Risk & Repeat

This Risk & Repeat episode looks back on ransomware-related events in 2024, including the attacks and trends that defined the year. Ransomware made major headlines in 2024, from the massive Change Healthcare attack to the creative takedown of the notorious LockBit ransomware-as-a-service gang.

This Risk & Repeat episode discusses how threat actors are targetingCleo managed file transfer (MFT) products Harmony, VLTrader and LexiCom through two flaws. Earlier this week attackers began exploiting a zero-day vulnerability related to an older flaw tracked CVE-2024-50623, but the details of the exploitation remain unclear

The FBI and CISA confirmed reports that Chinese nation-state threat actors breached several U.S. telecom companies and accessed data related to law enforcement requests. This episode of the Risk & Repeat podcast discusses the breaches and China's recent hacking efforts.

The SEC charged Unisys, Avaya, Check Point Software Technologies and Mimecast for downplaying breaches stemming from the Solarwinds supply chain attacks. This Risk & Repeat episode discusses the charges and the questions they raise about cybersecurity disclosure practices and transparency.

This Risk & Repeat podcast episode discusses the significant changes Microsoft has made to its cybersecurity practices and policies under the Secure Future Initiative. Are they enough to right the ship?

This Risk & Repeat podcast episode discusses the first Microsoft SFI progress report and what it says about the tech giant's security posture as well as the current state of SecOps.

Telegram made updates to its FAQ and privacy policy following Pavel Durov's arrest, but will the changes have an effect on cybercriminals' abuse of the platform? This episode of the Risk & Repeat podcast discusses those policy updates and more.

The breach of National Public Data may have put billions of personal records at risk, but the scope of the attack and impact on consumers are still unclear.

Highlights from Black Hat USA 2024 include a keynote panel on securing election infrastructure as well as several sessions on potential threats against new AI technology.

A defective channel file update for rowdStrike's Falcon platform crashed customers' Windows systems, causing outages at airlines, government agencies and other organizations across theglobe.