Risk & Repeat

This podcast episode discusses the recent attacks against Snowflake customers and a controversial report that claimed the cloud storage and analytics giant had been breached.

This podcast episode discusses the possible exit scam of ransomware-as-a-service gang Alphv/BlackCat, as well as the chaotic months the gang had leading up to its closure.

LockBit returns just days after an international law enforcement operation infiltrated the ransomware gang’s network and seized infrastructure, source code and decryption keys.

This episode covers the SEC charges against SolarWinds and CISO Timothy Brown for allegedly hiding known cybersecurity risks prior to the 2020 supply chain attack it suffered.

This podcast episode covers a security breach suffered by identity vendor Okta involving its customer support systems, which has sparked criticism from customers.

This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future.

This podcast episode compares the cyber attacks suffered by casino giants MGM Resorts and Caesars Entertainment in recent weeks and the fallout from them.

Microsoft revealed that Storm-0558 threat actors stole a consumer signing key from its corporate network, but many questions about the breach and subsequent attacks remain.

Executives, researchers and former employees told TechTarget Editorial about issues with Microsoft security practices, including patch bypasses, poor transparency and more.

Black Hat USA 2023 in Las Vegas covered several trends, such as generative AI and cloud security issues, as well as new vulnerabilities, including the Downfall flaw in Intel chips.

The Storm-0558 attacks have raised questions about Microsoft’s response to a cloud flaw and a stolen MSA key that was used to compromise customer email accounts.

Ransomware gangs are focusing more on data theft and extortion, while skipping the encryption of networks. But should these attacks still be considered ransomware?

Clop’s data theft and extortion campaign against MoveIt Transfer customers marks some of the most high-profile threat activity this year, but its success level remains unclear.

CISA last week said several federal agencies suffered data breaches resulting from a MoveIt Transfer zero-day vulnerability, though it’s unclear what type of data was stolen.

Barracuda Networks attempted to fix the critical ESG zero-day vulnerability, but a Chinese nation-state threat actor was able to maintain access on compromised devices.

Several organizations, predominantly in the U.K., have confirmed data breaches that stemmed from exploitation of the critical Moveit Transfer zero-day vulnerability.

This Risk & Repeat episode covers three data breach disclosures from Dish Network, Gentex Corporation and Clarke County Hospital and the troubling trends that connect all three.

This podcast episode covers the sentencing of former Uber CSO Joe Sullivan over the 2016 breach cover-up, and what it means for other security executives and the industry at large.

This podcast episode covers the focus on AI-powered security products and uses at RSA Conference 2023 in San Francisco last week, as well as other trends at the show.

This podcast episode discusses the 3CX supply chain attack, where it may have started, who was behind it and how the unified communications vendor has responded to the incident.

This Risk & Repeat podcast episode covers the arrest of BreachForums’ alleged owner and the site’s subsequent closure, as well as possible connections to the DC Health Link breach.

This Risk & Repeat podcast episode covers the breach of health insurance exchange DC Health Link, as well as a hacker’s claim that the breach was caused by an exposed database.

This Risk & Repeat podcast episode discusses the White House’s National Cybersecurity Strategy and its proposal to hold technology companies liable for insecure software.

This Risk & Repeat podcast episode discusses the recent developments involving ESXiArgs, the ransomware variant that has been infecting vulnerable VMware ESXi servers this month.

This Risk & Repeat podcast looks at the widespread ESXiArgs ransomware attacks and the questions they’ve raised about the threat landscape, vulnerability patching and more.

This podcast episode discusses the law enforcement operation that led to the infiltration and takedown of the Hive network and what it could mean for other ransomware gangs.

This podcast episode discusses the latest T-Mobile breach — the third in less than three years — in which a threat actor stole personal data from 37 million customer accounts.

This podcast episode discusses the fallout of the recent LastPass breach, in which a threat actor stole encrypted logins and unencrypted website URLs from the password manager.

This Risk & Repeat podcast episode discusses new details of the Rackspace ransomware attack, as well as the questions remaining following the company’s final status update.

This Risk & Repeat podcast episode discusses the current state of OT security, including the convergence with IT environments and an ever-evolving threat landscape.

This Risk & Repeat podcast episode discusses the recent ransomware attack against cloud provider Rackspace, as well as the major service outage affecting its customers.

This podcast episode discusses Twitter’s security concerns following Elon Musk’s acquisition last month, as well as a possible data breach from 2021 that came to light recently.

This podcast episode discusses a recent TechTarget Security article about bug bounty platform HackerOne in which researchers aired several complaints about the company.

This podcast episode discusses threat intelligence vendor SOCRadar’s disclosure of a large Microsoft data leak and the contentious exchange between the two companies that followed.

This podcast episode discusses conviction of former Uber CSO Joe Sullivan, who was found guilty last week of covering up the company’s 2016 data breach.

This podcast episode discusses recent hacks against Uber and Rockstar Games, the techniques of the attackers and the possible connection to the Lapsus$ cybercrime group.

This podcast episode discusses the implications of the Biden administration’s new purchasing and usage guidelines for software utilized by U.S. federal agencies.

A new whistleblower report unveiled troubling accusations against Twitter from the social media company’s former head of security, Peiter ‘Mudge’ Zatko.

This Risk & Repeat podcast episode discusses the Black Hat 2022 conference in Las Vegas and the notable sessions, major themes and hot topics from the show.

This podcast episode discusses ransomware in 2022, including an apparent decrease in attacks, the evolution of cybercrime operations and the lack of visibility into the threat.