threats that attackers are using to tap into the Black Friday shopping craze, including social media scams, domain impersonation scams, and malware.

Nov 26 2019

17mins

Play

Rank #13: Security Year in Review: Top Stories of 2019

Podcast cover
Read more

From data breaches and the ransomware epidemic, to new regulation and outcry around data privacy, 2019 has been a wild ride for the infosec community. Threatpost breaks down the top news stories, trends and topics for this year.

Dec 20 2019

23mins

Play

Rank #14: News Wrap: Office 365 Voicemail Phish, Bed Bath and Beyond Breach

Podcast cover
Read more

Threatpost editors Tara Seals and Lindsey O'Donnell break down the top security news of this week, from data breaches to Advanced Persistent Threat (APT) activity.  Top stories include:

  • A Microsoft alert that APT group Fancy Bearhas targeted anti-doping authorities and sporting organizations around the world as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020.
  • A report outlining that Chinese state-sponsored hackersare attacking telecom networks to sniff out SMS messages that contain keywords revolving around political dissidents.
  • Bed, Bath and Beyond disclosing a data breachthat allowed the adversaries to access customers' online accounts - and what researchers say the attack may have stemmed from.
  • A nasty phishing campaignthat uses fake voicemail messages to lure victims into revealing their Office 365 email credentials.

Nov 01 2019

18mins

Play

Rank #15: Bypassing Fingerprint Scanners With 3D Printing

Podcast cover
Read more

Researchers with Cisco Talos created threat models outlining how fingerprint scanners could be bypassed utilizing 3D printing technology, and tested them on various mobile devices (including the iPhone 8 and Samsung S10), laptops (including the Samsung Note 9, Lenovo Yoga and HP Pavilion X360) and smart devices (a smart padlock and two USB encrypted pen drives).  Craig Williams, director of Cisco Talos Outreach, walks through the results on the Threatpost podcast.

Apr 08 2020

8mins

Play

Rank #16: WhatsApp Hack: Inside the NSO Group Investigation

Podcast cover
Read more

John Scott Railton, senior researcher at Citizen Lab, led the charge on the investigation into NSO Group and the alleged WhatsApp hack. The lawsuit by WhatsApp parent company Facebook into NSO Group, he said, is a "certified big deal" and will have widespread implications for commercial spyware companies in general.

Oct 30 2019

19mins

Play

Sponsored Podcast: The Perimeter Gets More Personal in 1H 2020

Podcast cover
Read more

Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that the semi-annual FortiGuard Labs Global Threat Landscape Report for the first half of 2020, released Wednesday, reveals an "unprecedented cyber threat landscape."

Aug 13 2020

23mins

Play

Sponsored Podcast: Why IT and OT Security Priorities 'Don't Translate'

Podcast cover
Read more

Information technology (IT) and operational technology (OT) may have many of the same objectives - but too often they don't see eye-to-eye when it comes to priorities, said Andrew Ginter, VP Industrial Security at Waterfall Security Solutions in this sponsored podcast.

Aug 04 2020

26mins

Play

Black Hat 2020 Preview: Election Security, COVID Disinformation and More

Podcast cover
Read more

Despite the coronavirus pandemic pushing the Black Hat USA 2020 conference onto a virtual platform for the first time ever, you can expect the same hot security research and threat intel, high-profile speakers, and vulnerability research being disclosed.

Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell-Welch break down the top sessions, keynotes, speakers and themes to look out for in this week's podcast.

Jul 30 2020

16mins

Play

Sponsored Podcast: Security Lessons Learned In Times of Uncertainty

Podcast cover
Read more

From the coronavirus pandemic breaking out, and corporate workforces going remote, "uncertainty is a key word" for 2020, Derek Manky, Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs said.

Manky talks about the biggest lessons learned so far from 2020, including the most dire threats to date - from sophisticated social engineering lures, to Internet of Things (IoT) vulnerabilities to targeted ransomware attacks.

Jul 28 2020

25mins

Play

News Wrap: Twitter Hack, Apple Vulnerability Disclosure Restrictions Under Fire

Podcast cover
Read more

In this week's Threatpost news wrap podcast, editors Tara Seals and Lindsey O'Donnell-Welch break down the top security news stories, including:

Jul 24 2020

17mins

Play

Lookout: Behind the Scenes of a 7-Year Android Spyware Campaign

Podcast cover
Read more

Christoph Hebeisen, with Lookout, reveals the behind-the-scenes threat intel efforts for discovering a 7-year-old surveillance campaign that was targeting the Uyghur ethnic minority group.

Jul 22 2020

12mins

Play

A 'New Age' of Sophisticated Business Email Compromise is Coming

Podcast cover
Read more

A newly discovered, sophisticated threat group that targets organizations without DMARC implemented and relies on business email compromise is heralding what researchers call "a new age" of business email compromise.

The group, called Cosmic Lynx, is the first reported Russian BEC cybercriminal ring, and it's bringing the once run-of-the-mill email scam attack vector to the next level. The group has been associated with more than 200 BEC campaigns targeting senior-level executives in 46 countries since last July. It uses clear, articulate emails -- with vocabulary like "accretive" and "synergistic" -- that purport to be related to an a "merger and acquisition," keeping with a sensitive theme that targeted employees likely won't discuss.

Jul 13 2020

25mins

Play

Sponsored Podcast: Security Dangers in Rail Systems

Podcast cover
Read more

Jesus Molina, with Waterfall Security, talks to Threatpost host Cody Hackett about the risks that rail operators are facing - from the security issues in railways to the trains themselves - and how railways can stay up-to-date on the best cybersecurity measures by adopting unidirectional gateways and separating enterprise and operational networks.

Jul 07 2020

23mins

Play

EvilQuest: Inside The ‘New Class’ of Mac Malware

Podcast cover
Read more

Mac expert Thomas Reed talks about how the newly discovered EvilQuest ransomware is ushering in a new class of Mac malware.

Jul 01 2020

22mins

Play

AWS Facial Recognition Platform Misidentified Over 100 Politicians As Criminals

Podcast cover
Read more

After months of public concerns surrounding facial recognition's implications for data privacy, surveillance and racial bias, tech companies and governments alike are putting stoppers down on the technology until adequate regulation is proposed.

Threatpost talks to Paul Bischoff, consumer privacy expert with Comparitech, about recent research showcasing flaws in the accuracy of Amazon's facial recognition platform - and why concerns around racial bias and data privacy aren't going away anytime soon.

Jun 29 2020

18mins

Play

News Wrap: Malicious Chrome Extensions Removed, CIA 'Woefully Lax' Security Policies Bashed

Podcast cover
Read more

For the week ended June 19, Threatpost editors Lindsey O'Donnell Welch, Tom Spring and Tara Seals break down the top cybersecurity stories. This week's top news stories include:

  • Google removing 106 Chrome browser extensions from its Chrome Web Store in response to a report that they were being used to siphon sensitive user data.
  • An internal investigation into the 2016 CIA breach condemning the agency's security measures, saying it "focused more on building up cyber tools than keeping them secure."
  • How the insider threat landscape is changing due to work from home - a topic that Threatpost will continue to discuss in its webinar coming up next week (register here).

Jun 19 2020

20mins

Play

Would You Use A Contact-Tracing Coronavirus App?

Podcast cover
Read more

As a world afflicted by the coronavirus pandemic begins to re-open restaurants, retail stores and more, public health officials remain concerned about the spread of the virus. Technology for contact-tracing apps, intended to help citizens track whether they were exposed to someone who has tested positive for the virus, have been created by countries, U.S. states (like Utah) and by tech giants like Apple and Google.

But behind the public health benefits of contact tracing are privacy worries, technology issues like interoperability, and other challenges.  Threatpost discusses the benefits - and the challenges - of contact tracing apps with Steve Moore, chief security strategist at Exabeam.

Jun 11 2020

20mins

Play

News Wrap: Fake Minneapolis Police Breach, Zoom End-To-End Encryption Debate

Podcast cover
Read more

Threatpost editors Lindsey O'Donnell-Welch and Tara Seals discuss the top security news stories of the week, including:

  • Reports emerged earlier this week that the Minneapolis police department had been breached by hacktivist group Anonymous. Security expert Troy Hunt debunked the reports, however.
  • Zoom sparked debate after announcing that it would offer end-to-end encryption to paying users only - explaining that it couldn't offer it to everyone as it needs to work with law enforcement to crack down on platform abuse.

Jun 05 2020

16mins

Play

Sponsored Podcast: Why Identity Access Management is the New Perimeter

Podcast cover
Read more

With the proliferation of cloud in enterprise environments, identity today is very different than how it used to be. Threatpost host Cody Hackett talks to Brian Johnson, CEO and co-founder of DivvyCloud, about how identity access management (IAM) is rapidly changing - and how businesses can keep up.

Jun 02 2020

18mins

Play

Verizon Data Breach Report: Web Application Attacks Skyrocket, Espionage Dips

Podcast cover
Read more

Verizon's 2020 Data Breach Investigations Report (DBIR), released Tuesday, analyzed 32,002 security incidents and 3,950 data breaches across 16 industry verticals. While cyber-espionage attacks and malware decreased, other trends, such as security "errors" (like misconfigurations, etc.), denial of service (DoS) attack and web application attacks saw startling growth.

May 20 2020

25mins

Play

News Wrap: New Ransomware Extortion Tactics, Contact-Tracing App Security Worries

Podcast cover
Read more

Threatpost editors discuss the top news stories of the week ended May 15, including:

May 15 2020

19mins

Play

Sponsored Podcast: Shifting Left With Infrastructure-as-Code

Podcast cover
Read more

Companies are increasingly dealing with a slew of security and compliance issues across cloud services and containers – from AWS to Azure to GCP. Infrastructure as Code (IaC) security capabilities can help companies "shift left" to improve developer productivity, avoid misconfigurations and prevent policy violations.

Threatpost host Cody Hackett talks to Chris Hertz, vice president of cloud security sales at DivvyCloud by Rapid7, about the top trends he's seeing around cloud security and how IaC is helping companies handle security and compliancy.

May 08 2020

19mins

Play

News Wrap: Microsoft Sway Phish, Malicious GIF and Spyware Attacks

Podcast cover
Read more

Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell-Welch talk about the biggest news stories of the week ended May 1, including:

  • A "PhantomLance" espionage campaign discovered targeting specific Android victims, mainly in Southeast Asia — which could be the work of the OceanLotus APT.
  • A highly targeted phishing campaign, uncovered this week, with a Microsoft file platform twist, that successfully siphoned the Office 365 credentials of more than 150 executives since mid-2019.
  • A Microsoft vulnerability found in Microsoft Teams that could have allowed an inside attacker to weaponize a single GIF image and use it to pilfer data from targeted systems and take over all of an organization's Teams accounts.

May 01 2020

20mins

Play

Troves of Zoom Credentials Shared on Hacker Forums

Podcast cover
Read more

Thousands of recycled Zoom credentials have been unearthed on underground forums as cybercriminals tap into remote workers. In this week's podcast, Threatpost does a deep dive into how these credentials are being collected, shared and used. 

Apr 28 2020

19mins

Play

News Wrap: Nintendo Account Hacks, Apple Zero Days, NFL Security

Podcast cover
Read more

For the week ended April 24, Threatpost editors discuss a bevy of recent cybersecurity news stories, including:

  • Apple zero days were disclosed in the iPhone iOS; researchers say they have been exploited for years, but Apple has pushed back and said there's no evidence to support such activity
  • Nintendo confirming that over 160,000 accounts have been hacked, due to attackers abusing a legacy login system
  • With the NFL's virtual draft kicking off this week, security researchers and teams have been sounding off on security issues leading to data theft or denial of service attacks

Apr 24 2020

22mins

Play

iTunes Ratings

19 Ratings
Average Ratings
9
5
4
0
1

Threatpost

By Uncleduke911 - May 30 2019
Read more
Note to podcasters: chose a room with carpets and soft wall surfaces. Use a quality unidirectional mic. Sit closer to mic. Otherwise it’s too fatiguing to listen to your fine podcast. 5G program continues to demonstrate producer indifference to poor audio quality.

Content is usually good, but sound quality makes it unlistenable

By LarryWest42 - Aug 11 2018
Read more
I just noticed earlier reviewers complained about the sound, too. The sound quality is very harsh, no attempt to made to balance volume level, there are easily preventable noises in many episodes. There are literally podcasts made by high school kids who do a better job on the sound quality. Lindsay, Tom: this problem didn't start with you, but it seems to have become worse this year. Why not treat this as news content that you're proud of? Take a class, learn from on-line videos, consult an audiophile friend, ... something.