A "by Hackers for Hackers" podcast focused on technical content ranging from bug bounty tips, to write-up explanations, to the latest hacking techniques.
…
continue reading
Bug Bounty Podcasts
The show that decrypts the secrets of offensive cybersecurity, one byte at a time. Every week I invite you into the world of ethical hacking by interviewing leading offensive security practitioners. If you are a penetration tester, bug bounty hunter, red teamer, or blue teamer who wants to better understand the modern hacker mindset, whether you are new or experienced, this show is for you.
…
continue reading
A Podcast about bugs, bounties and its researchers. Hosted by Fisher.
…
continue reading
Behind The Bounty gives you an inside look at the community and people that make bug bounties happen. Hosted by Ben Sadeghipour (NahamSec) and Nathanial Lattimer (d0nut).
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
We’re planting the seeds of fun with the only gardening podcast that’s just for kids! Welcome to Gro-Town where we celebrate the world outside our windows! Join Miss Danielle for growing tips, music, special guests, and a bounty of laughs along the way. Music. Garden. Community. Gro-Town! Continue the fun at https://www.gro-town.com/
…
continue reading
The Cyber Riddler is a podcast that discusses interesting topics in the field of information security. It explores different areas and situations in real-life cyber security engagements and activities. Episodes feature guests from different backgrounds such as hackers, security analysts, cyber security managers, bug bounty hobbyists and more.
…
continue reading
Hacks, scams, cyber crimes, and other shenanigans explored and explained. Presented by your friendly neighborhood cybersecurity gal Michele Bousquet.
…
continue reading
On WE’RE IN!, you'll hear from the newsmakers and innovators who are making waves and driving the cyber security industry forward. We talk to them about their stories, the future of the industry, their best practices, and more.
…
continue reading
Hack for Fun and Profit is a weekly podcast for anyone who is interested in ethical hacking. The topics include bug bounty hunting, penetration testing, red teaming and many more. Sit back and enjoy stories, tips and tricks that will inspire you. For subscription-only episodes, enroll using this link: https://anchor.fm/thehackerish/subscribe
…
continue reading
Broadcasting Ideas and Connecting Minds at the Intersection of Cybersecurity, Technology and Society. Founded by Sean Martin and Marco Ciappelli in 2015, ITSPmagazine is a multimedia platform exploring how technology, cybersecurity, and society shape our world. For over a decade, we've recognized this convergence as one of the most defining forces of our time—and it's more critical than ever. Our global community encourages intellectual exchange, challenging assumptions and diving deep into ...
…
continue reading
The Three Buddy Problem is a popular Security Conversations podcast that goes beyond industry talking points to discuss what others won’t -- nation-state malware, attribution, cyberwar, ethics, privacy, and the messy realities of securing computers and corporate networks. Hosted by three veteran security pros -- journalist Ryan Naraine and malware paleontologists Costin Raiu and Juan Andres Guerrero-Saade -- the weekly show attracts a highly engaged audience of security researchers, corporat ...
…
continue reading
Welcome to eCommerceAholic, where we help you get more from your eCommerce store.
…
continue reading
If you know how attacks work, you’ll know exactly where to look—whether you’re breaking in as an ethical hacker or defending as a blue teamer. Hacked & Secured: Pentest Exploits & Mitigations breaks down real-world pentest findings, exposing how vulnerabilities were discovered, exploited, and mitigated. Each episode dives into practical security lessons, covering attack chains and creative exploitation techniques used by ethical hackers. Whether you're a pentester, security engineer, develop ...
…
continue reading
SecureMac presents The Checklist. Hosted by Ken Ray, each week The Checklist hits security topics for your Mac and iOS devices. From how-to's and safety tips, to security news of the day, The Checklist by SecureMac takes a conversational, solutions oriented approach to security for the average user. Check in each Thursday for a new Checklist!
…
continue reading
Welcome to Smarter Online Safety: Protect, Empower, Transform—your go-to channel for digital security, AI productivity, and digital transformation. As cyber fraud, identity theft, and AI-driven risks grow, Jocelyn King, “The Queen of Online Safety,” is here to help you stay secure and thrive. A Top 10 Woman in Cybersecurity, speaker, and educator, she has been featured on Dr. Phil, prime-time news, international radio, and top podcasts. 💡 What You’ll Learn: ✔️ Protect yourself & your family ...
…
continue reading
Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, ou ...
…
continue reading
A podcast about the makers and breakers shaping cybersecurity. New episodes every other Monday! Go to https://hackerculture.fm for more information!
…
continue reading
Welcome to Behind the Binary, the podcast that introduces you to the fascinating people, technology, and tools driving the world of reverse engineering. Join your host, Josh Stroschein, a reverse engineer with the FLARE team at Google, and someone passionate about sharing knowledge and shedding light on the art of reverse engineering, as he sits down with intriguing guests to explore the human side of this profession. Behind the Binary goes beyond the code, sharing the stories, motivations, ...
…
continue reading
Hacker Talk brings you interesting conversation between some of the world best hackers, cyber security professionals and information security people.
…
continue reading
In "Surfacing Security," we explore a variety of cybersecurity topics relevant to Attack Surface Management and beyond. Your co-hosts are Michael Gianarakis (Assetnote Co-Founder/CEO) and Shubham Shah (Assetnote Co-Founder/CTO).
…
continue reading
The Business Security (BizSec) Podcast. Hosts Beau Woods and Dave Kennedy analyze and discuss the latest business news in the information and technology security world, as well as a bigger picture theme each episode. Follow us @bizsecpodcast
…
continue reading
STEM brother Basir Vincent podcast sharing small connect with the Tech bytes to encourage thought about STEM and STEAM engagement. Cover art photo provided by Oliver Pecker on Unsplash: https://unsplash.com/@ollipexxer
…
continue reading
Building better software, one incident at a time. Host Kevin Riggle talks with software engineers about that time they broke production. Whether you're an industry professional, or just curious about what makes the modern Internet run and what happens when it breaks, we bring you stories you haven't heard elsewhere. This is the audio version of the podcast. Watch on YouTube: https://youtube.com/@critical-point Produced by Complex Systems Group (https://complexsystems.group). Part of Critical ...
…
continue reading
Join us as we watch and discuss the entire Star Wars Canon from The Phantom Menace to the Force Awakens and beyond! Co-hosts Mondo, Joe (both from Not the Show) and with Ty (from Geek Fight Club's Chaos Inc.) talk about what they love and hate about The Saga.
…
continue reading
An insanely enjoyable Bitcoin podcast with a strong focus on liberty. Every Thursday, we chat about how Bitcoin sets the world free and share the latest cryptocurrency news and general Bitcoin talk. Guests have included: - Mastering Bitcoin author Andreas Antonopoulos - Liberty.me CLO Jeffrey Tucker - Antiwar.com editor Angela Keaton - Bitcoin/liberty activist Michele Seven - Jason King from Sean's Outpost Homeless Outreach - Drew Phillips from Bitcoin Not Bombs - Numerous other Bitcoin-lovi ...
…
continue reading
1
Episode 152: GeminiJack and Agentic Security with Sasi Levi
1:21:36
1:21:36
Play later
Play later
Lists
Like
Liked
1:21:36
Episode 152: In this episode of Critical Thinking - Bug Bounty Podcast we’re joined by Sasi Levi from Noma Security to talk about AI and Agentic Security. We also talk about ForcedLeak, a Google Vertex Bug, and debate if Prompt Injection is a real Vuln. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to s…
…
continue reading
1
Responsible Disclosure and Bug Bounty Programs: Webinar
24:38
24:38
Play later
Play later
Lists
Like
Liked
24:38
Adam Logue, Independent Security Researcher and Synack Red Teamer, discusses his experiences with responsible disclosure and bug bounty programs, and provides a fascinating technical deep dive into a vulnerability he found in Microsoft 365 Copilot during a client-facing engagement. Timestamps: 00:49 - Adam's background with responsible disclosure a…
…
continue reading
1
A Practical Look at Incident Handling: How a Sunday Night Bug Bounty Email Triggered a Full Investigation | A Screenly Brand Spotlight Conversation with Co-founder of Screenly, Viktor Petersson
17:48
17:48
Play later
Play later
Lists
Like
Liked
17:48
This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validat…
…
continue reading
1
The Truth About Bug Bounties & Cyber Risks
43:25
43:25
Play later
Play later
Lists
Like
Liked
43:25
Grant McCracken joins Jocelyn King on this episode of Smarter Online Safety to demystify bug bounties, penetration testing, AI security and the human mistakes that fuel most breaches. If you want practical, non-technical advice for protecting your business (or the businesses you rely on), this is the episode to watch. What we cover: 1. What a bug b…
…
continue reading
Ever get your hair cut and wonder, "Is my barber part of an international scammer ring?" In November 2025, the FBI arrested Victor Marion, the owner of Mecca Barber Shop in San Diego, and eighteen of his buddies for scamming elderly victims out of $40 million with the classic tech support and refund scams, and for laundering the funds through the s…
…
continue reading
1
SANS Stormcast Monday, December 15th, 2025: DLL Entry Points; ClickFix and Finger; Apple Patches
6:45
6:45
Play later
Play later
Lists
Like
Liked
6:45
Abusing DLLs EntryPoint for the Fun DLLs will not just execute code when some of their functions are called, but also as they are loaded. https://isc.sans.edu/diary/Abusing%20DLLs%20EntryPoint%20for%20the%20Fun/32562 Apple Patches Everything: December 2025 Edition Apple released patches for all of its operating systems, fixing two already exploited…
…
continue reading
1
Black Hat Europe 2025 Wrap-Up: Suzy Pallett on Global Expansion, AI Threats, and Defending Together | On Location Coverage With Sean Martin & Marco Ciappelli
19:19
19:19
Play later
Play later
Lists
Like
Liked
19:19
____________Guests: Suzy Pallett President, Black Hat. Cybersecurity. On LinkedIn: https://www.linkedin.com/in/suzy-pallett-60710132/ The Cybersecurity Community Finds Its Footing in Uncertain Times There is something almost paradoxical about the cybersecurity industry. It exists because of threats, yet it thrives on trust. It deals in technical co…
…
continue reading
In this powerful episode of Smarter Online Safety, Jocelyn King talks with Roger Canaff — former New York City special victims prosecutor, survivor advocate, and legal thriller author — about how predators operate online, the rise of AI “nudify” tools, and concrete steps parents and caregivers can take to protect kids and support survivors. What yo…
…
continue reading
1
SANS Stormcast Friday, December 12th, 2025: Local AI Models; Mystery Chrome 0-Day; SOAPwn Attack
6:56
6:56
Play later
Play later
Lists
Like
Liked
6:56
Using AI Gemma 3 Locally with a Single CPU Installing AI models on modes hardware is possible and can be useful to experiment with these models on premise https://isc.sans.edu/diary/Using%20AI%20Gemma%203%20Locally%20with%20a%20Single%20CPU%20/32556 Mystery Google Chrome 0-Day Vulnerability Google released an update for Google Chrome fixing a vulne…
…
continue reading
1
Legal corruption, React2Shell exploitation, dual-use AI risks
2:12:25
2:12:25
Play later
Play later
Lists
Like
Liked
2:12:25
(Presented by ThreatLocker: Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 76: On the show this week, Costin walks through how a single Romanian documentary kick-started nationwide protests, exposing how corruption can be perfectly legal when the law itself is gamed, and wh…
…
continue reading
1
Oscar-Nominated Filmmaker Pen Densham on Writing, Cinematography, Photography, Creativity and the Freedom of Breaking the Rules | Audio Signals Podcast With Marco Ciappelli
46:24
46:24
Play later
Play later
Lists
Like
Liked
46:24
Oscar-Nominated Filmmaker Pen Densham on Writing, Cinematography, Photography, Creativity and the Freedom of Breaking the Rules There's a particular kind of magic that happens when a storyteller stops trying to please the market and starts listening to their soul. Pen Densham knows this better than most—he's lived it across three different mediums,…
…
continue reading
1
SANS Stormcast Thursday, December 11th, 2025: Possible CVE-2024-9042 variant; react2shell exploits; notepad++ update hijacking; macOS priv escalation
6:58
6:58
Play later
Play later
Lists
Like
Liked
6:58
Possible exploit variant for CVE-2024-9042 (Kubernetes OS Command Injection) We observed HTTP requests with our honeypot that may be indicative of a new version of an exploit against an older vulnerability. Help us figure out what is going on. https://isc.sans.edu/diary/Possible%20exploit%20variant%20for%20CVE-2024-9042%20%28Kubernetes%20OS%20Comma…
…
continue reading
1
EP20 Windows Under the Hood: Kernel Design, EDRs, and the Shift to VBS with Pavel Yosifovich
1:10:25
1:10:25
Play later
Play later
Lists
Like
Liked
1:10:25
In this episode, we get a unique look at the history of Windows through the eyes of one of its leading experts, Pavel Yosifovich. We delve into his fascinating origin story, including the "fluke" that led him to become the author of the legendary Windows Internals series, and why he describes himself as a developer who "hates security." The convers…
…
continue reading
1
SANS Stormcast Wednesday, December 10th, 2025: Microsoft, Adobe, Ivanti, Fortinet, and Ruby patches.
8:04
8:04
Play later
Play later
Lists
Like
Liked
8:04
Microsoft Patch Tuesday Microsoft released its regular monthly patch on Tuesday, addressing 57 flaws. https://isc.sans.edu/diary/Microsoft%20Patch%20Tuesday%20December%202025/32550 Adobe Patches Adobe patched five products. The remote code execution in ColdFusion, as well as the code execution issue in Acrobat, will very likely see exploits soon. h…
…
continue reading
1
Rethinking Public Health Workflows Through Automation and Governance: Why Data Modernization May Be The Key | A Conversation with Jim St. Clair | Redefining CyberSecurity with Sean Martin
44:06
44:06
Play later
Play later
Lists
Like
Liked
44:06
⬥EPISODE NOTES⬥ Artificial intelligence is reshaping how public health organizations manage data, interpret trends, and support decision-making. In this episode, Sean Martin talks with Jim St. Clair, Vice President of Public Health Systems at a major public health research institute, Altarum, about what AI adoption really looks like across federal,…
…
continue reading
1
Rethinking Public Health Workflows Through Automation and Governance: Why Data Modernization May Be The Key | A Conversation with Jim St. Clair | Redefining CyberSecurity with Sean Martin
44:06
44:06
Play later
Play later
Lists
Like
Liked
44:06
⬥EPISODE NOTES⬥ Artificial intelligence is reshaping how public health organizations manage data, interpret trends, and support decision-making. In this episode, Sean Martin talks with Jim St. Clair, Vice President of Public Health Systems at a major public health research institute, Altarum, about what AI adoption really looks like across federal,…
…
continue reading
1
SANS Stormcast Tuesday, December 9th, 2025: nanoKVM Vulnerabilities; Ghostframe Phishing; WatchGuard Advisory
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
nanoKVM Vulnerabilities The nanoKVM device updates firmware insecurely; however, the microphone that the authors of the advisory referred to as undocumented may actually be documented in the underlying hardware description. https://www.tomshardware.com/tech-industry/cyber-security/researcher-finds-undocumented-microphone-and-major-security-flaws-in…
…
continue reading
1
SANS Stormcast Monday, December 8th, 2025: AutoIT3 FileInstall; React2Shell Update; Tika Vuln
5:34
5:34
Play later
Play later
Lists
Like
Liked
5:34
AutoIT3 Compiled Scripts Dropping Shellcodes Malicious AutoIT3 scripts are usign the FileInstall function to include additional scripts at compile time that are dropped as temporary files during execution. https://isc.sans.edu/diary/AutoIT3%20Compiled%20Scripts%20Dropping%20Shellcodes/32542 React2Shell Update The race is on to patch vulnerable syst…
…
continue reading
1
Nothing Has Changed in Cybersecurity Since the 80s — And That's the Real Problem | A Conversation with Steve Mancini | Redefining Society and Technology with Marco Ciappelli
43:03
43:03
Play later
Play later
Lists
Like
Liked
43:03
Dr. Steve Mancini: https://www.linkedin.com/in/dr-steve-m-b59a525/ Marco Ciappelli: https://www.marcociappelli.com/ Nothing Has Changed in Cybersecurity Since War Games — And That's Why We're in Trouble "Nothing has changed." That's not what you expect to hear from someone with four decades in cybersecurity. The industry thrives on selling the next…
…
continue reading
1
APTs pounce on React2Shell; BRICKSTORM backdoors; .gov surveillance
1:41:44
1:41:44
Play later
Play later
Lists
Like
Liked
1:41:44
(Presented by ThreatLocker: Allow what you need. Block everything else by default, including ransomware and rogue code.) Three Buddy Problem - Episode 75: We dig into a CVSS 10/10 unauthenticated RCE bug causing chaos across the internet and early signs that Chinese APTs are already launching exploits, the cascading patch chaos, and a long tail of …
…
continue reading
1
Understanding risk, behavior & smart online practices with David Cruz
38:29
38:29
Play later
Play later
Lists
Like
Liked
38:29
Protect what matters — not everything. In this episode David Cruz (El Maestro) breaks cybersecurity down into a simple, practical model: Risk → Behavior → Practice. Perfect for CEOs, small business owners, parents — anyone who wants real protection without the tech overwhelm. Episode highlights 1. A simple framework to decide what to protect and ho…
…
continue reading
1
SANS Stormcast Friday, December 5th, 2025: Compromised Govt System; React Vuln Update; Array Networks VPN Attacks
4:35
4:35
Play later
Play later
Lists
Like
Liked
4:35
Nation-State Attack or Compromised Government? [Guest Diary] An IP address associated with the Indonesian Government attacked one of our interns' honeypots. https://isc.sans.edu/diary/Nation-State%20Attack%20or%20Compromised%20Government%3F%20%5BGuest%20Diary%5D/32536 React Update Working exploits for the React vulnerability patched yesterday are n…
…
continue reading
1
Episode 151: Client-side Advanced Topics
1:07:26
1:07:26
Play later
Play later
Lists
Like
Liked
1:07:26
Episode 151: In this episode of Critical Thinking - Bug Bounty Podcast we’re covering Client-side advanced topics. Justin talks Joseph (and us) through Third-Party Cookie Nuances, Iframe Tricks, URL Parsing, and more. Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@criti…
…
continue reading
1
SANS Stormcast Thursday, December 4th, 2025: CDN Headers; React Vulnerabiity; PickleScan Patch
6:44
6:44
Play later
Play later
Lists
Like
Liked
6:44
Attempts to Bypass CDNs Our honeypots recently started receiving scans that included CDN specific headers. https://isc.sans.edu/diary/Attempts%20to%20Bypass%20CDNs/32532 React Vulnerability CVE-2025-55182 React patched a critical vulnerability in React server components. Exploitation is likely imminent. https://react.dev/blog/2025/12/03/critical-se…
…
continue reading
If Facebook has seemed scammy for the past few years, it's not your imagination. A leaked internal document shows that Facebook, and its parent company Meta, are well aware that many of their ads and posts are scams, but they make too much money off of them to do anything about it. Get all the details on this scathing report from Reuters that has r…
…
continue reading
1
SANS Stormcast Wednesday, December 3rd, 2025: SmartTube Compromise; NPM Malware Prompt Injection Attempt; Angular XSS Vulnerability
6:06
6:06
Play later
Play later
Lists
Like
Liked
6:06
SmartTube Android App Compromise The key a developer used to sign the Android YouTube player SmartTube was compromised and used to publish a malicious version. https://github.com/yuliskov/SmartTube/issues/5131#issue-3670629826 https://github.com/yuliskov/SmartTube/releases/tag/notification Two Years, 17K Downloads: The NPM Malware That Tried to Gas…
…
continue reading
1
AI, Quantum, and the Changing Role of Cybersecurity | ISC2 Security Congress 2025 Coverage with Jon France, Chief Information Security Officer at ISC2 | On Location with Sean Martin and Marco Ciappelli ...
26:22
26:22
Play later
Play later
Lists
Like
Liked
26:22
What Security Congress Reveals About the State of Cybersecurity This discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioner…
…
continue reading
1
AI, Quantum, and the Changing Role of Cybersecurity | ISC2 Security Congress 2025 Coverage with Jon France, Chief Information Security Officer at ISC2 | On Location with Sean Martin and Marco Ciappelli ...
26:22
26:22
Play later
Play later
Lists
Like
Liked
26:22
What Security Congress Reveals About the State of Cybersecurity This discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioner…
…
continue reading
1
SANS Stormcast Tuesday, December 2nd, 2025: Analyzing ToolShell from Packdets; Android Update; Long Game Malicious Browser Ext.
5:49
5:49
Play later
Play later
Lists
Like
Liked
5:49
Hunting for SharePoint In-Memory ToolShell Payloads A walk-through showing how to analyze ToolShell payloads, starting with acquiring packets all the way to decoding embedded PowerShell commands. https://isc.sans.edu/diary/%5BGuest%20Diary%5D%20Hunting%20for%20SharePoint%20In-Memory%20ToolShell%20Payloads/32524 Android Security Bulletin December 20…
…
continue reading
1
SANS Stormcast Monday, December 1st, 2025: More ClickFix; Teams Guest Access; Geoserver XXE Vulnerablity
5:42
5:42
Play later
Play later
Lists
Like
Liked
5:42
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix The latest variant of ClickFix tricks users into copy/pasting commands by displaying a fake blue screen of death. https://www.acronis.com/en/tru/posts/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix/ B2B Guest Access Cre…
…
continue reading
1
Shai-Hulud 2.0, Russia GRU Intrusions, and Microsoft’s Regulatory Capture
1:57:12
1:57:12
Play later
Play later
Lists
Like
Liked
1:57:12
(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 74: We attempt to parse the rumor-fog around Microsoft’s CISO at CYBERWARCON and what it reveals about the company’s shifting posture…
…
continue reading
1
Book: Spy's Mate | A Conversation with Bradley W. Buchanan About Chess, Cold War Espionage, and His Journey Into Writing This Story | Audio Signals Podcast With Marco Ciappelli
44:22
44:22
Play later
Play later
Lists
Like
Liked
44:22
Spy's Mate: A Conversation with Bradley W. Buchanan About Chess, Cold War Intrigue, and the Stories That Save Us After a few months away, I couldn't stay silent. Audio Signals is back, and I'm thrilled that this conversation marks the official return. The truth is, I tried to let it go. I thought maybe I'd hang up the mic and focus solely on my wor…
…
continue reading
Smarter Online Safety — Jocelyn King with Daphne Ng A frank, non-technical conversation about how AI (voice cloning & deepfakes) is changing scams — including a $25M corporate fraud case — and what everyday people and teams can do right now to protect themselves. 🔔 Subscribe for weekly, simple online-safety tips 🎧 Listen on Apple/Spotify/Google Key…
…
continue reading
1
Episode 150: ASP.NET MVC Patterns, Popping Oracle Identity, and Esoteric Subdomain Enumeration
57:20
57:20
Play later
Play later
Lists
Like
Liked
57:20
Episode 150: In this episode of Critical Thinking - Bug Bounty Podcast we're highlighting some cool news and research, but not before expressing our gratitude to the Hacker community. We are so thankful for you all! Follow us on twitter at: https://x.com/ctbbpodcast Got any ideas and suggestions? Feel free to send us any feedback here: info@critica…
…
continue reading
1
Checklist 451 - Safe Holiday Shopping 2025
19:08
19:08
Play later
Play later
Lists
Like
Liked
19:08
We're going a day early this week because Friday might be too late. The holiday shopping season kicks off in earnest this Friday. We're looking at tips for safe shopping both online and in lines this holiday season. Plus - a look back at nine years of this show. It's all ahead on Checklist No. 451, brought to you by SecureMac. Check out our show no…
…
continue reading
1
SANS Stormcast Wednesday, November 26th, 2025: Attacks Against Messaging; Passwords in Random Websites; Fluentbit Vuln; #thanksgiving
6:07
6:07
Play later
Play later
Lists
Like
Liked
6:07
Spyware Allows Cyber Threat Actors to Target Users of Messaging Applications Spyware attacks messaging applications in part by triggering vulnerabilities in messaging applications but also by deploying tools like keystroke loggers and screenshot applications. https://www.cisa.gov/news-events/alerts/2025/11/24/spyware-allows-cyber-threat-actors-targ…
…
continue reading
1
A Practical Look at Incident Handling: How a Sunday Night Bug Bounty Email Triggered a Full Investigation | A Screenly Brand Spotlight Conversation with Co-founder of Screenly, Viktor Petersson
17:48
17:48
Play later
Play later
Lists
Like
Liked
17:48
This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validat…
…
continue reading
1
Inside the Economics That Shape Modern Cybersecurity Innovations: How the Cybersecurity Startup Engine Really Works | A Conversation with Investor and Author, Ross Haleliuk | Redefining CyberSecurity with ...
47:10
47:10
Play later
Play later
Lists
Like
Liked
47:10
⬥EPISODE NOTES⬥ Understanding the Startup Engine Behind Cybersecurity This episode brings Sean Martin together with Ross Haleliuk, author, investor, product leader, and creator of Venture Insecurity, for a candid look at the forces shaping cybersecurity startups today. Ross shares how his decade of product leadership and long involvement in the sec…
…
continue reading
1
Inside the Economics That Shape Modern Cybersecurity Innovations: How the Cybersecurity Startup Engine Really Works | A Conversation with Investor and Author, Ross Haleliuk | Redefining CyberSecurity with ...
47:10
47:10
Play later
Play later
Lists
Like
Liked
47:10
⬥EPISODE NOTES⬥ Understanding the Startup Engine Behind Cybersecurity This episode brings Sean Martin together with Ross Haleliuk, author, investor, product leader, and creator of Venture Insecurity, for a candid look at the forces shaping cybersecurity startups today. Ross shares how his decade of product leadership and long involvement in the sec…
…
continue reading
1
SANS Stormcast Tuesday, November 25th, 2025: URL Mapping and Authentication; SHA1-Hulud; Hacklore
6:11
6:11
Play later
Play later
Lists
Like
Liked
6:11
Conflicts between URL mapping and URL based access control. Mapping different URLs to the same script, and relying on URL based authentication at the same time, may lead to dangerous authentication and access control gaps. https://isc.sans.edu/diary/Conflicts%20between%20URL%20mapping%20and%20URL%20based%20access%20control./32518 Sha1-Hulud, The Se…
…
continue reading
1
Author Kate O'Neill's Book "What Matters Next": AI, Meaning, and Why We Can't Delegate Creativity | Redefining Society and Technology with Marco Ciappelli
48:35
48:35
Play later
Play later
Lists
Like
Liked
48:35
Author Kate O'Neill's Book "What Matters Next": AI, Meaning, and Why We Can't Delegate Creativity | Redefining Society and Technology with Marco Ciappelli Kate O'Neill: https://www.koinsights.com/books/what-matters-next-book/ Marco Ciappelli: https://www.marcociappelli.com/ When Kate O'Neill tells me that AI's most statistically probable outcome is…
…
continue reading
1
SANS Stormcast Monday, November 24th, 2025: CSS Padding in Phishing; Oracle Identity Manager Scans Update;
4:59
4:59
Play later
Play later
Lists
Like
Liked
4:59
Use of CSS stuffing as an obfuscation technique? Phishing sites stuff their HTML with benign CSS code. This is likely supposed to throw of simple detection engines https://isc.sans.edu/diary/Use%20of%20CSS%20stuffing%20as%20an%20obfuscation%20technique%3F/32510 Critical Oracle Identity Manager Flaw Possibly Exploited as Zero-Day Early exploit attem…
…
continue reading
1
Solar EV That Never Needs Charging w/ Robert Hoevers (Squad Mobility) | Brand Highlight Story
6:02
6:02
Play later
Play later
Lists
Like
Liked
6:02
The Solar Car That Charges Itself While You Live Your Life Growing up, I always wondered: why can't cars just recharge themselves as we drive? Turns out, someone finally built exactly that. Robert Hoevers and his team at Squad Mobility created a solar-powered city car that does something brilliantly simple—it charges itself. There's a solar panel o…
…
continue reading
1
Gemini 3 reactions, Fortinet/Chrome zero-days, a Cloudflare monoculture and a billion-dollar crypto twist
2:19:41
2:19:41
Play later
Play later
Lists
Like
Liked
2:19:41
(Presented by Material Security: We protect your company’s most valuable materials -- the emails, files, and accounts that live in your Google Workspace and Microsoft 365 cloud offices.) Three Buddy Problem - Episode 73: The buddies react to Google’s release of Gemini 3 and its early performance, new Chrome interface changes landing on users’ machi…
…
continue reading
1
Checklist 450 - Weak Passwords and Deepfake Celebrities 2025
21:03
21:03
Play later
Play later
Lists
Like
Liked
21:03
It is that time of year. Time to reflect… to look back… to realize how little we've learned, and shake our heads in sadness. 123456 is still the most used password according to a new study - and people still think that Taylor Swift is trying to sell them stuff on social media. We're looking at weak passwords and deepfake celebrities for 2025 on thi…
…
continue reading
1
SANS Stormcast Friday, November 21st, 2025: Oracle Idendity Manager Scans; SonicWall DoS Vuln; Adam Wilson (@sans_edu) reducing prompt injection.
14:09
14:09
Play later
Play later
Lists
Like
Liked
14:09
Oracle Identity Manager Exploit Observation from September (CVE-2025-61757) We observed some exploit attempts in September against an Oracle Identity Manager vulnerability that was patched in October, indicating that exploitation may have occurred prior to the patch being released. https://isc.sans.edu/diary/Oracle%20Identity%20Manager%20Exploit%20…
…
continue reading
1
Episode 149: DEFCON Debrief: AI Vulns, Unicode Weirdness, and Wild Vulnerability Chains
1:02:33
1:02:33
Play later
Play later
Lists
Like
Liked
1:02:33
Episode 149: In this episode of Critical Thinking - Bug Bounty Podcast The DEFCON videos are up, and Justin and Joseph talk through some of their favorites. Follow us on X Got any ideas and suggestions? Feel free to send us any feedback here: [email protected] Shoutout to YTCracker for the awesome intro music! ====== Links ====== Foll…
…
continue reading
1
SANS Stormcast Thursday, November 20th, 2025: Unicode Issues; FortiWeb More Vulns; DLink DIR-878 Vuln; Operation WrtHug and ASUS Routers
6:34
6:34
Play later
Play later
Lists
Like
Liked
6:34
Unicode: It is more than funny domain names. Unicode can cause a number of issues due to odd features like variance selectors and text direction issues. https://isc.sans.edu/diary/Unicode%3A%20It%20is%20more%20than%20funny%20domain%20names./32472 FortiWeb Multiple OS command injection in API and CLI A second silently patched vulnerability in FortiW…
…
continue reading
1
Beg Bounty: The New Wave of Unrequested Bug Claims and What They Mean | A Conversation with Casey Ellis | Redefining CyberSecurity with Sean Martin
36:25
36:25
Play later
Play later
Lists
Like
Liked
36:25
⬥EPISODE NOTES⬥ Understanding Beg Bounties and Their Growing Impact This episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security…
…
continue reading
