Security Squawk - The Business of Cybersecurity

In this annual Security Squawk tradition, we do two things most people avoid: accountability and predictions. First, we break down the top cyber-attacks of 2025 and translate them into what actually matters for business owners, IT pros, and MSPs. Then we grade our predictions from last year using real outcomes. No excuses. No hand waving. No “well technically.” Why does this episode matter? Because 2025 made one thing painfully clear. Most cyber damage does not come from genius hackers. It comes from predictable failures. Unpatched systems. Over-trusted third parties. Tokens and sessions that live too long. Help desks that can be socially engineered. And organizations that still treat cybersecurity like an IT issue instead of a business survival issue. We start with the Top 10 Cyber-Attacks of 2025 and pull out the patterns hiding behind the headlines. This year's list includes ransomware and extortion campaigns, software supply chain failures, identity and OAuth token abuse, and attacks that caused real operational disruption, not just data exposure. These stories show how attackers scale impact by targeting widely deployed platforms and trusted business tools, then turning that access into downtime, data theft, and brand damage. One of the biggest lessons of 2025 is simple: identity is the new perimeter. Many of the most important incidents were not break-in stories. They were log-in stories. Stolen sessions and OAuth tokens keep working because they let attackers bypass MFA, move quickly, and blend in as legitimate users. If your security strategy is focused only on blocking failed logins, you are watching the wrong signal. 2025 also reinforced how fragile third-party trust has become. Integrations are everywhere. They make businesses faster and more efficient, but they also expand the blast radius. When a third-party tool or service account is compromised, it can become a shortcut into systems that were never directly attacked. In this episode, we talk about practical steps like minimizing access scopes, eliminating unnecessary integrations, shortening token lifetimes, and having a real plan to revoke access when something looks off. We also dig into why on-prem enterprise tools continue to get hammered. Many organizations still run internet-facing platforms that are patched slowly and monitored poorly. Attackers love that combination. In 2025, we saw repeated exploitation of high-value enterprise software where a single weakness led to widespread compromise across industries. If your patching strategy is “we will get to it,” attackers already have. Another major theme this year was operational disruption. Some of the costliest incidents were not just about stolen data. They shut down production, halted sales, broke customer service systems, and created ripple effects across supply chains. That is where executives feel cyber risk the hardest. Data loss hurts. Downtime is a business emergency. Then we grade last year's predictions. Did AI take our jobs? Not even close. What it did do was raise the baseline for both attackers and defenders. AI improved phishing quality, accelerated scams, and forced organizations to confront the risks of adopting new tools without clear controls. We also review our call on token and session-based attacks. That prediction aged well. Identity-layer abuse dominated 2025. The issue was not a lack of MFA. The issue was that attackers did not need to defeat MFA if they could steal what comes after it. We also revisit regulation. It did not arrive all at once. It crept forward. Agencies and lawmakers continued tightening expectations, especially in sectors that keep getting hit. Businesses that wait for mandates before improving controls will pay more later, either through recovery costs, insurance pressure, or lost trust. Finally, we look ahead to 2026 with new predictions that are probable, not obvious. We discuss what is likely to change around identity, help desk security, SaaS governance, and how leaders measure cyber readiness. The short version is this: 2026 will reward companies that treat access as a living system and punish those that treat it like a one-time setup. If you like the show, help us grow it. Subscribe, leave a review, and share this episode with someone who still thinks cybersecurity is just antivirus and a firewall. And if you want to support the podcast directly, buy me a coffee at buymeacoffee.com/securitysquawk.

Cyber attacks are no longer a future problem or a Silicon Valley issue. They are happening right now across the United States, quietly and relentlessly, targeting local governments, public agencies, schools, police departments, fire services, and critical infrastructure that most people rely on every day. In this episode of the Security Squawk Podcast, we break down the uncomfortable truth about the current cyber threat landscape and why much of it is flying under the radar. We start with a major data breach involving 700Credit, a financial services company widely used by car dealerships across the country. The breach impacted an estimated 5.8 million consumers, exposing sensitive personal information including names, addresses, birth dates, and Social Security numbers. What makes this incident especially troubling is that it originated through a third-party integration and went undetected until it was too late. This is a textbook example of how supply chain risk, weak API oversight, and poor third-party visibility continue to plague organizations of all sizes. For business owners, IT leaders, and managed service providers, this breach highlights a critical lesson. Security controls inside your own environment are meaningless if your partners, vendors, or integrations are not held to the same standard. Attackers know this, and they are exploiting it aggressively. Next, we shift to a growing and deeply concerning trend involving nation-state threat actors, particularly Russian-backed groups targeting network edge devices. Firewalls, VPN appliances, routers, and other edge infrastructure are now prime targets because they offer direct access to internal networks and often remain poorly monitored or improperly configured. These attacks are not always sophisticated zero-day exploits. In many cases, they succeed because of exposed management interfaces, outdated firmware, or weak credentials. This matters because edge devices sit at the front door of nearly every organization. Once compromised, they allow attackers to persist quietly, move laterally, and stage future attacks without triggering traditional endpoint defenses. The takeaway is clear. If you are not actively inventorying, patching, and monitoring your edge infrastructure, you are already behind. Then we pull the lens back even further and focus on what may be the most underreported cyber crisis happening today. Public sector organizations across the United States are under sustained cyber attack. Cities, towns, school districts, emergency services, and municipal agencies are being hit week after week. These incidents rarely make national headlines. Instead, they show up in small local news outlets, if they are reported at all. We discuss a real-world incident in Attleboro, Massachusetts, where a cybersecurity event disrupted online municipal services and briefly appeared on local television. Stories like this are happening everywhere. From ransomware attacks that shut down city services to breaches that expose resident data, public organizations are being targeted because attackers know they are often underfunded, understaffed, and slow to recover. Using data from ransomware.live and other tracking resources, we highlight how widespread these attacks really are. Thousands of U.S.-based victims are logged publicly, many of them tied to government or quasi-government entities. This is not random. It is a calculated strategy by cybercriminals who understand the pressure public agencies face to restore services quickly, often making them more likely to pay ransoms or quietly rebuild without public disclosure. Throughout the episode, we connect these stories to practical lessons for businesses, MSPs, and IT professionals. Cybersecurity is no longer about preventing every breach. It is about resilience, visibility, and response. It is about understanding where your real risk lies and taking proactive steps before an incident forces your hand. If you work in IT, run an MSP, manage infrastructure, or support public organizations, this episode delivers insight you can use immediately. We cut through the noise, skip the fear marketing, and focus on what actually matters in today's threat environment. Security Squawk exists to make cybersecurity real, relevant, and actionable. If this episode brings value to you, please subscribe, leave a review, and share it with someone who needs to hear it. And if you want to support the show directly, the easiest way is to buy us a coffee at https://buymeacoffee.com/securitysquawk Your support helps us keep producing honest conversations about the threats most people never see until it's too late.

This episode breaks down the true scale of the cybercrime economy. Randy covers the Marquis vendor breach that exposed data across more than 74 banks and credit unions and highlights the ongoing weakness in third-party risk. Andre examines the FinCEN report showing over 2 billion in ransomware payments last year and reveals how organized these criminal groups have become. Bryan closes with a deep dive into the US Treasury's decade long analysis of 4.5 billion in ransom payments, showing how ransomware has grown into an economy that rivals legitimate global businesses. This is essential insight for business leaders, MSPs, and IT professionals who want to understand what is really driving the surge in cybercrime.

This episode breaks down three major cybersecurity stories that reveal exactly where businesses are exposed and how fast the threat landscape is shifting. We analyze how a ransomware group hijacked an emergency alert system to trigger fake national warnings, why more than half of retailers are still paying ransoms despite stronger defenses, and what security leaders should expect heading into 2026. You will learn the real weaknesses behind these incidents, why attackers continue to outpace outdated systems, and how companies can strengthen their defenses now. This episode delivers practical insights, real world examples, and expert commentary that help MSPs, IT teams, and business leaders stay ahead of the next wave of cyber threats.

In this Security Squawk episode, Brian Horning from Xact IT is joined by guests to unpack three real ransomware incidents, the rapid rise of “The Gentlemen” gang, and how attackers bypass basic security by turning off tools like Windows Defender. You'll learn why relying only on built-in protections creates dangerous blind spots, what layered security with EDR, SOC monitoring, and log retention looks like, and the practical steps business leaders can take now to harden their defenses and reduce ransomware risk.

In this episode of Security Squawk, we dig into three major cyber incidents — the DoorDash data breach exposing users' contact info, the Logitech zero-day and data-theft campaign tied to Clop, and the ransomware attack on the Pennsylvania AG office. We break down how each attack played out, what it means for MSPs and business owners, and how you can protect your organisation when the threat spectrum keeps shifting.

In this episode of the Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre break down three major cybersecurity failures hitting government, media, and healthcare. We expose how a single employee action triggered a Nevada ransomware attack, why stolen Slack credentials led to a major Nikkei data leak, and how new NHS and Doctor Alliance breaches highlight the growing crisis in healthcare security. This episode is packed with insights for business leaders, MSPs, and IT pros who want to stay ahead of todays cyber threats. Listen to expert analysis, real world breakdowns, and practical steps to protect your organization from ransomware, credential theft, and supply chain attacks. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this week's episode of the Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre break down three major cybersecurity incidents that show how no industry is immune — from universities and government contractors to the British Library itself. We dig into a 1.2 million-record donor data breach, a ransomware-driven shutdown, and the growing supply-chain risk for MSPs and IT providers. Tune in for sharp analysis, real-world lessons, and actionable advice to protect your business from being the next victim. Cybersecurity podcast, data breach, ransomware, MSP, vendor risk, university breach, British Library, Conduent, IT security trends ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this week's Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre break down three massive cybersecurity stories shaping 2025. Bryan kicks off with Qilin — the ransomware gang behind over 700 global attacks this year. Andre covers a New York city that paid a $150,000 ransom to restore operations after a crippling hit. And Randy unpacks a major ISP email breach in Australia that led to SIM-swaps and stolen data. Packed with sharp insights, humor, and practical advice, this episode is a must-listen for MSPs, IT pros, and business owners looking to stay ahead of 2025's top threats.In this week's Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre break down three massive cybersecurity stories shaping 2025. Bryan kicks off with Qilin — the ransomware gang behind over 700 global attacks this year. Andre covers a New York city that paid a $150,000 ransom to restore operations after a crippling hit. And Randy unpacks a major ISP email breach in Australia that led to SIM-swaps and stolen data. Packed with sharp insights, humor, and practical advice, this episode is a must-listen for MSPs, IT pros, and business owners looking to stay ahead of 2025's top threats. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this week's episode of the Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre tackle three major cybersecurity stories that show how the digital landscape is shifting fast, and why business owners, IT pros, and MSPs can't afford to get complacent. Andre kicks things off with the end of an era: Microsoft has officially ended support for Windows 10, even though nearly 41% of Windows users are still running it. He breaks down what that means for everyday users, how the new Extended Security Updates (ESU) program works, and why delaying an upgrade could leave your business wide open to attacks. Next, Randy dives into a ransomware attack that hit a key platform in the $4.3 trillion municipal bond market, disrupting critical financial infrastructure and proving that ransomware isn't just targeting small towns and hospitals anymore. It's going after the systems that keep entire economies running. He explains what went wrong, how it connects to larger threat trends, and what public-sector organizations can learn from it. Then Bryan closes out the show by unpacking Microsoft's 2025 Digital Defense Report, which offers a massive view into the global threat landscape. Microsoft processes over 100 trillion security signals every day, and the report highlights what's working, what's failing, and where the next wave of cyber threats is coming from. Bryan shares key stats, actionable takeaways, and the five core principles Microsoft says every business should follow to defend against ransomware and identity-based attacks. Together, the team connects the dots between these stories, showing how legacy systems, financial vulnerabilities, and evolving threat tactics are all part of the same bigger picture. Expect smart insight, real-world examples, and a few sarcastic jabs along the way as they break down what these headlines mean for your business and your bottom line. Listen to learn: What Microsoft's end of Windows 10 support really means for security Why ransomware is now a systemic financial risk The most important lessons from Microsoft's new Digital Defense Report How to protect your business with resilience, not just reaction If you enjoy the show, hit subscribe, leave a review, and share it with your network. You can also support the podcast directly at buymeacoffee.com/securitysquawk, where every coffee helps us keep squawkin' about cybersecurity that actually matters. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this episode of the Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre break down three major cybersecurity stories that show just how messy 2025 has become for data protection. Randy covers the WestJet breach that exposed more than 1.2 million customers, proving even major airlines can't keep turbulence out of their networks. Andre unpacks how the NSW government accidentally uploaded flood victims' personal data to ChatGPT, turning an AI experiment into a privacy nightmare. Bryan closes with new research showing ransomware attacks are climbing again just as fewer companies renew their cyber insurance — the perfect setup for costly business shutdowns. The team shares insights, lessons, and a few laughs as they explain what these stories mean for business owners, IT pros, and MSPs trying to stay ahead of the next big hit. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this episode of the Security Squawk Podcast, Bryan Hornung, Randy Bryan, and Reginald Andre dissect three headline-making cybersecurity incidents that highlight how threats keep evolving—just in different directions. Randy kicks things off with WestJet's massive data breach, where over 1.2 million customers had their information exposed, showing how even major airlines struggle with protecting sensitive data in 2025. Andre dives into a shocking story out of Australia—the NSW government accidentally uploading flood victims' personal data to ChatGPT, revealing how AI misuse and data mishandling can turn into a privacy nightmare overnight. Bryan closes with the latest findings showing ransomware attacks are rising again—just as fewer companies renew their cyber insurance policies, setting up the perfect storm for costly business disruptions. The team breaks down what these stories mean for business owners, from growing AI data risks to the real cost of skipping cybersecurity insurance. Expect practical takeaways, sharp insights, and a few laughs along the way as the guys decode what's really happening behind the headlines. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this episode of the Security Squawk Podcast, Bryan Hornung and Randy Bryan break down how ransomware keeps evolving and why businesses can't afford to let their guard down. Bryan covers three major stories: a ransomware attack on Volvo's supplier that exposed sensitive employee data, new research showing that 80% of ransomware victims get hit again, and how the Akira ransomware gang is flipping remote management tools against their victims. Randy dives into cyberattacks on global manufacturing, including production halts at Asahi and fallout from the Jaguar Land Rover ransomware incident. We'll unpack what these attacks mean for supply chains, IT teams, and everyday businesses—and why persistence is the new weapon of choice for cybercriminals. Tune in for sharp insights, real-world advice, and a little bit of sarcasm to keep it interesting. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this episode of Security Squawk, Bryan and Randy break down two major cyber stories with real-world lessons for IT leaders and MSPs. First, a FinWise Bank insider breach tied to American First Finance exposed data on nearly 689,000 customers—highlighting offboarding failures and insider risk. Then, a ransomware attack on U.S.-based Collins Aerospace disrupted airport check-in systems across Europe, forcing manual backups and long delays. We unpack what happened, why it matters, and the practical steps businesses can take to reduce insider and third-party risk. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this week's Security Squawk Podcast, Bryan Hornung and Randy Bryan break down two major cybersecurity threats making headlines. First, Bryan covers how artificial intelligence is already supercharging ransomware, making attacks faster, cheaper, and harder to stop. Then Randy dives into the massive ShinyHunters breach that leaked sensitive data from Vietnam's national credit bureau, putting millions at risk worldwide. Tune in for sharp insights, practical advice, and a dose of wit as we connect the dots for business owners, IT professionals, and MSPs. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

This week on Security Squawk, Bryan Hornung and Randy Bryan break down two hard-hitting cybersecurity stories. Jaguar Land Rover's production lines grind to a halt after a massive cyberattack, showing how ransomware directly disrupts global manufacturing. Meanwhile, CISOs face mounting pressure to stay silent about breaches, raising serious questions about transparency, accountability, and corporate risk. Tune in for sharp insights, real-world lessons, and a dose of wit as we unpack what these stories mean for businesses, IT pros, and MSPs. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

This week on Security Squawk, Randy and Bryan tackle two major cyber stories shaping 2025. First, Anthropic admits hackers are weaponizing its AI tools, giving cybercriminals a terrifying new advantage in building attacks faster than ever. Then, Bryan breaks down how Amazon disrupted a sophisticated campaign by Russia's APT29 (Cozy Bear), which abused Microsoft 365 device code authentication and cloud infrastructure to hijack accounts at scale. We explain how hackers are using AI to supercharge cybercrime, why APT29's tactics mark a dangerous evolution from past campaigns like SolarWinds and NotPetya, and what this means for businesses, IT professionals, and MSPs. Tune in for sharp insights, real-world examples, and practical takeaways to keep your defenses strong. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

While everyone obsesses over AI security, the old-school cyber threats are piling up. In this episode of the Security Squawk Podcast, hosts Bryan Hornung and Randy Bryan break down four major incidents that prove ransomware, breaches, and network shutdowns aren't going anywhere. We cover: Nevada state offices crippled by a major security incident Farmers Insurance data breach affecting over 1 million people Data I/O ransomware attack shutting down systems Nissan's design studio breach claimed by the Qilin ransomware gang Plus, we connect the dots to show why ransomware attacks have surged nearly threefold in 2024 — and what businesses need to do to avoid being the next headline. Stay sharp, stay informed, and don't let the AI hype distract you from the real threats hitting businesses every day. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this week's Security Squawk Podcast, hosts Bryan Hornung and Randy Bryan deliver an unfiltered breakdown of the week's most pressing cybersecurity headlines. We're talking about the Workday breach that exposed Salesforce customer data without a single file encrypted—just stolen credentials and surgical precision. Next up, we expose how Akira ransomware is turning cybercrime into marketing warfare, publicly naming and shaming victims in a bold bid to force ransom payouts. Finally, we tackle a brutal stat making waves across the industry: 25% of CISOs are replaced following a ransomware attack. If you're in cybersecurity leadership—or aiming to stay out of the headlines—this episode is your playbook for resilience. Packed with blunt analysis, leadership lessons, and real-world implications, this is one you'll want to share with your entire exec team. ☕ Like what you hear? Support the podcast: buymeacoffee.com/securitysquawk Workday breach, Salesforce breach, ransomware leak sites, Akira ransomware tactics, cybersecurity leadership, CISO turnover, cloud data security, Security Squawk Podcast ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...

In this episode of Security Squawk Podcast, hosts Bryan Hornung, Randy Bryan, and Reginald Andre tackle major cybersecurity events impacting high-profile targets. First, luxury fashion giant Chanel falls victim to a devastating cyberattack, compromising customer data. Next, the city of St. Paul grapples with widespread tech disruptions linked to a cybersecurity incident, revealing municipal vulnerabilities. Finally, an urgent investigation into an SSL vulnerability by cybersecurity hardware provider SonicWall leaves businesses scrambling for protection. Learn critical security insights, risk management tips, and proactive steps to safeguard your business against evolving threats. Cybersecurity, Chanel cyberattack, St. Paul tech disruptions, SonicWall vulnerability, SSL security, data breach, municipal cybersecurity, Security Squawk Podcast. ️ New to streaming or looking to level up? Check out StreamYard and get $10 discount! https://streamyard.com/pal/d/65161790...