Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
28 subscribers
Checked 12m ago
Ajouté il y a quatre ans
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Similaire à Research Saturday
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
S
Security Weekly Podcast Network (Audio)
1
Security Weekly Podcast Network (Audio)
Security Weekly Productions
2k
3k
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
W
What Next: TBD | Tech, power, and the future
1
What Next: TBD | Tech, power, and the future
Slate Podcasts
10k546
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
))
Daily Deals
Research Saturday
Tout marquer comme (non) lu
Manage series 2881647
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
…
continue reading
385 episodes
Partager
Tout marquer comme (non) lu
Manage series 2881647
Contenu fourni par N2K Networks Inc. and N2K Networks. Tout le contenu du podcast, y compris les épisodes, les graphiques et les descriptions de podcast, est téléchargé et fourni directement par N2K Networks Inc. and N2K Networks ou son partenaire de plateforme de podcast. Si vous pensez que quelqu'un utilise votre œuvre protégée sans votre autorisation, vous pouvez suivre le processus décrit ici https://fr.player.fm/legal.
Every Saturday, we sit down with cybersecurity researchers to talk shop about the latest threats, vulnerabilities, and technical discoveries.
…
continue reading
385 episodes
Tous les épisodes
×
R
Research Saturday
1 Caught in the contagious interview. 29:10
29:10 
Lire Plus Tard 
Lire Plus Tard 
Des listes 
J'aime 
Aimé29:10
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week we are joined by Phil Stokes , threat researcher at SentinelOne's SentinelLabs, discussing their work on "macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed." Apple recently pushed an update to its XProtect tool, blocking several variants of the DPRK-linked Ferret malware family, which targets victims through the "Contagious Interview" campaign. The malware uses fake job interview processes to trick users into installing malicious software, and new variants, including FlexibleFerret, remain undetected by XProtect. SentinelOne's research reveals a deeper investigation into this malware, which uses social engineering to expand its attack vectors, including targeting developers through platforms like GitHub. The research can be found here: macOS FlexibleFerret | Further Variants of DPRK Malware Family Unearthed Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 From small-time scams to billion-dollar threats. 27:06
27:06 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé27:06
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week, we are joined by Selena Larson from Proofpoint, and co-host of the "Only Malware in the Building" podcast, as she discusses the research on "Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk." The cybersecurity industry has historically prioritized Advanced Persistent Threats (APTs) from nation-state actors over cybercrime, but this distinction is outdated as cybercriminals now employ equally sophisticated tactics. Financially motivated threat actors, especially ransomware groups, have evolved to the point where they rival state-backed hackers in technical capability and impact, disrupting businesses, infrastructure, and individuals on a massive scale. To enhance security, defenders must shift focus from an APT-centric mindset to a broader approach that equally prioritizes combating cybercrime, which poses an immediate and tangible risk to global stability. The research can be found here: Why Biasing Advanced Persistent Threats over Cybercrime is a Security Risk Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 Bot or not? The fake CAPTCHA trick spreading Lumma malware. 35:08
35:08 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé35:08
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméNati Tal , Head of Guardio Labs , discussing their work on "“DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising." Guardio has uncovered a large-scale malvertising campaign dubbed “DeceptionAds,” which tricks users into running a malicious PowerShell command under the guise of proving they’re human. This fake CAPTCHA scheme delivers Lumma info-stealer malware while bypassing security measures like Google’s Safe Browsing. Even after disclosure and takedown efforts, the campaign resurfaced—raising concerns about the effectiveness of existing defenses against ad-driven cyber threats. The research can be found here: “DeceptionAds” — Fake Captcha Driving Infostealer Infections and a Glimpse to the Dark Side of Internet Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
Mark Manglicmot , SVP of Security Services from Arctic Wolf , is sharing their research on "Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerShell stager to deploy a Java-based backdoor, dubbed Cleopatra , which features in-memory file storage and cross-platform compatibility across Windows and Linux. Despite Cleo's previous patch for CVE-2024-50623, attackers appear to have leveraged an alternative access method, exploiting the software's autorun feature to execute payloads and establish persistent access. The research can be found here: Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 A Digital Eye on supply-chain-based espionage attacks. 27:07
27:07 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé27:07
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week, Dave Bittner is joined by Juan Andres Guerrero-Saade (JAGS) from SentinelOne 's SentinelLabs to discuss the work his team and Tinexta Cyber did on "Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels." Tinexta Cyber and SentinelLabs have been tracking threat activities targeting business-to-business IT service providers in Southern Europe. Based on the malware, infrastructure, techniques used, victimology, and the timing of the activities, we assess that it is highly likely these attacks were conducted by a China-nexus threat actor with cyberespionage motivations. The relationships between European countries and China are complex, characterized by cooperation, competition, and underlying tensions in areas such as trade, investment, and technology. Suspected China-linked cyberespionage groups frequently target public and private organizations across Europe to gather strategic intelligence, gain competitive advantages, and advance geopolitical, economic, and technological interests. The research can be found here: Operation Digital Eye | Chinese APT Compromises Critical Digital Infrastructure via Visual Studio Code Tunnels Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
This week, we are joined by Ismael Valenzuela , VP of Threat Research & Intelligence, and Jacob Faires , Principal Threat Researcher, from Blackberry discussing the team's work on "LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign." In April 2024, BlackBerry uncovered a significant evolution of the LightSpy malware campaign, attributed to Chinese cyber-espionage group APT41. The newly introduced DeepData framework, a modular Windows-based surveillance tool, expands data theft capabilities with 12 specialized plugins for tasks like communication surveillance, credential theft, and system intelligence gathering. The campaign targets a wide range of communication platforms, including WhatsApp, Signal, and WeChat, with advanced techniques for monitoring and stealing sensitive information from victims across the Asia-Pacific region. The research can be found here: LightSpy: APT41 Deploys Advanced DeepData Framework In Targeted Southern Asia Espionage Campaign Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 A cute cover for a dangerous vulnerability. 24:44
24:44 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé24:44
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméNati Tal , Head of Guardio Labs , sits down to share their work on “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack. Guardio Labs has uncovered a critical vulnerability in the Opera browser, enabling malicious extensions to exploit Private APIs for actions like screen capturing, browser setting changes, and account hijacking. Highlighting the ease of bypassing extension store security, researchers demonstrated how a puppy-themed extension exploiting this flaw could infiltrate both Chrome and Opera's extension stores, potentially reaching millions of users. This case underscores the delicate balance between enhancing browser productivity and ensuring robust security measures, revealing the alarming tactics modern threat actors employ to exploit trusted platforms. The research can be found here: “CrossBarking” — Exploiting a 0-Day Opera Vulnerability with a Cross-Browser Extension Store Attack Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 The hidden cost of data hoarding. 34:38
34:38 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé34:38
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week, we are joined by Kyla Cardona and Aurora Johnson from SpyCloud discussing their research "China’s Surveillance State Is Selling Citizen Data as a Side Hustle." Chinese technology companies, under CCP mandate, collect vast amounts of data on citizens, creating opportunities for corrupt insiders to steal and resell this information on dark markets. These stolen datasets, aggregated into "Social Work Libraries" (SGKs), mirror lower-tech versions of CCP internal security databases. Kyla and Aurora discuss how Chinese cybercriminals use these SGKs and their implications compared to Western, European, and Russian cybercrime ecosystems. With expertise in Chinese OSINT and cybersecurity policy, both researchers bring deep insights into the geopolitical and technical dynamics of China's digital landscape. The research can be found here: “Pantsless Data”: Decoding Chinese Cybercrime TTPs A Deep Dive Into the Intricate Chinese Cybercrime Ecosystem China’s Surveillance State Is Selling Citizen Data as a Side Hustle Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
Karlo Zanki , Reverse Engineer at ReversingLabs , discussing their work on "Malicious PyPI crypto pay package aiocpa implants infostealer code." ReversingLabs' machine learning-based threat hunting system identified a malicious PyPI package, aiocpa , designed to exfiltrate cryptocurrency wallet information. Unlike typical attacks involving typosquatting, the attackers published a seemingly legitimate crypto client tool to build trust before introducing malicious updates. ReversingLabs used its Spectra Assure platform to detect behavioral anomalies and worked with PyPI to remove the package, highlighting the growing need for advanced supply chain security tools to counter increasingly sophisticated threats. The research can be found here: Malicious PyPI crypto pay package aiocpa implants infostealer code Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 On the prowl for mobile malware. 27:18
27:18 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé27:18
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week, we are joined by Asheer Malhotra and Vitor Ventura from Cisco Talos, and they are discussing "Operation Celestial Force employs mobile and desktop malware to target Indian entities." Cisco Talos revealed Operation Celestial Force, an espionage campaign by the Pakistani threat group "Cosmic Leopard," targeting Indian defense, government, and technology sectors. Active for at least six years, the operation has recently increased its use of mobile malware and commercial spyware for surveillance. The research can be found here: Operation Celestial Force employs mobile and desktop malware to target Indian entities Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
Adam Khan , VP of Security Operations at Barracuda , joins to discuss his team's work on "The evolving use of QR codes in phishing attacks." Cybercriminals are evolving phishing tactics by embedding QR codes, or “quishing,” into PDF documents attached to emails, tricking recipients into scanning them to access malicious websites that steal credentials. Barracuda researchers found over half a million such emails from June to September 2024, with most impersonating brands like Microsoft, DocuSign, and Adobe to exploit urgency and trust. To counter these attacks, businesses should deploy multilayered email security, use AI-powered detection tools, educate employees on QR code risks, and enable multifactor authentication to safeguard accounts. The research can be found here: Threat Spotlight: The evolving use of QR codes in phishing attacks Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 Watching the watchers. IoT vulnerabilities exposed by AI. 21:15
21:15 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé21:15
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméThis week, we are joined by Andrew Morris , Founder and CTO of GreyNoise , to discuss their work on "GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI." GreyNoise discovered two critical zero-day vulnerabilities in IoT-connected live streaming cameras, used in sensitive environments like healthcare and industrial operations, by leveraging its AI-powered detection system, Sift. The vulnerabilities, CVE-2024-8956 (insufficient authentication) and CVE-2024-8957 (OS command injection), could allow attackers to take full control of affected devices, manipulate video feeds, or integrate them into botnets for broader attacks. This breakthrough underscores the transformative role of AI in identifying threats that traditional systems might miss, highlighting the urgent need for robust cybersecurity measures in the expanding IoT landscape. The research can be found here: GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 The JPHP loader breaking away from the pack. 25:52
25:52 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé25:52
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméShawn Kanady , Global Director of Trustwave SpiderLabs, to discuss their work on "Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader." Trustwave SpiderLabs has uncovered Pronsis Loader, a new malware variant using the rare programming language JPHP and stealthy installation tactics to evade detection. The malware is capable of delivering high-risk payloads like Lumma Stealer and Latrodectus, posing a significant threat. Researchers highlight its unique capabilities and infrastructure, offering insights for bolstering cybersecurity defenses. The research can be found here: Pronsis Loader: A JPHP-Driven Malware Diverging from D3F@ck Loader Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
1 Leaking your AWS API keys, on purpose? 26:30
26:30 Lire Plus Tard Lire Plus Tard Des listes J'aime Aimé26:30
Lire Plus Tard Lire Plus Tard Des listes J'aime AiméPlease enjoy this encore episode: Noah Pack, a SANS Internet Storm Center Intern, sits down to discuss research on "What happens when you accidentally leak your AWS API keys?" This research is a guest diary from Noah and shares a project he worked on after seeing an online video of someone who created a python script that emailed colleges asking for free swag to be shipped to him. The research states "In this article, I will share some research, resources, and real-world data related to leaked AWS API keys." In this research, Noah shares what he learned while implementing his experiment. The research can be found here: What happens when you accidentally leak your AWS API keys? [Guest Diary] Learn more about your ad choices. Visit megaphone.fm/adchoices…
R
Research Saturday
This week, we are joined by Ami Luttwak , Co-Founder and CTO from Wiz , sharing their work on "Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35 percent of Cloud Environments." A critical vulnerability in the NVIDIA Container Toolkit, widely used for GPU access in AI workloads, could allow attackers to escape containers and gain full access to host environments, jeopardizing sensitive data. Wiz estimates that at least 33% of cloud environments are affected and urges immediate updates to NVIDIA's patched version. This discovery highlights the broader issue of young, under-secured codebases in AI tools, emphasizing the need for stronger security measures and collaboration. The research can be found here: Wiz Research Finds Critical NVIDIA AI Vulnerability Affecting Containers Using NVIDIA GPUs, Including Over 35% of Cloud Environments Learn more about your ad choices. Visit megaphone.fm/adchoices…
Bienvenue sur Lecteur FM!
Lecteur FM recherche sur Internet des podcasts de haute qualité que vous pourrez apprécier dès maintenant. C'est la meilleure application de podcast et fonctionne sur Android, iPhone et le Web. Inscrivez-vous pour synchroniser les abonnements sur tous les appareils.
Similaire à Research Saturday
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Rae Johnston and guests take a fun, deep dive into how technology is reshaping our lives.
…
continue reading
S
Security Weekly Podcast Network (Audio)
1
Security Weekly Podcast Network (Audio)
Security Weekly Productions
2k3k
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Tech Life discovers and explains the ways technology is changing our lives, wherever we are in the world. We meet the people with bright ideas for rethinking the way we work, learn and play, and get hands-on with the products they dream up. We hold tech giants to account for their huge power to affect our lives, and ask who wins, and who loses, in the technology transformation. Tech Life is your guide to a future being made, and remade, at lightning speed in front of our eyes.
…
continue reading
W
What Next: TBD | Tech, power, and the future
1
What Next: TBD | Tech, power, and the future
Slate Podcasts
10k546
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Player FM - Application Podcast
Mettez-vous hors ligne avec l'application Player FM !
Mettez-vous hors ligne avec l'application Player FM !
))
