In this episode, we dissect a major hardware-level cybersecurity warning issued by NVIDIA, one that directly affects data center operators, AI researchers, and enterprise IT teams using GPU infrastructure. The threat: Rowhammer—a physical DRAM vulnerability that’s now been successfully exploited on GPUs through a new attack method known as GPUHammer.

Developed by researchers at the University of Toronto, GPUHammer targets NVIDIA A6000 GPUs, using rapid row activation to induce bit flips in GDDR6 memory, with alarming consequences. In controlled demonstrations, attackers were able to degrade AI model accuracy from 80% to less than 1%—all without ever accessing the model directly.

The implications are clear: as GPUs become the backbone of AI infrastructure, memory integrity becomes a cybersecurity priority. And yet, many GPU users still disable ECC (Error Correcting Code) by default due to performance trade-offs—leaving high-value workloads vulnerable to silent corruption.

We cover:

• What Rowhammer is, how it evolved from CPU memory exploits to GPU attacks, and what makes GDDR memory vulnerable.
• The mechanics of GPUHammer: how researchers bypassed proprietary memory mappings and refresh timings to trigger successful bit flips.
• Why AI models are especially susceptible, with a single exponent bit flip in a 16-bit float capable of cascading catastrophic results.
• NVIDIA’s guidance to mitigate the risk, including enabling System-Level ECC—a feature that can detect and correct these bit-level anomalies before they break inference.
• The trade-offs: enabling ECC can reduce available GPU memory by 6.25% and slow inference workloads by up to 10%.
• The distinction between On-Die ECC and System-Level ECC, and why only the latter offers end-to-end protection in transit between the GPU and system memory.
• How to verify and activate ECC, using both out-of-band (Redfish API) and in-band tools (e.g., nvidia-smi) depending on your deployment.

As enterprises invest billions in AI-driven infrastructure, the integrity of GPU memory becomes a matter of trust, compliance, and operational resilience. Whether you're managing a multi-tenant ML platform or deploying sensitive models in healthcare or finance, the GPUHammer threat underscores the need to treat memory protection as a security imperative, not an optional performance toggle.

In this episode, we spotlight Zip Security, a rising New York-based cybersecurity startup that just closed a $13.5 million Series A funding round, led by Ballistic Ventures. This brings the company’s total raised to $21 million, underscoring growing investor confidence in Zip’s mission: to make enterprise-grade cybersecurity accessible, automated, and affordable—especially for the 95% of businesses that operate without a dedicated security team.

Founded in 2022, Zip Security is reimagining the way organizations—particularly SMBs and mid-market firms—secure their operations. Their integrated platform combines security, compliance, and IT automation into a seamless user experience, designed for companies overwhelmed by tool sprawl, resource constraints, and the complexity of modern cyber risk. From endpoint protection and identity access management to mobile device security and secure browsing, Zip’s AI-powered system handles it all—without requiring in-house expertise.

We explore:

• Why traditional cybersecurity models are failing smaller organizations, and why Zip calls today’s services model “broken.”
• The shift from fragmented point solutions to integrated, AI-driven platforms as the dominant cybersecurity trend.
• Zip’s focus on the "long tail of the economy"—the smaller businesses at the heart of supply chains, now increasingly targeted by sophisticated attackers.
• How Zip is leveraging AI and automation to deliver continuous protection, eliminate alert fatigue, and reduce the total cost of ownership.
• The growing appetite among businesses for platform solutions over best-of-breed tools, especially among those with 100+ employees.
• The urgent need for simplification in cybersecurity—not just in tools, but also in compliance, training, and operational practices.
• Where this new funding will go: engineering expansion, market presence, and further platform innovation.

In a landscape where cybercrime is projected to cost $12 trillion globally by 2025, the need for scalable, intelligent, and affordable cybersecurity solutions has never been more urgent. Zip Security’s approach, rooted in automation and accessibility, may be what finally closes the protection gap for smaller enterprises—and helps build resilience across the entire digital ecosystem.

In this episode, we examine the major data breach at Century Support Services—also operating under the name Next Level Finance Partners—that exposed the personal information of over 160,000 individuals. While the company discovered indicators of a cyberattack as early as November 2023, it wasn’t until May 2024 that investigators confirmed sensitive data had likely been accessed or exfiltrated. The exposed data is deeply sensitive: names, Social Security numbers, dates of birth, driver’s license and passport details, health and financial information, and even digital signatures.

This breach is notable not just for its scale, but for its opacity—no ransomware group has claimed responsibility, and the breach remained largely under the radar compared to other high-profile cyber incidents. Yet the implications are just as serious.

We dig into what this breach reveals about the current state of cybersecurity and breach response across industries. From the rise of data leakage as a legally defined event to the complexities of breach detection timelines, this incident reflects many of the systemic issues plaguing organizations today.

Topics explored include:

• The anatomy of the Century Support breach: timeline, scope, and the delayed confirmation of data compromise.
• Legal definitions and disclosure obligations surrounding personal data exposure.
• The evolution of data breaches since the early 2000s—and why most are still detected by third parties, not the breached company.
• Common vulnerabilities that enable such breaches: lack of encryption, social engineering, and third-party risk.
• The dark web economy: how exposed data circulates and why victims face elevated identity theft risk for years.
• The role of breach response playbooks, including incident containment, legal reporting, and the offer of identity theft protection (and why consumer uptake remains low).
• Why attackers might remain silent—exploring motivations and the growing role of stealth attacks not associated with ransomware branding.

As attacks become more intricate and visibility more difficult, the Century Support Services case underscores a larger truth: data breaches are no longer exceptional events—they are persistent, costly, and often avoidable failures of digital trust.

In this episode, we explore the mounting scrutiny TikTok faces over its handling of European user data, with the EU’s Data Protection Commission (DPC) launching a fresh investigation into alleged transfers of data to China. TikTok, owned by Beijing-based ByteDance, is once again in the crosshairs for possible violations of the General Data Protection Regulation (GDPR) — this time following revelations that contradicted previous assurances given during a years-long inquiry.

At the heart of the episode lies the broader question: Who controls data in a globalized, politically fractured internet?

We delve into the intricate politics of data localization, examining how governments are increasingly treating data flows as matters of sovereignty and national security. With the EU enforcing a rights-based data protection regime and China emphasizing state-centric control through its Personal Information Protection Law (PIPL), companies like TikTok are navigating a legal minefield where compliance in one jurisdiction could mean noncompliance in another.

Topics discussed include:

• TikTok’s €530 million GDPR fine and the new inquiry sparked by undisclosed data transfers to Chinese servers.
• The role of Project Clover, TikTok’s €12 billion initiative to localize EU user data and build trust through European-based infrastructure and security auditing.
• How GDPR’s Article 46 requires equivalency in legal safeguards for any cross-border data transfers, and why Chinese laws such as the National Intelligence Law fail that test.
• The strategic enforcement power of the Irish DPC and how remote access, not just physical storage, is now classified as a “data transfer” under GDPR.
• The stark contrast between GDPR and China’s PIPL: one centers on individual rights and transparency, while the other prioritizes state surveillance and geopolitical control.
• The collateral damage to global cloud computing, API efficiency, and data redundancy when localization laws fragment digital ecosystems.
• Europe’s evolving stance toward Chinese tech firms—once seen through a commercial lens, now increasingly treated as security and sovereignty issues.

Through the lens of the TikTok case, this episode unpacks the new realities of digital governance, where data is power, and control over that data is rapidly becoming a tool of foreign policy. For enterprises and policymakers alike, the challenge is not just about compliance, but navigating a digital world divided by legal borders and political agendas.

As the cybersecurity landscape shifts toward hyperautomation and AI-driven autonomy, a new frontier has emerged: the identity and access security of machines. In this episode, we explore Booz Allen Ventures’ strategic investment in Corsha, a company at the forefront of Machine Identity Provider (mIDP) technology. Their collaboration marks a pivotal moment in redefining how we secure machine-to-machine (M2M) communication, especially in operational environments and critical infrastructure.

Corsha’s platform addresses a seismic transformation: machines now outnumber humans in digital ecosystems by a ratio of 50:1—or even 80:1 in some accounts. With the rise of Agentic AI, autonomous software agents are making decisions, executing tasks, and accessing networks without human oversight. This paradigm shift makes human-centric identity models obsolete and demands dynamic, cryptographic, and automated lifecycle management for non-human identities (NHIs).

This episode covers:

• Why identity is the new perimeter—and why it starts with machines.
• The vulnerabilities in today's identity and access management (IAM) frameworks, particularly in API-heavy, cloud-native environments where machines drive over 90% of all traffic.
• How Corsha’s mIDP delivers MFA for machines, manages millions of machine credentials, and secures connections across legacy industrial systems and modern cloud deployments.
• The significance of Corsha’s integration with traditional IdPs like EntraID and AWS IAM, bringing adaptive identity management to autonomous, interconnected ecosystems.
• The growing strategic alignment between national security imperatives and machine identity solutions. With Zero Trust becoming a mandate across U.S. federal agencies, Corsha’s capabilities directly support mission-critical autonomy, AI governance, and cyber-physical resilience.
• The role of Booz Allen Ventures in not just funding Corsha but helping scale its solutions for government and industrial sectors. The firm sees Corsha as “foundational infrastructure for next-generation mission systems.”
• How this investment follows Corsha’s Series A and A-1 rounds, and enables the expansion of Corsha Labs, advancing agentless behavioral identity and AI-enhanced IAM for autonomous systems.

We conclude with a forward-looking view: as critical infrastructure, defense systems, and industrial operations become more automated, machine identity will become as central as human authentication is today. With Agentic AI accelerating the pace of change, Corsha—and investments like Booz Allen’s—are laying the groundwork for a secure, autonomous future.

Windows Server Update Services (WSUS) has long been a cornerstone of enterprise patch management—but recent global synchronization failures have raised serious questions about its future viability. In this episode, we dissect the widespread outage that left organizations unable to sync critical Windows updates, unpacking both the technical cause and the broader implications for IT teams worldwide.

In July 2025, system administrators across the US, UK, India, and Europe found their WSUS servers stuck in failed sync loops, thanks to a problematic update revision from Microsoft. With WSUS servers globally attempting full synchronizations simultaneously, Microsoft's update infrastructure was overwhelmed. The result? Timeout errors, stalled deployments, and massive headaches for IT teams already stretched thin.

We walk through the exact symptoms of the incident—including IIS errors, .NET timeouts, and SoftwareDistribution.log anomalies—and the server-side fix that ultimately resolved it. But as we explore the root causes, it's clear this wasn’t just a one-off issue. Firewall misconfigurations, bloated WSUS databases, mismanaged application pools, and MIME-type conflicts all contribute to WSUS’s growing fragility.

To keep WSUS functioning, organizations must implement rigorous maintenance routines:

• Regular SUSDB health checks for superseded, obsolete, and declined updates
• IIS application pool tuning to prevent 503 errors
• SQL and PowerShell-based cleanup scripts for reindexing, shrinking, and update pruning
• Firewall and service configuration audits to ensure all dependencies are running and reachable

Even with these best practices, many experts believe WSUS is reaching end-of-life in spirit, if not in official terms. Microsoft's increasing emphasis on cloud-native solutions, like Windows Update for Business (WUfB) and Microsoft Endpoint Configuration Manager (MECM), signals a strategic departure from the manual, high-maintenance nature of WSUS.

We explore modern alternatives that offer automation, scalability, and security:

• WUfB + Intune: Cloud-native patching with faster deployment and tighter endpoint integration
• MECM (formerly SCCM): Hybrid control with support for complex environments and third-party apps
• Third-party platforms: Like Vicarius vRx, providing cross-platform patching, scripting, and virtual remediation

As security threats accelerate and zero-day exploits demand rapid mitigation, patch management can no longer rely on legacy systems prone to breaking under pressure. This episode makes it clear: now is the time to re-evaluate your patching strategy, invest in automation, and position your organization for secure, sustainable operations in a post-WSUS world.

eSIM technology has transformed the way we connect—but has it also introduced new vulnerabilities into the heart of modern telecommunications?

In this deep-dive episode, we dissect the security architecture, remote provisioning systems, and critical attack surfaces of embedded SIM (eSIM) technology, now deployed in billions of mobile, consumer, and IoT devices worldwide. While eSIMs offer convenience, flexibility, and integration benefits, a growing body of research reveals severe flaws in their design and implementation—flaws that allow profile hijacking, cloning, and even eavesdropping on private communications.

We begin by tracing the evolution of Subscriber Identity Module (SIM) technology into today’s eUICC-based eSIM architecture, reviewing the GSMA’s role in standardizing eSIMs for machine-to-machine (M2M), consumer, and IoT deployments. We unpack the core remote provisioning components, such as SM-SR, SM-DP+, LPA, and IPA, and explain how they interact to enable over-the-air SIM profile installation and switching—technically elegant, but increasingly a security liability.

The heart of the episode delves into high-impact vulnerabilities that continue to shake the telecom industry:

• Memory exhaustion attacks that brick eSIMs by orphaning profile containers
• Malicious profile locking that disables switching to other networks
• Cloning and profile hijacking, demonstrated in 2025 by researchers who extracted private cryptographic keys from real-world GSMA-certified eUICCs
• Undetected Java app injection, allowing rogue code to be embedded in live profiles
• Critical failures in Java Card VM implementations, enabling type confusion and remote profile manipulation

We also discuss the wider systemic implications, including:

• How attackers cloned an Orange eSIM and hijacked a subscriber’s identity undetected
• Why “tamper-proof” certification claims are now under scrutiny
• The limitations of current GSMA security fixes and certification frameworks
• Why hardware security modules (HSMs) and cryptographic audits are essential for true resilience
• The tension between convenience and control in mobile ecosystems—and what’s at stake if security doesn’t catch up with innovation

As vendors scramble to issue patches and strengthen defenses, the telecom industry faces an urgent reckoning: Can eSIM technology remain viable without complete trust in its secure elements? And are operators, vendors, and standard bodies doing enough to prevent the next wave of remote SIM exploitation?

Whether you're a telecom engineer, a cybersecurity professional, or an executive responsible for device security, this episode reveals the high-stakes battle for the security of our mobile identities—and what it will take to protect billions of connected users from invisible compromise.

As Australia contends with a growing wave of cybersecurity incidents, this episode explores the intersection of national privacy laws, global supply chain vulnerabilities, and public trust in digital security. The recent Qantas data breach—affecting over 5 million customers—was the latest high-profile case to expose how fragile third-party service relationships can compromise even the most reputable organizations. But Qantas is not alone. The aviation sector, and critical infrastructure more broadly, is now a primary target for sophisticated cyberattacks fueled by digitization and undersecured supply chains.

We begin with an overview of Australia’s privacy and data protection framework, governed by the Privacy Act, Cyber Security Act, Spam Act, and other related legislation. The Office of the Australian Information Commissioner (OAIC) plays a central role in enforcement, requiring timely breach notifications, secure data handling practices, and clear definitions around personal and sensitive information. Recent legislative amendments are pushing toward more stringent accountability, but enforcement still faces gaps, particularly in the context of global data transfers and outsourced operations.

We then widen the lens through insights from ENISA’s latest supply chain cybersecurity report, which examines how organizations across the EU are struggling to implement consistent practices around vendor risk, vulnerability management, and patching. Despite having policies on paper, many essential entities lack dedicated resources, cybersecurity roles, or real-time visibility into their third-party environments. In an interconnected world, supply chain security is only as strong as its weakest link—a lesson repeatedly demonstrated in sectors like aviation, healthcare, and critical infrastructure.

The Qantas breach, caused by an attack on a third-party call center platform, underscores the increasing relevance of this risk. Similar incidents at Cathay Pacific, SITA, and U.S. airports point to airlines becoming soft targets due to legacy systems, widespread outsourcing, and the complexity of digital ecosystems. Attackers, including state-aligned threat groups, are leveraging phishing, credential theft, and software vulnerabilities to breach these layered environments.

We also discuss:

• The FAA’s proposed cybersecurity rules for aviation systems and how global regulators are responding to emerging threats
• Why call centers have become high-value entry points for attackers targeting sensitive personal information
• Best practices for breach response, including credit monitoring, fraud alerts, and legal safeguards for affected individuals
• Public sentiment in Australia, where consumers are expressing growing frustration with repeated breaches and lack of corporate accountability
• Actionable recommendations for companies: strong access controls, continuous monitoring, role-based restrictions, and transparent supplier audits
• The challenge of aligning technical, operational, and legal safeguards across jurisdictions in a rapidly evolving threat landscape

Ultimately, this episode emphasizes that strong cybersecurity is not just a technical challenge—it’s a governance and trust imperative. As breaches continue to mount and regulations tighten, both organizations and individuals must adapt to protect their digital assets, reputations, and rights.