Risk & Repeat

This Risk & Repeat podcast episode discusses the Chinese nation-state threat group Salt Typhoon and its ongoing activities against telecommunications providers. Although the Salt Typhoon telecom breaches from last year appear to have been remediated, the threat group continues to target critical organizations.

The introduction of DeepSeek's new generative AI models have been met with fervor, but security issues have created apparent challenges for the Chinese startup. This Risk & Repeat podcast episode looks at DeepSeek's increasingly popular AI offering and the concerns surrounding its security.

South Dakota Gov. Kristi Noem, who is President Trump's nominee for head of DHS, said during a recent confirmation hearing that CISA should be "smaller." This Risk & Repeat episode looks at the future of CISA and its prospects following President Donald Trump's inauguration.

This Risk & Repeat episode looks back on ransomware-related events in 2024, including the attacks and trends that defined the year. Ransomware made major headlines in 2024, from the massive Change Healthcare attack to the creative takedown of the notorious LockBit ransomware-as-a-service gang.

This Risk & Repeat episode discusses how threat actors are targetingCleo managed file transfer (MFT) products Harmony, VLTrader and LexiCom through two flaws. Earlier this week attackers began exploiting a zero-day vulnerability related to an older flaw tracked CVE-2024-50623, but the details of the exploitation remain unclear

The FBI and CISA confirmed reports that Chinese nation-state threat actors breached several U.S. telecom companies and accessed data related to law enforcement requests. This episode of the Risk & Repeat podcast discusses the breaches and China's recent hacking efforts.

The SEC charged Unisys, Avaya, Check Point Software Technologies and Mimecast for downplaying breaches stemming from the Solarwinds supply chain attacks. This Risk & Repeat episode discusses the charges and the questions they raise about cybersecurity disclosure practices and transparency.

This Risk & Repeat podcast episode discusses the significant changes Microsoft has made to its cybersecurity practices and policies under the Secure Future Initiative. Are they enough to right the ship?

This Risk & Repeat podcast episode discusses the first Microsoft SFI progress report and what it says about the tech giant's security posture as well as the current state of SecOps.

Telegram made updates to its FAQ and privacy policy following Pavel Durov's arrest, but will the changes have an effect on cybercriminals' abuse of the platform? This episode of the Risk & Repeat podcast discusses those policy updates and more.