Podcasts about beyondtrust

Three Buddy Problem - Episode 34: We dig into the latest exploited Apple iPhone zero-day (USB Restricted Mode bypass), an AMD microcode flaw so serious it's not being fully disclosed, a barrage of Patch Tuesday updates, the helpless nature of trying to defend corporate networks, Russian threat actor movements, and fresh intel from Rapid7, Volexity, and Microsoft. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Nakasone addresses AI at the Munich Cyber Security Conference. Court documents reveal the degree to which DOGE actually has access. Dutch police dismantle a bulletproof hosting operation. German officials investigate Apple's App Tracking. Hackers exploited security flaws in BeyondTrust. CISA issues 20 new ICS advisories. The new Astoroth phishing kit bypasses 2FA. Hackers waste no time exploiting a SonicWall proof-of-concept vulnerability. Our guest today is Lawrence Pingree, VP of Technical Marketing at Dispersive, joining us to discuss why preemptive defense is essential in the AI arms race. Have I Been Pwned ponders whether resellers are worth the trouble.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Lawrence Pingree, VP of Technical Marketing at Dispersive, joining us to discuss why preemptive defense is essential in the AI arms race. You can read more in "How Cybercriminals Are Using AI: Exploring the New Threat Landscape." Selected Reading Putting the human back into AI is key, former NSA Director Nakasone says (The Record) Court Documents Shed New Light on DOGE Access and Activity at Treasury Department (Zero Day) Musk's DOGE team: Judges to consider barring it from US government systems (Reuters) Anyone Can Push Updates to the DOGE.gov Website (404 Media) Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster (Bleeping Computer) Apple app tracking rules more strict for others – watchdog (The Register) PostgreSQL flaw exploited as zero-day in BeyondTrust breach (Bleeping Computer) CISA Releases 20 ICS Advisories Detailing Vulnerabilities & Exploits (Cyber Security News)  Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins (GB Hackers)  SonicWall Firewall Vulnerability Exploited After PoC Publication (SecurityWeek) Have I Been Pwned likely to ban resellers (The Register) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Forecast = Punxsutawney Phil saw his shadow, so we can expect continued Musk-y days ahead in these remaining DOGE days of Winter. ‍ In this week's episode of GreyNoise Storm⚡️Watch, we have a bit of an AI-theme. First, the Department of Government Efficiency (DOGE), led by Elon Musk, has sparked significant privacy and security concerns by accessing sensitive federal systems like Treasury databases and Education Department records through AI-driven analysis. Critics highlight undisclosed partnerships with vendors like Inventry.ai, which allegedly introduced algorithmic bias by disproportionately targeting diversity programs and climate initiatives while retaining fossil fuel subsidies. Cybersecurity experts warn about unvetted API integrations and data security risks, as Inventry.ai processed taxpayer information without proper FedRAMP authorization. These issues have led to bipartisan calls for stricter AI procurement rules and transparency mandates to rebuild public trust. Meanwhile, Chinese AI startup DeepSeek faces scrutiny over its claims of rivaling GPT-4 at lower costs, with analysts questioning its $5.6M training budget and geopolitical alignment. The models show systematic pro-China biases, refusing to answer 88% of sensitive questions about Tiananmen Square or Taiwan while promoting CCP narratives in responses. Security researchers flag its opaque training data—potentially using OpenAI outputs—and anti-debugging features that hinder independent audits. These concerns have triggered bans in Australia, South Korea, and U.S. agencies like NASA, with EU officials noting non-compliance with cybersecurity standards. On the defense front, Splunk's DECEIVE AI honeypot introduces innovative deception tech by letting users simulate systems via text prompts, democratizing access to advanced threat detection. While it offers dynamic behavioral analysis and safe sandboxing, security professionals caution about LLM hallucination risks that could tip off attackers and ethical questions around logging fabricated credentials. The open-source tool shows promise but remains untested against sophisticated adversaries. Rounding out the cybersecurity landscape, Censys research exposes the BADBOX botnet's infrastructure and BeyondTrust vulnerabilities, while VulnCheck highlights 2024's exploitation trends and Zyxel's unpatched telnet flaws; and GreyNoise's latest Noiseletter showcases new platform features + upcoming events. Storm Watch Homepage >> Learn more about GreyNoise >>  

JJ and Drew catch you up on cybersecurity news including new research that uncovers a host of 5G/LTE vulnerabilities, the chain of breaches in a BeyondTrust attack that led to infiltration of the US Treasury Dept., and a lawsuit against LinkedIn alleging that data from paying customers was used to train AI models. Researchers unpack... Read more »

JJ and Drew catch you up on cybersecurity news including new research that uncovers a host of 5G/LTE vulnerabilities, the chain of breaches in a BeyondTrust attack that led to infiltration of the US Treasury Dept., and a lawsuit against LinkedIn alleging that data from paying customers was used to train AI models. Researchers unpack... Read more »

Watch The X22 Report On Video No videos found Click On Picture To See Larger PictureMSNBC is trying to convince the people that the economy is doing well and they are being force to believe it is not. Yellen's computer has been hacked, they are preparing to bring the economy down. The Fed is trapping Trump but they fell into the trap. Audit the Fed is now gaining steam. The [DS] is panicking their power is diminishing, they know they have a certain amount of time to strike back. Trump and the patriots countered a [FF]. Trump has called off the inauguration and will have it in the rotunda. There will be fireworks only and everyone will be safe.   (function(w,d,s,i){w.ldAdInit=w.ldAdInit||[];w.ldAdInit.push({slot:13499335648425062,size:[0, 0],id:"ld-7164-1323"});if(!d.getElementById(i)){var j=d.createElement(s),p=d.getElementsByTagName(s)[0];j.async=true;j.src="//cdn2.customads.co/_js/ajs.js";j.id=i;p.parentNode.insertBefore(j,p);}})(window,document,"script","ld-ajs"); Economy MSNBC Panelist Says People Are Just ‘Believing' The Economy Was Poor Under Biden MSNBC panelist and Futuro Media founder Maria Hinojosa said Friday that voters are simply “believing” the economy is poor under President Joe Biden due to the constant negative narrative they are told. Throughout his 2024 campaign, President-elect Donald Trump said he would bring back a strong economy, as many Americans polled said the issue was one of their top concerns before heading to the ballot box in November. On “The ReidOut,” Hinojosa was asked if she believed Americans were still concerned about “the price of eggs” over the “fragility of democracy,” to which she said economists had told her Biden's economy is “great.” Source: dailycaller.com https://twitter.com/MarioNawfal/status/1880147369896845674  than 50 files on Yellen's machine. The breach occurred via BeyondTrust, a third-party cybersecurity provider, marking what Treasury officials labeled a "major incident." China denied involvement, stating it opposes hacking in all forms. This breach highlights rising cybersecurity tensions between the U.S. and China, raising concerns over safeguarding sensitive government systems. https://twitter.com/KobeissiLetter/status/1880396242863419605 Federal Reserve withdraws from global regulatory climate change group The U.S. Federal Reserve announced on Friday it had withdrawn from a global body of central banks and regulators devoted to exploring ways to police climate risk in the financial system. In a statement, the Fed said it was exiting the Network of Central Banks and Supervisors for Greening the Financial System (NGFS) because its increasingly broadened scope had fallen outside the Fed's statutory mandate. The central bank joined the group in 2020. The exit comes three days before President-elect Donald Trump, who is critical of efforts by governments to prescribe climate change policies, is set to take office. Source:  gazette.com  https://twitter.com/TrumpWarRoom/status/1879929501192454144 https://twitter.com/WatcherGuru/status/1879956982389699008   https://twitter.com/GovRonDeSantis/status/1880015040432218461   Political/Rights Nolte: Jury Finds CNN Guilty of Defamation, Awards $5 Million Plus Punitive Damages In their zeal to find a villain other than His Fraudulency Joe Biden for the debacle that was America's withdrawal from Afghanistan, the convicted liars at CNN (that's never gonna get old) decided to demonize Mr. Young as a black market operator exploiting desperate Afghans for huge sums of money to get them out of the country. Convicted liar Jake Tapper (tee hee) introduced the segment this way: “Afghans trying to get out of the country face a black market full of promises, demands of exorbitant fees, and no guarantee of safety or success.” Months later, the convicted liars and CNN tried to take it all back with an on-air apology from...

Snyk mysteriously deploys apparently malicious packages Baltic sea cable cuts can't be accident, says EU tech chief CISA warns of second BeyondTrust vulnerability Huge thanks to our sponsor, Dropzone AI Does your SOC feel like it's drowning in alerts? Dropzone AI cuts through the noise, triaging 100% of alerts and giving you clear, actionable insights. Ready to break free? Check out the demo at dropzone.ai. For the stories behind the headlines, head on over to CISOSeries.com

A draft cybersecurity executive order from the Biden administration seeks to bolster defenses. Researchers identify a “mass exploitation campaign” targeting Fortinet firewalls. A Chinese-language illicit online marketplace is growing at an alarming rate. CISA urges patching of a second BeyondTrust vulnerability. The UK proposes banning ransomware payments by public sector and critical infrastructure organizations. A critical flaw in Google's authentication flow exposes millions to unauthorized access.OWASP releases its first Non-Human Identities (NHI) Top 10. A Microsoft lawsuit targets individuals accused of bypassing safety controls in its Azure OpenAI tools. Our guest is Chris Pierson, Founder and CEO of BlackCloak, discussing digital executive protection. The feds remind the health care sector that AI must first do no harm.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Chris Pierson, Founder and CEO of BlackCloak, discussing digital executive protection. Selected Reading Second Biden cyber executive order directs agency action on fed security, AI, space (CyberScoop) Snoops exploited Fortinet firewalls with 'probable' 0-day (The Register) The ‘Largest Illicit Online Marketplace' Ever Is Growing at an Alarming Rate, Report Says (WIRED) CISA Warns of Second BeyondTrust Vulnerability Exploited in Attacks (SecurityWeek) UK Considers Ban on Ransomware Payments by Public Bodies (Infosecurity Magazine) Google OAuth "Sign in with Google" Vulnerability Exposes Millions of Accounts to Data Theft (Cyber Security News) OWASP Publishes First-Ever Top 10 “Non-Human Identities (NHI) Security Risks (Cyber Security News) Microsoft Sues Harmful Fake AI Image Crime Ring (GovInfo Security) Feds Tell Health Sector to Watch for Bias in AI Decisions (BankInfo Security) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

00:00:00 - PreShow Banter™ — Coffee With Wade Wells00:05:41 - BHIS - Talkin' Bout [infosec] News 2025-01-0600:06:45 - Story # 1: BeyondTrust says hackers breached Remote Support SaaS instances00:13:18 - Things Continued to be ignored in 202500:24:39 - Story # 2: Classified fighter jet specs leaked on War Thunder – again00:28:26 - Story # 3: New Proposed HIPAA Security Rule Changes00:34:33 - Story # 4: The Breachies 2024: The Worst, Weirdest, Most Impactful Data Breaches of the Year00:35:47 - Story # 5: AT&T and Verizon say networks secure after Salt Typhoon breach00:37:20 - Story # 6: Net Neutrality Rules Struck Down by Appeals Court00:41:56 - Story # 7: U.S. Army Soldier Arrested in AT&T, Verizon Extortions00:45:28 - Story # 8: New U.S. DoJ Rule Halts Bulk Data Transfers to Adversarial Nations to Protect Privacy00:48:38 - Story # 9: Meta's AI Profiles Are Indistinguishable From Terrible Spam That Took Over Facebook00:50:42 - Story # 9b: Meta deletes AI character profiles after backlash, racism accusations00:51:40 - Story # 10: Watch: Tiny robot ‘kidnaps' 12 big Chinese bots from a Shanghai showroom, shocks world00:55:27 - Story # 11: China Arrests 4 Who Weaponized ChatGPT for Ransomware Attacks00:58:42 - Story # 12: Man Accused of SQL Injection Hacking Gets 69-Month Prison Sentence01:01:22 - Story # 13: Germany cuts hacker access to 30,000 devices infected with BadBox malware

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.We pause to honor the life and legacy of Amit Yoran, a visionary leader in the world of cybersecurity who passed away on January 4, 2025, after battling cancer.In April 2024, a threat actor known as "USDoD" advertised a massive database for sale on BreachForums, claiming it contained 2.9 billion records encompassing personal information of individuals from the United States, United Kingdom, and Canada. In December 2024, the U.S. Treasury Department disclosed a significant cybersecurity breach attributed to Chinese state-sponsored hackers. SafeBreach Labs has published a proof-of-concept (PoC) exploit for CVE-2024-49113, dubbed "LDAPNightmare." This vulnerability affects Windows Servers using the Lightweight Directory Access Protocol (LDAP) and enables attackers to crash unpatched systems.

In this episode of the SANS Internet Storm Center's Stormcast, we cover critical vulnerabilities affecting OpenSSH, BeyondTrust, and Nuclei, including the newly discovered "RegreSSHion" flaw and a bypass vulnerability in Nuclei. We also discuss how malware evasion techniques can impact analysis environments and highlight the dangers of fake exploits targeting researchers. Tune in for insights on patching, mitigation strategies, and staying ahead of emerging threats. Topics Covered: Make Malware Happy https://isc.sans.edu/diary/Make%20Malware%20Happy/31560 A look at how malware adapts and detects analysis environments, and why replicating operational settings is critical during malware analysis. Nuclei Signature Verification Bypass (CVE-2024-43405) https://www.wiz.io/blog/nuclei-signature-verification-bypass A critical vulnerability in Nuclei allows malicious templates to bypass signature verification, risking arbitrary code execution. Critical Vulnerability in BeyondTrust (CVE-2024-12356) https://censys.com/cve-2024-12356/ A high-risk flaw in BeyondTrust products allows unauthenticated OS command execution, posing a significant threat to privileged access systems. RegreSSHion Code Execution Vulnerability (CVE-2024-6387) https://cybersecuritynews.com/regresshion-code-execution-vulnerability/ OpenSSH vulnerability "RegreSSHion" enables remote code execution, and fake exploits targeting security researchers are in circulation.

Forecast: Cyber conditions are turbulent with two major Chinese state-sponsored storms impacting U.S. infrastructure, with aftershocks expected into mid-January. ‍ In today's episode of Storm Watch, we cover two major cybersecurity incidents that have significantly impacted U.S. infrastructure. The BeyondTrust breach, initially discovered in early December 2024, involved a compromised Remote Support SaaS API key that allowed attackers to reset passwords and access workstations remotely. The Treasury Department was notably affected, with attackers accessing unclassified documents in the Office of Financial Research and Office of Foreign Assets Control. The incident exposed critical vulnerabilities, including a severe command injection flaw with a CVSS score of 9.8, and over 13,500 BeyondTrust instances remain exposed online. The conversation then shifts to the extensive telecommunications breaches known as the Salt Typhoon campaign, where Chinese state actors successfully infiltrated nine major U.S. telecom companies. This sophisticated espionage operation gained the capability to geolocate millions of individuals and potentially record phone calls, though actual communication interception was limited to fewer than 100 high-profile targets. The breach revealed shocking security lapses, such as a single administrator account having access to over 100,000 routers and the use of primitive passwords like "1111" for management systems. Major carriers including AT&T, Verizon, and Lumen Technologies were among the affected companies, with varying degrees of impact and response effectiveness. T-Mobile stands out for their quick detection and mitigation of the attack. In response to these incidents, the FCC is preparing to vote on new cybersecurity regulations by mid-January 2025, while the White House has outlined key areas for improvement including configuration management, vulnerability management, network segmentation, and enhanced information sharing across the sector. The episode wraps up with insights from recent Censys Rapid Response posts and the latest GreyNoise blog entry about profiling benign internet scanners in 2024, along with VulnCheck's analysis of the most dangerous software weaknesses and a discussion of the Four-Faith Industrial Router vulnerability being exploited in the wild. Storm Watch Homepage >> Learn more about GreyNoise >>  

Three Buddy Problem - Episode 28: In this episode, we explore the ongoing challenges of threat actor naming in cybersecurity and the confusion caused by a lack of standardization, methodological inconsistencies and skewed, marketing-driven incentives. Plus, the US Treasury/BeyondTrust hack, the surge in 0day discoveries, a new variant of the Xdr33 CIA Hive malware, and exclusive new information on the Cyberhaven Chrome extension security incident. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Chinese state actor breaches U.S department responsible for foreign sanctions following BeyondTrust compromise.Quick fire topics.

In this episode, we dive deep into two explosive cybersecurity stories making headlines right now: a major breach at the U.S. Treasury Department allegedly carried out by Chinese state-sponsored hackers, and the discovery of over 3.1 million fake stars on GitHub used to boost malicious repositories. We'll explore how third-party vendor BeyondTrust and telecom hacks tie into this growing wave of advanced persistent threats (APTs) and discuss how manipulative tactics on GitHub can sneak malware into widespread use. Whether you're a seasoned developer or just curious about the rising tide of global cyber threats, this episode will give you an in-depth look at how these hacks happen and why they matter.   Stay informed, stay alert, and learn about the latest vulnerabilities, breaches, and protective measures you can take. Don't forget to like, subscribe, and hit the notification bell for more cybersecurity breakdowns! #Cybersecurity #DataBreach #USTreasuryHack #ChineseHackers #SaltTyphoon #APTGroups #BeyondTrust #GitHub #FakeStars #Malware #CyberThreats #NetworkSecurity #NationStateHackers #APISecurity #SupplyChainAttack #DarkReading #BleepingComputer #Encryption #SoftwareDevelopment #TechNews #HackingUpdate #ZeroDay #Phishing #InformedSecurity #ExploitBrokers  

31st Dec: Blockchain DXB Podcast

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Steve Zalewski, CISO in Residence Thanks to our show sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com. All links and the video of this episode can be found on CISO Series.com    

Three Buddy Problem - Episode 26: We dive deep into the shadowy world of surveillance and cyber operations, unpacking Amnesty International's explosive report on NoviSpy, a previously unknown Android implant used against Serbian activists, and the links to Israeli forensics software vendor Cellebrite. Plus, thoughts on the US government's controversial guidance on VPNs, Chinese reports on US intel agency hacking, TP-Link sanctions chatter, Mossad's dramatic exploding beeper operation and the ethical, legal, and security implications of escalating cyber-deterrence. Also, a mysterious BeyondTrust 0-day! Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

PaaS platform “FlowerStorm” attacking Microsoft 365 users CISA adds BeyondTrust flaw to its Known Exploited Vulnerabilities catalog Ascension Health ransomware attack impacted nearly 6 million people Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com. For the story behind the headlines, go to CISOSeries.com

Russian hackers attack Ukraine's state registers. NotLockBit is a new ransomware strain targeting macOS and Windows. Sophos discloses three critical vulnerabilities in its Firewall product. The BadBox botnet infects over 190,000 Android devices. BeyondTrust patches two critical vulnerabilities. Hackers stole $2.2 billion from cryptocurrency platforms in 2024. Officials dismantle a live sports streaming piracy ring. Rockwell Automation patches critical vulnerabilities in a device used for energy control in industrial systems. A new report from Dragos highlights ransomware groups targeting industrial sectors. A Ukrainian national is sentenced to 60 months in prison for distributing the Raccoon Infostealer malware. We bid a fond farewell to our colleague Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. The LockBit gang tease what's yet to come.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest segment is bittersweet as we bid farewell to our beloved Rick Howard, who's retiring after years of inspiring leadership, wisdom, and camaraderie. Join us in celebrating his incredible journey, sharing heartfelt memories, and letting him know just how deeply he'll be missed by all of us here at N2K. Selected Reading Ukraine's state registers hit with one of Russia's largest cyberattacks, officials say (The Record) NotLockBit - Previously Unknown Ransomware Attack Windows & macOS (GB Hackers) Critical Sophos Firewall Vulnerabilities Let Attackers Execute Remote Code (Cyber Security News) Botnet of 190,000 BadBox-Infected Android Devices Discovered (SecurityWeek) BeyondTrust Security Incident — Command Injection and Escalation Weaknesses (CVE-2024-12356, CVE-2024-12686) (SOCRadar) Crypto-Hackers Steal $2.2bn as North Koreans Dominate (Infosecurity Magazine) Massive live sports piracy ring with 812 million yearly visits taken offline (Bleeping Computer) Rockwell PowerMonitor Vulnerabilities Allow Remote Hacking of Industrial Systems (SecurityWeek) Ransomware Attackers Target Industries with Low Downtime Tolerance (Infosecurity Magazine) Ukrainian Raccoon Infostealer Operator Sentenced to Prison in US (SecurityWeek) NetWalker Ransomware Operator Sentenced For Hacking Hundreds Of Organizations (Cyber Security News) LockBit Admins Tease a New Ransomware Version (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Android malware found on Amazon Appstore disguised as health app BeyondTrust suffers cyberattack Fortinet warns of critical flaw in Wireless LAN Manager Thanks to today's episode sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com. For the stories behind the headlines, head of CISOSeries.com.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO, The Carlyle Group Thanks to our show sponsor, ThreatLocker Do zero-day exploits and supply chain attacks keep you up at night? Worry no more; you can harden your security with ThreatLocker. ThreatLocker helps you take a proactive, default-deny approach to cybersecurity and provides a full audit of every action, allowed or blocked, for risk management and compliance. Onboarding and operation are fully supported by their US-based support team. To learn more about how ThreatLocker can help keep your organization running efficiently and protected from ransomware, visit ThreatLocker.com. All links and the video of this episode can be found on CISO Series.com

Marc Maiffret is the Chief Technology Officer at BeyondTrust. In this episode, he joins host Heather Engel to discuss his past as a teenage hacker, including his experience at age 17 being raided by the FBI, before transitioning into a career as a security researcher and ethical hacker today. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Join us in a special out-of-band episode of Adventures of Alice and Bob, where we explore the exciting expansion of BeyondTrust through its recent acquisition of Entitle, a pioneering privilege management solution. Discover how this strategic move enhances BeyondTrust's identity security solutions across the cloud. BeyondTrust CTO, Marc Maiffret, and Entitle co-founders, Ron Nissim and Avi Zetser, also cover what exactly just-in-time (JIT) access is, what modern identity security looks like across the cloud, and what this exciting new union means for the landscape of identity security and access management.

Recomendando utilizar herramientas como Identity Security Insights para tener una visión centralizada de identidades y cuentas, fortalecer la seguridad y proteger los activos más valiosos, BeyondTrust sugiere tres consejos esenciales para proteger la información en un entorno digital.

Our guest Lee Elliot, Director of Solutions Engineering at BeyondTrust, and our host IAM Architect Arne Vedø-Hansen, explore how PAM plays a crucial role in mitigating new and emerging threats, securing infrastructure, and safeguarding identity architecture. Hosted on Acast. See acast.com/privacy for more information.

B2B marketers take themselves so seriously. A little more humor wouldn't hurt.Even if you're thinking, “I already use humor in my content,” we're going to convince you to ramp it up. Because today, we're looking to a company that spends about a third of its content just on humor. And despite having "wasted" content on humor, it's thanks to their booming sales that they've raised over $8.6 million to fund sanitation projects around the world.In this episode, we're talking about the eco-friendly toilet paper brand, Who Gives a Crap, with the help of special guest, Shannon Howard. Shannon is Director of Customer & Content Marketing at Intellum. Together, we talk about dedicating a third of your content to making your audience laugh, edutainment, paying attention to the details, and much more. So take a bathroom break then tune into this episode of Remarkable.About our guest, Shannon HowardShannon Howard is Director of Customer & Content Marketing at Intellum. She joined the company in March of 2023. Shannon is an experienced Customer Marketer who's had the unique experience of building an LMS, implementing and managing learning management platforms, creating curriculum and education strategy, and marketing customer education. She loves to share Customer Education best practices from this blended perspective. Prior to Intellum, she served as Customer Marketing Manager at PeopleGrove. She has also held marketing roles at companies like Crowdvocate, Litmus, and The Predictive Index. About IntellumIntellum is the learning management system powering the world's leading education programs. Intellum's scientific, data-driven approach is based on 20 years of industry experience, and the Intellum Platform includes all of the tools an organization needs to create, deploy, manage, track, and continuously improve highly personalized, engaging educational experiences. Large brands and fast-moving companies like Google, Meta, Amazon, Twitter, BeyondTrust, Randstad, AT&T, Verizon, Mailchimp, and many others rely on Intellum to improve product utilization, customer retention, and revenue. About Who Gives a Crap Toilet PaperWho Gives a Crap Toilet Paper is a recycled toilet paper brand. They pride themselves on creating a product that's better for the environment, as it has no inks, dyes, glues, chlorine or artificial scents. Their products can be delivered or picked up in store. And most orders ship free (over $25). But most importantly, they come with a mission to spread toilet humor and make the world a better place. They use 50% of their profits to build toilets and fund sanitation projects in developing countries. That money goes to a non-profit called WaterAid, which helps people in those countries access clean water, sanitation and hygiene education.The company was started by Simon Griffiths, Danny Alexander, and Jehan Ratnatunga, who are engineers and product designers, in July 2012 after they found out that 2.4 billion people, or 40% of the global population, don't have access to a toilet. Now, according to their website, that number is down to 2 billion. So they started a crowdfunding campaign on IndieGogo and it took about 50 hours to meet their goal, and they raised over $50,000. They launched their first product in March 2013. Now they also offer paper towels and tissues. Each roll is also wrapped in recycled paper in color and playful prints for sanitation purposes. They've now raised over $13.3 million dollars (that's Australian dollars) or $8.6 million US dollars.What B2B Companies Can Learn From Who Gives a Crap Toilet Paper:Spend your time equally on creating content around product, impact, and humor. A third of the Who Gives a Crap blog is dedicated to bathroom humor. While that might seem like a lot of content that's not dedicated to marketing or making a sale, Shannon says, “In B2B, we forget that there's not a company on the other side of our marketing. There's a person and they have dreams and aspirations and they have things that they struggle with and they have a sense of humor. Everybody's been asked to do more with less. We just need something to break through the noise and give us a little reprieve. And I think humor does that.”Edutain your audience on your mission. Who Gives a Crap educates their audience on their mission to provide access to clean water and sanitation around the world, but they make it fun. Shannon says, “They're talking about deforestation. They're bringing things in that can be really heavy topics, but making them lighter. They do it in a way that's really organic and natural and funny.” Educate your audience on why what you do matters, and make it light, funny, natural and organic.Write like you talk. You've probably gone to a site where you have no idea what the business does, because the content is so dry and buzzword-heavy. Don't write like that. Act like you're explaining to a friend what you do and write it out. Shannon says, “This is something I try to think about for content when I'm writing for SEO. Okay, I'm writing for a search engine. But I'm also writing for humans. I can't write for search only, right? You need to write for real people who are going to read your content and give them a reason to want to read your content. If you can make it entertaining and maybe you're putting gifs in there or emojis, or you're breaking up the text, or you're giving some real life examples. Those are ways you don't maybe necessarily have to use humor. That's not part of your brand, but you can lighten it up a little bit.”Fit creative moments into the details. Every bit of real estate matters, whether it's on your blog, in an email, or on a piece of packaging. Shannon says, “If you have an autoresponder, an email signature, real estate on your website, on your social media, are you paying attention to those details? Are you personalizing them? Are you speaking to your customers there?” The details and the little bits of space are opportunities to personalize, to be creative, and to speak to your customers.Quotes*”Surprise and delight is a big part of B2C companies. But it's not something we always think about in B2B. We think about, like, what is the thing that is going to provide the most value? But then you think about something like loading screens. Or in Asana, when you check off a task that needs to be done, you get a little unicorn, yeti or otter that flies across the screen. So just things like that, where it's small, it doesn't add value. No one's buying it for the unicorn, but it's a way to surprise and delight your customers. And that does make a difference. I think we forget those little things can mean a lot more to people. They can be really impactful moments.” - Shannon Howard*”When it comes to brand voice, think about if you were to walk up to our brand at a party. What would they be like? Think about your brand and what would that brand look like personified in the real world.” - Shannon HowardTime Stamps[0:55] Meet Shannon Howard, Director of Customer & Content Marketing at Intellum[2:03] Why are we talking about Who Gives a Crap toilet paper?[3:57] What does Shannon's work at Intellum entail?[5:24] What is Who Gives a Crap toilet paper?[10:22] What makes Who Gives a Crap remarkable?[13:15] What are marketing lessons we can take away from Who Gives a Crap?[26:51] What is Shannon's content strategy at Intellum?[35:14] How does Shannon think about proving the ROI of content?LinksCheck out Who Gives a Crap Toilet PaperConnect with Shannon on LinkedInLearn more about IntellumAbout Remarkable!Remarkable! is created by the team at Caspian Studios, the premier B2B Podcast-as-a-Service company. Caspian creates both non-fiction and fiction series for B2B companies. If you want a fiction series check out our new offering - The Business Thriller - Hollywood style storytelling for B2B. Learn more at CaspianStudios.com. In today's episode, you heard from Ian Faison (CEO of Caspian Studios) and Meredith Gooderham (Senior Producer). Remarkable was produced this week by Meredith Gooderham, mixed by Scott Goodrich, and our theme song is “Solomon” by FALAK. Create something remarkable. Rise above the noise.

Scott Carlson is a highly skilled and experienced Information Security advisor with 30 years of experience, adept at identifying risks and developing solutions. He enjoys cracking difficult problems and seeking out hidden solutions that deliver the most secure data management. Scott is a complexity simplifier, translating the technological jargon associated with Information Security into “human speak” so that all team members and leadership are confident in decisions. He loves to tackle challenges and is not daunted by hard situations or an accelerated timeline. His goal is to improve information security for businesses—full stop. He often says that he is SaaS, or “Scott as a Service.” Scott has found that a key to his success is earning the trust and loyalty of his clients through strong interpersonal connections.  His career spans numerous Phoenix area companies including Charles Schwab, PayPal, BeyondTrust, and Kudelski Security.https://www.savyadvisors.com/https://www.linkedin.com/in/scottcarlsoninfosec/Mac and Bleu is the hot new podcast dedicated to all things related to building Arizona. Topics discussed range from construction, economic development, supply chain, and market segments.Mac & Bleu also includes diversity in construction, local politics affecting construction, women in construction, construction technology, and more.The host JJ Levenske of Bleuwave have their finger on the pulse of the people building Arizona.The show brings in the brightest minds in their perspective positions and industries and JJ has the unique ability to touch on the subject matter that you want to hear.If you want to know who's building Arizona, tune in and subscribe to Mac and Bleu today!___________________________________________________________________________________JJ Levenske is a seasoned construction executive with over 30 years of experience in the commercial and industrial sectors.From pre-construction services to complex quality controls and close-outs, he brings a commitment to delivering the highest levels of professionalism and customer service.

We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to. Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters. In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust. Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Show Notes: https://securityweekly.com/esw-340

We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to. Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters. In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust. Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Show Notes: https://securityweekly.com/esw-340

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape: Maybe not less budget, but more pressure to produce results and justify spending Security leaders being held personally accountable for performance Potential layoffs, and the need to achieve the same goals with less labor and tool overhead Segment Resources https://cybersecurity.att.com/insights-report This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to. Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters. In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust. Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Finally, in the enterprise security news, Lots of new security startups with early stage funding SentinelOne picks up Chris Krebs and Alex Stamos's consulting firm PE firm picks up ActiveState - a company I haven't thought about since I last downloaded ActiveState Perl 1000 years ago Microsoft announces the limited release of Security Copilot Semgrep releases a secrets scanner AGI predicted to come much sooner than you might expect NY State doubles down on cybersecurity regulations to protect its hospitals the young hackers behind Mirai, one of the biggest botnets ever Ransomware groups snitch on businesses to the SEC Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-340

Once again, Theresa Lanowitz joins us to discuss Edge Computing, but with a twist this time, as Mani Keerthi Nagotu from SentinelOne joins us as well! As a field CISO, Mani knows all too well the struggles security leaders are going through, given the current market and threat landscape: Maybe not less budget, but more pressure to produce results and justify spending Security leaders being held personally accountable for performance Potential layoffs, and the need to achieve the same goals with less labor and tool overhead Segment Resources https://cybersecurity.att.com/insights-report This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecurity to learn more about them! We regularly cover significant breaches on this podcast, but it is rare that we have enough information about a major breach to cover in enough detail to devote an entire segment to. Today, we dive into lessons learned from the breach of Okta's customer support system that targeted some other major security vendors. This is part of a troubling trend, where the target of an attack only serves as a jumping off point to other organizations. China's 2023 attack of Microsoft is an example of this. It was easier to attack Microsoft 365, one of the world's largest business SaaS platforms, than to go after each of the 25 individual targets these Chinese actors needed access to. Traditionally, we've thought of lateral movement as something that happens within a network segment, or even within a single organization. Now, we're seeing lateral movement between SaaS platforms, between clouds, from third party vendors to customer, and even from open source project to open source adopters. In this segment, we'll cover five key lessons learned from Okta's breach, from information shared by Okta and three of its customers: 1Password, Cloudflare, and BeyondTrust. Protect Your Session Tokens Monitor for Unusual Behavior SaaS Vendors Are Common Targets Zero Trust Principles Work MFA Isn't a Binary (on or off) Control Segment Resources https://www.valencesecurity.com/resources/blogs/five-lessons-learned-from-oktas-support-site-breach Finally, in the enterprise security news, Lots of new security startups with early stage funding SentinelOne picks up Chris Krebs and Alex Stamos's consulting firm PE firm picks up ActiveState - a company I haven't thought about since I last downloaded ActiveState Perl 1000 years ago Microsoft announces the limited release of Security Copilot Semgrep releases a secrets scanner AGI predicted to come much sooner than you might expect NY State doubles down on cybersecurity regulations to protect its hospitals the young hackers behind Mirai, one of the biggest botnets ever Ransomware groups snitch on businesses to the SEC Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-340

Kaspersky descubre que varios de sus empleados tienen sus dispositivos móviles infectados con un malware altamente sofisticado y consigue hacerse con el implante y analizarlo. Archivos HARroríficos desatan pesadillas cibernéticas y ponen los pelos de punta a empresas afiliadas a Okta como 1Password, BeyondTrust y Cloudflare. Notas y referencias en https://www.tierradehackers.com/episodio-111 ️ YouTube: https://www.youtube.com/tierradehackers  Twitch: https://www.twitch.tv/tierradehackers ➡️ Twitter: https://www.twitter.com/tierradehackers ➡️ LinkedIn: https://www.linkedin.com/company/tierradehackers ➡️ Instagram: https://www.instagram.com/tierradehackers ➡️ Facebook: https://www.facebook.com/tierradehackers ➡️ TikTok: https://www.tiktok.com/@tierradehackers No olvides unirte a nuestra comunidad de Discord:  https://www.tierradehackers.com/discord Si te gusta lo que hacemos, considera apoyarnos en Patreon para que podamos seguir creciendo y crear aun más contenido https://www.patreon.com/tierradehackers/ Gracias también a los patrocinadores de este episodio: Monad (https://www.monad.com) onBRANDING (https://onbranding.es)

In this episode of Sandy Springs Business Radio, hosts Lee Kantor and Rachel Simon interview Stacy Blaiss, Vice President of Corporate Marketing at BeyondTrust. They discuss the evolving cybersecurity landscape, the importance of protecting customer data, and the role of education in cybersecurity. Stacy explains the concept of unattributed activities in marketing and how BeyondTrust […]

The Cybersecurity Defender's host, Christopher Luft, along with special guest Eric Capuano, walk through the available details of the most recent Okta security breach that affected 1Password, BeyondTrust, and CloudFlare.On Friday, October 20th, Okta announced that it suffered an intrusion in its customer support system. The company confirmed that 'certain Okta customers' were affected and stated that it notified 'around 1 percent' of its 18,400 customers that they were impacted.

Okta provides identity and access management to some of the world's biggest brands. But what happens when Okta itself comes under attack? In this episode, James sits down with BeyondTrust CTO Marc Maiffret to discuss how BeyondTrust discovered a breach of Okta's Support Unit, escalated concerns, and gathered the necessary evidence to spur Okta into action. Join us for a rare inside look at how a major provider was compromised, and what we can learn to better defend our own systems.

On this episode, Rob Spee, SVP, Global Channel and Alliances at BeyondTrust, a worldwide leader in privileged access management, is joined by Lana King, who was most recently Vice President, Partner Programs, Training and Enablement at Mitel. The discussion centers on partner strategy, partner experience and customer experience. Lana recently took some time off and brings a fresh perspective to the conversation. She is digging deep into the current state of the industry as she looks for her next opportunity. She has spoken with many leaders about developing a partner strategy, which she and Rob agree is more than just expecting more sales. Many companies are embracing the partner experience discussion, which is sometimes blended with customer experience. The treatment a partner experiences in a relationship has a direct impact on the customer experience. This means measuring the partner experience is critical for success.  Lana says that it is essential to do a partner journey map in a similar way a company would do a customer journey map in order to have the strongest possible partner relationship. This involves determining what can be measured and analyzing those measurements to create the best experience for partners and customers. Resources Mentioned: Rob Spee - https://www.linkedin.com/in/robertspee/ BeyondTrust - https://www.linkedin.com/company/beyondtrust/ BeyondTrust | Website - https://www.beyondtrust.com/ Lana King - https://www.linkedin.com/in/lanaking1/ Mitel - https://www.linkedin.com/company/mitel/ Mitel | Website - https://www.mitel.com/ Thank you to our amazing podcast team at Content Allies. Want to launch your own B2B revenue-generating podcasts? Contact them at https://ContentAllies.com. #saas #software #cloud

This very special episode is brought to you from the Adventures of Alice and Bob podcast booth at the Go Beyond Conference in sunny Miami, FL. Karl and Marc are reunited with the remarkable 16-year-old hacker, Bianca Lewis, who also delivered an amazing keynote speech at the event. They also got the chance to hang out with the visionary Sam Elliot, Head of Product Management at BeyondTrust. 

In this episode of the Future of Security Operations podcast, Thomas chats with Morey Haber, Chief Security Officer at BeyondTrust. BeyondTrust is a worldwide leader in Privileged Access Management (PAM), focused on addressing the most urgent cybersecurity challenges, including zero trust, ransomware, cloud security, and more. Morey has more than 25 years of IT industry experience, has authored four books, is a founding member of the industry group Transparency in Cyber, and in 2020 was elected to the Identity Defined Security Alliance (IDSA) Executive Advisory Board. Morey currently oversees BeyondTrust security and governance for corporate and cloud-based solutions and regularly consults for global periodicals and media.   Topics include:  Morey's journey in cybersecurity, starting almost 20 years ago in a software action team. The cultural and perception shift that vulnerability management and security operations have undergone over the past 20 years. The challenges modern security operations face due to identity-based risks increasing in a remote working world.  The exploitable flaws seen in two-factor authentication (2FA) and multi-factor authentication (MFA) identification.  How BeyondTrust specializes in privileged access and least privilege to ensure the integrity of all transactions.  The differences with implementing security disciplines in the cloud.  How Morey stays on top of the latest issues and threats in the cybersecurity world.  The importance of self-discipline when it comes to mental health and overcoming the risk of burnout, and how managers can best support this.  Some of the most memorable security incidents Morey has come across.  Morey's stance on what security teams should be wary of when it comes to ChatGPT.  What cybersecurity might look like in five years' time with advances in AI taken into consideration.    Resources: LinkedIn: https://www.linkedin.com/in/mjhaber/

We've brought together three hosts from three different podcasts in the partnerships space to review key insights and trends noticed in the past year from interviews with channel chiefs, partnership leaders and in the overall partner ecosystem landscape.Rob Spee is a seasoned and experienced channel and alliance executive. He has created and executed channel strategies and programs ranging from start-up mode businesses, all the way to a $350M business. Today he's SVP of Global Channel & Alliances at BeyondTrust as well as the host of the long-running Channel Journeys podcast – a podcast where you can “hear channel experts share authentic stories of their channel victories, defeats, and lessons learned along the way.”Vince Menzione is the Founder of Ultimate Partnerships – a consultancy helping partner organizations drive greater results. And the host of another impressively long-running podcast, The Ultimate Guide to Partnering podcast.Paul Bird is the host of Magentrix PRM's The Ultimate Channel Sales Podcast - where he regularly has discussions on how to navigate partnerships, how to support your partners, identify weak areas of your partner strategy, discuss the latest industry trends and reports, and more.This production is brought to you by Magentrix ✨

Sometimes, success means being at the right place at the right time. BeyondTrust has been active in the world of access control for decades. They have seventy patents and have a well-earned reputation for deep knowledge of secure remote access. Before COVID hit, BeyondTrust was strong in a niche product category; when COVID forced commercial and federal systems to drastically increase remote access, BeyondTrust was ready. When cybersecurity experts started to recommend a concept called “Zero Trust,” BeyondTrust had “trust” right in their name! BeyondTrust's Josh Brodbent works with non-profit organizations like ATARC to be able to sit on committees to listen to the needs of the federal workforce. As a result, he has seen the reasons people succeed at access control and, unfortunately, how they fail. One of his observations is that Multi-Factor Authentication may not be enough for a robust deployment of Zero Trust. Most experts would criticize MFA because it frequently relies on the public phone system to transfer code. Josh points out that, in his experience, larger organizations have so many security controls that humans can get sick of all this MFA. If you get hundreds a day you may end up with “MFA” fatigue. One innovation for BeyondTrust is a concept called “Just in time” access. When installed correctly, users can get access verification promptly because the system is structured with keeping the user happy. Another term that Josh brought up was the phrase “dynamic access.” In the past, dynamic access was designed for on-premises applications. A few rules to consider, but not many. Today, we see private clouds, public clouds, hybrid clouds – a wide range of systems that can cause a complex process like dynamic access delay response.  

Joel Bomgar is a successful technology entrepreneur and statesman, founding Bomgar Corporation (now BeyondTrust) in 2003 and leading the company to a successful exit in 2014. In 2015 he was elected to the Mississippi House of Representatives, where he has served for seven years. Joel Bomgar was also one of the first investors in Próspera, has been a long-time board member of Próspera, and accepted a position as President of Próspera, reporting to Erick Brimen, the Founder, CEO, and Chairman. Próspera is the Promoter and Organizer of the next generation of Special Economic Zones in Honduras. The first development project or "Prosperity Hub" is taking place on the island of Roatán, incorporated within the Próspera Platform, a legal, governance, and regulatory framework designed to catalyze economic development, employment, and prosperity for all. The Próspera Platform delivers good governance as a service to drive human prosperity. CONNECT WITH JOEL https://twitter.com/JoelBomgar (@JoelBomgar on Twitter) https://www.facebook.com/electjoelbomgar (Joel's Facebook page) https://prospera.hn/ (Joel's Website) CONNECT WITH JOSH https://twitter.com/joshuafriedeman (@joshuafriedeman on Twitter) https://linkedin.com/in/joshuafriedeman (@joshuafriedeman on LinkedIn) https://vida.live/joshuafriedeman (@joshuafriedeman on VIDA) Josh's Email SHOW SPONSORS https://www.bizbitshow.com/swan (Swan: Start buying Bitcoin or download your free copy of "Inventing Bitcoin") https://www.bizbitshow.com/oshi (Oshi: Reward your customers for paying in Bitcoin ) COMMUNITY Connect with the https://www.meetup.com/azbitcoin/ (AZ Bitcoin Network) https://www.bizbitshow.com/meetup (Find a local Bitcoin Meetup near you!) https://twitter.com/80jmbrown ((Contact Josh Brown about adding your local meetup to the list))

Last week I had the wonderful opportunity to participate in our first live Partner Advisory Board (PAB) as the SVP Channels & Alliances at BeyondTrust. The setting was beautiful Monaco overlooking the Mediterranean Sea and the format was highly interactive. While there, I took the opportunity to record a live podcast to hear what our  … Partner Panel: How to Build a Modern Partner Ecosystem Read More » The post Partner Panel: How to Build a Modern Partner Ecosystem first appeared on Channel Journeys.

Today we are introducing After Hours with Alice & Bob, a special live episode recorded at BeyondTrust's GoBeyond event in Miami Florida. Our hosts James and Marc have a ton of fun talking to guests at the conference about embarrassing cybersecurity mistakes, AI, superheros, organized cyber crime, and more.

Jordan Gift is the Director of Strategic Initiatives at BeyondTrust, the worldwide leader in Privileged Access Management (PAM), empowering organizations to secure and manage their entire universe of privileges. On this episode of Aspiring Ops, Jordan shares her journey into the Chief of Staff role at BeyondTrust, and how it led to her role as Director of Strategic Initiatives in the Transformation Office. She also highlights the impact the Transformation Office has within the business, and how the team has helped unlock the company's strategy and drive alignment.  

New Episode of Let's Talk About SecurIT with Morey Haber, BeyondTrust CSO, prolific author and Cybersecurity thought leader. Morey and Philip discuss career, today's Cybersecurity trends and ground-breaking thoughts on three tier identity, authentication and access management.

Today we're talking to Marc Maiffret, CTO of BeyondTrust; and we discuss how Marc's career in cybersecurity started after getting raided by the FBI, Marc's co-discovery of the infamous Microsoft vulnerability Code Red, and how the culture of a company has to change fundamentally in order to make meaningful changes to security.  All of this right here, right now, on the Modern CTO Podcast!  Check out BeyondTrust at https://www.beyondtrust.com

Ever considered writing a book but thought "I'm too busy?  If you're a leader who would like to grow your thought leadership but haven't found the time or focus, then this episode is for you! Here's my interview with Morey J. Haber is Chief Security Officer at https://www.beyondtrust.com/ (BeyondTrust). He has more than 25 years of IT industry experience including previously holding a senior leadership role a eEye Digital Security. He's not only a a major thought leader in the field of digital security, he's also the author of three books. Morey made time to write these while still working as an executive. He was able to make these books a win-win for the company and for his career. Thus, they've supported his book launches along the way. We dive into his writing process, and the top reason your company could support your book project too! If you'd like grow as a thought leader in you field, then make sure to listen. LinkedIn Profile: https://www.linkedin.com/in/mjhaber/ (https://www.linkedin.com/in/mjhaber/)  Morey's books: https://www.amazon.com/Privileged-Attack-Vectors-Cyber-Defense-Organizations/dp/1484259130 (Privilege Attack Vectors)  https://www.amazon.com/Asset-Attack-Vectors-Vulnerability-Organizations/dp/1484236262 (Asset Attack Vectors) https://www.amazon.com/Identity-Attack-Vectors-Implementing-Management-ebook/dp/B082ZLLLHR (Identity Attack Vectors) WHAT YOU WILL DISCOVER FROM THIS EPISODE: Morey's first job and how it impacted his leadership. A surprising strategy to move diamonds around the Diamond District. What's so special about working for BeyondTrust. The security dangers that arose during the Pandemic. How to know when it's time to let a responsibility go. How Morey wrote three books while still being a global executive. Making your book writing book project a win-win for you and your company. Proven strategy to get your boss and company to support your book The advice he'd give his younger self… ”Shut up and listen!” The one trait to instill in every employee… accountability. How to hold someone accountable. Employee turnover and accountability. A twist in his career that led to his professional growth. How to handle it when someone on your team makes a mistake. Three success strategies for every employee. Negotiation strategies! The gadget that's made the biggest difference in his work day! 5k, 42 inches monitors! ------------------- https://www.benfanning.com/the-ceo-sessions/ (Apply to be on the show) ------------------- https://www.benfanning.com/the-ceo-sessions/ (Connect with Ben:) https://www.linkedin.com/in/benfanning/ (https://www.linkedin.com/in/benfanning/) https://www.instagram.com/benfanning1/ (https://www.instagram.com/benfanning1/) https://twitter.com/BenFanning1 (https://twitter.com/BenFanning1)

Episode SummaryThe cloud is the future for a reason. Besides its massive impact on security and more convenient file storage options, the cloud has fostered the creation of an environment where you can have all the information in the palm of your hand. And speaking of the cloud and technology, the best is yet to come.However, its ability to deliver tons of information to users worldwide is a double-edged sword. The cloud has a blend of both true and false information, which makes you doubt the credibility of any source you read, whether it's Wikipedia or a random webpage.In the new episode of Cloud Security Reinvented, Andy Ellis chats with Morey Haber, the Chief Security Officer at BeyondTrust. They get into the significance of the cloud compared to on-premise solutions, the most significant tech opportunities in the future, and the security loopholes that should have been eliminated a long time ago.##Guest-at-a-Glance

Episode SummaryThe cloud is the future for a reason. Besides its massive impact on security and more convenient file storage options, the cloud has fostered the creation of an environment where you can have all the information in the palm of your hand. And speaking of the cloud and technology, the best is yet to come.However, its ability to deliver tons of information to users worldwide is a double-edged sword. The cloud has a blend of both true and false information, which makes you doubt the credibility of any source you read, whether it's Wikipedia or a random webpage.In the new episode of Cloud Security Reinvented, Andy Ellis chats with Morey Haber, the Chief Security Officer at BeyondTrust. They get into the significance of the cloud compared to on-premise solutions, the most significant tech opportunities in the future, and the security loopholes that should have been eliminated a long time ago.##Guest-at-a-Glance