Best Malware Prevention Podcasts (2025)

1
BSIMM (noun) [Word Notes] 6:09

Play Pause

6h ago6:09

6:09

Please enjoy this encore of Word Notes. A descriptive model that provides a baseline of observed software security initiatives and activities from a collection of volunteer software development shops. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/bsimm⁠ Audio reference link: “⁠OWASP AppSecUSA 2014 - Keynote: Gary McGraw - BSIMM: A Dec…

1
The many faces of fraud. 41:58

1d ago41:58

41:58

This week, our hosts⁠⁠⁠⁠⁠⁠⁠ ⁠Dave Bittner⁠, ⁠⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠⁠ Space Daily show) are back sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from listener Abdussobur, who wonders if…

1
SN 1031: How Salt Typhoon Gets In - What "AI" Really Means

5d ago

—

China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwante…

1
SN 1031: How Salt Typhoon Gets In - What "AI" Really Means 3:00:38

4d ago3:00:38

3:00:38

China's Salt Typhoon claims another victim (or two). State healthcare portals are tracking and leaking. No kidding. Apple adopts FIDO's Passkeys and other credentials transport. Facebook gets Passkey logon. TikTok continues ticking for at least another 90 days. Canadian telco admits they were infiltrated by Salt Typhoon. Microsoft to remove unwante…

1
OWASP vulnerable and outdated components (noun) [Word Notes] 8:04

5d ago8:04

8:04

Please enjoy this encore of Word Notes. Software libraries, frameworks, packages, and other components, and their dependencies (third-party code that each component uses) that have inherent security weaknesses, either through newly discovered vulnerabilities or because newer versions have superseded the deployed version. Audio reference Link: "⁠The…

1
AI Is Under Fire: Lawsuits, Labels, and the Vatican’s Warning – This Week in Artificial Intelligence 3:15

10d ago3:15

3:15

In this week’s episode of Cypher Tech Hacks, I’m Alex Cipher, and I’m decoding the wildest, weirdest, and most important AI headlines from the last 7 days—and trust me, it’s been a volatile week. From billion-dollar power plays to Vatican-level warnings, AI is getting dragged into every arena imaginable: politics, religion, music, and your smart fr…

1
Gold bars and bold lies. 45:57

10d ago45:57

45:57

Please enjoy this encore of Hacking Humans. On Hacking Humans, ⁠Dave Bittner⁠, ⁠Joe Carrigan⁠, and ⁠Maria Varmazis⁠ (also host of N2K's daily space podcast, T-Minus), are once again sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out there…

1
SN 1030: Internet Foreground Radiation - The NPM Repository is Under Siege 2:48:29

12d ago2:48:29

2:48:29

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40…

1
SN 1030: Internet Foreground Radiation - The NPM Repository is Under Siege 2:48:29

12d ago2:48:29

2:48:29

An exploited iOS iMessage vulnerability Apple denies? The NPM repository is under siege with no end in sight. Were Comcast and Digital Realty compromised? Don't ask them. Matthew Green agrees: XChat does not offer true security. We may know how Russia is convicting Telegram users. Microsoft finally decides to block two insane Outlook file types. 40…

1
Massive Spyware Scandal, Discord Malware, and Apple Zero-Click Hack | Cybersecurity News June 2025 4:50

16d ago4:50

4:50

This week’s episode of Cypher Tech Hacks unpacks one of the most intense cybersecurity news cycles of 2025. From spyware scandals rocking European governments to massive web injection campaigns and zero-click iPhone exploits, host Alex Cipher breaks down the most critical hacking incidents and threats from the past 7 days. Whether you’re a cybersec…

1
Meta’s $15B AI Gamble, Apple Siri Delay, ChatGPT Crash & AI Jets | Weekly AI News June 2025 4:36

16d ago4:36

4:36

🚨 This Week in AI – June 2025 🚨 Welcome back to Cypher Tech Hacks with your host Alex Cipher. In this episode, we break down the biggest AI news from the past 7 days—stories that will reshape how you think about artificial intelligence, tech innovation, and the future of human-machine interaction. 🔍 Here’s what’s inside this week’s episode: 🧠 Meta …

1
Managing online security throughout the decades. 43:09

18d ago43:09

43:09

This week, our hosts⁠⁠⁠⁠⁠ Dave Bittner, ⁠⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠⁠, and ⁠⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠⁠T-Minus⁠⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start off with some more chicken follow up, this week, delving into malware-relat…

1
SN 1029: The Illusion of Thinking - Meta Apps and JavaScript Collusion 2:45:36

19d ago2:45:36

2:45:36

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0…

1
SN 1029: The Illusion of Thinking - Meta Apps and JavaScript Collusion 2:45:36

19d ago2:45:36

2:45:36

In memoriam: Bill Atkinson Meta native apps & JavaScript collude for a localhost local mess. The EU rolls out its own DNS4EU filtered DNS service. Ukraine DDoS's Russia's Railway DNS ... and... so what? The Linux Foundation creates an alternative Wordpress package manager. Court tells OpenAI it must NOT delete ANYONE's chats. Period! :( A CVSS 10.0…

1
OWASP software and data integrity failures (noun) [Word Notes] 8:27

20d ago8:27

8:27

Please enjoy this encore of Word Notes. Code and data repositories that don't protect against unauthorized changes.By N2K Networks

1
No cameras, no crew—just code. 46:33

25d ago46:33

46:33

This week, our hosts⁠⁠⁠ ⁠⁠⁠⁠Joe Carrigan⁠⁠⁠⁠, and ⁠⁠⁠⁠Maria Varmazis⁠⁠⁠⁠ (also host of the ⁠⁠⁠⁠T-Minus⁠⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from a listener on class action settlements: they’re a class action attorney …

1
SN 1028: AI Vulnerability Hunting - The End of Jailbreaking 3:08:02

26d ago3:08:02

3:08:02

Pwn2Own 2025, Berlin results. PayPal seeks a "newly registered domains" patent. An expert iOS jailbreak developer gives up. The rising abuse of SVG images, via JavaScript. Interesting feedback from our listeners. Four classic science fiction movies not to miss. How OpenAI's o3 model discovered a 0-day in the Linux kernel Show Notes - https://www.gr…

1
SN 1028: AI Vulnerability Hunting - The End of Jailbreaking 3:08:02

26d ago3:08:02

3:08:02

Pwn2Own 2025, Berlin results. PayPal seeks a "newly registered domains" patent. An expert iOS jailbreak developer gives up. The rising abuse of SVG images, via JavaScript. Interesting feedback from our listeners. Four classic science fiction movies not to miss. How OpenAI's o3 model discovered a 0-day in the Linux kernel Show Notes - https://www.gr…

1
The great CoGUI caper. [OMITB] 36:20

27d ago36:20

36:20

Welcome in! You’ve entered, Only Malware in the Building. Join us each month to sip tea and solve mysteries about today’s most interesting threats. Your host is ⁠⁠Selena Larson⁠⁠, ⁠⁠Proofpoint⁠⁠ intelligence analyst and host of their podcast ⁠⁠DISCARDED⁠⁠. Inspired by the residents of a building in New York’s exclusive upper west side, Selena is jo…

1
OWASP server-side request forgery (noun) [Word Notes] 7:38

27d ago7:38

7:38

Please enjoy this encore of Word Notes. An attack technique that leverages an unprotected web server as a proxy for attackers to send commands through to other computers.By N2K Networks

1
Lights, camera, scam! 41:49

1M ago41:49

41:49

This week, our three hosts ⁠⁠⁠Dave Bittner⁠⁠⁠, ⁠⁠⁠Joe Carrigan⁠⁠⁠, and ⁠⁠⁠Maria Varmazis⁠⁠⁠ (also host of the ⁠⁠⁠T-Minus⁠⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with a bit of follow up, one from listener Aaron, who shares some safety tips fo…

1
SolarWinds Breach: How 18,000 Targets Got Hacked with One Update 7:03

1M ago7:03

7:03

In this explosive episode of Cypher Tech Hacks, host Alex Cipher breaks down the infamous SolarWinds cyberattack—one of the most dangerous supply chain breaches in U.S. history. Learn how elite hackers compromised a trusted software update to infiltrate 18,000 networks, including Fortune 500 companies and U.S. federal agencies. From backdoored buil…

1
SN 1027: Artificial Intelligence - The Status of Encrypted Client Hello 2:54:28

1M ago2:54:28

2:54:28

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this th…

1
SN 1027: Artificial Intelligence - The Status of Encrypted Client Hello 2:54:28

1M ago2:54:28

2:54:28

What the status of Encrypted Client Hello (ECH)? What radio technology would be best for remote inverter shutdown? Some DNS providers already block newly listed domains. Knowing when not to click a link can take true understanding. Why can losing a small portion of a power grid bring the rest down? Where are we in the "AI Hype Cycle" and is this th…

1
OWASP security logging and monitoring failures (noun) [Word Notes] 6:04

1M ago6:04

6:04

Please enjoy this encore of Word Notes. The absence of telemetry that could help network defenders detect and respond to hostile attempts to compromise a system.By N2K Networks

1
Scam me once. 58:06

1M ago58:06

58:06

This week, our three hosts ⁠⁠Dave Bittner⁠⁠, ⁠⁠Joe Carrigan⁠⁠, and ⁠⁠Maria Varmazis⁠⁠ (also host of the ⁠⁠T-Minus⁠⁠ Space Daily show) are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. Listener Jim notes that money launderers and couriers mentioned in recent episodes are often scam…

1
SN 1026: Rogue Comms Tech Found in US Power Grid - Is AI Replicating Itself? 2:47:03

1M ago2:47:03

2:47:03

Chrome to actively refuse admin privileges. Android Messenger is getting manual key verification. Pwn2Own to add AI "pwning" as in-scope attack targets. AI has already been found to be replicating. Microsoft not killing off Office on Win10 after October. 23andMe's asset purchaser revealed. Many fun talking points thanks to our listeners. Steve's re…

1
SN 1026: Rogue Comms Tech Found in US Power Grid - Is AI Replicating Itself? 2:47:03

1M ago2:47:03

2:47:03

Chrome to actively refuse admin privileges. Android Messenger is getting manual key verification. Pwn2Own to add AI "pwning" as in-scope attack targets. AI has already been found to be replicating. Microsoft not killing off Office on Win10 after October. 23andMe's asset purchaser revealed. Many fun talking points thanks to our listeners. Steve's re…

1
OWASP identification and authentication failures (noun) [Word Notes] 5:58

1M ago5:58

5:58

Please enjoy this encore of Word Notes. Ineffectual confirmation of a user's identity or authentication in session management. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/owasp-identification-and-authentication-failure⁠ Audio reference link: “⁠Mr. Robot Hack - Password Cracking - Episode 1⁠.” YouTube Video. YouTube, September 21, 20…

1
Bonus Episode: Cybersecurity Challenges Faced by Canadian Organizations 1:09:30

1M ago1:09:30

1:09:30

In this episode of the CDW Canada Tech Talks podcast, host KJ Burke discusses the findings of the 2025 CDW Canada Cybersecurity Study with cybersecurity experts Ivo Wiens and Ben Boi-Doku. They explore the evolving landscape of cybersecurity threats, the importance of continuous security testing and the challenges faced by small and medium business…

1
The band is finally back together. 43:33

2M ago43:33

43:33

And....we're back! This week, our three hosts Dave Bittner, Joe Carrigan, and Maria Varmazis (also host of the T-Minus Space Daily show) are all back to share the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. The team shares three bits of follow-up and then breaks into their stories. Joe star…

1
NotPetya: The Cyber Bomb That Masqueraded as Ransomware 7:53

2M ago7:53

7:53

What if the ransomware locking your files was never meant to make money—but to wipe out everything you’ve built? In this explosive episode, Alex Cipher walks you through the devastating 2017 NotPetya attack. From its origins in Ukraine’s MeDoc software to its global ripple effect on companies like Maersk, FedEx, and Merck, this hack rewrote the rul…

1
SN 1025: Secure Conversation Records Retention - FBI Says to Toss Your Old Router 2:44:17

2M ago2:44:17

2:44:17

The state of Virginia passes an age-restriction law that has no chance. New Zealand also tries something similar, citing Australia's lead. A nasty Python package for Discord survived 3 years and 11K downloads. The FBI says it's a good idea to discard end-of-life consumer routers. What's in WhatsApp? Finding out was neither easy nor certain. The UK'…

1
SN 1025: Secure Conversation Records Retention - FBI Says to Toss Your Old Router 2:44:17

2M ago2:44:17

2:44:17

The state of Virginia passes an age-restriction law that has no chance. New Zealand also tries something similar, citing Australia's lead. A nasty Python package for Discord survived 3 years and 11K downloads. The FBI says it's a good idea to discard end-of-life consumer routers. What's in WhatsApp? Finding out was neither easy nor certain. The UK'…

1
Log4j vulnerability (noun) [Word Notes] 9:16

2M ago9:16

9:16

Please enjoy this encore of Word Notes. An open source Java-based software tool available from the Apache Software Foundation designed to log security and performance information. CyberWire Glossary link: ⁠https://thecyberwire.com/glossary/log4j⁠ Audio reference link: “⁠CISA Director: The LOG4J Security Flaw Is the ‘Most Serious’ She’s Seen in Her …

1
What’s inside the mystery box? Spoiler: It’s a scam! 46:13

2M ago46:13

46:13

As Dave Bittner is at the RSA Conference this week, our hosts ⁠⁠Maria Varmazis and ⁠⁠Joe Carrigan⁠⁠, are sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines. We start with some follow-up from José on episode 335, sharing how UK banking features like Faster Payments and the “Check Payee” …