All topics
This week was a bit of a throwback to olden times, with the disclosure by Amazon threat intelligence of zero days in Cisco and Citrix products that were exploited by an unnamed APT, and Google using legal action to disrupt the Lighthouse phishing service operation. We dig into those two stories, plus we discuss the […]
The financial impacts of cyberattacks are hard to measure - but they lend critical context to conversations around security risk at the boardroom level.
The chain of discovery began with Amazon's security honeypot service, MadPot, which detected exploitation attempts for the Citrix Bleed Two vulnerability (CVE-2025-5777) before its public disclosure
Threat actors are now using LLMs in malware during execution, as a way to alter the malware’s behavior to enable detection evasion and more.
This week saw a blessed lack of major vulnerabilities, but there was plenty of other news to dig into. We discuss the fallout from the AWS outage (0:36), the conclusions from the latest Cyberspace Solarium Commission report (4:37), and the effects of CISA’s shakeup on the private sector (14:07), and the continued effects of the F5 incident […]
The suspected objective of the Lazarus group was the exfiltration of proprietary information and manufacturing expertise, particularly pertaining to UAV technology.
