Stealth Malware, State-Sponsored Breaches, and the Rising Tide of Third-Party and Cloud Threats

In this episode, Mark and Diana discuss the alarming discovery of Shade, a stealthy BIOS-level malware that evades traditional security measures. They dive into reports of Chinese state-sponsored hackers breaching U.S. intelligence networks, and examine why social engineering remains the leading cause of cyber incidents. The duo also covers major data breaches affecting UnitedHealth, Microsoft 365, and multiple healthcare providers, as well as APT41’s massive Android malware campaign. To wrap up, they highlight CISA’s release of the new open-source malware analysis tool, Thorium, and explore the growing risks tied to third-party vendors and cloud platforms.