Smart devices: using them safely in your home
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
<div>Many everyday items are now connected to the internet: we explain how to use them safely.</div>
<div>Risk appetites; what are they, what’s their purpose, how do organisations go about defining them?</div>
<div>Jon L provides an update on the NCSC's guidance on the 'WannaCry' ransomware.</div>
<div>Why I'm trying desperately to stop saying 'it depends' when it comes to simple cyber security questions...</div>
<div>The NCSC's Cloud Security Research Lead suggests some approaches to help you get confidence in cloud services.</div>
<div>Andy P explains how the NCSC rolls out software updates without delays.</div>
<div>An updated report from the NCSC explaining how UK law firms - of all sizes - can protect themselves from common cyber threats.</div>
<div>Recommended profiles to securely configure TLS for the most common versions and scenarios, with additional guidance for managing older versions.</div>
<div>How setting up 2SV can help protect your online accounts, even if your password is stolen.</div>
<div>Highlighting guidance which will help you secure your servers</div>
This show has been flagged as Clean by the host.Hi all!TopicsTopic 1: Hello, my name is Antoine.Topic 2: I listened to you!a) Comment from Archer72:"[...] Audio setups are *definitely* of interest to hackers :)"Link:https://hackerpublicradio.org/eps/hpr4325/index.html#comment_4278b) From hpr4351 :: HPR Community News for March 2025 (on the show)Something like: 'I'm not going to read your (long) comments, give a show on it'.Sorry for making you read my comments, dear HPR Janitors! (Specially you,
Dimitri Stiliadis, CTO from Endor Labs, discusses the recent tj-actions/changed-files supply chain attack, where a compromised GitHub Action exposed CI/CD secrets. We explore the impressive multi-stage attack vector and the broader often-overlooked vulnerabilities in our CI/CD pipelines, emphasizing the need to treat these build systems with production-level security rigor instead of ignoring them. The show notes and blog post for this episode can be found at https://opensourcesecurity.io/2025/2
Authors/Presenters: Douglas McKeeOur sincere appreciation to BSidesLV, and the Presenters/Authors for publishing their erudite Security BSidesLV24 content. Originating from the conference’s events located at the Tuscany Suites & Casino; and via the organizations YouTube channel. PermalinkThe post BSidesLV24 – Ground Truth – Seek Out New Protocols, And Boldly Go Where No One Has Gone Before appeared first on Security Boulevard.
<p>Discover how SecOps is evolving from reactive alert handling to proactive, identity-driven security operations, and how Grip helps teams stay ahead of threats.</p><p>The post <a href="https://securityboulevard.com/2025/04/grip-security-defines-the-identity-driven-future-of-secops/">Grip Security Defines the Identity-Driven Future of SecOps</a> appeared first on <a href="https://securityboulevard.com">Security Boulevard</a>.</p>
Coinbase has fixed a confusing bug in its account activity logs that caused users to think their credentials were compromised. [...]
Microsoft warns that threat actor Storm-1977 is behind password spraying attacks against cloud tenants in the education sector.Over the past year, Microsoft Threat Intelligence researchers observed a threat actor, tracked as Storm-1977, using AzureChecker.exe to launch password spray attacks against cloud tenants in the education sector. AzureChecker.exe connected to sac-auth[.]nodefunction[.]vip to download AES-encrypted data, which, once decrypted, revealed password spray targets. It also acce
The New Dawn Returns – Horizon Shifts in Cyberattack Trends Following our in-depth analysis of IBM’s 2025 Threat Intelligence Index, CybeReady’s research team has identified a significant “Back to the Future” moment in cyberattack trends that validates our longstanding approach to cyber readiness training. Our examination reveals a clear return to older but increasingly dominant […]The post Identity is the New Perimeter: CybeReady’s Analysis of IBM’s X-Force 2025 Threat Intelligence Index appear
Microsoft has revealed that a threat actor it tracks as Storm-1977 has conducted password spraying attacks against cloud tenants in the education sector over the past year."The attack involves the use of AzureChecker.exe, a Command Line Interface (CLI) tool that is being used by a wide range of threat actors," the Microsoft Threat Intelligence team said in an analysis.The tech giant noted that
Brave has open-sourceed a new tool called "Cookiecrumbler," which uses large language models (LLMs) to detect cookie consent notices and then community-driven reviews to block those that won't break site functionality. [...]
Digital forensics has become a cornerstone of modern cybersecurity strategies, moving beyond its traditional role of post-incident investigation to become an essential proactive defense mechanism. Organizations today face an ever-expanding threat landscape, with attackers employing increasingly sophisticated tactics to breach defenses and compromise sensitive data. In this environment, digital forensics provides the technical foundation for […]The post How To Use Digital Forensics To Stren