In today's podcast, we hear about BadRabbit, a new strain of ransomware that's hopped out of Petya's hutch. The Lazarus Group is said to have taken control of some servers in India. DUHK [duck] warnings. Are industrial control system operators paying sufficient attention to Level 1 and Level 0 threats? Next May will see not only GDPR, but also NIS. Joe Carrigan from JHU reviews a list of security tips suggested by IBM. Guest is Scott Kaine, CEO of Delta Risk on cloud migration security issues.And Kapersky continues to protest its innocence of spying, and offers an explanation of what really happened with NSA leaks.