Podcasts about attivo networks

  • 35PODCASTS
  • 119EPISODES
  • 38mAVG DURATION
  • ?INFREQUENT EPISODES
  • Jan 28, 2025LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about attivo networks

Latest podcast episodes about attivo networks

Secure Ventures with Kyle McNulty
Attivo Networks | CEO Tushar Kothari on Growing and Selling a $600M Company

Secure Ventures with Kyle McNulty

Play Episode Listen Later Jan 28, 2025 46:54


Tushar was the CEO of Attivo Networks for a decade before selling to SentinelOne for $600 million dollars in 2022. Attivo Networks built deception technology which would trick attackers into attacking fake infrastructure. A common form of deception is a honeypot, which is an intentionally vulnerable server so defenders can gather information about attackers such as their IP address or attack techniques. Attivo provided comprehensive deception solutions and served five of the Fortune 10. In the episode we talk about Tushar's learnings from a decade at Cisco, the unique origin story of Attivo and its founders, and the sale process to SentinelOne.

Paul's Security Weekly
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault

Paul's Security Weekly

Play Episode Listen Later May 27, 2024 35:58


Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Paul's Security Weekly TV
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault

Paul's Security Weekly TV

Play Episode Listen Later May 27, 2024 35:58


Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Business Security Weekly (Audio)
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault

Business Security Weekly (Audio)

Play Episode Listen Later May 27, 2024 35:58


Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Business Security Weekly (Video)
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW Vault

Business Security Weekly (Video)

Play Episode Listen Later May 27, 2024 35:58


Check out this interview from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on June 27, 2022. Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward. Segment Resources: Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ ) Show Notes: https://securityweekly.com/vault-bsw-9

Sunny Side Up
Ep. 437 | Full Stack Marketing and AI

Sunny Side Up

Play Episode Listen Later Dec 2, 2023 13:57


Episode Summary In this episode of Sunny Side Up, host Erik Blaze interviews Carolyn Crandall on the evolving world of marketing and AI integration. She discusses the importance of personalised customer experiences and adopting a full-stack marketer mindset. Marketers should strategise effectively, embrace continuous learning, and recognise AI's diverse impact beyond content creation. Forward-thinking leaders and tools like Imperative drive innovative marketing initiatives through data correlation and sentiment analysis.   About the Guest Carolyn Crandall is a technology CMO and executive with over 30 years of experience in building emerging technology markets in security, networking and storage industries. She has a demonstrated track record of successfully taking companies from pre-IPO through to multibillion-dollar sales and has held leadership positions at Attivo Networks, Cisco, Juniper Networks, Nimble Storage, Riverbed and Seagate. Carolyn is recognized as a global thought leader on technology trends and for building strategies that connect technology with customers to solcomplexult information technology challenges. Connect with Carolyn Crandall Key Takeaways - The interconnectedness of today's world demands a seamless and personalised customer experience. It's crucial to ensure that your brand resonates with the audience, making them want to engage in business with you. - A full-stack marketer mindset focuses on the holistic customer experience. - Amidst rapid changes, it's essential to strategise effectively, start with small steps, and move quickly in executing projects. - Emphasise ongoing self-improvement and learning. Dedicate your day to learning and development to stay ahead of the curve. - While AI might not replace all functions, its integration can significantly improve efficiency, enabling marketers to undertake more activities and experiments. - Recognise AI's role beyond content and creativity, particularly in reporting, analytics, and predictive modelling. Quotes “So much has changed that I just encourage people to think strategically and think big but move fast and start small wherever you can to move your projects and initiatives.” –  Carolyn Crandall. Recommended Resource Marketing AI Institute CMO Alliance National Cybersecurity Society Shout-outs Leslie Alore – GVP, Growth Marketing at Ivanti  Daniel Raskin – Co-Founder & Chief Marketing Officer at Mperativ Melissa Turek – Integrated Marketing Strategy Director at Matter Communications Connect with Carolyn Crandall⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠| ⁠⁠⁠⁠⁠⁠⁠⁠Follow us on LinkedIn ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ | ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Website⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠

Business of Cyber
BoC #75: Building Attivo Networks & Selling to SentinelOne w/ Tushar Kothari

Business of Cyber

Play Episode Listen Later Sep 12, 2023 42:14


Tushar Kothari was the CEO and Founder at Attivo Networks an identity threat detection & response company. SentinelOne purchased Attivo for $615m in March 2022.

FutureWork Playbook
ESG in Venture Capital: Insights from Alberto Yépez, Co-Founder & Managing Director, Forgepoint Capital

FutureWork Playbook

Play Episode Listen Later Apr 20, 2023 30:34 Transcription Available


In this week's episode, host Natalie Pierce interviews Alberto Yépez, Co-Founder and Managing Director of Forgepoint Capital, a leading cybersecurity-focused venture capital firm, about incorporating environmental, social, and governance (ESG) initiatives into all they do, including the firm's investing principles.Our first episode of the year highlights the growing importance of ESG considerations in the venture capital industry and the steps that firms like Forgepoint Capital are taking to integrate these principles and initiatives into their investment strategies and operations. Forgepoint also provides examples in its portfolio like CyberCube, which is taking actionable steps towards ESG goals.To learn more, check out Forgepoint's blog on ESG and get a copy of Forgepoint's ESG Handbook.

Business of Cyber
BoC #63: Sid Trivedi | Foundation Capital | Investing at the Earliest Stage

Business of Cyber

Play Episode Listen Later Apr 12, 2023 46:27


Sid Trivedi is a Partner at Foundation Capital. Sid leads the firm's focus on cybersecurity and has participated in investments in Permiso, CloudKnox, & Attivo Networks.

The Tech Blog Writer Podcast
2026: Protecting Against Active Directory Against Attacks

The Tech Blog Writer Podcast

Play Episode Listen Later Jul 2, 2022 33:19


Organizations that use Citrix Virtual Apps and Desktop solutions must secure both their on-premises and cloud environments. Citrix virtual solutions provide flexibility for the workforce but can remain a prime target for attackers since infecting the environment extends their reach greatly. Attackers have demonstrated that they can evade security controls to compromise an internal system, using it as a beachhead to infiltrate the network and target critical or sensitive data and infrastructures, such as Active Directory and Citrix VDI. Organizations must look to new solutions to enhance their security and prevent attackers from remaining undetected within the network. Joesph Salazar from Attivo Networks, the award-winning leader in deception for cybersecurity threat detection, and Rajkumar Repswal from Citrix to discuss how together organizations can protect against active directory attacks with Attivo's Citrix Ready® solution. We discuss how organizations can protect Citrix VDI endpoints against attackers successfully querying Active Directory and AD resources like privileged users, computer groups, and service accounts.

Paul's Security Weekly TV
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW #267

Paul's Security Weekly TV

Play Episode Listen Later Jun 28, 2022 38:48


Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.   Segment Resources: - Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) - SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) - LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) - Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ )   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw267

Business Security Weekly (Video)
The VC Perspective: Embracing Uncertainty & Staying the Course - Alberto Yépez - BSW #267

Business Security Weekly (Video)

Play Episode Listen Later Jun 27, 2022 38:48


Forgepoint Capital's Co-Founder and Managing Director, Alberto Yépez, explains what the current economic challenges mean for innovation and the future of the cybersecurity market. Hear his perspective on what security investments, as well as mergers and acquisitions, will look like throughout the next 12-18 months, and how responsible companies are staying the course amidst layoffs and budget cuts in order to turn uncertainty into a strategic path forward.   Segment Resources: - Forgepoint's new CISO security priorities model: https://forgepointcap.com/news/forgepoint-capital-builds-first-ever-ciso-security-priorities-model/ Recent exits that Forgepoint supported: - Forescout acquires Cysiv on June 6, 2022(release: https://www.cysiv.com/news/forescout-announces-intent-to-acquire-cysiv and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-partha-panda-ceo-of-cysiv/) - SentinelOne acquires Attivo Networks on May 4, 2022 (release: https://www.sentinelone.com/press/sentinelone-completes-acquisition-of-attivo-networks/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/attivo-networks-why-we-invested/) - LexisNexis Risk Solutions Acquires BehavioSec on May 3, 2022 (release: https://risk.lexisnexis.com/about-us/press-room/press-release/20220503-behaviosec and Forgepoint's blog: https://forgepointcap.com/news/executive-spotlight-an-interview-with-neil-costigan-of-behaviosec/ ) - Cloudflare acquires Area 1 Security on April 1, 2022 (release: https://www.cloudflare.com/press-releases/2022/cloudflare-completes-acquisition-of-area-1-security/ and Forgepoint's “why we invested” blog: https://forgepointcap.com/news/area-1-security-why-we-invested/ )   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw267

Agent of Influence
Episode 042 - Deception Technology, Identity Detection and Response, Cloud Security, and More - Carolyn Crandall

Agent of Influence

Play Episode Listen Later Mar 30, 2022 36:00


Deception Technology, Identity Detection and Response, Cloud Security, and MoreIn this episode of Agent of Influence, Nabil is joined by Carolyn Crandall, Chief Security Advocate and CMO at Attivo Networks, which was recently acquired by SentinelOne. They discuss hardware vs. software instability, deception technology, identity detection and response, credential management, cloud security and adoption, endpoint security, and how to make cybersecurity careers more accessible. 

TechCrunch Startups – Spoken Edition
SentinelOne scoops up Attivo Networks for $617M

TechCrunch Startups – Spoken Edition

Play Episode Listen Later Mar 18, 2022 2:46


Security companies typically start by focusing on one particular problem, but the biggest ones like Palo Alto Networks, FireEye and Symantec have shifted to a horizontal approach typically gaining functionality over time through acquisition.

The CyberWire
CyberWire Pro Interview Selects: Carolyn Crandall of Attivo Networks.

The CyberWire

Play Episode Listen Later Nov 26, 2021 9:01


Our team decided to extend our Thanksgiving holiday and thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. On this episode, the interview October 27th, 2021 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner speaks with Carolyn Crandall of Attivo Networks on what organizations should be focused on to protect AD. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.

Paul's Security Weekly
Cyber Money Ball - BSW #240

Paul's Security Weekly

Play Episode Listen Later Nov 17, 2021 55:02


This week, we welcome Tony Cole, CTO at Attivo Networks, to discuss Protecting Identity Services! Identity Services such as Active Directory is an area that is almost always utilized by the attacker after the initial endpoint is compromised. This is an area lacking critical focus by defenders for a myriad of reasons. Discussion will entail how this attitude can and should change. In the Leadership and Communications section, The Gardener: Four Attributes Of A Great Leader, Unpacking 5 Myths About Management, 5 Cybersecurity Myths That Make You More Vulnerable to Attacks, and more!   Show Notes: https://securityweekly.com/bsw240 Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Business Security Weekly (Audio)
Cyber Money Ball - BSW #240

Business Security Weekly (Audio)

Play Episode Listen Later Nov 17, 2021 55:02


This week, we welcome Tony Cole, CTO at Attivo Networks, to discuss Protecting Identity Services! Identity Services such as Active Directory is an area that is almost always utilized by the attacker after the initial endpoint is compromised. This is an area lacking critical focus by defenders for a myriad of reasons. Discussion will entail how this attitude can and should change. In the Leadership and Communications section, The Gardener: Four Attributes Of A Great Leader, Unpacking 5 Myths About Management, 5 Cybersecurity Myths That Make You More Vulnerable to Attacks, and more!   Show Notes: https://securityweekly.com/bsw240 Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly TV
Protecting Identity Services - Tony Cole - BSW #240

Paul's Security Weekly TV

Play Episode Listen Later Nov 16, 2021 26:46


Identity Services such as Active Directory is an area that is almost always utilized by the attacker after the initial endpoint is compromised. This is an area lacking critical focus by defenders for a myriad of reasons. Discussion will entail how this attitude can and should change. This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw240

Business Security Weekly (Video)
Protecting Identity Services - Tony Cole - BSW #240

Business Security Weekly (Video)

Play Episode Listen Later Nov 15, 2021 26:46


Identity Services such as Active Directory is an area that is almost always utilized by the attacker after the initial endpoint is compromised. This is an area lacking critical focus by defenders for a myriad of reasons. Discussion will entail how this attitude can and should change.   This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw240

The CyberWire
Tension in Eastern Europe. A Hong Kong watering hole. US, EU join the Paris Call. Cybermercenaries. CISA's plans for countering disinformation, and for forming a white-hat hacker advisory group.

The CyberWire

Play Episode Listen Later Nov 12, 2021 26:18


Notes on rising international tension in Eastern Europe. A watering-hole campaign in Hong Kong. The US and the EU have joined the Paris Call. NSO Group's prospective CEO resigns his position before formally assuming it. Void Balaur, a cybermercenary group, is active in the Russophone cyber underground. Johannes Ullrich on leaked vaccination cards and Covid tests. Our guest is Carolyn Crandall of Attivo Networks on what organizations should be focused on to protect Active Directory. CISA intends to increase its capacity to work against misinformation and disinformation. CISA also intends to recruit white hat hackers to an advisory board. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/218

IT Visionaries
How to Overcome the Cyber Attack Tsunami, Strategize and Disrupt, with Attivo Network's Carolyn Crandall

IT Visionaries

Play Episode Listen Later Oct 21, 2021 42:43


Threats are not new to business. Whenever there has been a plentiful economic prize, there have also been pirates. In the swashbuckling days, the captain and the crew were charged with protecting the merchandise on board. The difference today is the sheer volume of cyber attacks inbound to companies. Carolyn Crandall, the Chief Security Advocate and CMO at Attivo Networks, describes the attack as an enormous wave.Main TakeawaysA Security Threat Tsunami: Cyber attacks are like giant perpetual waves. Businesses are constantly inundated with these threats. The first steps toward fighting back are recognizing the power of one's adversaries, understanding how the company is being attacked, knowing where the company's vulnerabilities are, and then devising a plan to combat the attacks.Strategy over Monitoring: Businesses tend to want to monitor their systems and that's generally a good thing. Part of the method of attackers, however, is to overwhelm with data. Instead of only monitoring, companies have to decipher attacker techniques and then strategize on how to defend accordingly.Automate, Automate!: People can only do so much by themselves to defend against constant cyber attacks. Automation can be an answer to these attacks. Humans can't protect against the deluge of attacks by themselves and must lean on A.I. and machine learning to help combat these nefarious attacks. When companies begin to deploy an A.I. defense strategy, the designed algorithms can begin to decipher what is normal activity on network servers and what is not.Data Cloak and Disrupt: Misusing credentials is a great way for attackers to gain access to resources. It is possible to have an automated system, such as Attivo, that can bait rogue elements, gain their trust, and then deny their access while hiding vital data.IT Visionaries is brought to you by the Salesforce Platform - the #1 cloud platform for digital transformation of every experience. Build connected experiences, empower every employee, and deliver continuous innovation - with the customer at the center of everything you do. Learn more at salesforce.com/platform

Enterprise Security Weekly (Video)
The Importance of Identity Detection and Response (IDR) - Joseph Salazar - ESW #244

Enterprise Security Weekly (Video)

Play Episode Listen Later Oct 5, 2021 32:55


Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities. Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit. While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks. Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security. Segment Resources: https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/   This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw244

Paul's Security Weekly TV
The Importance of Identity Detection and Response (IDR) - Joseph Salazar - ESW #244

Paul's Security Weekly TV

Play Episode Listen Later Oct 1, 2021 32:55


Identity Detection and Response (IDR) is a new security category that focuses on protecting credentials, privileges, cloud entitlements, and the systems that manage them across endpoints, Active Directory, and the Cloud through visibility and early detection of attacks targeting identities. Attackers consider enterprise identities as high-value targets and attempt to compromise them early in the attack to access the network and gain privileges to essential production assets. Current identity security focuses on safeguarding privileged credentials in PAM solutions or securing the authentication process with MFA and IAM solutions, but these measures leave gaps that attackers can exploit. While current security solutions like Endpoint Detection and Response (EDR), Extended Detection and Response (XDR), Network Detection and Response (NDR), and others provide specific functions for defending the network, they do not focus on identities. EDR focuses on preventing the initial compromise, while XDR and NDR try to detect attacks as they expand from the beachhead. Attacks targeting enterprise identities can evade detection from these security controls, but IDR solutions can bridge these detection gaps to identify such attacks. Join Joseph Salazar from Attivo Networks as he discusses the importance of IDR to modern enterprise security.   Segment Resources: https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/   This segment is sponsored by Attivo Networks. Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw244

Enterprise Security Weekly (Audio)
Nice & Slow - ESW #244

Enterprise Security Weekly (Audio)

Play Episode Listen Later Sep 30, 2021 106:31


This week, we welcome Juliet Okafor, CEO & Founder at RevolutionCyber, to discuss How Good CISOs Build Bad Security Programs! In the second segment, we welcome Joseph Salazar, Technical Deception Engineer at Attivo Networks, to talk about The Importance of Identity Detection and Response (IDR)! In the Enterprise Security News: Cyber insurance firm Coalition lands a $205m Series E with a $3.5bn valuation, Risk management platform Panorays nabs $42m, Jscrambler raises a $15m Series A to rewrite the rules of website security (rewrite, get it? huh?), SenseOn nabs $20m for faster, more accurate cybersecurity detection and response, LG (yes, that LG) is acquiring automotive cybersecurity startup Cybellum, We talk about the emergence of the vendor "live security status page", 386 startup post mortems, and don't forget to stick around for Adrian's curveball "Squirrel of the Week" story at the end!   Show Notes: https://securityweekly.com/esw244 Segment Resources: RevolutionCyber - www.revolutioncyber.com, Forbes Business Council Member Juliet is speaking at InfoSec World 2021, register now and save 20%: https://securityweekly.com/isw2021 https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/ Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Paul's Security Weekly
Nice & Slow - ESW #244

Paul's Security Weekly

Play Episode Listen Later Sep 30, 2021 106:31


This week, we welcome Juliet Okafor, CEO & Founder at RevolutionCyber, to discuss How Good CISOs Build Bad Security Programs! In the second segment, we welcome Joseph Salazar, Technical Deception Engineer at Attivo Networks, to talk about The Importance of Identity Detection and Response (IDR)! In the Enterprise Security News: Cyber insurance firm Coalition lands a $205m Series E with a $3.5bn valuation, Risk management platform Panorays nabs $42m, Jscrambler raises a $15m Series A to rewrite the rules of website security (rewrite, get it? huh?), SenseOn nabs $20m for faster, more accurate cybersecurity detection and response, LG (yes, that LG) is acquiring automotive cybersecurity startup Cybellum, We talk about the emergence of the vendor "live security status page", 386 startup post mortems, and don't forget to stick around for Adrian's curveball "Squirrel of the Week" story at the end!   Show Notes: https://securityweekly.com/esw244 Segment Resources: RevolutionCyber - www.revolutioncyber.com, Forbes Business Council Member Juliet is speaking at InfoSec World 2021, register now and save 20%: https://securityweekly.com/isw2021 https://attivonetworks.com/documentation/Attivo_Networks-Identity_Detection_Response.pdf https://attivonetworks.com/what-is-identity-detection-and-response-idr/ https://attivonetworks.com/solutions/identity-security/ Visit https://securityweekly.com/attivonetworks to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

The CyberHub Podcast
Practitioner Brief September 30th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 30, 2021 13:54 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: New Tomiris Backdoor Found Linked to Hackers Behind SolarWinds Cyberattack Facebook open-sources tool to find Android app security flaws CISA releases tool to help orgs fend off insider threat risks Turkish National Charged for DDoS Attack on U.S. Company As China creates a new narrative for a great society, it is starting by ‘purifying' its world online   Story Links: https://thehackernews.com/2021/09/new-tomiris-backdoor-found-linked-to.html https://www.bleepingcomputer.com/news/security/facebook-open-sources-tool-to-find-android-app-security-flaws/ https://www.bleepingcomputer.com/news/security/cisa-releases-tool-to-help-orgs-fend-off-insider-threat-risks/ https://www.cisa.gov/publication/insider-threat-mitigation-resources https://therecord.media/as-china-creates-a-new-narrative-for-a-great-society-it-is-starting-by-purifying-its-world-online/ https://www.securityweek.com/turkish-national-charged-ddos-attack-us-company   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 29th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 29, 2021 15:02 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Atlassian Confluence RCE Flaw Abused in Multiple Cyberattack Campaigns FinSpy Surveillance Spyware Fitted With UEFI Bootkit Suspected Chinese state-linked threat actors infiltrated major Afghan telecom provider NSA, CISA share VPN security tips to defend against hackers Russia Detains Head of Cybersecurity Group on Treason Charges   Story Links: https://thehackernews.com/2021/09/atlassian-confluence-rce-flaw-abused-in.html https://www.securityweek.com/finspy-surveillance-spyware-fitted-uefi-bootkit https://therecord.media/suspected-chinese-state-linked-threat-actors-infiltrated-major-afghan-telecom-provider/ https://www.bleepingcomputer.com/news/security/nsa-cisa-share-vpn-security-tips-to-defend-against-hackers-edited/ https://www.securityweek.com/russia-detains-head-cybersecurity-group-treason-charges   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 28th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 28, 2021 12:48 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Quad Nations Commit to Fostering a Secure Technology Ecosystem Frustrated Researcher Discloses Three Unpatched iOS Vulnerabilities Microsoft Warns of FoggyWeb Malware Targeting Active Directory FS Servers FCC details $1.9 billion program to rip out Huawei and ZTE gear in the US Ethereum dev admits to helping North Korea evade crypto sanctions   Story Links: https://www.securityweek.com/frustrated-researcher-discloses-three-unpatched-ios-vulnerabilities https://thehackernews.com/2021/09/microsoft-warns-of-foggyweb-malware.html https://www.zdnet.com/article/fcc-details-1-9-billion-program-to-rip-out-huawei-and-zte-gear-in-the-us/ https://www.bleepingcomputer.com/news/security/ethereum-dev-admits-to-helping-north-korea-evade-crypto-sanctions/ https://www.securityweek.com/quad-nations-commit-fostering-secure-technology-ecosystem   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 27th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 27, 2021 15:20 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: VMware Confirms In-the-Wild Exploitation of vCenter Server Vulnerability New Android Malware Steals Financial Data from 378 Banking and Wallet Apps Chrome 94 Update Patches Actively Exploited Zero-Day Vulnerability SonicWall Issues Patches for a New Critical Flaw in SMA 100 Series Devices Threat Actor Targets Indian Government With Commercial RATs   Story Links: https://www.securityweek.com/vmware-confirms-wild-exploitation-vcenter-server-vulnerability https://thehackernews.com/2021/09/new-android-malware-steals-financial.html https://www.securityweek.com/chrome-94-update-patches-actively-exploited-zero-day-vulnerability https://thehackernews.com/2021/09/sonicwall-issues-patches-for-new.html https://www.securityweek.com/threat-actor-targets-indian-government-commercial-rats   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   VeteraNovember is back!! Apply now to be a featured guest on the show https://mailchi.mp/cyberhubpodcast/93rzgm5a7n   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 23rd, 2021 with Roger Grimes, Data Driven Defense Evangelist at KnowBe4

The CyberHub Podcast

Play Episode Listen Later Sep 23, 2021 30:12 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Attacks on Russian Government Orgs Exploit Recent Microsoft Office Zero-Day U.S. Issues Conti Alert as Second Farming Cooperative Hit by Ransomware A New Bug in Microsoft Windows Could Let Hackers Easily Install a Rootkit New Android Malware Targeting US, Canadian Users with COVID-19 Lures Hackers are scanning for VMware CVE-2021-22005 targets, patch now!   Story Links: https://www.securityweek.com/attacks-russian-government-orgs-exploit-recent-microsoft-office-zero-day https://www.securityweek.com/us-issues-conti-alert-second-farming-cooperative-hit-ransomware https://thehackernews.com/2021/09/a-new-bug-in-microsoft-windows-could.html https://thehackernews.com/2021/09/new-android-malware-targeting-us.html https://www.bleepingcomputer.com/news/security/hackers-are-scanning-for-vmware-cve-2021-22005-targets-patch-now/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 22nd, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 22, 2021 18:00 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: VMware Calls Attention to High-Severity vCenter Server Flaw Microsoft Warns of a Wide-Scale Phishing-as-a-Service Operation US Sanctions Cryptocurrency Exchange SUEX for Aiding Ransomware Gangs New macOS zero-day bug lets attackers run commands remotely High-Severity RCE Flaw Disclosed in Several Netgear Router Models Democracy advocate finds internet freedom has declined globally for 11th consecutive year   Story Links: https://www.securityweek.com/vmware-calls-attention-high-severity-vcenter-server-flaw https://thehackernews.com/2021/09/microsoft-warns-of-wide-scale-phishing.html https://thehackernews.com/2021/09/us-sanctions-cryptocurrency-exchange.html https://www.bleepingcomputer.com/news/apple/new-macos-zero-day-bug-lets-attackers-run-commands-remotely/ https://thehackernews.com/2021/09/high-severity-rce-flaw-disclosed-in.html https://www.zdnet.com/article/democracy-advocate-finds-internet-freedom-has-declined-globally-for-11th-consecutive-year/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on February 22-24th, 2022, get your pass now at https://www.cyberweekgeorgia.com Use code ATP50 for 50% off right now!   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.  

The CyberHub Podcast
Practitioner Brief September 21st, 2021 with Dan Houser, ISC2 Board of Directors Candidate

The CyberHub Podcast

Play Episode Listen Later Sep 21, 2021 22:47 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Attacks Targeting OMIGOD Vulnerability Ramping Up New Capoae Malware Infiltrates WordPress Sites and Installs Backdoored Plugin BlackMatter strikes twice in a row! Ransomware Group on the raise!   Story Links: https://www.securityweek.com/attacks-targeting-omigod-vulnerability-ramping https://thehackernews.com/2021/09/new-capoae-malware-infiltrates.html https://www.bleepingcomputer.com/news/security/us-farmer-cooperative-hit-by-59m-blackmatter-ransomware-attack/ https://www.bleepingcomputer.com/news/security/marketron-marketing-services-hit-by-blackmatter-ransomware/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 20th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 20, 2021 13:31 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Mirai Botnet Starts Exploiting OMIGOD Flaw as Microsoft Issues More Guidance Malware Attack on Aviation Sector Uncovered After Going Unnoticed for 2 Years AMD Chipset Driver Vulnerability Can Allow Hackers to Obtain Sensitive Data Europol Busts Major Cybercrime Ring, Arrests Over 100 Online Fraudsters Ongoing Phishing Campaign Targets APAC, EMEA Governments   Story Links: https://www.securityweek.com/mirai-botnet-starts-exploiting-omigod-flaw-microsoft-issues-more-guidance https://thehackernews.com/2021/09/malware-attack-on-aviation-sector.html https://www.securityweek.com/amd-chipset-driver-vulnerability-can-allow-hackers-obtain-sensitive-data https://thehackernews.com/2021/09/europol-busts-major-cybercrime-ring.html https://www.securityweek.com/ongoing-phishing-campaign-targets-apac-emea-governments   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 15th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 15, 2021 18:50 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Microsoft September 2021 Patch Tuesday fixes 2 zero-days, 60 flaws, including PrintNightmare    OMIGOD: Azure users running Linux VMs need to update now SAP Patches Critical Vulnerabilities With September 2021 Security Updates Adobe Snuffs Critical Bugs in Acrobat, Experience Manager Travis CI Flaw Exposed Secrets From Public Repositories   Story Links: https://www.bleepingcomputer.com/news/microsoft/microsoft-september-2021-patch-tuesday-fixes-2-zero-days-60-flaws/ https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-remaining-windows-printnightmare-vulnerabilities/ https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-windows-cve-2021-40444-mshtml-zero-day-bug/ https://www.zdnet.com/article/omigod-azure-users-running-linux-vms-need-to-update-now/ https://www.securityweek.com/sap-patches-critical-vulnerabilities-september-2021-security-updates https://threatpost.com/adobe-bugs-acrobat-experience-manager/169467/ https://www.databreachtoday.com/travis-ci-flaw-exposed-secrets-from-public-repositories-a-17535   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 14th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 14, 2021 16:11 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Google patches 10th Chrome zero-day exploited in the wild this year HP OMEN Gaming Hub Flaw Affects Millions of Windows Computers Apple fixes iOS zero-day used to deploy NSO iPhone spyware Linux Implementation of Cobalt Strike Beacon Targeting Organizations Worldwide Belarus, Ukraine Saw Largest Increase in ICS Attacks During H1 2021 OWASP Top 10 ranking has a new leader after ten years   Story Links: https://www.bleepingcomputer.com/news/google/google-patches-10th-chrome-zero-day-exploited-in-the-wild-this-year/ https://thehackernews.com/2021/09/hp-omen-gaming-hub-flaw-affects.html https://www.bleepingcomputer.com/news/apple/apple-fixes-ios-zero-day-used-to-deploy-nso-iphone-spyware/ https://thehackernews.com/2021/09/linux-implementation-of-cobalt-strike.html https://www.securityweek.com/belarus-ukraine-saw-largest-increase-ics-attacks-during-h1-2021-kaspersky https://therecord.media/owasp-top-10-ranking-has-a-new-leader-after-ten-years/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 13th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 13, 2021 13:59 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Microsoft fixes bug letting hackers take over Azure containers GitHub finds 7 code execution vulnerabilities in 'tar' and npm CLI Cisco Patches High-Severity Security Flaws in IOS XR Hackers stole Puma source code, no customer data, company says Indonesian intelligence agency compromised in suspected Chinese hack   Story Links: https://www.bleepingcomputer.com/news/security/microsoft-fixes-bug-letting-hackers-take-over-azure-containers/ https://www.bleepingcomputer.com/news/security/github-finds-7-code-execution-vulnerabilities-in-tar-and-npm-cli/ https://www.securityweek.com/cisco-patches-high-severity-security-flaws-ios-xr https://therecord.media/hackers-stole-puma-source-code-no-customer-data-company-says/ https://therecord.media/indonesian-intelligence-agency-compromised-in-suspected-chinese-hack/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Tech Corner with Paul Caiazzo, CISO at Avertium

The CyberHub Podcast

Play Episode Listen Later Sep 10, 2021 33:16 Transcription Available


“The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   Bio: Paul Caiazzo, CISO and SVP of Corporate Development at Avertium, oversees technology alliances and strategic initiatives guiding clients through challenging security problems. With a dedicated career to stay at the forefront of cybersecurity technology advancements, Caiazzo is a leader and educator in threat detection, threat intelligence, incident response and ransomware.  He leads Avertium's internal security and compliance initiatives working to reduce risk across the organization and is also a known entity on the front lines as a key negotiator for the most complicated and hi-profile ransomware threats. Caiazzo is found regularly contributing to industry podcasts, speaking to business groups, or sharing insider information through a pragmatic and approachable lens.   Tech Corner is supported by these great partners please make sure to check them out: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.  

The CyberHub Podcast
Practitioner Brief September 9th, 2021 with Jacqueline Jayne, Security Awareness Advocate at KnowBe4

The CyberHub Podcast

Play Episode Listen Later Sep 9, 2021 23:41 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Hackers leak passwords for 500,000 Fortinet VPN accounts Zoho Confirms Zero-Day Authentication Bypass Attacks New CPU side-channel attack takes aim at Chrome's Site Isolation feature Google Android Security Update Patches 40 Vulnerabilities   Story Links: https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/ https://www.securityweek.com/zoho-confirms-zero-day-authentication-bypass-attacks https://therecord.media/new-cpu-side-channel-attack-takes-aim-at-chromes-site-isolation-feature/ https://www.securityweek.com/google-android-security-update-patches-40-vulnerabilities   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.  

The CyberHub Podcast
Practitioner Brief September 8th, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 8, 2021 14:28 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Microsoft Office Zero-Day Hit in Targeted Attacks REvil ransomware's servers mysteriously come back online Jenkins Says Confluence Service Compromised Using Recent Exploit HAProxy Found Vulnerable to Critical HTTP Request Smuggling Attack Chinese hackers behind July 2021 SolarWinds zero-day attacks   Story Links: https://www.securityweek.com/microsoft-office-zero-day-hit-targeted-attacks https://www.bleepingcomputer.com/news/security/revil-ransomwares-servers-mysteriously-come-back-online/ https://www.securityweek.com/jenkins-says-confluence-service-compromised-using-recent-exploit https://thehackernews.com/2021/09/haproxy-found-vulnerable-to-critical.html https://therecord.media/chinese-hackers-behind-july-2021-solarwinds-zero-day-attacks/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 2nd, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 2, 2021 15:36 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Cisco Patches Critical Enterprise NFVIS Vulnerability for Which PoC Exploit Is Available FTC Bans Stalkerware App SpyFone; Orders Company to Erase Secretly Stolen Data Recently Patched Confluence Vulnerability Exploited in the Wild Gutenberg Template Library & Redux Framework Bugs Plague WordPress Sites Ireland Fines WhatsApp 225M Euros for Breaching EU Privacy Laws SEC Sanctions Several Companies Over Email Account Hacking   Story Links: https://www.securityweek.com/cisco-patches-critical-enterprise-nfvis-vulnerability-which-poc-exploit-available https://thehackernews.com/2021/09/ftc-bans-stalkerware-app-spyfone-orders.html https://www.securityweek.com/recently-patched-confluence-vulnerability-exploited-wild https://threatpost.com/gutenberg-template-library-redux-bugs-wordpress/169111/ https://www.securityweek.com/ireland-fines-whatsapp-225m-euros-breaching-eu-privacy-laws https://www.securityweek.com/sec-sanctions-several-companies-over-email-account-hacking   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief September 1st, 2021

The CyberHub Podcast

Play Episode Listen Later Sep 1, 2021 16:04 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: QNAP Working on Patches for OpenSSL Flaws Affecting its NAS Devices Cybercriminal sells tool to hide malware in AMD, NVIDIA GPUs LockBit gang leaks Bangkok Airways data, hits Accenture customers New Edition of Pipeline Cybersecurity Standard Covers All Control Systems CISA and the FBI warn of ransomware gangs' tendency of launching attacks over holidays and weekends   Story Links: https://thehackernews.com/2021/09/qnap-working-on-patches-for-openssl.html https://www.bleepingcomputer.com/news/security/cybercriminal-sells-tool-to-hide-malware-in-amd-nvidia-gpus/ https://www.bleepingcomputer.com/news/security/lockbit-gang-leaks-bangkok-airways-data-hits-accenture-customers/ https://www.securityweek.com/new-edition-pipeline-cybersecurity-standard-covers-all-control-systems https://therecord.media/cisa-and-the-fbi-warn-of-ransomware-gangs-tendency-of-launching-attacks-over-holidays-and-weekends/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 31st, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 31, 2021 14:05 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: New Microsoft Exchange 'ProxyToken' Flaw Lets Attackers Reconfigure Mailboxes Microsoft shares guidance on securing Azure Cosmos DB accounts Companies Release Security Advisories in Response to New OpenSSL Vulnerabilities HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform DOJ launches program to train prosecutors in cybersecurity topics   Story Links: https://thehackernews.com/2021/08/new-microsoft-exchange-proxytoken-flaw.html https://www.bleepingcomputer.com/news/microsoft/microsoft-shares-guidance-on-securing-azure-cosmos-db-accounts/ https://www.securityweek.com/companies-release-security-advisories-response-new-openssl-vulnerabilities https://threatpost.com/hpe-sudo-bug-aruba-platform/169038/ https://therecord.media/doj-launches-program-to-train-prosecutors-in-cybersecurity-topics/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 30th, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 30, 2021 16:18 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: FBI Shares IOCs for 'Hive' Ransomware Attacks Microsoft Warns of Widespread Phishing Attacks Using Open Redirects CISA, Microsoft Issue Guidance on Recent Azure Cosmos DB Vulnerability T-Mobile CEO: Hacker brute-forced his way through our network Exploitation of Flaws in Delta Energy Management System Could Have 'Dire Consequences'   Story Links: https://www.securityweek.com/fbi-shares-iocs-hive-ransomware-attacks https://thehackernews.com/2021/08/microsoft-warns-of-widespread-phishing.html https://www.securityweek.com/exploitation-flaws-delta-energy-management-system-could-have-dire-consequences https://www.bleepingcomputer.com/news/security/t-mobile-ceo-hacker-brute-forced-his-way-through-our-network/ https://www.securityweek.com/cisa-microsoft-issue-guidance-recent-azure-cosmos-db-vulnerability   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   CyberWeek Georgia event on September 21st, 2021, get your pass now at https://www.cyberweekgeorgia.com   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 26th, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 26, 2021 16:05 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Microsoft Issues Guidance on ProxyShell Vulnerabilities F5 Releases Critical Security Patches for BIG-IP and BIG-IQ Devices US Media, Retailers Targeted by New SparklingGoblin APT Researchers Uncover FIN8's New Backdoor Targeting Financial Institutions CISA Details Additional Malware Targeting Pulse Secure Appliances VMware Issues Patches to Fix New Flaws Affecting Multiple Products UK to diverge from GDPR in post-Brexit overhaul of privacy rules   Story Links: https://www.securityweek.com/microsoft-issues-guidance-proxyshell-vulnerabilities https://thehackernews.com/2021/08/f5-releases-critical-security-patches.html https://threatpost.com/sparklinggoblin-apt/168928/ https://thehackernews.com/2021/08/researchers-uncover-fin8s-new-backdoor.html https://www.securityweek.com/cisa-details-additional-malware-targeting-pulse-secure-appliances https://thehackernews.com/2021/08/vmware-issues-patches-to-fix-new-flaws.html https://www.zdnet.com/article/data-protection-to-diverge-from-gdpr-in-post-brexit-overhaul-of-privacy-rules/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 25th, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 25, 2021 15:37 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: OpenSSL Vulnerability Can Be Exploited to Change Application Data Modified Version of WhatsApp for Android Spotted Installing Triada Trojan New iOS Zero-Click Exploit Defeats Apple 'BlastDoor' Sandbox Ransomware gang's script shows exactly the files they're after Scammers steal $2.3 million from small US town   Story Links: https://www.securityweek.com/openssl-vulnerability-can-be-exploited-change-application-data https://thehackernews.com/2021/08/modified-version-of-whatsapp-for.html https://www.securityweek.com/new-ios-zero-click-exploit-defeats-apple-blastdoor-sandbox https://www.bleepingcomputer.com/news/security/ransomware-gangs-script-shows-exactly-the-files-theyre-after/ https://therecord.media/scammers-steal-2-3-million-from-small-us-town/   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 24th, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 24, 2021 15:43 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: Realtek SDK Vulnerabilities Exploited in Attacks Days After Disclosure 38 Million Records Exposed from Microsoft Power Apps of Dozens of Organizations Phishing campaign uses UPS.com XSS vuln to distribute malware Researchers Warn of 4 Emerging Ransomware Groups That Can Cause Havoc FBI: OnePercent Group Ransomware targeted US orgs since Nov 2020   Story Links: https://www.securityweek.com/realtek-sdk-vulnerabilities-exploited-attacks-days-after-disclosure https://thehackernews.com/2021/08/38-million-records-exposed-from.html https://www.bleepingcomputer.com/news/security/phishing-campaign-uses-upscom-xss-vuln-to-distribute-malware/ https://thehackernews.com/2021/08/researchers-warn-of-4-new-ransomware.html https://www.bleepingcomputer.com/news/security/fbi-onepercent-group-ransomware-targeted-us-orgs-since-nov-2020/   Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 23rd, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 23, 2021 16:54 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: CISA Warns Organizations of ProxyShell Attacks on Exchange Servers Cybercrime Group Asking Insiders for Help in Planting Ransomware LockFile ransomware uses PetitPotam attack to hijack Windows domains ShadowPad Malware is Becoming a Favorite Choice of Chinese Espionage Groups CISA Issues Guidance on Protecting Data From Ransomware Cloudflare mitigated one of the largest DDoS attack involving 17.2 million rps   Story Links: https://www.securityweek.com/cisa-warns-organizations-proxyshell-attacks-exchange-servers https://thehackernews.com/2021/08/cybercrime-group-asking-insiders-for.html https://www.bleepingcomputer.com/news/security/lockfile-ransomware-uses-petitpotam-attack-to-hijack-windows-domains/ https://thehackernews.com/2021/08/shadowpad-malware-is-becoming-favorite.html https://www.securityweek.com/cisa-issues-guidance-protecting-data-ransomware https://thehackernews.com/2021/08/cloudflare-mitigated-one-of-largest.html   Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

The CyberHub Podcast
Practitioner Brief August 19th, 2021

The CyberHub Podcast

Play Episode Listen Later Aug 19, 2021 23:40 Transcription Available


Today's Headlines and the latest #cybernews from the desk of the #CISO: GitHub Encourages Users to Adopt Two-Factor Authentication US Census Bureau hacked in January 2020 using Citrix exploit Liquid cryptocurrency exchange loses $94 million following hack Iranian APT Hexane Targets Israeli Companies Citizen Lab finds Apple's China censorship process bleeds into Hong Kong and Taiwan   Story Links: https://www.securityweek.com/report-iranian-apt-hexane-targets-israeli-companies https://www.securityweek.com/github-encourages-users-adopt-two-factor-authentication https://www.bleepingcomputer.com/news/security/us-census-bureau-hacked-in-january-2020-using-citrix-exploit/ https://www.bleepingcomputer.com/news/security/liquid-cryptocurrency-exchange-loses-94-million-following-hack/ https://www.zdnet.com/article/citizen-lab-finds-apples-china-censorship-process-bleeds-into-hong-kong-and-taiwan/   Hacking MFA Webinar with Roger Grimes of KnowBe4, Tuesday August 24th, 2021, at 11 AM EST Register here: https://us06web.zoom.us/webinar/register/WN_G2wKG4YIS9WhB8ks01eO6A   “The Microsoft Doctrine” by James Azar now on Substack https://jamesazar.substack.com/p/the-microsoft-doctrine   The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Attivo Networks: www.attivonetworks.com **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, and Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-j-azar/ James on Parler: @realjamesazar Telegram: CyberHub Podcast Locals: https://cyberhubpodcast.locals.com ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Modern CTO with Joel Beasley
#309 Tony Cole - CTO at Attivo Networks

Modern CTO with Joel Beasley

Play Episode Listen Later Apr 5, 2021 73:18


Today we are talking to Tony Cole, the CTO at Attivo Networks. And we discuss their suite of detection tools that can help to mitigate damaging cyber attacks, risk management concepts that CTOs of all levels should be thinking about, and Advice for how to lead in times of crisis. All of this, right here, right now on the Modern CTO Podcast!

The Near-Futurist
Hacking the Hacker

The Near-Futurist

Play Episode Listen Later Mar 5, 2021 20:54


What if you could actually fool the person trying to hack into your system that they were somewhere they wanted to be, when they're not? What if you could understand that sentence at first glance? Carolyn Crandall of Attivo Networks looks at what can be achieved against hackers that are already in the system. If you enjoy this podcast why not leave a review where you found it? Thank you!