Hawaii Cybersecurity Journal

Microsoft’s CVP of Fraud on Combating Ecosystem Abuse

In this episode of The BlueHat Podcast, hosts Nic Fillingham and Wendy Zenone are joined by Jason Geffner, Principal Security Architect at Microsoft, to discuss his groundbreaking work on scaling and automating Dynamic Application Security Testing (DAST). Following on from his BlueHat 2024 session, and outlined in this MSRC blog post, Jason explains the key differences between DAST, SAST, and IAST

Cyberattack disrupts dozens of newspapers published by Lee Enterprises.

In this episode of the Microsoft Threat Intelligence Podcast, host Sherrod DeGrippo is joined by two expert guests to explore critical challenges in today’s evolving threat landscape. First, Sherrod sits down with Kelly Bissell, CVP of Fraud at Microsoft, to discuss the complexities of combating fraud and product abuse. Kelly digs into the unique challenges Microsoft faces, highlighting prevalent

Yesterday

The CyberWire / 21h

CISA warns of actively exploited Trimble Cityworks vulnerability. Indiana man sentenced to 20 years for $37 million cryptocurrency theft.

Feb 8, 2025

LIVE! From Philly

The CyberWire / 2d

Direct from CyberMarketingCon 2024: From Concept to Mic: Crafting a Hit Podcast with Impact Podcasts have become vital tools for sharing knowledge and insights, particularly in technical fields like cybersecurity. "Threat Vector," led by David Moulton, serves as an essential guide through the complex landscape of cyber threats, offering expert interviews and in-depth analysis. In this session, Dav

Feb 7, 2025

Cleo’s trojan horse.

3 TTPs

•

DOGE's activities within Federal networks raise cybersecurity concerns.

Mark Manglicmot, SVP of Security Services from Arctic Wolf, is sharing their research on "Cleopatra’s Shadow: A Mass Exploitation Campaign Deploying a Java Backdoor Through Zero-Day Exploitation of Cleo MFT Software." Arctic Wolf Labs discovered an ongoing exploitation campaign targeting Cleo Managed File Transfer (MFT) products, beginning on December 7, 2024. Threat actors used a malicious PowerS

UK government has reportedly demanded a backdoor to encrypted iCloud accounts. Thailand cuts power to Myanmar to disrupt scam hubs.

DOGE-eat-DOGE world.

UK government has reportedly demanded a backdoor to encrypted iCloud accounts.

Security concerns grow over DOGE’s use of AI. The British government demands access to encrypted iCloud accounts. Researchers identify critical vulnerabilities in the DeepSeek iOS app. Microsoft Edge uses AI to block scareware. A phishing campaign targets Facebook users with fake copyright infringement notices. Researchers discover malicious machine learning models on Hugging Face. A major data br

Jailbreaking Bad: The AI Industry is Cooked

DOGE team uses AI software to sift through sensitive data. Researchers identify security issues in DeepSeek's iOS app.

Feb 6, 2025

Welcome back to The FAIK Files! When tech gets weird, we're here to help make sense of it all. In this week's show: -We explore how randomness in AI systems creates the illusion of thought -A disturbing case of AI chatbots being weaponized for cyberstalking -Anthropic's new approach to preventing AI jailbreaks -And our AI dumpster fire of the week is... AI... the whole thing... all of it

FCC around and find out.

Justice Department looks to block Juniper and Hewlett Packard merger.

Chaos and security concerns continue in Washington. Spanish authorities arrest a man suspected of hacking NATO, the UN, and the US Army. A major U.S. hiring platform exposes millions of resumes. Another British engineering firm suffers a cyberattack. Cisco patches multiple vulnerabilities. Cybercriminals exploit SVG files in phishing attacks. SparkCat SDK targets cryptocurrency via Android and iOS

Spanish police arrest hacker who allegedly breached NATO and the UN.

Italy's Garante targets Deepseek over data protection concerns.

Rethinking Cloud Security Strategies

Ransomware payments dropped steeply in 2024. Thailand cuts power to Myanmar to disrupt scam hubs.

Feb 5, 2025

Old school scams updated.

Cloud security is more complex than ever. Organizations move fast, but security teams often struggle to keep up. In this episode of Threat Vector, host David Moulton speaks with Amol Mathur, SVP of Products for Prisma Cloud at Palo Alto Networks, about how platformization is reshaping cloud security. Amol shares why security can’t be siloed, how AI is transforming threat detection, and why a proac

The future of software security standards.

On this episode of Hacking Humans, we are going old school with Dave Bittner and Joe Carrigan sans T-Minus host Maria Varmazis (as she was hanging out with astronauts at the SpaceCom event). Not to worry, Dave and Joe have it covered sharing the latest in social engineering scams, phishing schemes, and criminal exploits that are making headlines to help our audience become aware of what is out the

This week, we are joined by Jeff Williams, former Global Chairman of OWASP and Founder and CTO of Contrast Security, who is discussing what could happen to "Secure by Design" in the next administration and how to secure software through regs. Ben has the story of Elon Musk’s and DOGE’s incursion into federal databases. Dave's got the story of a man who was wrongly convicted of identity theft.

DOGE days numbered?

US Justice Department sues to block HPE's acquisition of Juniper Networks.

The DOGE team faces growing backlash. The Five Eyes release guidance on protecting edge devices. A critical macOS kernel vulnerability allows privilege escalation, memory corruption, and kernel code execution. Google and Mozilla release security updates for Chrome and Firefox. Multiple Veeam backup products are vulnerable to man-in-the-middle attacks. Zyxel suggests you replace those outdated rout

DOJ may block HPE Juniper deal

•

DOGE's activities within Federal networks raise cybersecurity concerns.

Arctic Wolf completes acquisition of BlackBerry’s Cylance.

How to Sell Security to Local Governments, Mayors, and Councils with Kush Sharma

Five Eyes agencies issue security guidance for network edge devices. PoC exploit released for macOS kernel flaw.

Feb 4, 2025

A wolf in DOGE’s clothing?

Marketing and selling cybersecurity to local government isn't like pitching to a Fortune 500 company—it’s an entirely different game. In this episode, Kush Sharma, Director of Municipal Modernization and Partnerships at MISA Ontario, joins Gianna and Maria to pull back the curtain on how cybersecurity budgets are actually won (and lost) in the public sector.

Abandoned cloud infrastructure creates major security risks.

DOGE’s unchecked access to federal networks sparks major cybersecurity fears. Senator Hawley’s AI ban targets China and raises free speech concerns. Apple service ticket portal vulnerability exposed millions of users’ data. North Korean ‘FlexibleFerret’ malware targets macos via job scams and fake zoom apps. February 2025 android security update fixes 48 vulnerabilities, including exploited zero-d