Sign up to save your podcasts
Or
Share Cybersecurity Today Month in Review: Microsoft Zero-Days, AI Deregulation
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cybersecurity Today Month in Review: Microsoft Zero-Days, AI Deregulation
Host Jim Love and panelists David Shipley, Laura Payne, and Jeff Williams discuss a researcher ("Chaotic/Nightmare Eclipse") publicly disclosing multiple Windows zero-days affecting components including Defender and BitLocker, frustration with Microsoft's vulnerability disclosure process, and backlash to Microsoft's initially threatening tone before it was partially walked back; the panel debates responsible disclosure, the need for researcher support/organization, transparency vs liability, and how vulnerability reporting is straining under volume. They then examine a White House AI executive order focused on voluntary measures and 30-day model access, criticizing the lack of basic safety and cybersecurity protections amid FOMO about losing to China and an AI investment bubble. The conversation covers AI-driven harms and studies on reduced brain activity and "cognitive surrender," while noting benefits when AI is used as a tutor. Shipley highlights Canada's Senate passing Bill C-8 on critical infrastructure cybersecurity, and the group urges outcome-focused security, architecture/risk prioritization, and critical thinking against AI-enabled social engineering.
Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security.
00:00 Sponsor Message 00:24 Show Welcome Panel 01:17 Microsoft Zero Day Fallout 04:19 Researcher Backlash Drama 06:46 Unionizing Bug Hunters 13:10 Product Liability Debate 23:23 Regulation vs Transparency 26:00 AI Bubble Investor Risk 28:01 White House AI Order 32:24 Cybersecurity Gaps Telecom 33:19 Telecom Trust Breakdown 34:32 AI Harms and Exploitation 35:36 Studies on Cognitive Surrender 38:13 Markets Regulation and Politics 40:13 Canada Cyber Law Win 42:33 Adoption Hype and Subsidy Bubble 48:50 Patch Deluge and AppSec Strain 52:10 Defenses Beyond Patching 54:17 Outcomes Critical Thinking and CIA 01:01:49 Education Disruption and Closing 01:04:14 Sponsor Message Material Security
View all episodes
By Jim Love
4.5
174174 ratings
Host Jim Love and panelists David Shipley, Laura Payne, and Jeff Williams discuss a researcher ("Chaotic/Nightmare Eclipse") publicly disclosing multiple Windows zero-days affecting components including Defender and BitLocker, frustration with Microsoft's vulnerability disclosure process, and backlash to Microsoft's initially threatening tone before it was partially walked back; the panel debates responsible disclosure, the need for researcher support/organization, transparency vs liability, and how vulnerability reporting is straining under volume. They then examine a White House AI executive order focused on voluntary measures and 30-day model access, criticizing the lack of basic safety and cybersecurity protections amid FOMO about losing to China and an AI investment bubble. The conversation covers AI-driven harms and studies on reduced brain activity and "cognitive surrender," while noting benefits when AI is used as a tutor. Shipley highlights Canada's Senate passing Bill C-8 on critical infrastructure cybersecurity, and the group urges outcome-focused security, architecture/risk prioritization, and critical thinking against AI-enabled social engineering.
Cybersecurity Today would like to thank Material Security for sponsoring this podcast. Material Security provides faster, more complete detection and response for email, identity, and data threats inside Google Workspace and Microsoft 365. You can contact them at material[dot]security.
00:00 Sponsor Message 00:24 Show Welcome Panel 01:17 Microsoft Zero Day Fallout 04:19 Researcher Backlash Drama 06:46 Unionizing Bug Hunters 13:10 Product Liability Debate 23:23 Regulation vs Transparency 26:00 AI Bubble Investor Risk 28:01 White House AI Order 32:24 Cybersecurity Gaps Telecom 33:19 Telecom Trust Breakdown 34:32 AI Harms and Exploitation 35:36 Studies on Cognitive Surrender 38:13 Markets Regulation and Politics 40:13 Canada Cyber Law Win 42:33 Adoption Hype and Subsidy Bubble 48:50 Patch Deluge and AppSec Strain 52:10 Defenses Beyond Patching 54:17 Outcomes Critical Thinking and CIA 01:01:49 Education Disruption and Closing 01:04:14 Sponsor Message Material Security
More shows like Cybersecurity Today
View all
Hacked
191 Listeners
Security Now (Audio)
2,008 Listeners
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
368 Listeners
Risky Business
376 Listeners
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
649 Listeners
CyberWire Daily
1,028 Listeners
Smashing Security
316 Listeners
Click Here
419 Listeners
Darknet Diaries
8,047 Listeners
Hacking Humans
314 Listeners
CISO Series Podcast
192 Listeners
Defense in Depth
73 Listeners
Cybersecurity Headlines
137 Listeners
Risky Bulletin
45 Listeners
Hacker And The Fed
167 Listeners