Podcast appearances and mentions of andrea little limbago

  • 15PODCASTS
  • 68EPISODES
  • 28mAVG DURATION
  • 1MONTHLY NEW EPISODE
  • May 2, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about andrea little limbago

Latest podcast episodes about andrea little limbago

Redefining CyberSecurity
Predictive Risk, Data Integrity and the Role of Large Language Models in Cybersecurity | An RSA Conference 2024 Conversation With Edna Conway and Andrea Little Limbago | On Location Coverage with Sean Martin and Marco Ciappelli

Redefining CyberSecurity

Play Episode Listen Later May 2, 2024 33:24


Guests: Edna Conway, CEO, EMC ADVISORSOn LinkedIn | https://www.linkedin.com/in/ednaconwayOn Twitter | https://twitter.com/Edna_ConwayAt RSAC | https://www.rsaconference.com/experts/edna-conwayAndrea Little Limbago, Senior Vice President, Research & Analysis, InterosOn LinkedIn | https://www.linkedin.com/in/andrea-little-limbago/At RSAC | https://www.rsaconference.com/experts/andrea-little-limbago____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe dialogues in this insightful episode touch upon the evolving landscape of AI technology, particularly focusing on the adoption of large language models (LLMs) and their implications for predictive risk analysis. The speakers shed light on the need for a comprehensive framework that combines algorithmic advancements with robust policy guardrails to ensure the accurate and secure utilization of AI models.One of the key takeaways from the conversation is the emphasis on the critical role of data scientists and engineers in leveraging AI technologies effectively. While AI models can enhance productivity and streamline workflows, human expertise remains paramount in validating data, identifying potential risks, and steering decision-making processes in the right direction.The discussion also discuss the challenges posed by data integrity, potential attack vectors targeting AI systems, and the importance of implementing safeguards to protect against data leaks and malicious manipulations. The speakers stress the significance of maintaining stringent guardrails to uphold data accuracy and mitigate the negative impacts of erroneous information inputs.Moreover, the episode explores the intersection of AI technology with military and diplomatic decision-making processes, highlighting the complex nature of forecasting risks and making informed strategic moves in response to evolving scenarios. The speakers reflect on the probabilistic nature of risk analysis and underscore the need for continuous refinement and insight generation to enhance predictive capabilities.As the conversation unfolds, the panelists bring to light the nuances of AI utilization in different domains, from supply chain management to national security, underscoring the importance of tailored approaches and domain-specific expertise in maximizing the benefits of AI technologies.In conclusion, the episode encapsulates the dynamic interplay between human intelligence and AI advancements, urging for a holistic approach towards integrating AI tools while upholding data integrity, security, and accuracy in predictive risk analysis.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
Predictive Risk, Data Integrity and the Role of Large Language Models in Cybersecurity | An RSA Conference 2024 Conversation With Edna Conway and Andrea Little Limbago | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 2, 2024 33:24


Guests: Edna Conway, CEO, EMC ADVISORSOn LinkedIn | https://www.linkedin.com/in/ednaconwayOn Twitter | https://twitter.com/Edna_ConwayAt RSAC | https://www.rsaconference.com/experts/edna-conwayAndrea Little Limbago, Senior Vice President, Research & Analysis, InterosOn LinkedIn | https://www.linkedin.com/in/andrea-little-limbago/At RSAC | https://www.rsaconference.com/experts/andrea-little-limbago____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe dialogues in this insightful episode touch upon the evolving landscape of AI technology, particularly focusing on the adoption of large language models (LLMs) and their implications for predictive risk analysis. The speakers shed light on the need for a comprehensive framework that combines algorithmic advancements with robust policy guardrails to ensure the accurate and secure utilization of AI models.One of the key takeaways from the conversation is the emphasis on the critical role of data scientists and engineers in leveraging AI technologies effectively. While AI models can enhance productivity and streamline workflows, human expertise remains paramount in validating data, identifying potential risks, and steering decision-making processes in the right direction.The discussion also discuss the challenges posed by data integrity, potential attack vectors targeting AI systems, and the importance of implementing safeguards to protect against data leaks and malicious manipulations. The speakers stress the significance of maintaining stringent guardrails to uphold data accuracy and mitigate the negative impacts of erroneous information inputs.Moreover, the episode explores the intersection of AI technology with military and diplomatic decision-making processes, highlighting the complex nature of forecasting risks and making informed strategic moves in response to evolving scenarios. The speakers reflect on the probabilistic nature of risk analysis and underscore the need for continuous refinement and insight generation to enhance predictive capabilities.As the conversation unfolds, the panelists bring to light the nuances of AI utilization in different domains, from supply chain management to national security, underscoring the importance of tailored approaches and domain-specific expertise in maximizing the benefits of AI technologies.In conclusion, the episode encapsulates the dynamic interplay between human intelligence and AI advancements, urging for a holistic approach towards integrating AI tools while upholding data integrity, security, and accuracy in predictive risk analysis.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

The CyberWire
In the offense-defense see-saw, the defense seems to be rising.

The CyberWire

Play Episode Listen Later Nov 3, 2023 33:27


An Apache vulnerability is being used to install ransomware. Exploitation of Citrix vulnerability in the wild. AP sustains DDoS attack. HHS reaches settlement in HIPAA data breach incident. More evidence of OSINT's reach. On the Solution Spotlight: Simone Petrella and Rick Howard speak with Ben Rothke about his article and thoughts on "Is there really an information security jobs crisis?" Andrea Little Limbago from Interos joins us to discuss SEC and the disclosure rules. And, Microsoft draws a lesson from Russia's war: cyber defense now has the advantage over cyber offense. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/211 Selected reading. Critical Apache ActiveMQ Vulnerability Exploited to Deliver Ransomware (SecurityWeek)  HelloKitty ransomware now exploiting Apache ActiveMQ flaw in attacks (BleepingComputer)  Critical Vulnerability: Exploitation of Apache ActiveMQ CVE-2023-46604 (Huntress)  Suspected Exploitation of Apache ActiveMQ CVE-2023-46604 (Rapid7)  HHS' Office for Civil Rights Settles Ransomware Cyber-Attack Investigation (U.S. Department of Health and Human Services) AP news site hit by apparent denial-of-service attack (AP News)  Associated Press hit by Anonymous Sudan DDoS attack? (Tech Monitor) Satellites and social media offer hints about Israel's ground war strategy in Gaza (NPR)  Revisiting the Gaza Hospital Explosion (New York Times) Microsoft Vows to Revamp Security Products After Repeated Hacks (Bloomberg)  A new world of security: Microsoft's Secure Future Initiative (Microsoft On the Issues)  Announcing Microsoft Secure Future Initiative to advance security engineering (Microsoft Security)  Ukraine at D+617: Advantage defense. (CyberWire) Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Advice on security, from Washington, DC and Washington State. The Predator Files have bad news on privacy. Notes on the hybrid war. And LoveGPT is not your soulmate.

The CyberWire

Play Episode Listen Later Oct 6, 2023 30:07


NSA and CISA release a list of the ten most common misconfigurations along with Identity and access management guidelines. The Predator Files. Cyber cooperation between Russia and North Korea. Hacktivist auxiliaries hit Australia. Hacktivists and hacktivist auxiliaries scorn the application of international humanitarian law. The direction of Russian cyber operations. Dave Bittner speaks with Andrea Little Limbago from Interos to talk about geopolitics, cyber and the C-suite. Rick Howard talks with John Hultquist, Chief Analyst at Mandiant, at the mWISE 2023 Cybersecurity Conference about cyber threat intelligence. And, finally, adventures in catphishing: “LoveGPT.” For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/192 Selected reading. NSA and CISA Release Advisory on Top Ten Cybersecurity Misconfigurations (Cybersecurity and Infrastructure Security Agency CISA) CISA and NSA Release New Guidance on Identity and Access Management (Cybersecurity and Infrastructure Security Agency CISA) Microsoft Digital Defense Report 2023 (Microsoft) Predator Files | EIC (European Investigative Collaborations) Meet the ‘Predator Files,' the latest investigative project looking into spyware (Washington Post) NORTH KOREA–RUSSIA SUMMIT : A NEW ALLIANCE IN CYBERSPACE? - CYFIRMA (CYFIRMA)  Australia's home affairs department hit by DDoS attack claimed by pro-Russia hackers (the Guardian)  Pro-Russia hacktivist group targets Australian government agencies over support for Ukraine (Cyberdaily.au)  Home Affairs, Administrative Appeals Tribunal websites hit by cyber attacks (SBS News)  ‘War has no rules': Hacktivists scorn Red Cross' new guidelines (Record)  Espionage fuels global cyberattacks (Microsoft On the Issues)  LoveGPT: How “single ladies” looking for your data upped their game with ChatGPT (Avast Threat Labs) Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Trends in the cybercriminal underworld. The prosecution of Lapsus$ and Tornado Cash. More developments in Russia's hybrid war.

The CyberWire

Play Episode Listen Later Aug 24, 2023 27:26


There's a new sophistication in BEC campaigns. Trends in brand impersonation–crooks still like to pretend they're from Redmond. The future of Russian influence operations in the post-Prigozhin era. Andrea Little Limbago from Interos shares insights on the new cyber workforce strategy. In our latest Threat Vector segment David Moulton of Palo Alto Networks is joined by Stephanie Ragan, Senior Consultant at Unit 42 to discuss Muddled Libra. And more on the doxing of a deputy Duma chair, who seems to have been selling hot iPhones as a side hustle (maybe). And the growing problem of Synthetic identity fraud. On this segment of Threat Vector, Stephanie Ragan, Senior Consultant at Unit 42, joins host David Moulton to discuss Muddled Libra. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/162 Selected reading. BEC Trends: Payroll Diversion Dominates and Sneaky Multi-Persona Attacks Emerge (Trustwave) Q2 2023 Threat Landscape Report: All Roads Lead to Supply Chain Infiltrations (Kroll) Microsoft Impersonated Most in Phishing Attacks Among Nearly 350 Brands (Abnormal Security) TransUnion Analysis Finds Synthetic Identity Fraud Growing to Record Levels (TransUnion) Ukraine at D+546: Yevgeny Prigozhin dies in a plane crash. (CyberWire) Without Prigozhin, expect some changes around the edges on Russian influence operations (Washington Post) 2023 H1 Global Threat Analysis Report (Radware) Lapsus$: Court finds teenagers carried out hacking spree (BBC News) British court convicts two teen Lapsus$ members of hacking tech firms (Record)  Treasury Designates Roman Semenov, Co-Founder of Sanctioned Virtual Currency Mixer Tornado Cash (U.S. Department of the Treasury)  Tornado Cash Founders Charged With Money Laundering And Sanctions Violations (U.S. Attorney for the Southern District of New York)  Russian Duma leader's emails hacked and leaked (Cybernews) Ukrainian hackers expose money laundering and sanction evasion by senior Russian politician (teiss)  Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Pyongyang's new friendship with Moscow apparently only goes so far. Reptile rootkit in the wild. Cloudzy updates. Cl0p's torrents. And notes on cyber phases of Russia's hybrid war.

The CyberWire

Play Episode Listen Later Aug 7, 2023 28:24


North Korean cyberespionage against a Russian aerospace firm. The Reptile rootkit is used against South Korean systems. An update on Cloudzy. Cl0p is using torrents to move data stolen in MOVEit exploitation. Andrea Little Limbago from Interos wonders about the dangers of jumping head first into new technologies? Rick Howard ponders quantum computing. And Meduza is back on Apple Podcasts. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/149 Selected reading. Exclusive: North Korean hackers breached top Russian missile maker (Reuters) North Korean hackers stole secrets of Russian hypersonic missile maker (Euractiv)  Comrades in Arms? | North Korea Compromises Sanctioned Russian Missile Engineering Company (SentinelOne) Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems (The Hacker News)  UPDATE: Cloudzy Command and Control Provider Report (Halcyon) Reptile Rootkit: Advanced Linux Malware Targeting South Korean Systems (The Hacker News) Clop ransomware now uses torrents to leak data and evade takedowns (BleepingComputer) Ukraine may be winning ‘world's first cyberwar' (The Kyiv Independent) Apple has removed Meduza's flagship news podcast ‘What Happened' from Apple Podcasts, without explaining the reason (Meduza)

The CyberWire
Joint advisory warns of Truebot. Operation Brainleaches in the supply chain. API key reset at Jumpcloud. More MOVEit vulnerability exploitation.

The CyberWire

Play Episode Listen Later Jul 7, 2023 30:22


US and Canadian agencies warn of Truebot. A look at "Operation Brainleaches." Jumpcloud resets API keys. An update on the MOVEit vulnerability exploitation. Andrea Little Limbago from Interos shares insights on rising geopolitical instability. Our guest is Mike Hamilton from Critical Insight discussing what you need to know about NIST 2.0. OSCE trains Ukrainian students in cybersecurity. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/128 Selected reading. CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants (Cybersecurity and Infrastructure Security Agency CISA) Increased Truebot Activity Infects U.S. and Canada Based Networks | CISA (Cybersecurity and Infrastructure Security Agency CISA)  Operation Brainleeches: Malicious npm packages fuel supply chain and phishing attacks (ReversingLabs) Mandatory JumpCloud API Key Rotation (JumpCloud) JumpCloud resets admin API keys amid ‘ongoing incident' (BleepingComputer) JumpCloud Says All API Keys Invalidated to Protect Customers (SecurityWeek) More organizations confirm MOVEit-related breaches as hackers claim to publish stolen data (TechCrunch) Important information about MOVEit Transfer cyber security incident | Shell Global (Shell Global) Shell Confirms MOVEit-Related Breach After Ransomware Group Leaks Data (SecurityWeek) OSCE helps future generation of Ukraine's law enforcers and emergency personnel build skills for safe work in cyberspace (OSCE)

The CyberWire
ChatGPT continues to become more human, this time through hallucinations. Following Cl0p. Instagram works against CSAM. And data protection advice from an expert in attacking it.

The CyberWire

Play Episode Listen Later Jun 8, 2023 28:11


ChatGPT takes an unexpectedly human turn in having its own version of hallucinations. Updates on Cl0p's ransom note, background, and recent promises. Researchers look at Instagram's role in promoting CSAM. A look at KillNet's reboot. Andrea Little Limbago from Interos shares insight on cyber's human element. Our guest is Aleksandr Yampolskiy from SecurityScorecard on how CISOs can effectively communicate cyber risk to their board. And a hacktivist auxiliary's stellar advice for protecting your data. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/110 Selected reading. Can you trust ChatGPT's package recommendations? (Vulcan) Ransomware group Clop issues extortion notice to ‘hundreds' of victims (The Record) MOVEit cyber attack: Cl0p sparks speculation that it's lost control of hack (ITpro) Responding to the Critical MOVEit Transfer Vulnerability (CVE-2023-34362) (Kroll) MOVEit Transfer Critical Vulnerability (May 2023) (Progress) Cybergang behind N.S. breach says it erased stolen data, but experts urge caution (CBC Canada) Most SMBs admit to paying ransomware demands - here's why (TechRadar) Instagram Connects Vast Pedophile Network (Wall Street Journal) Addressing the distribution of illicit sexual content by minors online (Stanford University) Rebooting Killnet, a New World Order and the End of the Tesla Botnet (Radware)

The CyberWire
Volt Typhoon goes undetected by living off the land. New gang, old ransomware. KillNet says no to slacker hackers.

The CyberWire

Play Episode Listen Later May 25, 2023 32:43


China's Volt Typhoon snoops into US infrastructure, with special attention paid to Guam. Iranian cybercriminals are seen conducting ops against Israeli targets. A new ransomware gang uses recycled ransomware. A persistent Brazilian campaign targets Portuguese financial institutions. A new botnet targets the gaming industry. Phishing attempts impersonate OpenAI. Pro-Russian geolocation graffiti. Andrea Little Limbago from Interos addresses the policy implications of ChatGPT. Our guest is Jon Check from Raytheon Intelligence & Space, on cybersecurity and workforce strategy for the space community. And KillNet says no to slacker hackers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/101 Selected reading. People's Republic of China State-Sponsored Cyber Actor Living off the Land to Evade Detection (Joint Advisory) Volt Typhoon targets US critical infrastructure with living-off-the-land techniques (Microsoft) Chinese hackers spying on US critical infrastructure, Western intelligence says (Reuters) Agrius Deploys Moneybird in Targeted Attacks Against Israeli Organizations (Check Point) Iran-linked hackers Agrius deploying new ransomware against Israeli orgs (The Record) Iranian Hackers Set Sights On Israeli Shipping & Logistics Firms (Information Security Buzz) Fata Morgana: Watering hole attack on shipping and logistics websites (ClearSky Security) Iran suspect in cyberattack targeting Israeli shipping, financial firms (Al-Monitor) Buhti: New Ransomware Operation Relies on Repurposed Payloads (Symantec) Operation Magalenha | Long-Running Campaign Pursues Portuguese Credentials and PII (SentinelOne) The Dark Frost Enigma: An Unexpectedly Prevalent Botnet Author Profile (Akamai) Fresh Phish: ChatGPT Impersonation Fuels a Clever Phishing Scam (INKY)

The CyberWire
BlackCat follows Cl0p to GoAnywhere. Mirai gets an upgrade. Deterring cyber war. Homeland Secrity's cyber priorities. Action against DPRK cryptocrooks. What KillNet's up to.

The CyberWire

Play Episode Listen Later Apr 25, 2023 31:24


BlackCat (ALPHV) follows Cl0p, exploiting the GoAnywhere MFA vulnerability. The Mirai botnet exploits a vulnerability disclosed at Pwn2Own. An RSAC presentation describes US response to Russian prewar and wartime cyber operations. The US Department of Homeland Security outlines cyber priorities. Andrea Little Limbago from Interos shares insights from her RSAC 2023 panels. US indicts, sanctions DPRK operators in crypto-laundering campaign. My guest is Marc van Zadelhoff, CEO of Devo, with insights from the conference. And the latest on KillNet. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/79 Selected reading. BlackCat Ransomware Group Exploits GoAnywhere Vulnerability (At-Bay)  Zero Day Initiative — TP-Link WAN-side Vulnerability CVE-2023-1389 Added to the Mirai Botnet Arsenal (Zero Day Initiative) Years after discovery of SolarWinds breach, Russian hackers could be struggling (Washington Post)  U.S. deploys more cyber forces abroad to help fight hackers (Reuters) DHS Outlines Cyber Priorities in Release of Delayed Review (Nextgov.com)  US sanctions supporters of North Korean hackers, Iranian cyberspace head (Record)  North Korean Foreign Trade Bank Rep Charged for Role in Two Crypto Laundering Conspiracies (Department of Justice. U.S. Attorney's Office District of Columbia)  Treasury Targets Actors Facilitating Illicit DPRK Financial Activity in Support of Weapons Programs (U.S. Department of the Treasury)

The CyberWire
Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. Google announces new support for Ukraine. DDoSing the Vatican. Google supports Ukrainian startups in wartime.

The CyberWire

Play Episode Listen Later Dec 2, 2022 30:54


Cuba ransomware pulls in $60 million. CISA releases three ICS advisories. DDoSing the Vatican. Andrea Little Limbago from Interos on the implications of Albania cutting off diplomatic ties with Iran. Our space correspondent Maria Varmazis speaks with Brandon Bailey about Space Attack Research and Tactic Analysis matrix. And how Google supports Ukrainian startups in wartime. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/230 Selected reading. Alert (AA22-335A) #StopRansomware: Cuba Ransomware (CISA) Novel News on Cuba Ransomware: Greetings From Tropical Scorpius (Palo Alto Networks Unit 42) New ways we're supporting Ukraine (Google) 25 new startup recipients of the Ukraine Support Fund (Google) Vatican shuts down its website amid hacking attempts (Cybernews)

The CyberWire
Election security on the eve of the US midterms. US FBI rates the hacktivist threat. Microsoft says China uses disclosure laws to develop zero-days. Remember SIlk Road? The Feds do.

The CyberWire

Play Episode Listen Later Nov 7, 2022 31:19


Election security on the eve of the US midterms. US FBI rates hacktivist contributions to Russia's war as unimportant. Microsoft accuses China of using vulnerability disclosure to develop zero-days. Andrea Little Limbago from Interos addresses accountability for breaches. Our guest is Michelle Amante from the Partnership for Public Service on their Cybersecurity Talent Initiative. And, finally, remember SIlk Road? The Feds do. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/214 Selected reading. Hacktivists Use of DDoS Activity Causes Minor Impacts (FBI) The government says it won't flag election disinformation on Twitter and other social platforms (Washington Post) What to Expect When You are Expecting an Election (CISA) Hacktivists Use of DDoS Activity Causes Minor Impacts (FBI)  Nation-state cyberattacks become more brazen as authoritarian leaders ramp up aggression (Microsoft On the Issues)  U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud (U.S. Attorney's Office for the Southern District of New York)

The CyberWire
Amid widespread unrest, Sudan shutters its Internet. A new PRC influence campaign targets US elections. Software supply chain security. And cybercrime in wartime.

The CyberWire

Play Episode Listen Later Oct 26, 2022 31:30 Very Popular


Sudan closes its Internet as the country sees protests on the first anniversary of a coup. A Chinese influence campaign targets US elections. A software supply chain security study, and a look at vulnerability scanning tools. Documenting cyber war crimes in Ukraine. CISA issues eight ICS Advisories. Andrea Little Limbago from Interos on the effects of water scarcity on data centers. And if you'll indulge us, we've got some pretty exciting CyberWire news. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/206 Selected reading. Internet is shut down in Sudan on anniversary of military coup (The Record by Recorded Future) Pro-PRC DRAGONBRIDGE Influence Campaign Leverages New TTPs to Aggressively Target U.S. Interests, Including Midterm Elections (Mandiant) Rezilion Vulnerability Scanner Benchmark Report Finds Top Scanners Only 73% Accurate (PR Newswire)  Four in Five Software Supply Chains Exposed to Cyberattack in the Last 12 Months (BlackBerry) Ukraine Documenting Russian Hacks, Eyeing International Charges (Bloomberg)  CISA Releases Eight Industrial Control Systems Advisories (CISA)

The CyberWire
Caffeine in the C2C market. Refund-fraud-as-a-service. Costs of a nuisance. Staying alert during a hybrid war. Renewed Polonium activity. The Uber case's impact on security professionals.

The CyberWire

Play Episode Listen Later Oct 12, 2022 29:58 Very Popular


Refund fraud as a service. Costs of a nuisance. Remaining on alert during a hybrid war. Renewed activity by Polonium. Andrea Little Limbago from Interos discussing quantum computing policy. CyberWire Space Correspondent Maria Varmazis speaks with Dr. Gregory Falco on lessons learned from Russia's attack on Viasat. Reflections on the Uber case's impact on security professionals. And when it comes to phishing-as-a-service, we'll take decaf. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/196 Selected reading. The Fresh Phish Market: Behind the Scenes of the Caffeine Phishing-as-a-Service Platform (Mandiant)  Caffeine phishing. (CyberWire) Refund Fraud as a Service (Netacea) Amid reports of JP Morgan cyberattack, experts call Killnet unsophisticated, ‘media hungry' (SC Media) Hacktivists Force Companies to Respond to Low-Level Cyberattacks (Wall Street Journal)  Nato warns Russian sabotage on Western targets 'could trigger Article 5' (The Telegraph) US Not Ruling Out Russian Cyber Offensive (VOA) Ukraine at D+230: Escalation, but unlikely to be sustainable. (CyberWire) POLONIUM targets Israel with Creepy malware (WeLiveSecurity) Hacking group POLONIUM uses ‘Creepy' malware against Israel (BleepingComputer) Security chiefs fear ‘CISO scapegoating' following Uber-Sullivan verdict (The Record) Sullivan verdict sends shockwaves through the security industry (Security Info Watch) Reflections on the Uber case's impact on security. (CyberWire)

The CyberWire
Wipers, tak; grid takedown, nyet. Twitter 0-day exploited before patching. NHS 111 recovering from cyberattack. Notes on the C2C underworld.

The CyberWire

Play Episode Listen Later Aug 8, 2022 26:30 Very Popular


Shifting cyber threats during Russia's war against Ukraine. A Twitter exploit may have compromised more than 5 million accounts. A Cyberattack disrupts NHS 111. Developments in the C2C market. An alleged Russian cryptocurrency exchange operator is extradited to the US. Rick Howard looks at FinTech. Andrea Little Limbago from Interos on Industrial policy and the tech divide. And a Crypto mixing service has been sanctioned by the US Treasury Department. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/150 Selected reading. ESET Threat Report T 1 2022 (WeLiveSecurity)  Twitter confirms zero-day used to expose data of 5.4 million accounts (BleepingComputer) NHS 111 software outage confirmed as cyber-attack (BBC News)  Ministers coordinate response after cyber-attack hits NHS 111 (the Guardian) Thousands of hackers flock to 'Dark Utilities' C2-as-a-Service (BleepingComputer) Attackers leveraging Dark Utilities "C2aaS" platform in malware campaigns (Cisco Talos) Genesis Brings Polish to Stolen-Credential Marketplaces (Sophos) Cyber-related Designation (U.S. Department of the Treasury) U.S. imposes sanctions on virtual currency mixer Tornado Cash (Reuters) Crypto Mixing Service Tornado Cash Blacklisted by US Treasury (CoinDesk) Alleged Russian Cryptocurrency Money Launderer Extradited to United States (US Department of Justice) Russian accused of money laundering and running $4B bitcoin exchange extradited to US | CNN Politics (CNN)

The CyberWire
The minor mystery of GPS-jamming. Twitter investigates apparent data breach. Ransomware C2 staging discovered. A C2C offering restricted to potential privateers.

The CyberWire

Play Episode Listen Later Jul 25, 2022 27:44 Very Popular


The minor mystery of GPS-jamming. Twitter investigates an apparent data breach. Ransomware command and control staging is discovered. Andrea Little Limbago from Interos looks at the intersection of social sciences and cyber. Our guest is Nelly Porter from Google Cloud on the emerging idea of confidential computing. A C2C offering restricted to potential privateers. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/138 Selected reading. Why Isn't Russia jamming GPS harder in Ukraine? (C4ISRNet) Twitter data breach exposes contact details for 5.4M accounts; on sale for $30k (9to5Mac) Twitter investigating authenticity of 5.4 million accounts for sale on hacking forum (The Record by Recorded Future) Russian Ransomware C2 Network Discovered in Censys Data (Censys) Researcher finds Russia-based ransomware network with foothold in U.S. (The Record by Recorded Future) New Cross-Platform 'Luna' Ransomware Only Offered to Russian Affiliates (SecurityWeek) 

The CyberWire
Killnet hits Norwegian websites. Hacktivists tied to Russia's government. Looking ahead to new cyber phases of Russia's hybrid war. C2C market differentiation. Gennady Bukin, call your shoe store.

The CyberWire

Play Episode Listen Later Jun 30, 2022 30:35 Very Popular


Killnet hits Norwegian websites. Hacktivists are tied to Russia's government. Amunet as a case study in C2C market differentiation. C2C commodification extends to script kiddies. Andrea Little Limbago from Interos examines borderless data. Rick Howard speaks with Cody Chamberlain from NetSPI on Breach Communication. Roscosmos publishes locations of Western defense facilities…and subsequently says it sustained a DDoS attack. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/125 Selected reading. Pro-Russian hacker group says it attacked Norway (The Independent Barents Observer) Cyberattack hits Norway, pro-Russian hacker group fingered (AP NEWS) Norway blames "pro-Russian group" for cyber attack (Reuters) Mandiant Finds Possible Link Between Kremlin, Pro-Russian ‘Hacktivists' (Bloomberg) Market Differentiation: Cybercriminal Forums' Unusual Features Designed To Attract Users (Digital Shadows) Minors Use Discord Servers to Earn Extra Pocket Money Through Spreading Malware (PR Newswire) Russia publishes Pentagon coordinates, says Western satellites 'work for our enemy' (Reuters) Russian Space Agency Targeted in Cyberattack (Wall Street Journal) Cyberattack hits Russian space agency site after sharing NATO photos (Jerusalem Post)

The CyberWire
A Fancy Bear sighting. Why Russian cyberattacks against Ukraine have fallen short of expectations. ToddyCat APT discovered. ICEFALL ICS issues described. Europol collars 9. Say it ain't so, Dmitry.

The CyberWire

Play Episode Listen Later Jun 22, 2022 29:55 Very Popular


Fancy Bear sighted in Ukrainian in-boxes. Why Russian cyberattacks against Ukraine have fallen short of expectations. ToddyCat APT is active in European and Asian networks. ICEFALL ICS vulnerabilities described. CISA issues ICS vulnerability advisories. Europol makes nine collars. Andrea Little Limbago from Interos on The global state of data protection and sharing. Rick Howard speaks with Michelangelo Sidagni from NopSec on the Future of Vulnerability Management. We are shocked, shocked, to hear of corruption in the FSB For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/119 Selected reading. Ukrainian cybersecurity officials disclose two new hacking campaigns (CyberScoop)  Ukraine Warns of New Malware Campaign Tied to Russian Hackers (Bloomberg Law)  Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware (BleepingComputer)  Opinion How Russia's vaunted cyber capabilities were frustrated in Ukraine (Washington Post)  New Toddycat APT Targets MS Exchange Servers in Europe and Asia (Infosecurity Magazine)  Microsoft Exchange servers hacked by new ToddyCat APT gang (BleepingComputer) OT:ICEFALL: 56 Vulnerabilities Caused by Insecure-by-Design Practices in OT (Forescout) From Basecamp to Icefall: Secure by Design OT Makes Little Headway (SecurityWeek) Dozens of vulnerabilities threaten major OT device makers (Cybersecurity Dive)  CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency)  Phishing gang behind several million euros worth of losses busted in Belgium and the Netherlands (Europol) Подполковника УФСБ по Самарской области арестовали за кражу криптовалюты у хакера (TASS)

The CyberWire
Cyber war: a continuing threat, a blurry line between combatants and noncombatants. Chinese cyberespionage and its “plumbing.” CISA adds Known Exploited Vulnerabilities. News from Jersey.

The CyberWire

Play Episode Listen Later Jun 8, 2022 30:25 Very Popular


US officials continue to rate the threat of Russian cyberattack as high. Civilians in cyber war. Broadcast interference and propaganda. A Joint CISA/FBI warning of Chinese cyberespionage. What gets a vulnerability into the Known Exploited Vulnerabilities Catalog? Andrea Little Limbago from Interos and Mike Sentonas from Crowdstrike join us with previews of their RSA conference presentations. And, finally, some Jersey-based cyber campaigns (that's the Bailiwick, not the Garden State). For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/110 Selected reading. Russian Cyber Threat Remains High, U.S. Officials Say (Wall Street Journal) Shields Up: The New Normal (CyberScoop) Russian Government, Cybercriminal Cooperation a 'Force Multiplier' (Decipher)  Opinion The U.S.-Russia conflict is heating up — in cyberspace (Washington Post)  Smartphones Blur the Line Between Civilian and Combatant (Wired) Russian Cyberattack Hits Wales-Ukraine Football Broadcast (Gov Info Security)  People's Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices (CISA) US agencies detail the digital ‘plumbing' used by Chinese state-sponsored hackers (The Record by Recorded Future)  CISA Provides Criteria and Process for Updates to the KEV Catalog (CISA) Reducing the Significant Risk of Known Exploited Vulnerabilities (CISA) Jersey computers used in international cyber-attacks (Jersey Evening Post)

The Great Indoors
What is digital authoritarianism? - Ft. Andrea Little Limbago

The Great Indoors

Play Episode Listen Later May 3, 2022 59:27


On this episode of the Great Indoors, Matt sits down with Andrea Little Limbago, a computational social scientist who specializes in the intersection of technology, national security and society. Andrea spent time doing computational modeling for the U.S. Department of Defense before working in cyber security at various startups for about a decade. Her experience has culminated in her current role as the Vice President of Research and Analysis at Interos, where she leads the team that models the range of supply chain risks. Andrea has also earned a Ph.D. in Political Science from the University of Colorado at Boulder. During the episode, she explains why the supply chain has seen so much disruption in recent years, why this is such a major problem for people around the world, and how we might overcome these issues in the future. Andrea also provides an overview of the term digital authoritarianism, what it means, and its implications for our society.This podcast episode was produced by Quill.

The CyberWire
Epistemic closure in a hybrid war. Wiper used against VIasat modems. US Treasury sanctions more Russian actors. Remediating Spring4shell. Notes from law enforcement. And we're not joking.

The CyberWire

Play Episode Listen Later Apr 1, 2022 25:46 Very Popular


Attempting to evolve rules of cyber conduct during a hot hybrid war. Waiting for major Russian cyber operations. Viasat terminals were hit by wiper malware. Patches and detection scripts for Spring4shell. Warning of ransomware threat to local governments. Emergency data requests under Senatorial scrutiny. NSA employee charged with mishandling classified material. Andrea Little Limbago from Interos on Bots, Warriors and Trolls. Rick Howard speaks with Maretta Morovitz on cyber deception. And no April Foolin' here For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/63 Selected reading. Russia's War Lacks a Battlefield Commander, U.S. Officials Say (New York Times)  Putin may be self-isolating from his military advisers, says White House (The Telegraph)  Confronting Russian Cyber Censorship (Wilson Center)  Zelensky Fires Two Generals (Wall Street Journal)  French intelligence chief Vidaud fired over Russian war failings (BBC News)  Cyber War Talks Heat Up at UN With Russia at Table (Bloomberg.com) Foreign Ministry statement on continued cyberattack by the “collective West” (Ministry of Foreign Affairs of the Russian Federation)  New Protestware Found Lurking in Highly Popular NPM Package (Checkmarx.com) Russia targeting Ukraine, countries opposing war in cyberspace (Jerusalem Post) Conti Leaks: Examining the Panama Papers of Ransomware (Trellix)  British intelligence agencies: Moscow continuously attacks Ukraine in cyberspace (The Times Hub) AcidRain | A Modem Wiper Rains Down on Europe (SentinelOne) SentinelOne finds ties between Viasat hack and Russian actor (SC Magazine) ExtraHop CEO: Expect a Russian cyber response to sanctions (Register) Treasury sanctions Russian research center blamed for Trisis malware (CyberScoop)  Treasury Targets Sanctions Evasion Networks and Russian Technology Companies Enabling Putin's War (U.S. Department of the Treasury) Evgeny Viktorovich Gladkikh – Rewards For JusticeArtboard 4Artboard 4 (Rewards for Justice)  Spring confirms ‘Spring4Shell' zero-day, releases patched update (The Record by Recorded Future)  Spring4Shell (CVE-2022-22965): Are you vulnerable to this Zero Day? (Cyber Security Works)  Ransomware Attacks Straining Local US Governments and Public Services (IC3)  Senate's Wyden Probes Use of Forged Legal Requests by Hackers (Bloomberg)  NSA Employee Charged with Mishandling Classified Material (Military.com) National Security Agency Employee Indicted for Willful Transmission and Retention of National Defense Information (US Department of Justice)  National Security Agency Employee Facing Federal Indictment for Willful Transmission and Retention of National Defense Information (US Department of Justice)

The CyberWire
Updates on Russia's hybrid war against Ukraine. The leader of the Lapsus$ Gang may be a 16-year-old living with his Mom. Wanted cybercriminals. Hacktivism's sometimes wayward aim.

The CyberWire

Play Episode Listen Later Mar 24, 2022 26:45


Concerns persist that President Putin will take his revenge in cyberspace for sanctions. Wiper attacks reported continuing in Ukraine. Russia also sustains cyberattacks. Lapsus$--living at home, with Mom. A carder kingpin finds his way onto the FBI's Most Wanted List. Andrea Little Limbago from Interos on collective resilience. Our guest is Amit Shaked from Laminar Security on shadow data. Anonymous says it hit Nestlé, but Nestlé says it never happened. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/57 Selected reading. As Ukraine invasion stalls, Putin looks to cyber for revenge attack on US (Newsweek) Threat looms of Russian attack on undersea cables to shut down West's internet (France 24)  A Mysterious Satellite Hack Has Victims Far Beyond Ukraine (Wired)  Anonymous hacks unsecured printers to send anti-war messages across Russia (HackRead) 'We want them to go to the Stone Age': Ukrainian coders are splitting their time between work and cyber warfare (CNBC)  Teen Suspected by Cyber Researchers of Being Lapsus$ Mastermind (Bloomberg) Nestlé denies Anonymous hack, claiming it accidentally leaked data dump itself (Fortune)  Nestlé says 'Anonymous' data leak actually a self-own (Register) Nestlé: You Can't Hack Us, We Leaked Our Own Data (Gizmodo)  FBI adds Russian cybercrime market owner to most wanted list (BleepingComputer) United States of America v. Igor Dekhtyar (US District Court for the Eastern District of Texas)

The CyberWire
Updates on Russia's hybrid war, including cyber ops and influence operations. Mustang Panda focuses on Europe in its cyberespionage. Ransomware hits oil and gas sector. UPS vulnerabilities.

The CyberWire

Play Episode Listen Later Mar 8, 2022 26:45


Updates from the UK's Ministry of Defense on Russia's War in Ukraine. Influence operations: the advantage still seems to go to Ukraine, as Russian efforts look inward. Assessing the effects of hacktivism and cyber operations in the hybrid war. Privateering: Conti, Ragnar Locker, and (probably) others. Mustang Panda rears up in European diplomatic networks. Ransomware hits a Romanian fuel distributor. Andrea Little Limbago from Interos on data traps. Carole Theriault tracks the fight against deepfakes. Vulnerabilities found in UPS devices. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/45

The CyberWire
Log4j updates, including an Aquatic Panda sighting. Cyberattacks hit news services in Norway, Israel, and Portugal. Addressing Y2K22.

The CyberWire

Play Episode Listen Later Jan 3, 2022 26:29


Aquatic Panda has been found working Log4shell exploits against an academic institution. Apache fixes new Log4j issues reported last week, and Microsoft also updates Windows Defender to address Log4j risks. Cyberattacks, criminal or hacktivist in motivation, hit news outlets around the new year. Microsoft works on fixing a Y2K22 bug in on-premise Exchange Server. Andrea Little Limbago from Interos on technology spheres of influence. Our guest is Mark Dehus from Lumen's Black Lotus Labs with DDoS insights. And CISA issues some ICS security advisories. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/11/1

The CyberWire
Log4j and Log4shell updates. Cyberespionage and C2C market developments. Patch Tuesday notes. And how do you pronounce that, anyway?.

The CyberWire

Play Episode Listen Later Dec 15, 2021 28:15


A second vulnerability is found and fixed in Log4j as both criminals and nation-state intelligence services increase their exploitation of Log4shell. Iranian intelligence services have been actively conducting cyberespionage against a range of targets in the Middle East and Asia. Andrea Little Limbago from Interos checks in on supply chain issues. Our guest is Suzy Greenberg from Intel with a look ahead toward the coming year. A quick look back at Patch Tuesday, and, finally, some musing on literacy, orality, and the way you pronounce stuff people tweet about... For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/239

The CyberWire
AWS resolves service issues. A summit stand-off. Dark web chatter, and arbitrage courts in the C2C world. Looking for stolen or lost alt-coin.

The CyberWire

Play Episode Listen Later Dec 8, 2021 24:04


Amazon resolves its Tuesday outage as observers wonder about cloud risks. A stand-off at the Russo-American summit, but chatter in the dark web suggests that the Russophone underworld is feeling uneasy. A look at the arbitrage process that governs the criminal-to-criminal market. Carole Theriault reads the fine print. Andrea Little Limbago looks at global regulatory regimes. A DeFi platform asks for its stolen money back, and a guy looks for his private key in a physical garbage dump. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/234

The CyberWire
Cybercrime and the criminal-to-criminal markets that support it during the holiday shopping season. Shaming as a pressure tactic. Living large, even when living on the lam.

The CyberWire

Play Episode Listen Later Nov 30, 2021 25:45


Today, it's all crime all the time. Cybercrime, the C2C underground market, and the expansive holiday shopping season. Rebranding in gangland. How crooks exclude targets on the basis of language or geolocation. Shaming as a criminal pressure tactic. Bad apps in the Play Store. Andrea Little Limbago looks at internet blackouts. Carole Theriault wonders what the Metaverse really means. And living large while living on the lam. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/228

The CyberWire
Coups and comms blackouts. Fuel sale sabotage in Iran. Wslink described. Operation Dark HunTor takes down a contraband market. FTC looks into Facebook. LockBit speaks.

The CyberWire

Play Episode Listen Later Oct 27, 2021 25:49


Sudan is under a blackout as a military junta consolidates control over the government. Iran says a cyberattack--unattributed so far--was responsible for disrupting fuel distribution in that country. A novel loader is discovered. Operation Dark HunTor takes down a darkweb contraband market. The US FTC is looking into Facebook's privacy settlement. The LockBit gang talks, and it's insufferable. Andrea Little Limbago from Interos on government internet interventions. Carole Theriault weighs in on Facebook glasses. And Halloween is another day closer. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/207

The CyberWire
CISA and its partners warn of threats to water and wastewater treatment facilities. The curious case of Missouri teachers' Social Security Numbers.

The CyberWire

Play Episode Listen Later Oct 15, 2021 23:07


A CISA-issued Joint Advisory warns of threats and vulnerabilities at water and wastewater treatment facilities. CISA issues twenty-two other industrial control system advisories. Andrea Little Limbago from Interos on trends in the human element of security. Our guest is Gidi Cohen from Skybox with Vulnerability and Threat Trends. And the Governor of Missouri intends to prosecute the Saint Louis Post-Dispatch to the fullest extent of whatever the law turns out to be. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/199

The CyberWire
Privacy and the Pandora Papers. Flubot's scare tactics. Exploiting an account recovery system. Conti warns victims not to talk to the press. An international meeting on cybercrime? A ransomware bust.

The CyberWire

Play Episode Listen Later Oct 4, 2021 26:05


The Pandora Papers leak erstwhile private financial transactions by the rich and well-connected (and it's 150 mainstream news organizations who cooperated in bringing them to light). Flubot is using itself to scare victims into installing Flubot. Coinbase thieves exploited account recovery systems to obtain 2FA credentials. The US plans to convene an international conference on fighting cybercrime. Conti warns its victims not to talk to reporters. Andrea Little Limbago from Interos on modeling cyber risk. Carole Theriault has thoughts on facial recognition software. And a ransomware bust in Ukraine leads us to ask, why Capri Sun. (Think about it, kids.) For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/191

The CyberWire
CISA's new Joint Cyber Defense Collaborative. C2C market update: Prometheus TDS and Prophet Spider. And naiveté about a gang's reform, or optimism over signs the gang is worried?

The CyberWire

Play Episode Listen Later Aug 5, 2021 25:58


CISA announces a new public-private cybersecurity initiative. Prometheus TDS and Prophet Spider take their places in the C2C market. The money points to BlackMatter being a rebranded DarkSide. Andrea Little Limbago from Interos on Divergent trends of federal data privacy laws and government surveillance. Tonia Dudley from CoFense checks in from the BlackHat show floor. Our guest is Simon Maple from Snyk with a look at Cloud Native Application Security. And where some see naiveté, others see cautious optimism about putting fear in the hearts of ransomware gangs. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/150

The CyberWire
Multiple Cozy Bear sightings (at least the bear tracks). Spyware in a Chinese employee benefits app. Phishing campaigns. DoppelPaymer rebrands. And ignore that bot--it hasn't been watching you surf.

The CyberWire

Play Episode Listen Later Jul 30, 2021 26:27


Cozy Bear's active command-and-control servers are found, and people conclude that Moscow's not too worried about American retaliation after all. Spyware found in an app for companies doing business in China. What to make (and not make) of the Iranian documents Sky News received. Phishing with Crimean bait. HTML smuggling may be enjoying a moderate surge. DoppelPaymer rebrands. Andrea Little Limbago from Interos on growing the next-gen of cyber. Our guest is Jamil Jaffer from IronNet Cybersecurity protecting the BlackHat Network Operations Center. And good news--that blackmailing bot really doesn't know what you did this summer. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/146

The CyberWire
Kaseya continues to work through its REvil days, as does the US Administration. In other news, there's cyberespionage in Asia, the PrintNightmare fix, and Black Widow as phishbait.

The CyberWire

Play Episode Listen Later Jul 9, 2021 28:16


Kaseya continues to work through remediation of the VSA vulnerability exploited by REvil, with completion expected Sunday afternoon. And while REvil has made a nuisance of itself, this time they may not have seen a big payday, or at least not yet. The US is still considering its retaliatory and other options in the big ransomware case. China's MSS is active against targets in Asia. Andrea Little Limbago from Interos looks at Government access to data analysis. Our guest is Leon Gilbert from Unisys with data from their Digital Workplace Insights report. And scammers are baiting their hooks with Black Widow lures. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/131

ITSPmagazine | Technology. Cybersecurity. Society
The G7 And International Norms In Cybersecurity | A Conversation With Andrea Little Limbago | The National Blast With Keenan Skelly

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 6, 2021 18:44


The CyberWire
The Russo-US summit ended in frank exchanges and the prospect of further discussions on cybersecurity. Ferocious Kitten tracked. Initial access brokers. Molerats return. Ransomware arrests.

The CyberWire

Play Episode Listen Later Jun 17, 2021 25:50


The US-Russian summit took up cyber conflict, cyber privateering, and cyber deterrence, ending with the prospect of further discussions. Ferocious Kitten's domestic surveillance. Ransomware gangs are using a lot of initial access brokers. The Molerats are back. Troubleshooting a wave of intermittent Internet interruptions. NSA offers advice on securing business communication tools. Ukrainian police arrest six alleged Clop gangsters. Andrea Little Limbago from Interos on bringing the private sector back into the defense equation. Our guest is Charles Herring of WitFoo, with the case for cybersecurity as an extension of law enforcement. Nine alleged ransomware hoods collared in Seoul.  For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/116

The Rising Digital Leader
2: Andrea Little Limbago - Leading at the Intersection of Human & Tech

The Rising Digital Leader

Play Episode Listen Later Jun 14, 2021 38:24


OVERVIEW Full show notes: https://matthewdoan.com/podcast/2 Here, we talk with Dr. Andrea Little Limbago (VP of Research and Analysis at Interos) about what it takes for tech experts (usually considered introverts) to elevate into leadership positions. Andrea also shares how her unique background in the social sciences enabled her own growth in the cybersecurity field. Finally, she and Matthew discuss how to think about professional networking and why tech leaders need to operate "human-first" in driving organizational progress. For weekly digital leadership and career advice, join Wednesday Wisdom at https://matthewdoan.com/newsletter TAKEAWAYS For tech experts to find their place in leadership roles, they need to: (1) decide if it's for them, (2) sharpen their communication skills, and (3) be influential team players. Cybersecurity is still stuck with the notion that humans are the weakest link. But at the end of the day, if technology doesn't work with humans in it, it doesn't work. To build key relationships, think like a social scientist. Connect with key individuals that get you closer to your goal without being self-serving with your personal agenda. The leadership myths that need busting: (1) you have to be an extrovert to be a leader, (2) leave the people component to HR, and (3) bring solutions, not problems. Having a professional "squad" is vital to your professional and social health. RESOURCES Connect w/ Andrea on LinkedIn: https://www.linkedin.com/in/andrea-little-limbago/ Connect w/ Matthew on LinkedIn: https://www.linkedin.com/in/matthewdoan/ Follow Matthew on Twitter: https://twitter.com/MatthewRDoan Check the show on YouTube: https://www.youtube.com/channel/UCZeCjHjtq3g7mIuPwvKRrjw

The CyberWire
FBI fingers REvil as the gang behind the JBS ransomware. Privateering may come up at the US-Russian summit. Ransomware at regional transportation operations. Cyberespionage in Southeast Asia.

The CyberWire

Play Episode Listen Later Jun 3, 2021 24:30


Evil, your name is REvil, except when it’s Sodinokibi. That’s what the Bureau says about the JBS ransomware attack, anyway. The US is expected to make strong objections to Russian cyber privateering at the upcoming summit. Other ransomware incidents are disclosed by regional transportation operators. A possible Mustang Panda sighting. Andrea Little Limbago from Interos on cyber related executive orders. Our guest is Terry Halvorsen from IBM on the need for investment, research and collaboration in preventing quantum cyberattacks. And mommas, don’t let your babies grow up to be DDoS jockeys. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/106

Redefining CyberSecurity
Supply Chain Resilience In A Time Of Techtonic Geopolitical Shifts | Redefining CyberSecurity With Andrea Little Limbago

Redefining CyberSecurity

Play Episode Listen Later May 26, 2021 19:36


ITSPmagazine | Technology. Cybersecurity. Society
Supply Chain Resilience In A Time Of Techtonic Geopolitical Shifts | Redefining Security With Andrea Little Limbago

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 26, 2021 19:37


The CyberWire
Apparent cyber sabotage at Natanz. Arrest made in alleged plot to blow up AWS facility. Scraped data for sale in criminal fora. US senior cyber appointments expected soon.

The CyberWire

Play Episode Listen Later Apr 12, 2021 23:44


Iran says Israel was responsible for sabotaging the Natanz nuclear facility yesterday, and Tehran promises revenge. Online plotting results in the arrest of a Texas man alleged to have planned an attack on an Amazon Web Services center. Scraped, not hacked, data from LinkedIn and Clubhouse are being hawked online. Andrea Little Limbago from Interos addresses asymmetric power within cyberspace and how that plays out in warfare. Our guest is Giovanni Vigna from VMware on the takedown of the Emotet infrastructure. And the US moves to fill senior cybersecurity positions. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/69

The CyberWire
Goblin Panda sighting? The attempt on Ubiquiti. More universities feel the effects of the Accellion compromise. National Supply Chain Integrity Awareness Month. Down-market phishing.

The CyberWire

Play Episode Listen Later Apr 2, 2021 26:23


Goblin Panda might be out and about. Ubiquiti confirms that an extortion attempt was made, but says the attempted attack on data and source code was unsuccessful. The Accellion compromise claims more university victims. It’s National Supply Chain Integrity Awareness Month in the US. BOLO Mr. Korhsunov. Andrea Little Limbago from Interos on supply chain resilience in a time of tectonic geopolitical shifts. Our guest is Paul Nicholson from A10 Networks on their State of DDoS Weapons report. And some down-market phishing attempts. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/63

The CyberWire
Happy Slam the Scam Day. Indian authorities continue to investigate grid incidents. CISA tells US Federal agencies to clean up Exchange bugs by noon tomorrow. Supply chain compromise.

The CyberWire

Play Episode Listen Later Mar 4, 2021 22:10


Indian authorities say October’s Mumbai blackout was “human error,” not cybersabotage. CISA directs US civilian agencies to clean up Microsoft Exchange on-premise vulnerabilities. More effects of the Accellion FTA supply chain compromise. Some trends in social engineering. Andrea Little Limbago brings us up to date on the RSA supply chain sandbox. Our guest is Brittany Allen from Sift on a new Telegram fraud ring. And happy National Slam the Scam Day. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/42

The CyberWire
Spyware in the Subcontinent. Notes on cyber fraud, cyber theft, and ransomware. The US gets a chief to lead response to Solorigate. Updates on the Florida water system cybersabotage.

The CyberWire

Play Episode Listen Later Feb 11, 2021 27:24


Spyware in the Subcontinent. Some crooks auction stolen game source code while others bilk food delivery services. Emotet survived its takedown. Ransomware developments. The US now has a point person for Solorigate investigation and response. Andrea Little Limbago from Interos on her participation in the National Security Institute at George Mason University. Our guest is Chris Cochran from Hacker Valley Studio with a preview of their Black Excellence in Cyber podcast.And there’s no attribution yet in the Oldsmar, Florida, water system cybersabotage, but it’s increasingly clear that the utility wasn’t a hard target.  For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/28

The CyberWire
Solorigate: targeting, collateral damage, or staging? The Cyberspace Solarium has some advice for US President Biden. URKI breach. British Mensa thinks over a data exposure.

The CyberWire

Play Episode Listen Later Feb 1, 2021 26:05


Untangling Solorigate, and distinguishing primary targets from collateral damage (or maybe side benefits, or maybe battlespace preparation). Congress asks NSA for background on an earlier supply chain incident. The Cyberspace Solarium Commission offers the new US Administration some transition advice. Rick Howard hears from the hash table on Microsoft Azure. Andrea Little Limbago from Interos on the intersection of COVID and cyber vulnerabilities. And the week gets off to a rough start for smart Britons. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/20

The CyberWire
The FSB warns Russian businesses to up their security game--the Americans are coming. SonicWall’s investigation of a possible cyberattack. DIA and commercial data brokers. OPC issues. Robota.

The CyberWire

Play Episode Listen Later Jan 25, 2021 25:58


Russia’s FSB warns businesses to be on the lookout for American cyberattacks after the White House says it’s reserving its right to respond to the Solorigate cyberespionage campaign. SonicWall investigates an apparent compromise of its systems. Senator asks the US DNI for an explanation of DIA purchases of geolocation data from commercial vendors. OPC issues described. Andrea Little Limbago from Interos on the tech "naughty list" of restricted or sanctioned companies. Rick Howard previews his first principles analysis of Microsoft Azure. And a happy birthday to the word “robot,” now one-hundred years young. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/15

The CyberWire
Threat actors were able to see Microsoft source code repositories. Zyxel closes a backdoor. Kawasaki discloses data exposure. Slack’s troubles. Julian Assange escapes extradition to the US.

The CyberWire

Play Episode Listen Later Jan 4, 2021 24:42


Updates on the spreading consequences of Solorigate, including Microsoft’s disclosure that threat actors gained access to source code repositories. A hard-coded backdoor is found in Zyxel firewalls and VPNs. Kawasaki Heavy Industries says parties unknown accessed sensitive corporate information. Slack has been having troubles today. Andrea Little Limbago from Interos on democracies aligning against global techno-dictators. Our guest is Drew Daniels from Druva with a look at the true value of data. And a British court declines to extradite WikiLeaks’ Julian Assange to the United States. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/1

Career Notes
Andrea Little Limbago: Look at the intersection of the of humans and technology. [Social Science]

Career Notes

Play Episode Listen Later Dec 13, 2020 7:01


Computational Social Scientist Andrea Little Limbago shares her journey as a social scientist in cybersecurity. Andrea laments that she wishes she'd known there is no straight line between what you think you want to do and then where you end up going. Beginning her career in international relations and courted by the Department of Defense's Joint Warfare Analysis Center while teaching at New York University, Andrea began her work in cybersecurity. Her team was one of the first to start thinking about the intersection of cybersecurity and geopolitics and quantitative modeling. Andrea reminds us there are many paths and skills needed in cybersecurity and hopes she's opened some doors for others. We thank Andrea for sharing her story with us.

The CyberWire
Andrea Little Limbago: Look at the intersection of the of humans and technology. [Social Science] [Career Notes]

The CyberWire

Play Episode Listen Later Dec 13, 2020 7:01


Computational Social Scientist Andrea Little Limbago shares her journey as a social scientist in cybersecurity. Andrea laments that she wishes she'd known there is no straight line between what you think you want to do and then where you end up going. Beginning her career in international relations and courted by the Department of Defense's Joint Warfare Analysis Center while teaching at New York University, Andrea began her work in cybersecurity. Her team was one of the first to start thinking about the intersection of cybersecurity and geopolitics and quantitative modeling. Andrea reminds us there are many paths and skills needed in cybersecurity and hopes she opened some doors for others. We thank Andrea for sharing her story with us.

Fault Lines
Episode 51: Closing Time at the Trump Administration

Fault Lines

Play Episode Listen Later Nov 18, 2020 39:40


As the song says, you don't have to go home, but you can't stay here! Before his imminent departure, President Trump flexed his muscles by firing Secretary of Defense Esper and claiming that the election was stolen. Les, Loren, Jamil, and first time guest Dr. Andrea Little Limbago, NSI Senior Fellow and Vice President of Research and Analysis at Interos, discuss how these moves impact our national security and standing abroad. Does a shake-up at DoD change anything? Was the election stolen? What does this mean for a future Biden administration? All these questions and more answered in this week’s Fault Lines. See acast.com/privacy for privacy and opt-out information.

Stratfor Podcast
RANE Insights: Women in Cybersecurity

Stratfor Podcast

Play Episode Listen Later Sep 25, 2020 31:57


Just as the high tech industry has been dominated by males - especially in the United States - for most of its history, so too has the field of cyber security. A growing area of expertise and certainly a crucial need for businesses amid a near constant threat of cyber attack, it is still a career path dominated by men.In this podcast, our host, DeNeige Watson, RANE’s Executive Director, Geopolitical + Threat Intelligence speaks with Deborah Housen-Couriel and Dr. Andrea Little-Limbago, both leaders in the cybersecurity field.Deborah Housen-Couriel is Chief Legal Officer and VP Regulation at Konfidas Digital Ltd. in Tel Aviv and teaches cyber law at Hebrew University. As the Vice President of Research and Analysis at Interos, Andrea Little-Limbago leads the company’s research and analytic work modeling global supply chain risk, with a focus on globalization, cybersecurity, and geopolitics.

The CyberWire
Cybercrime pays, criminal tools are commodities, and some cyber gangs get sophisticated. The skid market for booters. Pyongyang unleashes the BeagleBoyz.

The CyberWire

Play Episode Listen Later Aug 27, 2020 23:18


Several Magecart campaigns turn out to be the work of one gang. The unfortunate persistence of DDoS-for-hire services. Ransomware’s growing sophistication as a class of criminal enterprise. Andrea Little Limbago from Interos on supply chain attacks & risks. Our guest is Mark Testoni from SAP's NS2 on how Covid-19 reshaped classified work. And hey kids: the BeagleBoyz are on a crime spree. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/167

What Lies Beneath
Breaking Down Section 889, The Biggest Compliance Change for Federal Contractors w/ Megan Brown

What Lies Beneath

Play Episode Listen Later Aug 11, 2020 31:41 Transcription Available


August 13 is approaching and, for many in the Defense Industrial base (and beyond) that means it's time for another regulatory complication to global trade, specifically the implementation of Section 889, which forbids the government from contracting with companies who have telecom and surveillance equipment from 5 major chinese companies in their supply chains, including Huawei and ZTE. But what, exactly does that mean? And how can businesses get ahead of this massive regulatory effort? Thankfully there are people like Megan Brown in the world. Megan is an attorney and partner at Wiley Rein LLP, and on this episode of What Lies Beneath?, our guest host, Andrea Little Limbago, talks to Megan all about:  -The role of bias and how it fits into regulations and insecurity -The 2 parts of Section 889 (sections A & B) and what they have to do with the global supply chain -Why the US government is so set on not doing business with companies like Huawei -Why the lack of definitions in the statute and the lack of clarity is troublesome

The CyberWire
What are the adversaries’ goals in election interference? A case study in the ransomware-as-a-service market. Untangling TikTok, as the clock ticks toward September 15th.

The CyberWire

Play Episode Listen Later Aug 10, 2020 24:50


The US Office of the Director of National Intelligence has released an appreciation of the goals of election interference among three principal US adversaries, Russia, China and Iran. Anomali offers a look at the ransomware-as-a-service market with its research on Smaug. The CyberWire’s Rick Howard continues his exploration of incident response. Andrea Little Limbago from Interos on cyber regionalism. And the tangles that need to be untangled in the TikTok affair, with a deadline looming less than a month from now. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/154

The CyberWire
A warning for US critical infrastructure operators. Blackbaud extortion and data breach update. Who’s got the keys to Twitter? Sino-American cyber tensions.

The CyberWire

Play Episode Listen Later Jul 24, 2020 24:57


CISA and NSA warn of a foreign threat to US critical infrastructure. A look at what the Bears have been up to lately. The Blackbaud extortion incident shows its ripple effects. An awful lot of Twitter employees had access to powerful admin tools. China orders a US consulate closed in a tit-for-tat response to the closure of China’s consulate in Houston. Andrea Little Limbago on cyber in a re-globalized world system. Our guest is Dominique Shelton Leipzig from Perkins Coie LLP on the CA Consumer Privacy Act. And DJI drones may be a bit nosey. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/143

The CyberWire
A state of emergency over bulk power in the States. Beijing’s disinformation about COVID-19, and its motivation for a coverup. Hacking biomedical research. Curious Xiaomi phones.

The CyberWire

Play Episode Listen Later May 4, 2020 20:46


A US Executive Order on Securing the United States Bulk-Power System declares a state of emergency in electricity generation and distribution. China’s disinformation about COVID-19 may have begun in the earliest stages of the pandemic. Someone’s hacking for information on British biomedical research. Xiaomi seems very interested in users of its phones. Andrea Little Limbago on global privacy trends, our guest is Mathew Newfield from Unisys with insights on cybersecurity breaches. And the Love Bug’s creator is found. For links to all of today's stories check out our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/May/CyberWire_2020_05_04.html

ITSPmagazine | Technology. Cybersecurity. Society
Privacy In A State Of Emergency | A Conversation With Andrea Little Limbago And Timandra Harkness

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 17, 2020 39:31


By Marco Ciappelli & Sean Martin Guests: Andrea Little Limbago | Timandra Harkness "Those who would give up essential Liberty, to purchase a little temporary Safety, deserve neither Liberty nor Safety." — Benjamin Franklin (the year 1755) Although this original quote has been butchered, overused, abused, and taken out of context plenty of times, we must not forget that it was written in 1755, referring to a specific moment in American history. Nevertheless, plenty of people have been inspired by it. I am also quite sure that Franklin—as smart and visionary as he was—had no crystal ball vision of 2020 technology. I doubt he imagined the Internet of Things (IoT), computers, artificial intelligence (AI), nor any other sorts of “sorcery”—aka modern, advanced technology—that nowadays brings his words to an all-new level. The point here is that there is a fundamental truth in this quote that transcends both time and space, and that's in the alarm he sounds about the use of fear, uncertainty, and doubt (“FUD”) to achieve a short term objective; simple human psyche manipulation trick that works terribly well for multiple purposes. The consequences for our future are severe and would be mostly irreversible. Are these solutions even going to work unless a certain critical mass is achieved? Is it sufficient if implemented effectively only in specific areas of the globe? Are you going to opt-in if it is not mandatory? Can we trust government, agencies, private companies to collect this data? Will it be valuable enough if not enough people opt-in? Would it even work in the end, or is it just the placebo social effect that we will get out of it? There's always the intrinsic danger that when you give people, government, and organizations power in a State of Emergency; they typically carry on with them, even once the emergency has dissipated. It wouldn't be the first time, nor the last. But if we can prevent that from happening, we can unleash the power of technology and protect our humanity. We spoke about this and—oh, so much more—with our guests Andrea Little Limbago and Timandra Harkness on this podcast titled Privacy In A State Of Emergency. Prepare yourself to think and then, but only then—hit play. _________________ This episode is made possible by the generosity of our sponsors. Be sure to visit their directory pages on ITSPmagazine: - Prevailion: https://www.itspmagazine.com/company-directory/prevailion To learn more about sponsorship opportunities, please visit: https://www.itspmagazine.com/podcast-series-sponsorships Find more In The News stories on ITSPmagazine: https://www.itspmagazine.com/in-the-news

The CyberWire
Ill-received pranks. SFO breach. Silicon Valley cooperates on contact tracking. COVID-19 disinformation and scams. Notes on ransomware and booter services.

The CyberWire

Play Episode Listen Later Apr 13, 2020 21:58


Vandals prank victims with security researchers’ names. San Francisco International discloses compromised networks. Google and Apple cooperate on contact tracking tech. Chinese disinformation campaigns rely on ad purchases and social media amplification. Phishing attempts and other scams. Notes on ransomware. And police in the Netherlands take down some DDoS-for-hire services. Andrea Little Limbago on government created internet blackouts, guest is Herb Stapleton from the FBI on COVID-19 scams. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/April/CyberWire_2020_04_13.html

The CyberWire
WHO email accounts prospected. Mandrake versus Android users. Vollgar versus MS-SQL servers. Ransomware and hospitals. Notes on the effects of COVID-19, and a disinformation campaign.

The CyberWire

Play Episode Listen Later Apr 2, 2020 20:30


Attempts on World Health Organization email accounts possibly linked to Iran. Mandrake Android malware is active against carefully selected targets. Vollgar attacks Windows systems running MS-SQL Server. Hospitals remain attractive targets for ransomware gangs. Italy’s social security operations shut down by hacking. Coronavirus disinformation. The pandemic’s effects on business. And a look at the fortunes of Zoom. Andrea Little Limbago from Virtru on the global battle for information control, guest is Perry Carpenter from KnowBe4 on security awareness. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/April/CyberWire_2020_04_02.html

The CyberWire
EU suspects Russia of disinformation. TrickBot’s latest module is a brute. Parallax RAT and the MaaS black market. Pandemic hacking trends. What to do with time on your hands.

The CyberWire

Play Episode Listen Later Mar 19, 2020 20:42


The EU suggests that Russia’s mounting an ongoing disinformation campaign concerning COVID-19. Russia says they didn’t do nuthin’. TrickBot is back with a new module, still under development, and it seems most interested in Hong Kong and the US. The Parallax RAT is the latest offering in the malware-as-a-service market. Food delivery services are now targets of opportunity for cybercriminals. Zoom-bombing is now a thing. And some advice from an astronaut. Andrea Little Limbago from Virtru with insights into her career path, guest is Tom Creedon from LookingGlass Cyber on the Asia-Pacific Cyber Conflict. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2020/March/CyberWire_2020_03_19.html Support our show

SC Media
Dr. Andrea Little Limbago, Chief Social Scientist at Virtru

SC Media

Play Episode Listen Later Feb 27, 2020 23:27


Dr. Andrea Little Limbago, Chief Social Scientist at Virtru, and SC Senior Reporter Bradley Barth talk about the human side of cybersecurity, a theme she was happy to see at RSA 2020 as she believes it indicates that the industry is finally moving beyond humans as the weakest link in cybersecurity.

chief rsa social scientists virtru andrea little limbago
Caveat
There is no back door.

Caveat

Play Episode Listen Later Jan 22, 2020 37:35


Dave shares a story about congress struggling to define acts of war in cyberspace. Ben has Apple's response to the DOJ's request to unlock yet another iPhone, and later in the show we interview Andrea Little Limbago the Chief Social Scientist at Virtru about her upcoming talk at the RSA Conference regarding the global battle against encryption.  Links to stories: Congress struggles on rules for cyber warfare with Iran Apple responds to AG Barr over unlocking Pensacola shooter's phone: "No." Andrea L Limbago at RSA 2020 Thanks to our sponsor, KnowBe4.

Securiosity
So, about that 'Crypto' movie...

Securiosity

Play Episode Listen Later May 31, 2019 62:50


This week was a lot. A lot of bickering, a lot of confusion, and a lot of money flying around. But the real fun is Greg and Jen finally talking about that 'Crypto' movie. We watched so you don't have to. In our interview, we talk with Andrea Little Limbago, chief social scientist at Virtru. Andrea wrote an op-ed of CyberScoop on the noise around encryption and the changes we are seeing to privacy laws on the state and local level.

movies cyberscoop virtru andrea little limbago
FT Tech Tonic
Who sets the internet standards?

FT Tech Tonic

Play Episode Listen Later Oct 23, 2018 24:29


Hannah Kuchler talks to American social scientist and cyber security expert Andrea Little Limbago about the worrying lack of agreement among governments on how best to promote the beneficial aspects of the internet. See acast.com/privacy for privacy and opt-out information.

american internet standards hannah kuchler andrea little limbago
FedSoc Events
Panel I — The Tech Titans' Role in Cybersecurity

FedSoc Events

Play Episode Listen Later Jul 13, 2018 68:33


This panel will focus on questions such as what measures major companies can take, individually or collectively, to prevent, detect, mitigate and halt imminent or in-progress cyberattacks, such as the WannaCry attack, which spread around the globe, infecting over 200,000 computers in more than 150 countries. What else can they do to enhance collective cybersecurity? What resources are available to them? What other resources are needed? What legal protections are necessary and appropriate? Featuring:David Lieber, Senior Privacy Policy Counsel, GoogleDr. Andrea Little Limbago, Chief Social Scientist, Endgame; Visiting Fellow, National Security Law & Policy Program, Antonin Scalia Law School, George Mason UniversityAngela McKay, Senior Director, Cybersecurity Policy and Strategy, MicrosoftModerator: Prof. Jamil N. Jaffer, Adjunct Professor, NSI Founder, and Director, National Security Law & Policy Program, Antonin Scalia Law School, George Mason UniversityIntroduction: Vincent Vitkowsky, Partner, Seiger Gfeller Laurie LLP

FedSoc Events
Panel I — The Tech Titans' Role in Cybersecurity

FedSoc Events

Play Episode Listen Later Jul 13, 2018 68:33


This panel will focus on questions such as what measures major companies can take, individually or collectively, to prevent, detect, mitigate and halt imminent or in-progress cyberattacks, such as the WannaCry attack, which spread around the globe, infecting over 200,000 computers in more than 150 countries. What else can they do to enhance collective cybersecurity? What resources are available to them? What other resources are needed? What legal protections are necessary and appropriate? Featuring:David Lieber, Senior Privacy Policy Counsel, GoogleDr. Andrea Little Limbago, Chief Social Scientist, Endgame; Visiting Fellow, National Security Law & Policy Program, Antonin Scalia Law School, George Mason UniversityAngela McKay, Senior Director, Cybersecurity Policy and Strategy, MicrosoftModerator: Prof. Jamil N. Jaffer, Adjunct Professor, NSI Founder, and Director, National Security Law & Policy Program, Antonin Scalia Law School, George Mason UniversityIntroduction: Vincent Vitkowsky, Partner, Seiger Gfeller Laurie LLP

Cyber Security Dispatch
What The Future Of The Internet Looks Like and How We Can Secure It Humanely - An Interview with Andrea Little Limbago, Chief Social Scientist at Endgame

Cyber Security Dispatch

Play Episode Listen Later Feb 12, 2018 26:07


Key Points From This Episode:Andrea's journey from academia to cyber security.Why cyber security is also a retention challenge.How companies can protect their employees from burnout.What happened to the utopian idea of the internet?State sovereignty and the balkanize internet or splinter net.The implications of China’s new social credit system.Learn more about GDPR and the control over your own data.Does Russia’s internet look different to the rest of the internet?The effects of the crypto currency movement on cyber security.Learn more about the Russia-China authoritarian model.Will GDPR be successful in helping democracies move forward?Discover what Endgame does and how it operates on a daily basis.Find out what it’s like being a woman in cyber security today.Fake news and cyber hacks and their effect on the political climate.And much more!

The CyberWire
Report leaked on Russian influence operations (alleged leaker in custody). ISIS continues inspiration; anarchist groups said to follow same playbook. The DarkOverlord is back.

The CyberWire

Play Episode Listen Later Jun 6, 2017 14:48


In today's podcast we hear about a leaked report describing eleventh-hour Russian influence operations during last year's US elections. An alleged leaker is already charged and in custody. The UK's investigation into last weekend's terror attacks continues, online as well as in physical space. Apple hints it's helping out. The attackers seem to have been known to authorities. In its continuing campaign of online inspiration, ISIS claims responsibility for the destruction of a church in the Philippines and a lethal standoff in Australia. Violent anarchist groups seem to be following the ISIS playbook in cyberspace. Some thoughts on wolves.  Rick Howard from Palo Alto Networks on government cloud deployment. Andrea Little Limbago from Endgame has results from a survey on Americans’ perceptions of the US government’s cybersecurity capabilities. And the DarkOverlord is back.

The CyberWire
APT10's Operation TradeSecret. BrickerBot may be vigilante PDoS. Amnesia and Sathurbot exploit known vulnerabilities in, respectively, DVRs and WordPress. Ransomware, surveillance, and info ops updates.

The CyberWire

Play Episode Listen Later Apr 7, 2017 19:48


In today's podcast, we hear about how Operation TradeSecret collected intelligence on US trade policy during the run-up to the Sino-American summit at Mar a Lago. BrickerBot is out, a PDoS campaign that looks like nasty vigilante work, so close your Telnet ports and change your IoT device default passwords. The Amnesia campaign is after unpatched DVRs. Sathurbot exploits unpatched WordPress instances and infects Torrent users. Lancaster University’s Awais Rashid has concerns over IoT devices limited interfaces. Endgame’s Andrea Little Limbago shares her story from the Women in Cybersecurity Conference. Surveillance and influence operations allegations in the last US Presidential campaign have their counterparts in the current French one.