Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In this week's Intel Chat, Christopher Luft and Matt Bromiley discuss how attackers used AI to clone over 150 law firm websites, targeting fraud victims under the guise of offering legal assistance to recover lost funds. Chris points out how easy this has become with AI tools. Attackers can quickly clone a website, host it at a legitimate-looking domain, and start harvesting information. The episode also covers Russian cyber operations targeting the defense industrial base, Team PCP's campaign compromising 60,000+ servers, and exposed OLAMA AI infrastructure.

In this episode of _The Cyber Resilience Brief_, we break down the modern reality of *Iranian cyber warfare and industrial espionage*. Host Tova Dvorin and offensive security engineer Adrian Culley analyze the tactics, techniques, and procedures (TTPs) of *APT33, OilRig (APT34), and MuddyWater* — three of the most active Iranian state-sponsored threat actors targeting *energy, aviation, manufacturing, government, and critical infrastructure*.

An overview of the new Sophos Firewall Configuration Viewer - a standalone, browser-based tool that converts firewall configurations into a clear, human-readable format, enhancing your viewing, auditing, documentation, and comparison capabilities. All data is processed locally, so your information remains 100% private. Ask questions and get expert answers in the Sophos Community.

Multi purpose devices such as Flipper Zero support security audits through radio, infrared and bluetooth testing, while also enabling garage door opens and other abuse. Some countries ban these tools outright and treat them as malicious, yet the real issue sits with intent, in the same way a weapon in the wrong hands becomes a problem. ⸻ For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com. We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion..

In this video, Clark Pichon, Security Operations Center Manager, shares how they're leveling up security operations with the help of AI and automation. From building queries faster using Dojo AI to cutting down time-to-detection and closing alerts more efficiently with SIEM automation, see how these tools are helping the team work smarter and respond faster than ever before.

Stop building AI agents that CISOs will never approve. If your agents are stuck in the POC (Proof of Concept) stage, it’s likely because they lack a "Passport" and a governance framework. In this clip, Arjun Subedi breaks down why "how well it works" isn't the biggest question in AI anymore—it's "how can I govern it?" Discover how mapping AGENTIC attacks to the MITRE ATT&CK framework through SafeMCP is the missing link to enterprise-level deployment.

Some apps know way more about you than you think. A quick permissions check can go a long way in keeping your personal stuff… personal. One small habit = one big privacy win.

In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization. Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations, and why conditional access and governance must be foundational, not optional.

This week’s briefing covers: Dive deeper.

This week on the podcast, we discuss OpenClaw, the open source chatbot that has exploded in popularity since launching late last year, and some of the risk it introduces to organizations. Before that, we chat about Ring's Super Bowl advertisement that caused a stir before ending with a Google Threat Intelligence Group report on advanced threat actor AI usage.