## 🎙️ Hosts

- **Professor CyberRisk**

- **Cyber Cowboy**

---

## 🌐 Live Cyber Maps

- [Bitdefender Threat Map](https://threatmap.bitdefender.com/)

- [Checkpoint Threat Map](https://threatmap.checkpoint.com/)

- [Kaspersky Cyber Threat Map](https://cybermap.kaspersky.com/)

- [Talos Intelligence – EBC Spam Map](https://talosintelligence.com/ebc_spam)

---

## 📣 Episode Information

**Title:** _Ransomware, Romance, and Recon: The Week Cybersecurity Got Personal_

**Episode Number:** 3x18

**Overview:**

This week, Professor CyberRisk and Cyber Cowboy break down the latest cybersecurity headlines—from a ransomware strike on Mailchimp to a dating app exposing private messages. We also dive into a billion-dollar acquisition that could reshape identity security, and a mysterious breach involving U.S. spy satellite contractors. If you thought your inbox, your dating life, or your government were safe… think again.

---

## 🎤 Guest Information

None this episode

---

## 🧠 Topics Covered

- Ransomware targeting SaaS platforms

- Identity security consolidation

- Data privacy in consumer apps

- Third-party risk in government systems

- Regulatory pressure on social platforms

---

## 🔥 Top Stories

**Mailchimp Targeted in Ransomware Attack—Data Exposure Downplayed**

Mailchimp was hit by ransomware this week, with potential exposure of customer data. The company claims minimal impact, but experts warn of phishing and impersonation risks.

🔗 [Read more](https://cybernews.com/news/)

---

## 🧩 Additional Cybersecurity News – Titles and URLs

**Palo Alto Networks to Acquire CyberArk**

A $20B merger that could redefine identity and access management.

🔗 [Read more](https://cybernews.com/news/)

**Dating App Tea Suffers Second Major Data Leak**

Over 1M messages and 72K images exposed—again.

🔗 [Read more](https://cybernews.com/news/)

**US Spy Satellite Agency Investigates Contracting Site Incident**

NRO confirms breach of contractor portal, law enforcement involved.

🔗 [Read more](https://cybernews.com/news/)

**UK's Age Verification Law Puts X (formerly Twitter) Under Scrutiny**

Regulators call out weak enforcement of age checks.

🔗 [Read more](https://cybernews.com/news/)

---

## 📚 Resources & Links

None this episode

---

## 📢 Call to Action

- **Subscribe:** Stay updated on cybersecurity threats.

- **Leave a Review:** Let us know what you think.

- **Join the Conversation:** Follow our community and ask questions.

---

## 💼 Sponsor (if applicable)

No sponsors this episode

---

## 🌐 Podcast Socials & Website

- **Website:** [https://www.youvealreadybeenhacked.com](https://www.youvealreadybeenhacked.com/)

- **X:** [@professorcyberrisk](https://twitter.com/professorcyberrisk)

- **YouTube:** [https://www.youtube.com/@YABHPodcast](https://www.youtube.com/@YABHPodcast)

- **Discord/Community Forum:** coming soon

### Hosts

- Professor CyberRisk

- Cyber Cowboy

---

### Live Cyber Maps

- Bitdefender Threat Map: https://threatmap.bitdefender.com/

- Checkpoint Threat Map: https://threatmap.checkpoint.com/

- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

- Talos Intelligence – ebc_spam Map: https://talosintelligence.com/ebc_spam

---

### Episode Information

**Title:** _Zero-Days, VPN Leaks & Listener Qs: Cyber Threats That Just Got Real_

**Episode Number:** 3x17

---

### Overview

Professor CyberRisk and Cyber Cowboy break down a wave of fresh exploits targeting enterprise systems, open-source platforms, and consumer devices — all backed by active threat intel. They kick things off with powerful questions from a listener in military/law enforcement, cover recent zero-days and VPN bugs, and dissect the cybercriminal playbook now exploiting accessibility APIs and fashion brands alike.

---

### Guest Information

None this episode

---

### Topics Covered

- Essential cyber hygiene for defense and law enforcement professionals

- Real-world deterrence: what it takes to punish threat actors

- SharePoint zero-day hits public sector

- Arch Linux packages laced with Chaos RAT

- Dior breach via third-party vendor

- ExpressVPN leak and RDP exposure

- Banking trojan weaponizes Windows UI Automation

---

### Top Stories

**🧨 Widespread SharePoint Zero-Day Exploitation Hits U.S. Agencies**

Hackers exploit CVEs 2025-49704/49706 to deploy Warlock ransomware via malicious web shells.

📎 [Daily Security Review coverage](https://dailysecurityreview.com/)

---

### Additional Cybersecurity News – Titles and URLs

**🧪 Arch Linux AUR Packages Deliver Chaos RAT**

📎 [DSR Report](https://dailysecurityreview.com/)

**🕵️‍♂️ Dior Confirms Customer Data Breach via Vendor Compromise**

📎 [DSR Article](https://dailysecurityreview.com/)

**🧱 ExpressVPN Bug Exposed Real IPs During RDP Use**

📎 [DSR Coverage](https://dailysecurityreview.com/)

**🐍 Coyote Malware Variant Exploits Windows UI Automation for Credential Theft**

📎 [The Hacker News report](https://thehackernews.com/)

---

### Resources & Links

None this episode

---

### Call to Action

- Subscribe: Stay updated on cybersecurity threats.

- Leave a Review: Let us know what you think.

- Join the Conversation: Follow our community and ask questions.

---

### Sponsor

No sponsors this episode

---

### Podcast Socials & Website

- Website: https://www.youvealreadybeenhacked.com

- X: @professorcyberrisk

- YouTube: https://www.youtube.com/@YABHPodcast

- Discord/Community Forum: coming soon

Hosts

* Professor CyberRisk

* Cyber Cowboy

Live Cyber Maps

Bitdefender Threat Map: https://threatmap.bitdefender.com/

Live Cyber threat map: https://threatmap.checkpoint.com/

Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

Episode Information

Title: 🔐 “Zero Trust, Zero Sleep: Threats You Didn't Patch in Time”

Episode Number: 3x16

Overview

This week, Professor CyberRisk and Cyber Cowboy ride through the blazing terrain of unpatched APIs, firmware-level betrayals, and malware hiding in plain sight. From Cisco’s critical ISE flaw to Europol’s real-life takedown of pro-Russian DDoS mercenaries — we break down what’s urgent, what’s systemic, and what’s just plain terrifying. No guests, just gas.

Guest Information

No Guest this week

Top Stories

1. Cisco ISE Vulnerability — CVE-2025-20337 (CVSS 10)

2. Chinese APTs Target Taiwan’s Semiconductor Supply Chain

3. Europol Disrupts NoName057(16) Hacktivist DDoS Crew

4. GitHub Used as Malware Delivery Infrastructure

5. BADBOX 2.0 Preinstalled on Android IoT Devices Worldwide

Additional Cybersecurity News – Titles and URLs

* Cisco Advisory: https://sec.cloudapps.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-ise-unauth-rce-ZAd2GnJ6

* The Hacker News – Taiwan Espionage: https://thehackernews.com/2025/07/chinese-hackers-target-taiwans.html

* Europol Press Release: https://www.europol.europa.eu/media-press/newsroom/news/global-operation-targets-noname05716-pro-russian-cybercrime-network

* Cisco Talos – GitHub Malware Campaign: https://blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/

* Android Authority – BADBOX 2.0: https://www.androidauthority.com/google-sues-badbox-2-0-android-botnet-3579060/

Resources & Links

None this episode

Call to Action

* Subscribe: Stay updated on cybersecurity threats.

* Leave a Review: Let us know what you think.

* Join the Conversation: Follow our community and ask questions.

Sponsor (if applicable)

No sponsors this episode

Podcast Socials & Website

* Website: https://www.youvealreadybeenhacked.com

* X: @professorcyberrisk

* YouTube: https://www.youtube.com/@YABHPodcast

* Discord/Community Forum: The Neural Network "coming soon"

**Hosts**

- Professor CyberRisk

- Cyber Cowboy

**Live Cyber Maps**

- Bitdefender Threat Map: https://threatmap.bitdefender.com/

- Check Point Threat Map: https://threatmap.checkpoint.com/

- Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/

- Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam

**Episode Information**  _Title:_ Patch Fatigue & Laptop Farms  _Episode Number:_ 315 (3x15)

**Overview** This week, we explore the weakening foundation of global vulnerability databases, Microsoft’s massive patch release, a North Korean infiltration campaign, Rust-based malware targeting gamers, and a silent threat to developer ecosystems. From CI pipelines to “laptop farms,” threat actors are getting creative — and we’re unpacking what it means for the future of cybersecurity.

**Guest Information** None this episode

**Top Stories** 🔸 _Global Vulnerability Databases Are Cracking_ NVD’s 25K+ vulnerability backlog and CVE’s near-collapse signal deep trouble. CISA’s “Vulnrichment” aims to decentralize enrichment, but public trust is deteriorating. → Why It Matters:

- C 🔗 https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/

🔸 _Microsoft Patches 130 Flaws — No Zero-Days_ July’s Patch Tuesday resolved 130 vulnerabilities including a wormable SPNEGO flaw (CVSS 9.8). Zero-day drought continues, with RCE and escalation attacks surging. → Why It Matters:

-” 🔗 https://www.cybersecurity-review.com/news-july-2025/

🔸 _North Korean IT Worker Scheme Dismantled_ DOJ busted a sprawling DPRK operation using fake identities to infiltrate 100+ U.S. companies. 21 “laptop farms” across 14 states fueled $900K in crypto funding. → Why It Matters:

-” 🔗 https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/

🔸 _Myth Stealer Targets Gamers & Browsers_ Rust-based malware spreads via fake cheat tools, collecting credentials and autofill data. A free Telegram drop evolved into a full MaaS operation. → Why It Matters:

- 🔗 https://www.secmentis.com/news/

🔸 _CI Flaw in Open VSX Threatens Millions of Devs_ A flaw in Open VSX Registry’s CI pipeline exposed millions of VS Code users to silent compromise. Platforms like Gitpod and Google Cloud Shell were at risk. → Why It Matters:

- https://www.iwebbs.com/newsletter/july-2025-cybersecurity-newsletter/

**Additional Cybersecurity News – Titles and URLs** None this episode

**Resources & Links** None this episode

**Call to Action**

- Subscribe: Stay updated on cybersecurity threats.

- Leave a Review: Let us know what you think.

- Join the Conversation: Follow our community and ask questions.

**Sponsor (if applicable)** No sponsors this episode

**Podcast Socials & Website**

- Website: https://www.youvealreadybeenhacked.com

- X: @professorcyberrisk

- YouTube: https://www.youtube.com/@YABHPodcast

- Discord/Community Forum: coming soon

**Hosts**

- Professor CyberRisk

- Cyber Cowboy

**Live Cyber Maps** Bitdefender Threat Map: https://threatmap.bitdefender.com/  Live Cyber Threat Map: https://threatmap.checkpoint.com/  Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/  Talos Intelligence - ebc_spam Map: https://talosintelligence.com/ebc_spam

**Episode Information**  **Title**: Inside Job or Global Takedown? Cyber Attacks, AI Frontlines & Educational Standoffs **Episode Number**: 314

**Overview** A global ransomware strike knocks out a supply giant. A ransomware negotiator faces a DOJ probe. Students launch a cyber nonprofit. AI takes command of the SOC. And a legal battle ignites over virtual student visibility. This episode explores the thin line between resilience and vulnerability in modern cybersecurity.

**Guest Information** No guests this episode.

**Topics Covered**

- Ingram Micro ransomware incident and global supply chain impacts

- Ethics breach in ransomware negotiations

- AI integration in threat detection and incident response

- Student-led cybersecurity initiatives for SMBs

- Legal conflict over virtual learning surveillance policies

**Top Stories**  **Ingram Micro Hit by Ransomware: Global Supply Chain Disrupted**

- Global IT distributor paralyzed by ransomware, halting orders on July 4th weekend

- Systems impacted: Xvantage, licensing, backend logistics

- Group "Safepay" suspected behind the breach

- Highlights fragility in vendor ecosystems and need for clearer crisis comms

**Additional Cybersecurity News – Titles and URLs**  **The Negotiator Turned Double Agent? DOJ Investigates Ransomware Middleman**  _US DoJ Probes Ex-Ransomware Negotiator Over Alleged Extortion Kickbacks_

**LLMs Take Over the SOC: Hype, Hope, and Hallucinations**  _Why Large Language Models Are The Future Of Cybersecurity_

**Students Launch Free Pen Testing Nonprofit to Help SMBs Fight Back**  _BGSU Students Create Nonprofit to Provide Free Cybersecurity Testing_

**Cyber School’s Surveillance Debate Goes Legal**  _Central Pa. Cyber School Facing Suit Says It’s ‘Unreasonable’ for Teachers to See Students Weekly – PennLive.com_

**Resources & Links** None this episode

**Call to Action**

- Subscribe: Stay updated on cybersecurity threats.

- Leave a Review: Let us know what you think.

- Join the Conversation: Follow our community and ask questions.

**Sponsor (if applicable)** No sponsors this episode

**Podcast Socials & Website**

- Website: https://www.youvealreadybeenhacked.com

- X: @professorcyberrisk

- YouTube: https://www.youtube.com/@YABHPodcast

- Discord/Community Forum: coming soon

Hosts

• Professor CyberRisk

Live Cyber Maps

• Bitdefender Threat Map: https://threatmap.bitdefender.com/
• Check Point Threat Map: https://threatmap.checkpoint.com/
• Kaspersky Cyber Threat Map: https://cybermap.kaspersky.com/
• Talos Intelligence ebc_spam Map: https://talosintelligence.com/ebc_spam

Episode Information

• Title: Cyber Frontlines: From DevOps to Digital Battlefields
• Episode Number: 313

Overview This week, we’re cutting through the noise to bring you five critical cybersecurity stories. From DevOps compliance challenges and AI-powered hospital defenses to international cybercrime crackdowns and military cyber readiness, this episode is packed with insights that matter. No sports. Just signal.

Guest Information None this episode

Topics Covered

• DevOps and global compliance pressure
• K–12 cyber education policy shifts
• AI applications in healthcare security
• Nigeria’s cybercrime response evolution
• Military CEMA strategy and leadership transition

Top Stories

1. Cybersecurity Laws Reshaping DevOps
2. Cybersecurity in Education—Funding Gaps & Policy Shifts
3. AI vs. Ransomware in Healthcare
4. Nigeria’s Crackdown on Cybercrime
5. 11th Cyber Battalion Change of Command

Additional Cybersecurity News – Titles and URLs None this episode

Resources & Links None this episode

Call to Action

• Subscribe: Stay updated on cybersecurity threats.
• Leave a Review: Let us know what you think.
• Join the Conversation: Follow our community and ask questions.

Sponsor (if applicable) No sponsors this episode

Podcast Socials & Website

• Website: https://www.youvealreadybeenhacked.com
• X: @professorcyberrisk
• YouTube: https://www.youtube.com/@YABHPodcast
• Discord/Community Forum: Coming soon

**Host**  

* Professor CyberRisk  

**Live Cyber Maps**  

* Bitdefender: https://threatmap.bitdefender.com/  

* Checkpoint: https://threatmap.checkpoint.com/  

* Kaspersky: https://cybermap.kaspersky.com/  

* Talos: https://talosintelligence.com/ebc_spam  

---

**Episode Information**  

**Title:** Throwbacks, Threats & Low-Code Chaos: BSIDES San Antonio 2025 Recap  

**Episode Number:*3x12* 

---

**Overview**  

Professor CyberRisk recaps key takeaways from BSIDES San Antonio 2025—from the old-school vulnerabilities still driving breaches, to the emerging risks of citizen automation and low-code tools. Featuring stories of real-world failures, practical patching tips, and AI agents flirting with operational use.

---

**Guest Information**  

No guest this episode  

---

**Topics Covered**  

* Legacy exploits and why attackers love “throwbacks”  

* Baltimore’s ransomware event, Equifax’s missed patch, Oracle Health’s oversight  

* Gift card scams: why they still cost us hundreds of millions  

* Business insurance denials due to known unpatched vulnerabilities  

* The rise of low-code/no-code: convenience vs. control  

* Risks in tools like N8N, Power Automate, and shared automation templates  

* OWASP’s Low-Code/No-Code Top 10 and why it matters  

* CVE analysis using AI agents and the limits of large language models  

* Retrieval-Augmented Generation (RAG), LangChain, Model Content Protocol (MCP)  

---

**Top Stories**  

* FBI & CISA joint advisory on Ghost Ransomware  

* Phishing remains the #1 vector—32% of ransomware linked to old, unpatched flaws  

* Humans are still the weakest link: poor training, fear of downtime, no patch policies  

---

**Additional Cybersecurity News – Titles and URLs**  

None this episode  

---

**Resources & Links**  

None this episode  

---

**Call to Action**  

* **Subscribe:** Stay informed on cybersecurity threats  

* **Leave a Review:** Share your feedback  

* **Join the Conversation:** Connect with our growing community  

---

**Sponsor**  

No sponsors this episode  

---

**Podcast Socials & Website**  

* Website: https://www.youvealreadybeenhacked.com  

* X: @professorcyberrisk  

* YouTube: https://www.youtube.com/@YABHPodcast  

* Discord/Community Forum: coming soon  

### Hosts

- Professor CyberRisk

- Cyber Cowboy

### Live Cyber Maps

- Bitdefender Threat Map

- Live Cyber Threat Map

- Kaspersky Cyber Threat Map

- Talos Intelligence - ebc_spam Map

### Episode Information

**Title:** Securing Our Future: A Deep Dive into Cybersecurity Challenges and Solutions  **Episode Number:** 311

### Overview

This episode explores critical cybersecurity challenges, from human error to emerging threats. We highlight industry efforts, user experience in security tools, key figures driving innovation, and strategies for engaging CISOs in an AI-driven world.

### Guest Information

None this episode

### Topics Covered

- The human element in cybersecurity

- AI-driven security solutions

- FBI warnings about BADBOX 2.0 malware

- Cyberattacks disrupting grocery supply chains

- National cybersecurity competitions fostering new talent

### Top Stories

**The Human Element in Cybersecurity** Despite being a major vulnerability, human involvement can also be a security asset. Awareness campaigns, training, and fostering a strong security culture are essential to mitigating risks.

### Additional Cybersecurity News – Titles and URLs

- **FBI Warns of BADBOX 2.0 Hijacking Android IoT Devices**  _Millions of Android-based IoT devices have been compromised, turning them into nodes in a global botnet._

- **Cyberattack Hits UNFI, Disrupting Grocery Supply Chains**  _UNFI, a major grocery distributor, faces IT outages, leading to empty store shelves and stock declines._

- **Cybersecurity Industry’s Response to Foreign Threat Actors**  _National security concerns rise as cyber threats target critical infrastructure and financial systems._

- **US Banks ‘Deeply Concerned’ About Cybersecurity Risks After Regulator Attack**  _Financial institutions reassess security following a breach of a top regulatory agency._

- **DSTA BrainHack 2025 Cybersecurity Competition**  _Over 4,300 students join a national event, highlighting the next generation of cybersecurity professionals._

### Resources & Links

None this episode

### Call to Action

- **Subscribe:** Stay updated on cybersecurity threats.

- **Leave a Review:** Let us know what you think.

- **Join the Conversation:** Follow our community and ask questions.

### Sponsor (if applicable)

No sponsors this episode

### Podcast Socials & Website

- Website

- X (@professorcyberrisk)

- YouTube

- Discord/Community Forum: Coming soon

Hosts

• Professor CyberRisk
• Cyber Cowboy

Live Cyber Maps

• Bitdefender Threat Map
• Live Cyber Threat Map
• Kaspersky Cyber Threat Map
• Talos Intelligence - ebc_spam Map

Episode Information

Title: Cybersecurity Crossroads: Why Action Can’t Wait  Episode Number: 310

Overview

This episode dives into the evolving cybersecurity landscape, exploring pressing global challenges and the proactive strategies leaders must adopt. From government policies to groundbreaking technologies, we’ll break down what’s shaping digital security today.

Guest Information

None this episode

Topics Covered

• Global cybersecurity leadership & responsibilities
• AI-driven security advancements
• Workforce challenges in government agencies
• Cybersecurity education for future generations
• State-level cybersecurity initiatives

Top Stories

Cybersecurity’s Next Chapter: Why Global Leaders Need To Act Before The Threats Do Threats are more frequent and sophisticated, with ransomware damages reaching $10.9B in 2023. Expert David Jones urges leaders to implement stronger defenses, invest in AI, and foster global collaboration.

Additional Cybersecurity News – Titles and URLs

• Fortinet Aims to Educate Aussie Kids on Cybersecurity  Fortinet launches a cybersecurity awareness program for students in Australia, reinforcing digital safety education.
• CISA Faces Workforce Challenges Amid Staff Cuts  With a significant talent exodus, CISA faces obstacles in fulfilling its mission and maintaining critical partnerships.
• Texas Expands Its Cybersecurity Efforts  Texas establishes the largest state cybersecurity department, setting a precedent for coordinated cyber defense initiatives.

Resources & Links

None this episode

Call to Action

• Subscribe: Stay updated on cybersecurity threats.
• Leave a Review: Let us know what you think.
• Join the Conversation: Follow our community and ask questions.

Sponsor (if applicable)

No sponsors this episode

Podcast Socials & Website

• Website
• X (@professorcyberrisk)
• YouTube

• • Discord/Community Forum: Coming soon

Hosts

• Professor CyberRisk

• Cyber Cowboy

  LIVE Threat Maps

• Bitdefender Threat Map

• Live Cyber Threat Map

• Kaspersky Cyber Threat Map

• Talos Intelligence - EBC Spam Map

Title: Deepfakes, Hacks & Zero-Trust: The Future of Cybersecurity  Episode Number: 309

In this episode, we discuss the latest cybersecurity challenges of 2025, covering major breaches, evolving government policies, and cutting-edge security solutions. With cyber threats becoming more sophisticated, organizations and individuals must stay vigilant to safeguard their digital assets.

• Rising deepfake scams and AI-driven cyber threats

• The urgency of renewing the Cybersecurity Information Sharing Act (CISA)

• The Zero-Trust security model and its role in preventing breaches

• Blockchain’s transformative impact on healthcare cybersecurity

• The risks of free public Wi-Fi and how to stay safe

• U.S. House Committee on Homeland Security Calls for Cybersecurity Action

  • Lawmakers discuss escalating cyber threats and the expiration of CISA.

• Victoria’s Secret Suffers Major Cybersecurity Breach

  • The company temporarily takes down its website following an attack.

• UChicago Medicine Patient Data Exposed

  • A third-party vendor breach exposes personal and financial data for 38,000 patients.

• The Cybersecurity Catch That Comes With Free Public Wi-Fi – GovTech

• Zero-Trust is Redefining Cybersecurity in 2025 – Computer Weekly

• How Blockchain Technology Can Revolutionize Healthcare Data Cybersecurity – Forbes

• AI Cybersecurity Risks and Deepfake Scams on the Rise – MSN

• Navigating The Cybersecurity Job Market As A Certified Professional – Forbes

• Subscribe: Stay updated on cybersecurity threats.

• Leave a Review: Let us know what you think.

• Join the Conversation: Follow our community and ask questions.

No sponsors this episode

• Website: You’ve Already Been Hacked

• X: @professorcyberrisk

• YouTube: YABH Podcast

• Discord/Community Forum: Coming soon