Insights from recent episode analysis
Audience Interest
Podcast Focus
Publishing Consistency
Platform Reach
Insights are generated by CastFox AI using publicly available data, episode content, and proprietary models.
Most discussed topics
Brands & references
Est. Listeners
Based on iTunes & Spotify (publisher stats).
- Per-Episode Audience
Est. listeners per new episode within ~30 days
10,001 - 25,000 - Monthly Reach
Unique listeners across all episodes (30 days)
25,001 - 75,000 - Active Followers
Loyal subscribers who consistently listen
15,001 - 40,000
Market Insights
Platform Distribution
Reach across major podcast platforms, updated hourly
Total Followers
—
Total Plays
—
Total Reviews
—
* Data sourced directly from platform APIs and aggregated hourly across all major podcast directories.
On the show
From 10 epsHosts
Recent guests
Recent episodes
Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware
May 4, 2026
Unknown duration
Connected Cars Are Rolling Spy Networks — And They Can Be Hacked
May 2, 2026
Unknown duration
WhatsApp Encryption Under Fire After Probe Shut Down
May 1, 2026
Unknown duration
Massive Python Supply Chain Hack, $2.1B Scam Losses, North Korea Targets Crypto Execs
Apr 29, 2026
Unknown duration
Cyber Weapon in Toronto, Grid Attack, Stuxnet Lie Exposed
Apr 27, 2026
Unknown duration
Social Links & Contact
Official channels & resources
Official Website
Login
RSS Feed
Login
| Date | Episode | Topics | Guests | Brands | Places | Keywords | Sponsor | Length | |
|---|---|---|---|---|---|---|---|---|---|
| 5/4/26 |  Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware | Microsoft Defender Deletes Trusted Certificates | 44,000 cPanel Servers Hit by Ransomware Microsoft Defender mistakenly flagged legitimate DigiCert root certificates as malware and removed them from Windows systems, breaking trust chains and causing widespread application failures. The issue was traced to a faulty detection signature (Trojan:Win32/CertyAgent), now fixed in update version 1.449.430.0. At the same time, DigiCert confirmed a separate security incident where attackers compromised support systems and used internal tools to issue valid code-signing certificates. At least 60 certificates were revoked, including 27 linked to the Zong Stealer malware campaign. Meanwhile, a critical cPanel vulnerability (CVE-2026-41940) is being actively exploited. Attackers used the flaw as a zero-day since February, compromising at least 44,000 servers and deploying new SORI ransomware using ChaCha20 and RSA-2048 encryption. Also in this episode: The Linux "Copyfail" privilege escalation bug is now confirmed exploited and added to CISA's Known Exploited Vulnerabilities list A 10/10 critical vulnerability (CVE-2026-37541) in Open Vehicle Monitoring System could allow remote code execution in connected car environments This episode breaks down how these attacks work, why patch timing matters, and where organizations are most exposed right now. Cybersecurity Today would like to thank Material Security for supporting this podcast. Material security provides. faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. Contact them at material[dot]security Suggested Chapters (for retention and SEO) 00:00 Microsoft Defender deletes trusted certificates 02:20 DigiCert breach and stolen code-signing certificates 05:20 cPanel zero-day exploited, 44,000 servers compromised 08:40 Linux Copyfail vulnerability now actively exploited 10:40 Critical flaw in open-source car software | — | ||||||
| 5/2/26 |  Connected Cars Are Rolling Spy Networks — And They Can Be Hacked | Connected cars are no longer just vehicles — they are rolling networks of sensors, cameras, microphones, and constant data transmission. In this Cybersecurity Today Weekend Edition, David Shipley is joined by former CSIS intelligence officer Neil Bisson and cybersecurity expert Federico Simonetti to break down what that really means. They explain how modern vehicles: Continuously report location, behaviour, and system data to the cloud Contain dozens of interconnected computers controlling everything from steering to braking Can be vulnerable to man-in-the-middle attacks, remote access, and system compromise May expose drivers to surveillance — not just by companies, but potentially by nation states The conversation goes beyond theory. Real-world examples are discussed, including: Remote vehicle manipulation demonstrated by security researchers How infotainment systems can become entry points to critical controls Why some countries are already restricting certain vehicles from sensitive locations The panel also tackles the bigger issue: This is not just about one country or one manufacturer. Every connected vehicle expands the attack surface. And while solutions exist — from better authentication to architectural changes — the challenge is no longer technical. It's political, economic, and global. If you think your car is just transportation, this discussion may change your perspective. 00:00 Connected Cars: More Than Just Vehicles 01:20 Meet the Panel: Intelligence and Cybersecurity Perspectives 03:10 Every Car Is Now a Networked Computer 06:00 Surveillance Risks: Are Cars "Rolling Spy Vans"? 09:10 What Intelligence Agencies Can Do With Car Data 12:30 Sensors, GPS, Cameras — What Your Car Collects 16:20 Real Example: Tesla Camera Privacy Incident 19:00 Can Hackers Take Control of a Car? 22:30 Real-World Hacks: Jeep and Nissan Cases 26:40 The Regulatory Gap: No Enforced Cybersecurity Standards 30:10 Why Governments Are Struggling to Act 34:00 Cheap EVs vs National Security Risks 37:40 Can Software Fix the Problem? 41:20 Global Response: China, US, and Europe 45:10 Policy Ideas: Kill Switches, Car Bill of Rights 49:00 Prevention vs Detection in Cybersecurity 52:30 Are We Already Too Exposed? 55:10 Final Thoughts: Can Connected Cars Be Made Safe? | — | ||||||
| 5/1/26 |  WhatsApp Encryption Under Fire After Probe Shut Down | A U.S. federal investigation into WhatsApp encryption was shut down before reaching a conclusion — after an internal claim suggested Meta systems may access message content in ways that conflict with public descriptions. In this episode of Cybersecurity Today, Jim Love breaks down what's known, what isn't, and why the story isn't going away. Also in this episode: A newly disclosed Linux vulnerability (CVE-2026-31431) allows an unprivileged local attacker to gain root permissions — using a flaw that may have existed since 2017 BlueKit, a new phishing toolkit, shows how AI is now being built directly into cybercrime platforms More than three million Alberta voter records exposed after being posted online — not by hacking, but by alleged misuse of legally distributed data These stories highlight a growing pattern: the biggest risks aren't always new attacks — they're often hidden in how systems are designed, used, and trusted. Chapters: 00:00 WhatsApp encryption investigation shut down 02:15 Linux "copy fail" root vulnerability explained 04:30 BlueKit AI phishing platform 06:30 Alberta voter data leak Cybersecurity Today delivers clear, factual reporting on the stories that matter to IT professionals, business leaders, and anyone responsible for protecting data and systems. | — | ||||||
| 4/29/26 |  Massive Python Supply Chain Hack, $2.1B Scam Losses, North Korea Targets Crypto Execs | A major open source Python tool was hijacked in a supply chain attack, exposing developer credentials, cloud secrets, and crypto wallets. Meanwhile, the FTC says Americans lost more than $2.1 billion to scams that began on social media, with Facebook leading reported losses. Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst. Also in today's Cyber Security Today: Brazilian hackers return with fake Minecraft cheat downloads carrying credential-stealing malware A new ransomware strain destroys victim files so badly even paying the ransom may not help North Korean threat actors target crypto executives using fake Zoom and Teams meetings powered by AI deception tactics If you work in IT, cybersecurity, finance, or simply want to stay safe online, this episode breaks down what matters and what to watch next. Stories covered in this episode are based on reporting summarized in the show transcript. #cybersecurity #ransomware #scams #python #hacking #northkorea #cryptocurrency #malware #technews | — | ||||||
| 4/27/26 |  Cyber Weapon in Toronto, Grid Attack, Stuxnet Lie Exposed | A rogue cyber weapon drove through Toronto blasting scam texts to thousands of phones. A major U.S. critical infrastructure provider confirms a cyberattack. And researchers reveal that Stuxnet may not have been the first cyber weapon after all. In today's Cybersecurity Today with David Shipley: • First known SMS blaster case in Canada uncovered in Toronto • Itron, a major utility technology supplier, discloses cyber intrusion • Researchers say a 2005 malware campaign predates Stuxnet • Venezuela energy sector attack reveals destructive "Lotus Wiper" malware • Why AI-powered attacks may change critical infrastructure risk forever If you care about cybersecurity, nation-state threats, infrastructure risk, and real-world attacks, this episode is essential listening. Hosted by David Shipley. Cybersecurity Today thanks Meter for supporting this podcast. Meter delivers a complete networking stack — wired, wireless, and cellular — in one integrated solution built for performance and scale. Learn more at Meter.com/cst. Chapters 00:00 Intro 00:36 Toronto SMS Cyber Weapon 05:12 Critical Infrastructure Supplier Hit 09:28 Stuxnet History Rewritten 14:32 Venezuela Energy Sector Attack 19:05 Final Thoughts #Cybersecurity #Stuxnet #CyberAttack #Toronto #CriticalInfrastructure #Hacking #Itron #CyberNews #DavidShipley | — | ||||||
| 4/25/26 |  Cybersecurity Today Weekend: Deepfakes, the Death of Truth, and Verifying AI in the Enterprise | 📍 again, we'd like to thank Meter for their support in bringing you this podcast Meter delivers full stack networking infrastructure, wired, wireless, and cellular to leading enterprises. Working with their partners, meter designs, deploys and manages everything required to get performant, reliable and secure connectivity in a space. They design the hardware, the firmware, they build the software, they manage deployments, and they run support. It's a single integrated solution that scales from branch offices to warehouses and large campuses to data centers. Book a demo at meter.com/htt. That's METE r.com/htt. If you're around on the weekend, join us for Project Synapse as we will go through the weak in ai. We'll be going through the climate crisis, the Mythos escape, and. The, we'll be going through the new image generation, the climate crisis, the Mythos escape, and probably a lot more. And if you're not around on the weekend, we'll catch you Monday morning, and if you're not around on the weekend, I'll be back with the tech news on Monday morning. | — | ||||||
| 4/24/26 |  Inside The Vercel Supply Chain Exploit | Inside the Vercel Breach: Highlighting OAuth Token Risk In a special edition of Cybersecurity Today, host Jim Love and guest Jamie Blasco (CTO, Nudge Security) discuss Vercel, a major developer hosting platform, and a breach tied to OAuth grants and shadow AI. Reporting shared by Contrast Security's David Lindner describes how a Context AI employee downloaded Roblox AutoFarm scripts, got infected with an info stealer, and attackers harvested credentials, compromised Context AI, then used an over-permissioned OAuth token from a Vercel employee who had signed up to Context AI with an enterprise account and clicked "allow all," with Vercel working with Mandiant on a breach allegedly being sold for $2 million. The episode emphasizes that MFA may not mitigate OAuth abuse, urges admin-managed consent, continuous inventory and auditing of OAuth grants, and better visibility into risky third-party app access across Google Workspace and Microsoft 365. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Special Edition Intro 00:14 Sponsor Message Meter 00:33 Supply Chain Hack Setup 01:16 Breach Seen In Wild 02:36 Meet Jamie Blasko 02:56 Who Is Vercel 04:34 How The Breach Happened 05:58 Context AI And Shadow IT 07:58 OAuth Controls And Audits 09:11 Impact And Open Questions 11:24 Why MFA Falls Short 12:22 Where To Get Help 14:07 Host Takeaways OAuth Risk 14:53 What To Do Next 16:06 Wrap Up And Feedback 16:42 Sponsor Close Meter 17:24 Final Sign Off | — | ||||||
| 4/22/26 |  Vercel Breach Started With AI Tool✨ | Vercel breachAI tools+2 | — | Context AINext.js+11 | — | Context AIGoogle OAuth+3 | Meter | 10m 42s | |
| 4/20/26 |  Security Researcher Goes To War Against Microsoft✨ | Microsoft vulnerabilitiesNIST National Vulnerability Database+3 | — | FortiSandboxWindows+10 | — | Windows exploitsprivilege escalation+4 | Meter | 20m 47s | |
| 4/18/26 |  Cybersecurity Today Month in Review of March/April 2026✨ | RSAC AI HypeAgentic Risks+8 | David ShipleyLaura Payne | IntuneOpenClaw+7 | — | AICybersecurity+4 | Meter | 1h 02m 21s | |
Want analysis for the episodes below?Free for Pro Submit a request, we'll have your selected episodes analyzed within an hour. Free, at no cost to you, for Pro users. | |||||||||
| 4/17/26 |  Cisco Warns Webex Customers Of Critical SSO Problem✨ | WebEx SSO Vulnerabilitybooking.com Reservation Hijacking+2 | — | Control HubWindows 11 Recall+7 | — | CVE-2026-2184CVE-2026-2131+3 | Meter | 12m 41s | |
| 4/15/26 |  North Korean Spies DM You On Facebook✨ | Android Mirax RATNorth Korea's Friend-Request Hacks+2 | — | Mirax AndroidMeta+13 | North Korea'sNorth Korea | cybersecuritymalware+4 | MeterPOD25 | 19m 55s | |
| 4/13/26 |  Banks Panic As Anthropic Mythos Exposes Software Vulnerabilties✨ | bankingAI vulnerabilities+2 | — | MythosProject Glasswing+8 | U.S.U.K. | systemic riskzero-days+3 | Meter | 19m 13s | |
| 4/11/26 |  Jeff Williams CTO Cofounder of Contrast Security and OWASP co-founder on Mythos and AI Security✨ | AI-Powered AppSecOWASP Origins+7 | Jeff Williams | MythosOrigins+8 | — | Contrast Securityruntime instrumentation+3 | Meter | 35m 43s | |
| 4/9/26 |  Fortinet EMS Zero-Day, Anthropic's AI Finds Thousands of Bugs, Iranian Hackers Target US ICS✨ | Fortinet EMS Zero-DayAnthropic AI+2 | — | ClaudeMythos+11 | USNorth Korea+1 | cybersecurityzero-day+3 | Meter | 15m 59s | |
| 4/7/26 |  North Korea's $285M Crypto Heist, China Breaches FBI System, Delve Faces New Allegations✨ | North Koreacrypto heist+3 | — | Drift ProtocolAxios+15 | North Korea'sChina+4 | Drift ProtocolCarbon Vote Token+3 | Meter | 16m 12s | |
| 4/3/26 |  Electric Vehicles and EV Security - Steve Visconti CEO of Xiid Corporation with David Shipley✨ | Electric VehiclesEV Security+2 | Steve Visconti | Xiid CorporationCybersecurity Today+2 | — | hackersdisruption+3 | Meter | 26m 38s | |
| 4/1/26 |  Cisco Breached: Source Code Stolen - Cybersecurity Today | Cisco Source Code Stolen in Trivy Fallout, Axios Supply Chain Attack, and Active Exploitation of Fortinet and Citrix Flaws David Shipley reports multiple major security incidents: attackers used credentials stolen in the Trivy supply-chain attack via a malicious GitHub action to breach Cisco's internal development environment, clone 300+ GitHub repos, steal source code (including AI products) and AWS keys, and impact customer-related code; Cisco contained the breach, re-imaged systems, and rotated credentials. A separate supply-chain attack hit the widely used JavaScript library Axios after its maintainer account was compromised, pushing poisoned NPM versions that installed a dropper/RAT via a fake dependency; users are told to downgrade affected versions, remove the dependency, rotate credentials, and review CI/CD logs. Active exploitation is confirmed for a Fortinet FortiClient EMS SQL injection (CVE-2026-21643) and for critical Citrix NetScaler flaws (CVE-2026-3055, possibly alongside CVE-2026-4368). Anthropic accidentally exposed details of a new model, "Code Mythos," described as highly capable in reasoning, coding, and cybersecurity. Finally, TechCrunch reports escalating allegations that compliance startup Delve helped fabricate audit evidence and worked with weak auditors. The episode also marks show episode 1,500. 00:00 Headlines and Sponsor 00:54 Cisco Trivy Breach 02:28 Axios NPM Attack 04:12 Fortinet SQLi Exploited 06:24 Citrix Bleed Returns 08:05 Anthropic Model Leak 10:24 Fake Compliance Scandal 12:30 Episode 1500 Milestone 14:03 Sponsor Closing Message | — | ||||||
| 3/30/26 |  Russian State Hackers Go After IoS Devices | Mac Malware 'Infinity Stealer,' DarkSword iOS Exploits, China Telecom Espionage & TeamTNT Supply Chain Hits Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst David Shipley reports from Seoul on major threats: Malwarebytes details Infinity Stealer, a new macOS info-stealer delivered via "ClickFix" social engineering and built as a compiled Python payload (Nuitka) that steals browser credentials, Keychain data, crypto wallets, and developer secrets while notifying attackers via Telegram. Proofpoint links Russia-aligned TA446 (Cold River/Star Blizzard) to spear-phishing using the DarkSword iOS exploit kit to deliver GhostBlade, with DarkSword now leaked on GitHub and Apple pushing unusual on-device warnings for vulnerable iOS versions. Rapid7 describes China-linked "Red Menshen" using the kernel-level BPFdoor backdoor to persist in global telecom networks. TeamTNT compromises the Telnyx PyPI package with WAV-steganography payloads that steal secrets and target Kubernetes. Iran-linked activity includes a symbolic FBI director email breach and escalating, deliberate healthcare disruption via attacks on Stryker and a Pay2Key incident. 00:00 Show Intro and Sponsor 00:53 Mac ClickFix Stealer 03:25 Dark Sword iOS Exploits 06:30 China Telecom Backdoor 08:47 TeamTNT PyPI Supply Chain 12:20 Iran Cyber and Healthcare 17:41 Wrap Up and Thanks 18:43 Sponsor Message | — | ||||||
| 3/28/26 |  RSAC Recap: Agentic AI and Interview With Commvault CISO Bill O'Connell | RSAC Recap: Agentic AI Takes Over, Security Funding Shifts, and Why CISOs Must Focus on Resilience Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst Jim Love and co-host David Shipley recap the RSA Conference in San Francisco, noting that "zero trust" marketing has faded and "agentic AI" (especially "agentic SOC") dominated vendor messaging. David highlights a major market shift: AI is pressuring cybersecurity company valuations and could reduce funding, accelerate consolidation, and raise security costs due to heavy compute requirements, even as demand increases. They discuss how AI disproportionately benefits attackers, including new phishing-as-a-service capabilities, while organizations cut security hiring in anticipation of AI gains. David's standout booth, MindGuard, used a 1990s metaphor to argue AI security is as immature as cybersecurity was decades ago. He also interviews Commvault CSO Bill O'Connell on the evolving CISO role, communicating risk, the importance of recovery and "ResOps," and celebrating CISOs, including Time magazine's CISO of the year concept. 00:00 Weekend Show Kickoff 00:46 RSAC Recap Setup 01:06 Zero Trust Is Dead 01:48 Agentic SOC Everywhere 03:41 AI Shifts Security Valuations 06:55 Peak Security And Consolidation 07:55 Costs And Layoffs Warning 09:35 Attackers Gain The Edge 11:48 RSAC Booth Spectacle 13:39 MindGuard Nineties Metaphor 15:40 Commvault CISO Interview Begins 17:22 Backup To Cyber Resilience 18:04 Modern CISO Role Evolution 19:55 Translating Risk For Leaders 21:44 Risk Versus FUD 22:22 AI Hype And CISO Relevance 23:29 Defining AI And Controls 24:33 Agentic AI And Backups 25:49 Resilience Over Prevention 27:52 ResOps And Practicing Recovery 31:06 Advice For New CISOs 33:30 Celebrating The CISO Role 35:43 Is The Job Worth It 37:06 Host Wrap And Audience Feedback 39:18 Korea Trip And Show Signoff 40:13 Sponsor Message And Closing | — | ||||||
| 3/27/26 |  Anonymous Tip System Breach May Expose Tipsters | Anonymous Tip System Breach Exposes Millions of Records, Google Warns Q-Day by 2029, and New AI Documentation Supply-Chain Risks Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst Jim Love reports that a breach at P3 Global Intel, whose tip-submission systems are used by police, government agencies, and schools, allegedly exposed over 8 million submissions including highly sensitive personal data and raised concerns about anonymity due to features that could disclose tipster IP information; the company says it has not confirmed misuse. Google warns "Q Day," when quantum computers could break widely used public-key encryption, may arrive as early as 2029, intensifying urgency around "harvest now, decrypt later" and adoption of post-quantum cryptography standards. The episode also highlights AI-era supply-chain threats where community-generated documentation can be poisoned with indirect prompt injections that influence AI-generated code, and notes upcoming GitHub Copilot policy changes to use prompts and code context from certain users for training unless they opt out, making data governance critical. 00:00 Headlines And Sponsor 00:45 Anonymous Tip Line Breach 03:42 Quantum Q Day Timeline 06:10 Poisoned Documentation Attacks 08:57 Copilot Training Data Changes 10:27 Wrap Up And Meter Thanks | — | ||||||
| 3/25/26 |  RSAC Presenter Says "Time to Kill One of Cybersecurity's Most Overworked Terms" | RSAC: Retiring "APT," FCC's US-Made Router Ban, Zoom Call Scraping, Iran-Targeting Wiper, and Cyber Terrorism Insurance From RSAC 2026, host David Shipley highlights ESET researcher Robert Lipowsky's argument to retire the overused "advanced persistent threat" label and instead describe actors by motivation and activity, noting blurred lines between nation-state and criminal tooling. He also reports RSAC vendor trends (zero trust fading, "agentic AI" everywhere) and standout booth themes. In Washington, the FCC bans authorization of any new Wi‑Fi router models not made in the United States, citing supply-chain risk and attacks like Volt Flax and Salt Typhoon, impacting an industry largely manufacturing abroad unless exemptions are granted with plans to reshore. The episode details Webinar TV allegedly joining public Zoom links to record calls and publish AI-generated podcast recaps, and a Kubernetes-targeting campaign linked to the Trivy supply-chain attack that deploys an Iran-checking wiper. Finally, Treasury seeks comments on expanding the terrorism risk insurance backstop (TRIP) to cover cyber losses. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Sponsor Meter Intro 00:18 Headlines Preview 00:58 Retiring The APT Label 02:51 RSAC Floor Trends 05:08 FCC Router Ban 06:43 Zoom Calls Turned Podcasts 09:29 Iran Targeting Wiper 10:57 Cyber Terrorism Insurance Debate 13:15 Wrap Up And Thanks 13:44 Sponsor Meter Outro | — | ||||||
| 3/23/26 |  Startup Accused Of Helping Fake Privacy and Security Audits | Compliance Startup Audit-Faking Claims, Trivy Supply-Chain Backdoor, Russia Targets Signal/WhatsApp, and Iran-Linked Stryker Disruption Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst This episode covers allegations that Y Combinator-backed compliance startup Delve helped customers fake privacy and security audits by generating fabricated evidence that auditors then rubber-stamped, alongside Delve's denial and a report of sensitive Delve data being externally accessible. It also details a TeamTNT/Team PCP-style supply-chain compromise of Aqua Security's Trivy scanner via GitHub build and tag tampering, briefly distributing a backdoored release that stole cloud credentials, SSH keys, tokens, and more, with guidance to treat affected environments as fully compromised and rotate secrets. The FBI and CISA warn of Russian intelligence-linked phishing targeting Signal and WhatsApp accounts through social engineering and malicious QR codes. Finally, it describes the real-world impact of an Iran-linked Handala cyberattack on Stryker, disrupting custom implant logistics and delaying surgeries. 00:00 Sponsor Message Meter 00:18 Headlines Overview 00:48 Delve Audit Allegations 03:27 Trivy Scanner Backdoor 06:01 Russian Phishing Signals 08:54 Stryker Attack Fallout 11:30 Wrap Up And RSAC 11:48 Sponsor Message Meter | — | ||||||
| 3/21/26 |  The Fundamental Mistake in Cybersecurity Risk Management | Cybersecurity Isn't Managing Risk—It's Managing Threats... And That's the Problem Host David Shipley speaks with Jeff Gardiner, a former university CISO and now at Morgan Stanley, about Gardiner's doctoral research arguing that cybersecurity has structurally misclassified "risk management" as threat management. Gardiner explains that real risk is an expected loss calculation (impact × likelihood), while many cybersecurity frameworks and training emphasize vulnerabilities, exploitability, and system configuration without likelihood or business impact. He describes examples where teams labeled unlikely issues as "extremely high risk," discusses interviews where leaders universally expect cybersecurity staff to be risk managers, and cites findings that only about 11% of cybersecurity professionals actually perform risk calculations. Gardiner outlines a practical approach using qualitative likelihood and impact scales, prioritization, and clearer business framing, and notes ongoing discussions with NIST to improve the NICE framework. Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst 00:00 Sponsor Message 00:19 Meet Jeff Gardiner 01:51 Career Journey Origins 03:23 TLS Risk Epiphany 05:06 What Is Compute Canada 06:38 Risk Versus Threat 08:35 Why Labels Matter 11:13 Likelihood And Impact 12:26 Teaching Risk Qualitatively 15:29 Why Prioritize Risk 20:36 Training Frameworks Flaw 25:13 Research Frustrations 25:51 Risk Management Wins 26:44 Why CISOs Burn Out 27:43 Speaking Executive Risk 29:22 Teach Risk Broadly 31:36 Biases and Better Judgments 35:17 Sexy Scary vs Real Risk 36:12 Convincing the Room 39:15 Start Simple Frameworks 41:36 Risk Quadrants and Delegation 45:30 Mentorship and NIST V3 47:57 Wrap Up and Sponsor | — | ||||||
| 3/20/26 |  FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack: Cybersecurity Today | FBI Seizes Iran-Linked Handala Leak Site After Stryker Intune Wipe Attack; Apple iPhone Exploit Patch; North Korean Fake IT Workers Grow Cybersecurity Today would like to thank Meter for their support in bringing you this podcast. Meter delivers a complete networking stack, wired, wireless and cellular in one integrated solution that's built for performance and scale. You can find them at Meter.com/cst The episode reports that the FBI has seized the data leak site used by the Iran-linked hacktivist group Handala, which has been widely linked to the Stryker attack where attackers compromised admin accounts, stole data, and used Microsoft Intune to remotely wipe and factory reset roughly 80,000 managed devices. CISA and Microsoft warn organizations to harden Intune and identity controls with least privilege, role-based access, MFA, conditional access, and requiring multi-admin approval for sensitive actions like device wipes. Apple urges iPhone users to update after fixing actively exploited flaws used in targeted, sophisticated campaigns, noting risks even for those who think Apple devices aren't targeted. The show also highlights new FLAIR research showing North Korean operatives continue infiltrating Western firms as remote IT workers using stolen or fabricated identities, exploiting weak hiring verification and broad access. LINKS https://flare.io/learn/resources/north-korean-infiltrator-threat 00:00 Sponsor Message Meter 00:19 Headlines And Intro 00:46 FBI Seizes Handala Leak Site 02:31 CISA And Microsoft Intune Guidance 04:37 Apple iPhone Update Warning 06:10 North Korean Fake IT Workers 07:56 Links Sharing And Wrap Up 08:29 Sponsor Thanks And Sign Off | — | ||||||
Showing 25 of 100
Sponsor Intelligence
Sign in to see which brands sponsor this podcast, their ad offers, and promo codes.
Chart Positions
25 placements across 22 markets.
Chart Positions
25 placements across 22 markets.