Podcasts about blackberry cylance

In today's episode, we delve into the latest cybersecurity incidents, including Cylance confirming old data sold by Sp1d3r for $750,000, ongoing disruptions in the NHS due to a Russian Qilin ransomware attack, and Google's takedown of coordinated influence campaigns linked to China, Russia, and Indonesia. We also highlight Snowflake account breaches connected to recent data compromises at Advance Auto Parts, Santander, and Ticketmaster. Join us as we explore the implications of these attacks and the latest reports from BleepingComputer, The Guardian, and The Hacker News. References: https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/ https://thehackernews.com/2024/06/google-takes-down-influence-campaigns.html https://www.theguardian.com/society/article/2024/jun/11/cyber-attack-on-london-hospitals-to-take-many-months-to-resolve Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Sp1d3r, Cylance, Snowflake, UNC5537, Google, YouTube, Blogger, Propaganda, Russian hackers, NHS, Disruption, Mitigate Search Phrases: Notorious hacker Sp1d3r data breach Cylance marketing data dark web Snowflake cybersecurity vulnerabilities UNC5537 Snowflake account security Google influence operation crackdown YouTube channel shutdown China propaganda Blogger blog purge misinformation Russia Russian hackers NHS disruption NHS cybersecurity breach recovery Mitigating hacker impact on NHS Cylance confirms data breach linked to 'third-party' platform https://www.bleepingcomputer.com/news/security/cylance-confirms-data-breach-linked-to-third-party-platform/ ---`Flash Briefing: Data Breach Disclosure: Cylance confirmed that data being sold on a hacking forum is legitimate but old, stolen from a third-party platform. The data allegedly includes 34 million customer and employee emails and personally identifiable information. Source: BleepingComputer. Threat Actor Activity: A hacker known as Sp1d3r is selling the stolen data for $750,000. Researchers indicated this data seems to be old marketing information. BlackBerry Cylance stated no current customers or sensitive data are impacted. Source: Dark Web Informer. Snowflake Links: The same threat actor, Sp1d3r, is also selling 3TB of data from Advance Auto Parts, allegedly breached through a Snowflake account. Other recent breaches at Santander, Ticketmaster, and QuoteWizard also link to Snowflake attacks. Source: BleepingComputer. Credential Theft: Attackers used stolen customer credentials to target Snowflake accounts without multi-factor authentication (MFA). Mandiant linked these attacks to a financially motivated threat actor, UNC5537, who has been active since at least 2020. Source: Mandiant. Recommendations: Ensure all accounts, particularly those related to third-party platforms, have MFA enabled. Regularly update and rotate credentials, and implement network allow lists to restrict access to trusted locations. Source: CrowdStrike, Mandiant. Ongoing Notifications: Snowflake and Mandiant have notified around 165 organizations about potential exposure to these attacks, emphasizing the importance of cybersecurity hygiene and proactive measures. Source: Snowflake. Google Takes Down Influence Campaigns Tied to China, Indonesia, and Russia https://thehackernews.com/2024/06/google-takes-down-influence-campaigns.html ---`- Google Takes Down Inauthentic Channels: Google dismantled a coordinated influence operation connected to the People's Republic of China, removing 1,320 YouTube channels and 1,177 Blogger blogs spreading content about China and U.S. foreign affairs. (Source: Google Threat Analysis Group) Influence Operations Linked to Indonesia: Google also terminated accounts linked to two influence operations from Indonesia that supported the ruling party, further showcasing the global nature of these coordinated efforts. (Source: Google Threat Analysis Group) Russian Influence Network Dismantled: Google removed 378 YouTube channels operated by a Russian consulting firm that spread pro-Russia and anti-Ukraine content, highlighting the ongoing digital battlegrounds. (Source: Google Threat Analysis Group) Monetary Motives Behind Fake Content: Financial incentives drove a network linked to individuals from the Philippines and India, spreading English and Norwegian content about food, sports, and lifestyle topics. (Source: Google Threat Analysis Group) Global Influence Campaigns: Networks from Pakistan, France, Russia, and Myanmar also faced shutdowns for spreading politically charged and nationalistic content, illustrating the diverse sources of disinformation. (Source: Google Threat Analysis Group) Meta and OpenAI Disrupt Tel Aviv-Based Operation: Meta and OpenAI disrupted a Tel Aviv-based influence operation dubbed Storm-1099, which targeted U.S. and Canadian audiences with content regarding the Israel-Hamas conflict. (Source: Meta via CyberScoop) Israel's Ministry of Diaspora Affairs Linked: The New York Times reported Israel's Ministry of Diaspora Affairs funded the covert influence campaign with around $2 million, marking another instance of state-sponsored disinformation. (Source: The New York Times) Microsoft Warns of Russian Disinformation: Microsoft warned of increasing Russian disinformation campaigns targeting the 2024 Summer Olympics in Paris, using AI-generated content to undermine the event and spread fear. (Source: Microsoft Threat Analysis Center) Olympics as a Cyber Threat Target: Google-owned Mandiant and Recorded Future identified the Paris Olympics as a high-risk target for cyber threats, including ransomware, espionage, and hacktivist attacks, emphasizing the need for robust cybersecurity measures. (Source: Mandiant and Recorded Future) Cyber-attack on London hospitals to take ‘many months' to resolve https://www.theguardian.com/society/article/2024/jun/11/cyber-attack-on-london-hospitals-to-take-many-months-to-resolve --- Cyber-attack Impact Duration: A senior NHS source warned that the cyber-attack disrupting hospitals and GP surgeries in London may take "many months" to resolve. Key recovery factors: understanding hacker access, affected records, and data retrievability. Scope and Perpetrators: Six NHS trusts and numerous GP practices in south-east London, serving 2 million patients, are affected. Russian Qilin gang believed responsible, using ransomware to lock systems and demand money for decryption keys. Service Disruptions: Critical incident declared due to inability to perform non-urgent operations, including cancer procedures and planned C-sections. Blood test analysis severely restricted, forcing rationing and cancellation of many medical procedures. Recovery Challenges: IT systems encrypted by attackers force victims to rebuild infrastructure, even if decrypted. Former NCSC head, Ciaran Martin, noted that recovery from such attacks often takes weeks or months. Mitigation Efforts: NHS London region employs "mutual aid" by redistributing tasks to unaffected trusts to mitigate care delivery impact. Example: Patients with heart issues transferred from affected hospitals to St George's hospital. Leadership Insights: NHS England's chief executive, Amanda Pritchard, emphasized the vulnerability to international events and the critical, often unseen, role of pathology services. Ongoing Threats: Qilin gang typically also steals data, posting it on the dark web for extortion if ransom isn't paid. No data has been posted yet.

Pure Storage hacked via Snowflake workspace BreachForums down again and official Telegram channels deleted  BlackBerry Cylance data up for sale Thanks to today's episode sponsor, Vanta Whether you're starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, you can streamline security reviews by automating questionnaires and demonstrating your security posture with a customer-facing Trust Center. Over 7,000 global companies like Atlassian, Flo Health, and Quora use Vanta to manage risk and prove security. Our listeners get $1,000 off at Vanta.com/headlines. For the stories behind the headlines, visit CISOseries.com.

In this sponsored standalone episode I speak with Ismael Valenzuela, VP of Threat Research and Intelligence at Blackberry Cylance. We discuss: Modern Threat Intelligence The shifting attention of attackers GenAI attacks How defenders are adapting to AI attacks And many other topics Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.

This week Ismael Valenzuela, Vice President of Threat Research & Intelligence at BlackBerry join the podcast to share perspective from the security threat frontlines. We explore zero day vulnerabilities and information stealers, differing risk appetites across organizations of every size, the criticality of information sharing to mitigate emerging threats, and breaking down the security basics that are key to shoring up defenses. We also touch on topics including cyberwar, naming the latest malware threat, and the operationalizing of security in running a business today.    Ismael Valenzuela is Vice President Threat Research & Intelligence at BlackBerry Cylance, where he leads threat research, intelligence, and defensive innovation. Ismael is co-author of the Cyber Defense and Blue Team Operations course, SANS SEC530: Defensible Security Architecture and Engineering. Ismael Valenzuela has participated as a security professional in numerous projects across the globe for over 20+ years, which included being the founder of one of the first IT Security consultancies in Spain.   For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e213

Welcome to The Incident Report Episode 38. Adam and Paul discuss the holidays, Windows Virtual Desktops, BlockFi, Citrix, and Telecom Turmoil. On Dec. 6th join Quest and BlackBerry Cylance® to get a firsthand look at how the Cylance AI-based platform prevents cyber-attacks against the most advanced attacks. Featuring real-time demonstrations of advanced attack techniques, this event will provide attendees with an understanding of prevention versus detection capabilities. Register here: https://us02web.zoom.us/webinar/register/WN_fgEQSdh2RqCMr-Er6GLCLA If you have questions or suggestions for the podcast, you can always email Paul and Adam at theincidentreport@questsys.com. Thanks for listening! Articles Cited: Windows Virtual Desktops https://www.channele2e.com/5-things/updates-28-november-2022/ BlockFi Bankruptcy https://www.cnbc.com/2022/11/28/blockfi-files-for-bankruptcy-as-ftx-fallout-spreads.html Bank Closes Painful Citrix Debt Chapter https://www.reuters.com/business/finance/banks-close-painful-citrix-debt-chapter-with-700-mln-loss-source-2022-09-21/ Turmoil in Telecoms https://channelplaybook.com/telecom/turmoil-in-telecoms/?utm_source=dlvr.it&utm_medium=linkedin The Incident Report is created by Quest Technology Management. With over 40 years of experience, Quest is a leading Technology Integrator, working seamlessly with your staff, and systems to achieve your IT goals. Learn more about everything they do at https://www.questsys.com.

Welcome to The Incident Report Episode 37. Adam and Paul discuss phishing, ransomware, and the changes you can make to help protect yourself, friends, and clients. On Dec. 6th join Quest and BlackBerry Cylance® to get a firsthand look at how the Cylance AI-based platform prevents cyber-attacks against the most advanced attacks. Featuring real-time demonstrations of advanced attack techniques, this event will provide attendees with an understanding of prevention versus detection capabilities. Register here: https://us02web.zoom.us/webinar/register/WN_fgEQSdh2RqCMr-Er6GLCLA If you have questions or suggestions for the podcast, you can always email Paul and Adam at theincidentreport@questsys.com. Thanks for listening! Articles Cited: CISA – AA21-243A https://www.cisa.gov/uscert/ncas/alerts/aa21-243a#revisions The Incident Report is created by Quest Technology Management. With over 40 years of experience, Quest is a leading Technology Integrator, working seamlessly with your staff, and systems to achieve your IT goals. Learn more about everything they do at https://www.questsys.com.

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu. You can find the newsletter version of this podcast here. Show guests include Joakim Kennedy, a security researcher at Intezer, Nishant Bhaskar and Hadi Givehcian, two computer science Ph.D. students at the University of California, San Diego. Special thanks also go out to Ismael Valenzuela from BlackBerry, Vice President Threat Research & Intelligence at BlackBerry Cylance, whose audio segment didn't make it into the show due to some audio technical issues. Show notes Risky Biz News: BPF malware is now a thing

Have you heard the cliché about sharks? The one that says if they don't keep swimming they'll die? Turns out it's pretty much true… stick around for the metaphor    -- I believe that one defines oneself by reinvention. To not be like your parents. To not be like your friends. To be yourself. To cut yourself out of stone.  -- Henry Rollins   On this episode of pm73media, Matt Stephenson sat down with Epiphany Systems co-founder and ZZ Top Level beard sophisticant Rob Bathurst for a chat about why he continues to live this startup life as opposed to staying comfortable under a large corporate or government umbrella. If you know Rob, this is a fun walk with him… if you haven't met him yet, dig it… you'll want to meet him when you see him at DEFCON… and believe me, you'll recognize him the moment you see him. Dig it   About Rob Bathurst Rob Bathurst is the co-founder and Chief Technology Officer at Epiphany Systems. In his 20-year career as an offensive cybersecurity expert, solution developer, and technology leader, Rob has led cybersecurity initiatives for Fortune 100 companies and major government agencies. He specializes in secure system design, device security, and risk mitigation.   At Epiphany, Rob is responsible for technology strategy, solution development, and market positioning. He oversees the engineering and product management teams, and acts as “chief client advocate.”   Previously, Rob was Managing Director of Embedded Systems Security at Blackberry Cylance; Principal Architect for Clinical Security and Cyber Risk at the Mayo Clinic; Cyber Exploitation Specialist for the US DOE; Lead Engineer for the US Information Systems Agency; and Cyber/Physical Security Expert at Foundstone.   Rob earned a PgD in Software and Systems Security at the University of Oxford, and undergraduate degrees in Organizational Technology and Programming/Software Development at the University of Toledo. Rob was also Technical Lead for Cyber Evaluation for the US Air Force.   About Matt Stephenson   My name is Matt Stephenson (@packmatt73) and I have hosted podcasts, videos and live events all over the world which put me with experts on every corner of the cybersecurity landscape. pm73media is my first solo endeavor. On this platform and others to come, I will continue to expand upon the tradition we started with the Insecurity podcast as I seek out the leading minds in the tech industry and beyond. I am always looking for fun people who may break things every now and again.   In 20 years in the ecosystem of Data Protection and Cybersecurity I have toured the world extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to information security, these technologies can wrong-foot the bad guys.   Whether in person, live virtual events or podcasting, I get to interview interesting people doing interesting things all over the world of technology and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy.   Wherever I go, my job is all about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round...   If you tuned in to any of my previous podcasts, there's great news…! pm73media is here! I will be bringing the same kind of energy and array of guests you know and love. Best part? We're still at the same spot. You can find it at Spotify, Apple, Amazon Music & Audible as well as GooglePlay, Gaana, Himalaya, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

  8 Steps to Better Security: A Simple Cyber Resilience Guide to Business is done all final editing and will be published by @WileyTech on October 5th.    Pre-orders are available now via Amazon, Barnes & Noble, and other retailers.   Sponsored Link: https://amzn.to/3k3pDAN   Amazon teaser: “Harden your business against internal and external cybersecurity threats with a single accessible resource.  In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.   Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:  Foster a strong security culture that extends from the custodial team to the C-suite  Build an effective security team, regardless of the size or nature of your business  Comply with regulatory requirements, including general data privacy rules and industry-specific legislation  Test your cybersecurity, including third-party penetration testing and internal red team specialists  Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries.  “

  8 Steps to Better Security: A Simple Cyber Resilience Guide to Business is done all final editing and will be published by @WileyTech on October 5th.  It is available now via Kindle.  Pre-orders are available now via Amazon, Barnes & Noble, and other retailers.   Sponsored Link: https://amzn.to/3k3pDAN   Amazon teaser: “Harden your business against internal and external cybersecurity threats with a single accessible resource.  In 8 Steps to Better Security: A Simple Cyber Resilience Guide for Business, cybersecurity researcher and writer Kim Crawley delivers a grounded and practical roadmap to cyber resilience in any organization. Offering you the lessons she learned while working for major tech companies like Sophos, AT&T, BlackBerry Cylance, Tripwire, and Venafi, Crawley condenses the essence of business cybersecurity into eight steps.   Written to be accessible to non-technical businesspeople as well as security professionals, and with insights from other security industry leaders, this important book will walk you through how to:  Foster a strong security culture that extends from the custodial team to the C-suite  Build an effective security team, regardless of the size or nature of your business  Comply with regulatory requirements, including general data privacy rules and industry-specific legislation  Test your cybersecurity, including third-party penetration testing and internal red team specialists  Perfect for CISOs, security leaders, non-technical businesspeople, and managers at any level, 8 Steps to Better Security is also a must-have resource for companies of all sizes, and in all industries. 

Kim Crawley is dedicated to researching and writing about a plethora of cybersecurity issues. Some of the companies Kim has worked for over the years include Sophos, AT&T Cybersecurity, BlackBerry Cylance, Tripwire, and Venafi. All matters red team, blue team, and purple team fascinate her. But she's especially fascinated by malware, social engineering, and advanced persistent threats. Kim's extracurricular activities include running an online cybersecurity event called DisInfoSec, and autistic self-advocacy. Phillip Wylie is a Lead Curriculum Developer at Point3 Federal, Adjunct Instructor at Dallas College (formerly Richland College), and The Pwn School Project founder. Phillip has 23 years of experience with the last 8.5 years spent as a pentester. Phillip has a passion for mentoring and education. His passion motivated him to start teaching and founding The Pwn School Project. The Pwn School Project is a monthly educational meetup focusing on ethical hacking. Phillip teaches Ethical Hacking and Web Application Pentesting at Dallas College in Dallas, TX. Phillip holds the following certifications; CISSP, NSA-IAM, OSCP, GWAPT ————————————————————————————— Connect with me here: ✉️ My weekly email newsletter: jousef.substack.com

Cyber attacks in healthcare are on the rise and as more organizations adopt new connected devices and systems, the points of vulnerability are multiplying. On top of that, clinicians and staff are busier than ever. The last thing they want to do is jump through extra security hoops to access the information they need. So how can healthcare be more secure when this is the reality? Healthcare IT Today sits down with Thomas Pace, VP of Global Enterprise Solutions at Blackberry Cylance to find out. Find more great health it content: https://www.healthcareittoday.com/

Do you have the right tools to handle a changing threat landscape, tougher regulatory climate, and increasing IT infrastructure complexity?  Over the past two decades or so, security vendors have brought to market a bewildering array of products designed to address the challenges TSPs face from constantly evolving threat and infrastructure landscapes. Expert speakers from Bitdefender, Webroot, ESET and Blackberry/Cylance join us to share the value of their solutions and how they integrate to the ConnectWise Platform.

    The BlackBerry Cylance 2020 Threat Report contains a broad range of topics vital to the interests of anyone with a computer. The report is drivey by veterans of the security industry from BlackBerry and Cylance.   The goal of the report is to make security information, predictions, and lessons learned accessible to everyone, regardless of role or title.   The 2020 Threat Report examines 2019’s major security breaches and considers recent advancements that may prevent past mistakes from repeating. We have gathered some of the researchers for a discussion about what went into the report… and what you can get out of it.   This special episode of InSecurity takes a look at the cybersecurity threats of 2019 through a conversation with Threat Researchers Ebudo Osime, Anuj Soni & Tom Bonner. We examine BlackBerry Cylance’s research on all things cybersecurity for the prior year in order to get a handle on the coming years. We’re not selling products… we’re putting our experts to work to analyze the prior year in order to see what might be coming…   About Ebudo Osime     Ebudo Osime is a Threat Intelligence Analyst at BlackBerry. She is a threat intelligence advocate, threat hunter, researcher and an engineer with over 4 years in security.   She has previously worked in IT Project Management, IT Consulting with Ernst and Young, Network and Security Operations.   Ebudo Received her GIAC certification in Threat Intelligence and holds a Masters in Electronic Systems Engineering with a specialization in creating secure protocols for detecting denial of service attacks in IoT networks.   About Anuj Soni     Anuj Soni (@asoni) is a Senior Threat Researcher at BlackBerry Cylance. In addition to his corporate work, he is a SANS Certified instructor. Anuj has over 15 years of experience in the world of cybersecurity including previous stops at Booz Allen Hamilton where he worked as an Incident Response & Malware/Forensic Analyst   About Tom Bonner     Tom Bonner (@thomas_bonner) is a Director of Threat Research: BlackBerry Cylance. With over 18 years of experience in the security industry, including stops at HP Enterprise, Promon AS and Norman Shark… Tom helped design the block, build the block and has definitely been around the Cybersecurity block    About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

How Smart Is Your Car?     The global autonomous vehicle market accounted for US $27.9 billion in 2017.   Forecasters expect a compounded annual growth rate of 41.5% through 2026 which would boost the market to US $615 BILLION   Autonomous vehicle could reach 15% of global light vehicle sales by 2030   This progress toward modern mobility sounds positive, it comes with complexities. Biggie Smalls once said something about dramatic infusions of capital and the subsequent results.   Our friends at the Ponemon Institute did some digging…   84% of automakers and their suppliers aren’t sure cybersecurity practices are keeping pace with evolving technologies 30% of survey respondents do not have an established product cybersecurity program or team 63% test less than half of their hardware, software and other technologies for vulnerabilities.   There’s plenty that the automotive industry can control. But, do you know what steps you can take to avoid the potential damage cyberthreats can cause to your organization? Well… you are in luck because today’s guest on the InSecurity Podcast is someone who knows many of those steps     This week on InSecurity, Matt Stephenson chats with Jeff Davis, Head of Smart Transportation Innovation and Development at BlackBerry about the ever-changing world of connected transportation. It’s not all self-driving cars though. Want to take a deep dive into what is involved in building a smart city? Stick around…     About Jeff Davis     Jeff Davis (@jdavisusmc) is the Head of Smart Transportation Innovation and Development at BlackBerry. In this position, Jeff holds responsibility for the strategic innovation and development of smart transportation markets. He’s developed cybersecurity, mobility and connectivity programs that specifically focus on human interaction with advanced technologies and new concepts.     About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at BlackBerry Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecuritypodcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Researchers at BlackBerry Cylance have been tracking ordinary WAV audio files being used to carry hidden malicious data used by threat actors.  Eric Milam is VP of threat research and intelligence at BlackBerry Cylance, and he joins us to share their findings. The research can be found here: https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html

Researchers at BlackBerry Cylance have been tracking ordinary WAV audio files being used to carry hidden malicious data used by threat actors.  Eric Milam is VP of threat research and intelligence at BlackBerry Cylance, and he joins us to share their findings. The research can be found here: https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

Over the last year, malware targeting businesses in Asia Pacific have increased by 270%. More than ever, businesses are not prepared in defending against mobile malware. Howie Lim and Bernard Lim speak to Brian Robison, Chief Evangelist, BlackBerry Cylance to get his insights.

Brian Robison: Mobile Malware and APT Espionage Until now, the public’s exposure to mobile phone malware has been dominated by news about the privately run “greyware” vendors, including Gamma Group, Hacking Team and NSO. Their commercial smartphone spyware seems to inevitably end up in the hands of autocrats who use it to hamper free speech, quash dissent, or worse. Consumers of these news stories are often left with the impression that mobile malware is just something paranoid dictators purchase for use within their own borders in luddite countries few people can find on a map. It is not.   In a coming report, BlackBerry Cylance researchers will reveal what the focus on those groups has overshadowed: several governments with well-established cyber capabilities have long ago adapted to, and exploited, the mobile threat landscape for a decade or more. In this context, mobile malware is not a new or niche effort, but a longstanding part of a cross-platform strategy integrated with traditional desktop malware in diverse ways across the geopolitical sphere.   This week on Insecurity, Matt Stephenson has a chat with BlackBerry Cylance Chief Evangelist Brian Robison about the scourge of Mobile Malware and how the threats that come from attacking mobile devices are different… and thus require a different mindset when it comes to securing those devices and your network.   About Brian Robison   Brian Robison has over 20 years of cybersecurity experience. As Chief Evangelist at BlackBerry Cylance he is focused on educating and inspiring the world. Robison hosts live Hacking Exposed events, where he demonstrates the tools and techniques of real-world threat actors.   Brian is a regular speaker at industry events such as RSA, Black Hat, thought leadership forums like ISC2 Think Tank and is highly sought after to speak at partner events.   Prior to joining BlackBerry Cylance, Robison worked to defend organizations from mobile security threats —three years as a Director at Citrix XenMobile and two driving enterprise strategy at Good Technology.   Brian also spent over six years at McAfee with a special focus on end-point security -leading efforts to modernize ePolicy Orchestrator. During this time, he also managed vulnerability and policy compliance solutions. His early career ranges from a six-year period with Tripwire, Inc. to cutting his professional teeth in consumer electronics at Diamond Multimedia.    About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Dave Castignola: Your Company got Acquired? Yeah… Been There   BlackBerry acquired Cylance in March… how’s it going?   On November 16, 2018, BlackBerry Limited announcedit had entered into an agreement to acquire Cylance. The announcement was met with optimism from a wide range of outlets.   “the combination of BlackBerry’s endpoint management tools and Cylance’s products could help to make the company a one-stop shop of sorts in the device protection and security market.”  -- Forbes   “$1.4bn match made in heaven”  -- The Register   On February 21, 2019, BlackBerry announced that it had completed the acquisition. The new iteration of BlackBerry Cylance made a soft opening at RSA, but the real debut was last month at Black Hat.   There have been many changes over the past 10 months, some more significant than others.   The question remains… is it working?   We are here to speak directly with someone who has been involved at the highest levels and has had his hands on the steering wheel throughout the process.   This week on Insecurity, Matt Stephenson gets the rare chance for a raw one on one conversation with BlackBerry Cylance Chief Operating Officer David Castignola, an industry veteran who lived through the RSA breach and has been on both sides of big acquistions. People have questions on who the BlackBerry Cylance integration is going… we have some answers.   About David Castignola David Castignola (@davecastignola) is the Chief Operating Officer at BlackBerry Cylance. Prior to joining Cylance, Dave was Chief Revenue Officer and Executive Vice President of Worldwide Sales at Optiv. No stranger to the Sales game, Dave closed out nearly two decades at RSA as the Sr Vice President of Worldwide Sales   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Adversarial Machine Learning: How AI is Enabling Cyber Resilience   Martin Amor: HAL, you have an enormous responsibility on this mission, in many ways perhaps the greatest responsibility of any single mission element. You're the brain, and central nervous system of the ship, and your responsibilities include watching over the men in hibernation. Does this ever cause you any lack of confidence?    HAL : Let me put it this way, Mr. Amor. The 9000 series is the most reliable computer ever made. No 9000 computer has ever made a mistake or distorted information. We are all, by any practical definition of the words, foolproof and incapable of error. 2001: A Space Odyssey,Stanley Kubrick   Artificial Intelligence as we know it is neither good nor bad. These days, it seems like you can't go anywhere without hearing about how every company is using AI. Actually…  what they are talking about, more often than not, is machine learning. As ML becomes a more ubiquitous tool for problem solving purposes, it will inevitably lead to its abuse in the form of adversarial ML. This can either be algorithms created for malicious purposes or neutral algorithms used for bad.   This week on InSecurity, Matt Stephenson speaks with BlackBerry Cylance Data Scientist Michael Slawinski and Sales Engineer Josh Fu on their Black Hat presentation discussing Adversarial Machine Learning. They predict that the next frontier for ML will be towards identification and authentication. The application of malicious intent to technology is a lot closer than we think.   About Josh Fu Josh Fu (@jfusecurity), CISM, CISSP, is a Security Engineer for Cylance. Josh has experience as a Channel Manager and consultant in cloud infrastructure and as a Sales Engineer in cybersecurity. Josh founded the West Coast chapter of the International Consortium of Minority Cybersecurity Professionals and has presented in front of industry audiences across the country.   About Michale Slawinski Michael Slawinski is a data scientist for the BlackBerry Cylance, focusing on deep learning and graph theoretic approaches to malware classification. Previously, Michael spent two and a half years working as a quantitative analyst and modeler in the commercial banking industry. He earned his B.Sc.and M.A. in mathematics at UCLA, and went on to earn a Ph.D. in mathematics from U.C. San Diego in 2011.   If you want to dig into more of what Mike is up to, check out his Github   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads theBroadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of InSecurity TV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Thema heute:    Die Top 5 Hindernisse warum künstliche Intelligenz noch nicht umfassend eingesetzt wird Es sind im Wesentlichen zwei große Hindernisse, die dem flächendeckenden Einsatz von künstlicher Intelligenz in der Cybersicherheit im Wege stehen. Die liegen zum einen in unzureichend ausgereiften KI-basierten Technologien selbst und zum anderen im Zeit- und Ressourcenmangel der betreffenden Abteilungen und Unternehmen begründet. Es besteht zwar kein Zweifel daran, dass künstliche Intelligenz einen Großteil dessen eingelöst hat, was sie im Bereich Cybersecurity zu leisten imstande ist. IT-Sicherheitsfachleute sind mit ihrer Hilfe deutlich besser in der Lage, mit besonders ausgefeilten und infolgedessen gefährlicheren Bedrohungen umzugehen. Trotzdem stehen einem umfassenden Einsatz der Technologie noch einige nicht ganz unwesentliche Hürden im Weg. Das hat eine Umfrage von BlackBerry Cylance in Zusammenarbeit mit dem SANS Institute ergeben. Ende vergangenen Jahres wurden 261 Cybersicherheitsexperten ausführlich zu ihrer Haltung gegenüber künstlicher Intelligenz befragt. 35 % der Befragten gaben an, dass die mangelnde technologische Reife von künstlicher Intelligenz der Hauptgrund ist, warum KI nicht implementiert wird. Weiterhin gaben 46 % an, dass sie künstliche Intelligenz als eine Technologie bewerten, die sich derzeit noch weiterentwickelt während demgegenüber lediglich 5 % der Befragten davon überzeugt sind, dass es sich bei KI um eine in höchstem Maße ausgereifte Technologie handelt.  Ein ebenfalls interessanter Befund betrifft die nicht ganz deckungsgleichen Meinungen von Technikern und Management. So sind die technischen Fachleute sehr viel eher davon überzeugt, dass es sich bei KI um eine ausgereifte Technologie handelt als die Führungsebene der befragten Unternehmen. Ein Faktor, der bei Cybersicherheitsexperten durchaus als Weckruf verstanden werden sollte. Offensichtlich sieht die Geschäftsführungsebene mehr Risiken als Nutzen für eine Implementierung. Eine Folge der Einschätzung, man warte lieber bis die Technologie ausreichend entwickelt sei. Umso mehr wird es zukünftig eine Rolle spielen, welche quantifizierbaren Resultate KI-basierende Lösungen hinsichtlich eines schnellen Returns on Investment (ROI) aufzuweisen haben. Weitere 27 % der Befragten gaben an, dass Zeit- und/oder Ressourcenmangel die wichtigsten Gründe sind, die sie derzeit daran hindern KI einzusetzen. 24 % fühlen sich vom Management nicht ausreichend unterstützt und auch die ausreichenden Budgets fehlen. Die Führungsebene steht also nicht unbedingt hinter der Einschätzung der technischen Fachleute, was sich wiederum mit den obigen Befunden deckt.   Diesen Beitrag können Sie nachhören oder downloaden unter:

Dave Cundiff: CylanceGUARDian of the Galaxy If you are responsible for preventing a cyber attack on your organization… What is the ultimate dilemma for this person that is trying to combat threats 24/7?  This week on DirtySecurity, Edward Preston has a chat with Dave Cundiff on BlackBerrey Cylance’s newest addition to the security family: CylanceGUARD. Take a walk with Edward and Dave to learn more about what BlackBerry Cylance is doing to combine our solutions and services to continue to prevent cyberattacks from crippling your business. About Dave Cundiff Dave Cundiff is the Director of Professional Services, specializing in ThreatZERO at BlackBerry Cylance. He is an experienced Information Technology Professional with background in a number of industries, including manufacturing, software, and utilities. Have worked as a Manager, Consultant, and Analyst with an inclusive focus in Microsoft and Unix based technologies.  About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management.  s Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit:  ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html  iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!

BlueKeep: It’s Not Just About The Worm In the last week, you have likely heard and read stories about the security vulnerability BlueKeep. It has been said to be capable of being exploited for the initiation of self-replicating worm as destructive as WannaCry. As of June 1, over 1M computers may be at risk. But is the danger really about The Worm? Or is it more about millions of endpoints providing direct ingress into networks worldwide? “The National Security Agency is urging Microsoft Windows administrators and users to ensure they are using a patched and updated system in the face of growing threats.  Microsoft has warned that this flaw is potentially “wormable,” meaning it could spread without user interaction across the internet. We have seen devastating computer worms inflict damage on unpatched systems with wide-ranging impact and are seeking to motivate increased protections against this flaw. The NSA urges everyone to invest the time and resources to know your network and run supported operating systems with the latest patches. This is critical not just for NSA’s protection of National Security Systems but for all networks.”  -- NSA Cybersecurity Advisory - Patch Remote Desktop Services on Legacy Versions of Windows In this Very Special Episode of InSecurity, Matt Stephenson rounded up a cast of experts to discuss BlueKeep… What is it? Where did it come from? Can it be stopped? Maybe a better question is… can it be prevented? After WannaCry and Petya/NotPetya… why is this happening again? We are joined by best-selling Cybersecurity author and Kip Boyle, Automox’s Richard Melick and BlackBerry|Cylance’s Scott Scheferman to take good hard look at BlueKeep. There’s a Bad Moon on the Rise… make sure you are ready for it. About Kip Boyle   Kip Boyle (@KipBoyle) is a 20-year information security expert and is the founder and CEO of Cyber Risk Opportunities. He is a former Chief Information Security Officer for both technology and financial services companies and was a cyber-security consultant at Stanford Research Institute (SRI). Boyle led the global IT risk management program for a $9 billion logistics company and was the Wide Area Network Security Director for the F-22 Raptor program. He has participated in several cybersecurity war game exercises and has worked closely with various government agencies including the FBI. Boyle is a US Air Force officer and serves on the board of directors of the Domestic Abuse Women’s Network (DAWN). He’s been quoted in Entrepreneur magazine, Chief Executive magazine, and is the co-author of Chapter 68, Outsourcing Security Functions, in The Computer Security Handbook. Fire Doesn’t Innovate Combating cybercrime is a necessity of doing business in the 21st century. Financial and identity thefts occur with annoying frequency, and no executive today can afford to ignore the damage phishing, malware, and malicious code pose to their company's future. But, with this invaluable guide, anyone, no matter what their skill level or bandwidth, can become an effective cyber risk manager.  Cybersecurity is not just a technology problem, it's a management opportunity. Learn how to manage cyber risks and ensure your company is cyber resilient now, and remain in the game no matter what the future holds.  About Richard Melick Richard Melick (@RCMelick) is a Sr. Technical Product Marketing Manager at Automox. He has over a decade of experience in Cybersecurity and Antivirus Software, working in various career functions in the industry that have taken him all over the world.  About Automox Automox (@AutomoxApp) was founded to pursue a disruptive new vision: the complete automation of endpoint configuration, patching, management and inventory. They are the only cloud endpoint management solution capable of remediating Windows, OS X, and Linux endpoints from a single platform. Automox's Dynamic Policy Engine allows IT managers to customize and group policies that ensure that every endpoint and software, regardless of location, meets regulatory and operational security requirements. About Scott Scheferman   Scott Scheferman (@transhackerism) wears many hats at BlackBerry|Cylance, working between the white spaces on the org chart to ensure timely delivery of Consulting Services, effective messaging around the value of predictive AI in the context of cybersecurity operations and risk, research around how the Temporal Predictive Advantaged (TPA) ofBlackBerry|Cylance’s AI affects the broader malware economy, and public speaking at conferences and seminars around the country.  About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV  Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!

Kim Crawley: We Need a Diversity of Brains in this World The National Autism Association states that Autism is a bio-neurological developmental disability that generally appears before the age of 3. Autism impacts the normal development of the brain in the areas of social interaction, communication skills, and cognitive function.  Since autism was first diagnosed in the U.S. the incidence has climbed to a rate of 1 in 59 children in the U.S. According to pop culture… it may be a super power as well. There seems to be a lot of Doctors on TV now who are on the Autism Spectrum like Dr. Temperance Brennan on Bones or Dr. Sheldon Cooper from The Big Bang Theory We also get the occasional action herosuch as Ryan Gosling’s The Driver or Lisbeth Salander from The Girl With the Dragon Tattoo. And of course, the classic American underdog heroes Raymond Babbitt and Forrest Gump Out here in the real world… people on the Autism Spectrum are all around you. Most of them do not have Salander like superpowers, but rather are every day Janes and Joes who go to work, do their jobs and live their lives.  Ever wonder what’s it’s like to chat with someone on the Autism Spectrum? You shouldn’t… if CDC statistics are accurate, there are nearly 6.8 MILLION people on the Autism Spectrum in the United States In this week’s episode of InSecurity, Matt Stephenson sat down with respected security writer Kim Crawley to talk about the current state of the cybersecurity world, some of the issues with locking down IoT, drumming… and Kim’s recent diagnosis as being on the Autism Spectrum. Take a walk with Kim as she shares her experience in the security industry and why being on the Autism Spectrum is just another facet of her personality. For more information on Autism, go to www.autisticadvocacy.org and look for #ActuallyAutistic on Twitter About Kim Crawley Kimberly Crawley spent years working in consumer tech support. Malware-related tickets intrigued her, and her knowledge grew from fixing malware problems on thousands of client PCs. By 2011, she was writing study material for the InfoSec Institute’s CISSP and CEH certification exam preparation programs. She’s since contributed articles on information security topics to CIO, CSO, Computerworld, SC Magazine, and 2600 Magazine. Her first solo-developed PC game, Hackers Versus Banksters, and was featured at the Toronto Comic Arts Festival in May 2016. She now writes for Tripwire, AT&T and BlackBerry Cylance. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at BlackBerry Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings. The original research can be found here: https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html

Researchers at Blackberry Cylance have been tracking payload obfuscation techniques employed by OceanLotus (APT32), specifically steganography used to hide code within seemingly benign image files. Tom Bonner is director of threat research at Blackberry Cylance, and he joins us to share their findings. The original research can be found here: https://www.cylance.com/en-us/lp/threat-research-and-intelligence/oceanlotus-steganography-malware-analysis-white-paper-2019.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Tom Pace: How Much is an Ounce of Prevention Really Worth? According to the Verizon Data Breach Investigations report, 4% of people will click on any given phishing campaign. You have 16 minutes until the first click A savvy user will report the phishing campaign within 28 minutes… In those 12 minutes, someone on the other side of the world could take your entire corporate database hostage. Then offer to sell it back to you for thousands or millions of dollars. In this week’s episode of InSecurity, Matt Stephenson sat down with BlackBerry Cylance Sr Director of Worldwide Consulting Tom Pace to have a chat about why Ransomware is still looming threat against organizations large and small. Fresh off an appearance on CBS’s 60 Minutes, Tom talks with Matt about the experience of being featured on the most respected news show in America and the effects a data breach can have on an organization and an industry. About Tom Pace Tom Pace (@TommyPastry) is a Sr. Director of Worldwide Consulting at BlackBerry Cylance. In that role, Tom ensures best-in class services delivery as well as technical expertise throughout the entire service offering lifecycle. He leverages his experience from the federal government, large financial institutions, and the military to provide strategic solutions to secure organizations. Over the course of Tom’s career, he has created a multitude of programs and strategies to ensure the effectiveness and success of cybersecurity teams and organizations.  About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts! Make sure you Subscribe, Rate and Review!

The BlackBerry Cylance 2019 Threat Report   The Cylance 2019 Threat Report represents the company’s piece of the overall cybersecurity puzzle It details the trends observed and the insights gained, and the threats Cylance’s consulting team, research team, and customers encountered over the past year Cylance shares this report in the hope that you will put it to good use in our collective ght against the rising tide of cyber attacks worldwide. The BlackBerry Cylance 2019 Threat Report provides unique findings drawn from our consulting engagements, threat research and intelligence efforts, and through feedback provided by Cylance customers. We share this information with the goal of assisting security practitioners, researchers, and individuals in our collective battle against emerging and evolving cyberthreats. Join Matt Stephenson as he chats with Aditya Kapoor, Jim Walter and Tom Bonner about the cybersecurity trends, topics, and innovations that dominated the past year. The BlackBerry Cylance panel of experts offer additional insights into the discoveries drawn from our internal data, customer communications, threat research, and intelligence efforts. About Aditya Kapoor   Aditya Kapoor is Head of Security Research and Innovation at Cylance. He joined Cylance three years ago as and is passionate about creating technologies that drive innovative features within products. He is currently focused on driving deeper program analysis for supercharging ML models, firmware security and analyzing current threat trends to drive innovative engineering solutions. Aditya speaks regularly at various conferences and firmly believes in the common cause of the security industry. Previously Aditya worked at McAfee/Intel for more than ten years as Research Architect where he reverse engineered malware, as well as designed several product technologies. About Jim Walter   Jim Walter is a Senior Security Researcher with Cylance. He focuses on next-level attacks, actors, and campaigns as well as 'underground' markets and associated criminal activity.  Jim is a regular speaker at cybersecurity events and has authored numerous articles, whitepapers and blogs specific to advanced/low-level threats. He joined Cylance following 17 years at McAfee/Intel Security running their Advanced Threat Research and Threat Intelligence teams and content streams. About Tom Bonner   Tom Bonner (@thomas_bonner) is Director of Threat Research at Cylance. He has over 17 years' experience in the cyber security/anti-malware industry as an analyst, software developer and manager. As an experienced cybersecurity professional, that’s all we could get out of him. We feel lucky to have gotten that much. About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceT  Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!

DirtySecurity: Garret Grajek: Who Does Your Computer Think You Are? Let’s ask our hacker friends… the white hats and the grey and black hats… Do identity validation tools keeping them from achieving their results?  Hardly. Where to Authentication Processes come up short? Why not get the lowdown from a man who has made a career creating and improving access and authentication… On this week’s episode of Dirty Security, Edward Preston gets the skinny on BlackBerry|Cylance VP of Identity, Garret Grajek on their latest innovation: Persona. They talk about all that is right and wrong in the world of authentication and how Artificial Intelligence is changing what’s wrong while improving what’s right. Garret Grajek   Garret Grajek is the VP of Identity at BlackBerry|Cylance. He is a certified security engineer with almost 30 years of experience in information security. Garret is recognized in the industry as a security visionary in in identity, access and authentication matters. He holds 8 patents involving x.509, mobile, SSO, federation and multi-factor technologies. He has worked on security projects for major commercial accounts including Dish Networks, Office Depot, TicketMaster, Oppenheimer, E*Trade, HP.com and public sector accounts as GSA, U.S. Navy, EPA an USUHS. Garret started his career as security programmer at the likes of Texas Instruments, IBM and Tandem Computers. He went on to distinguishing field security work for RSA, Netegrity and Cisco before being a founder and creator of SecureAuth IdP, a 2-Factor/SSO offering. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management.  Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better.  Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2  GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!

My Awesome InSecurity Podcast Mixtape: RSA Edition! RSA 2019 was another grand and glorious mess! 50,000+ attendees, vendors, journalists and who knows who else stormed San Francisco for seven days to look, listen, learn and who knows what else. We had time to sit down with a wide swath of people. We found CEOs, Engineers, Global Ambassadors and even a CIO of the White House! How bout that? Kick back and the perspectives this group of experts has to offer on the present state and future of cybersecurity Enjoy! Stuart Mcclureon the BlackBerry & Cylance, Hacking Exposed and the future BlackBerry CMO Mark Wilsonis excited about Cylance joining the BlackBerry family Tom Pace& Kevin Livellipresent Operation Shaheen at RSA Garret Grajekputs the AI in Identity Gabe Dealesees the future of BlackBerry Cylance and it Smart Cities John McClurghas been around the world… is security the tie that binds cultures? Scott Schefermanwants the industry to focus on what users need, not what vendors want Fortalice CEO Theresa Paytonis looking beyond just nation states for who is meddling with us About Matt Stephenson   Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!

Dave Castignola: The Next Chapter in A.I. Cybersecurity There’s not a whole lot in the Cybersecurity sales world that David Castignola hasn’t seen. So when BlackBerry came along and purchased Cylance, who better to help guide us through the process than the Chief Revenue Officer at BlackBerry Cylance. Edward Preston finds out how are legendary coach Bo Schembechler, a very active selfie-stick and strong adherence to successful process helping Dave guide the way through this acquisition and integration? Tune in and find out. About David Castignola David Castignola is the Chief Revenue Officer at BlackBerry Cylance. Prior to joining Cylance, Dave spent two years at Optiv as the Executive Vice President of Worldwide Sales. No stranger to the Sales game, Dave closed out his decade at RSA as the Sr Vice President of Worldwide Sales About Edward Preston   Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste  Make sure you Subscribe, Rate and Review!

Charles Eagan and Eric Cornelius: BlackBerry and Cylance Just Makes Sense Is a Terminator T-800 an endpoint? Is Voltron an endpoint? Could we have prevented a lot of damage to the Earth if Tony Stark had just installed a BlackBerry Cylance endpoint protection solution on the Iron Legion? In this week’s episode of InSecurity, Matt Stephenson chats with BlackBerry CTO Charles Eagan and BlackBerry Cylance CPO Eric Cornelius... two people charged with leading the charge to combine BlackBerry and Cylance into a security solution that will protect every Thing under the sun. Take a walk with them as Matt finds out what the future holds now that BlackBerry and Cylance have come together. If you are in San Francisco for RSA, make sure to come say hello to Charles, Eric, Matt and a lot of other interesting security folks Tuesday night at the Digital Shadows Security Leaders Party, Tuesday, March 5that 6.00 pm.  Cylance will be at Booth #6145 in the North Hall. Swing by to see demos of Cylance’s Artificial Intelligence (AI) Platform which provides advanced endpoint protection and endpoint detection and response capabilities. Join us to see for yourself how the Cylance AI Platform delivers business value and outcomes you had been told were impossible. You can also snag some of our giveaways while you’re there, so come on by.  About Charles Eagan Charles Eagan is the Chief Technology Officer for BlackBerry. In this role, Charles oversees the standardization and integration of all company products and is responsible for the advancement of new technologies and partnerships, with an emphasis on defining BlackBerry’s Enterprise of Things platform as well as driving innovation within emerging markets. Charles was previously the Global Head of Electronics at Dyson Ltd (U.K.), focused on IoT device deployment. Prior to that he served as BlackBerry’s Global Head of Device Software, and spearheaded development of the BlackBerry 10 operating system and the transition to secure Android. Charles was formerly Vice President of Engineering for QNX Software, where he concentrated on the automotive and embedded markets. He also worked at Cisco and directed development of the seminal CRS-1 carrier routing system. Charles is a noted speaker, thought leader and IoT expert who has been at the forefront of new frontiers in digital connectivity for over three decades. He graduated with honors from the University of Waterloo (Canada) with a bachelor’s degree in applied mathematics and electrical engineering minor. About Eric Cornelius   Eric Cornelius is the Chief Product Officer at Blackberry Cylance. In this role, Eric drives product and innovation. Previously Eric served as VP of Innovation, Director of Critical Infrastructure/ICS and Technical Director of Incident Response/Critical Infrastructure at Cylance. Eric brings this wealth of knowledge and long history as a security practitioner, consultant, trusted advisor and product builder to his work in elevating our product development initiatives, and to leading our product management and corporate development teams. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2  GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste  Make sure you Subscribe, Rate and Review!