This podcast episode discusses the possible exit scam of ransomware-as-a-service gang Alphv/BlackCat, as well as the chaotic months the gang had leading up to its closure.

Risk & Repeat: LockBit resurfaces after takedown

Feb 27th, 2024

LockBit returns just days after an international law enforcement operation infiltrated the ransomware gang's network and seized infrastructure, source code and decryption keys.

Risk & Repeat: Breaking down SEC charges against SolarWinds

Nov 1st, 2023

This episode covers the SEC charges against SolarWinds and CISO Timothy Brown for allegedly hiding known cybersecurity risks prior to the 2020 supply chain attack it suffered.

Risk & Repeat: Okta under fire after support system breach

Oct 26th, 2023

This podcast episode covers a security breach suffered by identity vendor Okta involving its customer support systems, which has sparked criticism from customers.

Risk & Repeat: Rapid Reset and the future of DDoS attacks

Oct 12th, 2023

This podcast episode covers the record-breaking DDoS attack Rapid Reset, why it stands out among other DDoS campaigns and whether it will be widely replicated in the future.

Risk & Repeat: MGM, Caesars casino hacks disrupt Las Vegas

Sep 19th, 2023

This podcast episode compares the cyber attacks suffered by casino giants MGM Resorts and Caesars Entertainment in recent weeks and the fallout from them.

Risk & Repeat: Big questions remain on Storm-0558 attacks

Sep 12th, 2023

Microsoft revealed that Storm-0558 threat actors stole a consumer signing key from its corporate network, but many questions about the breach and subsequent attacks remain.

Risk & Repeat: Digging into Microsoft security criticisms

Aug 30th, 2023

Executives, researchers and former employees told TechTarget Editorial about issues with Microsoft security practices, including patch bypasses, poor transparency and more.

Risk & Repeat: Highlights from Black Hat USA 2023

Aug 17th, 2023

Black Hat USA 2023 in Las Vegas covered several trends, such as generative AI and cloud security issues, as well as new vulnerabilities, including the Downfall flaw in Intel chips.

Risk & Repeat: Microsoft takes heat over Storm-0558 attacks

Aug 3rd, 2023

The Storm-0558 attacks have raised questions about Microsoft's response to a cloud flaw and a stolen MSA key that was used to compromise customer email accounts.

Risk & Repeat: Microsoft takes heat over Storm-0588 attacks

Aug 3rd, 2023

The Storm-0588 attacks have raised questions about Microsoft's response to a cloud flaw and a stolen MSA key that was used to compromise customer email accounts.

Risk & Repeat: Are data extortion attacks ransomware?

Jul 20th, 2023

Ransomware gangs are focusing more on data theft and extortion, while skipping the encryption of networks. But should these attacks still be considered ransomware?

Risk & Repeat: How bad is Clop's MoveIt Transfer campaign?

Jul 11th, 2023

Clop's data theft and extortion campaign against MoveIt Transfer customers marks some of the most high-profile threat activity this year, but its success level remains unclear.

Risk & Repeat: More victims emerge from MoveIt Transfer flaw

Jun 20th, 2023

CISA last week said several federal agencies suffered data breaches resulting from a MoveIt Transfer zero-day vulnerability, though it's unclear what type of data was stolen.

Risk & Repeat: Mandiant sheds light on Barracuda ESG attacks

Jun 15th, 2023

Barracuda Networks attempted to fix the critical ESG zero-day vulnerability, but a Chinese nation-state threat actor was able to maintain access on compromised devices.

Risk & Repeat: MoveIt Transfer flaw triggers data breaches

Jun 8th, 2023

Several organizations, predominantly in the U.K., have confirmed data breaches that stemmed from exploitation of the critical MoveIt Transfer zero-day vulnerability.

Risk & Repeat: Moveit Transfer flaw triggers data breaches

Jun 8th, 2023

Several organizations, predominantly in the U.K., have confirmed data breaches that stemmed from exploitation of the critical Moveit Transfer zero-day vulnerability.

Risk & Repeat: A troubling trend of poor breach disclosures

May 25th, 2023

This Risk & Repeat episode covers three data breach disclosures from Dish Network, Gentex Corporation and Clarke County Hospital and the troubling trends that connect all three.

Risk & Repeat: Ex-Uber CSO Joe Sullivan sentenced

May 9th, 2023

This podcast episode covers the sentencing of former Uber CSO Joe Sullivan over the 2016 breach cover-up, and what it means for other security executives and the industry at large.

Risk & Repeat: Security industry bets on AI at RSA Conference

May 2nd, 2023

This podcast episode covers the focus on AI-powered security products and uses at RSA Conference 2023 in San Francisco last week, as well as other trends at the show.

Risk & Repeat: Inside the 3CX supply chain attack

Apr 4th, 2023

This podcast episode discusses the 3CX supply chain attack, where it may have started, who was behind it and how the unified communications vendor has responded to the incident.

BreachForums taken down after arrest of alleged owner

Mar 22nd, 2023

This Risk & Repeat podcast episode covers the arrest of BreachForums' alleged owner and the site's subsequent closure, as well as possible connections to the DC Health Link breach.

Hacker claims exposed database led to DC Health Link breach

Mar 15th, 2023

This Risk & Repeat podcast episode covers the breach of health insurance exchange DC Health Link, as well as a hacker's claim that the breach was caused by an exposed database.

Biden administration raises software liability questions

Mar 7th, 2023

This Risk & Repeat podcast episode discusses the White House's National Cybersecurity Strategy and its proposal to hold technology companies liable for insecure software.

ESXiArgs attack vector unclear as infections continue

Feb 15th, 2023

This Risk & Repeat podcast episode discusses the recent developments involving ESXiArgs, the ransomware variant that has been infecting vulnerable VMware ESXi servers this month.