Collective Defense

Follow Collective Defense
Share on
Copy link to clipboard

Collective Defense is about bringing the worldwide cybersecurity knowledge base together in order to enable nations, sectors, and enterprises to collaborate and work together in defending against threats. The Collective Defense Podcast is doing exactly that by: Providing the latest, up to date cybersecurity news. Gaining insights from cybersecurity professionals who are in the field. Bringing in the required expertise in order to gain context on the emerging threat landscape, and how we can all defend against it.

Joel Bork


    • Jan 12, 2021 LATEST EPISODE
    • infrequent NEW EPISODES
    • 31m AVG DURATION
    • 7 EPISODES
    • 1 SEASONS


    Search for episodes from Collective Defense with a specific topic:

    Latest episodes from Collective Defense

    IronNet Cyber Lookback January 2021

    Play Episode Listen Later Jan 12, 2021 40:56


    Join Joel Bork, Peter Rydzinski, and Brett Fitzpatrick in a technical breakdown of the Solarigate incident and the recommendations they have for organizations infected.

    Twitter, Covid, Russia....Ah F@#% (Clean)

    Play Episode Listen Later Jul 28, 2020 20:25


    Joel Bork and Bill Swearingen jump into the latest cybersecurity news which includes the massive insider threat related Twitter Breach, the ongoing threat to Covid Research facilities, the Russian hacking activities, and the indictments the US just released in regards to two Chinese hackers who are hacking for their own personal gain AND for the nation state itself.

    Ransomware - To Pay or Not to Pay?

    Play Episode Listen Later Jun 17, 2020 31:39


    Bill Swearingen and Joel Bork jump into a controversial topic - Ransomware. Should you pay it? Should you not? Listen to this episode and you will understand how its not such a simple question to answer! The Collective Defense Podcast team also goes into some of the newer attacks hitting the market - using significant amounts of off the shelf tools! We also found research showing that eBay is port scanning your device whenever you go to their webpage along with all of the necessary ransomware news - so don't wait - subscribe and dig in!

    MidMay IronUpdate - 3 Year Anniversary of WannaCry

    Play Episode Listen Later May 15, 2020 32:05


    In this episode - Bill Swearingen and Joel Bork reveal information not just on the most recent ransomeware attacks and the issues surrounding yet another breach, but also talk about multiple pieces of Hidden Cobra malware (North Korean Government APT) that is targeting Financial Institutions - Cryptocurrencies exchanges in particular. In this episode details on how WannaCry was stopped three years ago and some insights into who the hero of the day actually was - Marcus Hutchins. References: https://www.us-cert.gov/northkorea https://www.wired.com/story/confessions-marcus-hutchins-hacker-who-saved-the-internet/

    Remote Workforce Security with Trish Dixon

    Play Episode Listen Later Apr 27, 2020 30:19


    Trish Dixon - VP of Cyber Operations at IronNet cybersecurity walks through the thoughts and tactics she used to secure her remote workforce when she was told to "Take everyone remote!" She shares resources on what your organization can do to better defend their home networks, and her #CollectiveCadence around how TTX's positively impacted her team. Reach out to Trish @ Linkedin.com/in/trishdixon

    Going After New Threats, Binaries, and Malware with Peter Rydzynski

    Play Episode Listen Later Apr 6, 2020 35:33


    In this episode of the Collective Defense Podcast we are jumping into honeypots, honeynets, and how emerging threats can be proactively detected with Peter Rydzynski. On the new front we analyzed a number of stories including the most recent Marriott breach, zoombombs and WarDialz, and of course more insecure Wordpress plugins. Software Mentioned in this episode: SELKS https://www.stamus-networks.com/scirius-open-source (https://www.stamus-networks.com/scirius-open-source) Both live and installable Network Security Management ISO based on Debian Complete Suricata IDS/IPS ecosystem with its own graphic rule manager From start to analysis of IDS/IPS and NSM events in 30 sec Major components: Suricata Elasticsearch Logstash Kibana Moloch Scirius Community Edition EveBox Cowrie https://github.com/cowrie/cowrie (https://github.com/cowrie/cowrie) Cowrie is a medium to high interaction SSH and Telnet honeypot designed to log brute force attacks and the shell interaction performed by the attacker. In medium interaction mode (shell) it emulates a UNIX system in Python, in high interaction mode (proxy) it functions as an SSH and telnet proxy to observe attacker behavior to another system. Cowrie is maintained by Michel Oosterhof. Dionaea https://github.com/DinoTools/dionaea (https://github.com/DinoTools/dionaea) This low-interaction honeypot written in C and Python uses the Libemu library to emulate the execution of Intel x86 instructions and detect shellcodes. In addition, we can say it’s a multi-protocol honeypot that offers support for protocols such as FTP, HTTP, Memcache, MSSQL, MySQL, SMB, TFTP, etc. Protocols blackhole epmap ftp http memcache mirror mqtt mssql mysql pptp sip smb tftp upnp Logging fail2ban hpfeeds log_json log_sqlit Netcat http://netcat.sourceforge.net/ (http://netcat.sourceforge.net/) Netcat is a featured networking utility which reads and writes data across network connections, using the TCP/IP protocol. It is designed to be a reliable "back-end" tool that can be used directly or easily driven by other programs and scripts. At the same time, it is a feature-rich network debugging and exploration tool, since it can create almost any kind of connection you would need and has several interesting built-in capabilities. It provides access to the following main features: Outbound and inbound connections, TCP or UDP, to or from any ports. Featured tunneling mode which allows also special tunneling such as UDP to TCP, with the possibility of specifying all network parameters (source port/interface, listening port/interface, and the remote host allowed to connect to the tunnel. Built-in port-scanning capabilities, with randomizer. Advanced usage options, such as buffered send-mode (one line every N seconds), and hexdump (to stderr or to a specified file) of trasmitted and received data. Optional RFC854 telnet codes parser and responder. Modern Honey Network https://github.com/pwnlandia/mhn (https://github.com/pwnlandia/mhn) MHN is a centralized server for management and data collection of honeypots. MHN allows you to deploy sensors quickly and to collect data immediately, viewable from a neat web interface. Honeypot deploy scripts include several common honeypot technologies, including Snort, Cowrie, Dionaea, and glastopf, among others. Features MHN is a Flask application that exposes an HTTP API that honeypots can use to: Download a deploy script Connect and register Download snort rules Send intrusion detection logs It also allows system administrators to: View a list of new attacks Manage snort rules: enable, disable, download

    State of Affairs in Healthcare with John Ford

    Play Episode Listen Later Mar 30, 2020 32:06


    Today we are jumping into the state of cybersecurity in the healthcare industry during the COVID-19 outbreak with Co-Hosts Joel Bork, and Bill Swearingen. John Ford is the guest on this podcast, and he is a world renowned CISO in the healthcare industry and shares his valuable insights and knowledge of the inner workings of the healthcare industry as this pandemic evolves.

    Claim Collective Defense

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel