Podcasts about censys

Forecast = Scattered exploits, Mirai storms brewing, and rogue drones dropping malware over Russia. Keep your firewalls up—a vulnerability front is rolling in fast! ‍ On this episode of Storm⚡️Watch, we're bringing you a packed episode that covers the latest in cyber threat intelligence, industry news, and a few stories you won't want to miss. We kick things off with our usual round of introductions and a quick look at the cyber weather, setting the stage for what's happening across the threat landscape. In our first segment, Tod shares his wrap-up from VulnCon 2025, highlighting the key takeaways and emerging trends from this year's conference. From new vulnerability research to the latest in exploit techniques, Tod breaks down what security professionals need to know and what's likely to shape the industry in the coming months. Next up, we sit down with Tracy Z. Maleeff, better known as InfosecSherpa, for an interview that traces her journey from librarian to cybersecurity professional. Tracy shares insights on career pivots, the importance of information literacy in security, and her ongoing work to make the field more accessible. Her story is a must-listen for anyone considering a move into cyber or looking for inspiration from someone who's successfully navigated the transition. We then turn our attention to a headline-grabbing story out of Ukraine, where reports indicate that drones sent into Russian territory are not just for surveillance or kinetic impact—they're also carrying malware designed to infect military systems if captured. This blend of physical and cyber warfare is a stark reminder of how modern conflicts are increasingly fought on multiple fronts, with digital payloads now as critical as traditional munitions. If we need to fill a little extra time, we'll explore some of the more bizarre aspects of hybrid warfare, including reports of weaponized consumer goods—think exploding sex toys and cosmetics—being used as part of psychological and disruption campaigns targeting the West. It's a strange new world where almost anything can be turned into a tool of conflict. We also spotlight recent research from Censys on the Salt Typhoon attacks, which underscore the need for advanced defenses as attackers continue to exploit edge devices and cloud infrastructure. Their findings highlight the importance of proactive monitoring and rapid response to emerging threats. On the GreyNoise front, we've observed a threefold surge in exploitation attempts targeting TVT DVRs, likely linked to Mirai botnet activity. This uptick is a clear signal that attackers are constantly scanning for vulnerable devices to conscript into their botnets, and it's a reminder for defenders to stay vigilant and patch exposed systems. As always, we wrap up with a round of goodbyes and a reminder to subscribe for more insights, interviews, and real-time threat intelligence. Thanks for tuning in to Storm⚡️Watch—where we keep you ahead of the cyber storms. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Patchy with a 32% backlog surge, CVE squalls causing auth bypass showers, and Lazarus fronts looming—keep your threat umbrellas handy!"

Forecast = Cloudy with a chance of cyber meatballs. ‍ We're not fooling around in this episode of Storm⚡️Watch! The show kicks off with some positive news about the Journal Times returning to full operations following a cyberattack. This is followed by important information for VMware users regarding Broadcom's significant licensing changes effective April 10, including an increase in minimum core requirements from 16 to 72 cores per command line and a new 20% penalty for late subscription renewals that will be applied retroactively. The crew then reviews results from their recent poll asking listeners which feature of encrypted messaging apps concerns them most, with options including data storage, unencrypted backups, metadata, and accidental adds. In our first segment, we discuss security concerns with the Unitree Go1 consumer-grade robot dog, specifically focusing on the recently disclosed Zhexi Oray Tunnel backdoor that has raised alarm in the security community. Next up, the team explores FamousSparrow and their SparrowDoor malware, examining the techniques and implications of this threat actor's operations. In light of recent event, the hosts provide comprehensive guidance on secure messaging practices, drawing from recent Washington Post and Wired articles. They emphasize that secure communication depends not just on the app but also on how you use it. Key recommendations include choosing contacts wisely, securing your devices by using personal rather than work equipment, setting messages to automatically delete, and selecting the right messaging apps with Signal being the top recommendation for its verifiable end-to-end encryption. They also warn about potential vulnerabilities in cross-platform messaging and advise caution with apps like Telegram. We quickly review Europol's 2025 report on the evolving landscape of organized crime, which now heavily intersects with cybercrime. Traditional criminal networks have transformed into technology-driven enterprises using AI, blockchain, and cryptocurrency to enhance their operations. The internet has become the primary theater for organized crime with data as the new currency of power. The report identifies seven key threat areas and calls for improved global financial security measures, noting that criminal asset confiscation remains stagnant at around 2%. Finally, we conclude with updates from our benevolent overlords, including Censys' reports on JunOS vulnerabilities and Kubernetes issues, VulnCheck's partnership with Filigran, runZero's approach to exposure management, and GreyNoise's observations on DrayTek router activity and Palo Alto Networks scanner activity that may indicate upcoming threats. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Router-geddon: Ballista storms brewing with a chance of unforgivable vulnerabilities. Patch umbrella required. ‍ In this episode of Storm ⚡ ️Watch, the crew laments the sorry state of modern edge computing through the lens of Steve Coley's 2007 paper on "Unforgivable Vulnerabilities". The discussion examines security flaws that should never appear in properly developed software yet continue to plague systems today. These vulnerabilities demonstrate a systematic disregard for secure development practices and would be immediately obvious to anyone with basic security awareness. The team breaks down "The Lucky 13" vulnerabilities, including buffer overflows, cross-site scripting, SQL injection, and hard-coded credentials, while also exploring how modern AI tools might inadvertently introduce these same issues into today's codebase, and how one might go about properly and safely use them in coding and security engineering. The episode also features an in-depth analysis of the newly discovered Ballista botnet that's actively targeting TP-Link Archer routers through a vulnerability discovered two years ago. First detected on January 10, 2025, this botnet has already infected over 6,000 devices worldwide, with the most recent activity observed in mid-February. The threat actors behind Ballista, believed to be based in Italy, have targeted organizations across multiple sectors including manufacturing, healthcare, services, and technology in the US, Australia, China, and Mexico. The botnet exploits CVE-2023-1389 to spread malware that establishes encrypted command and control channels, enabling attackers to launch DDoS attacks and further compromise vulnerable systems. The team rounds out the episode with updates from their partner organizations. Censys shares insights on JunOS vulnerabilities and the RedPenguin threat actor, along with an investigation into server misidentification issues. RunZero discusses the importance of cybersecurity labeling for end-of-life and end-of-support consumer IoT devices. GreyNoise alerts listeners to a new surge in SSRF exploitation attempts reminiscent of the 2019 Capital One breach and promotes their upcoming webinar on March 24th. As always, the Storm⚡️Watch crew delivers actionable intelligence and expert analysis to help security professionals stay ahead of emerging threats in the ever-evolving cybersecurity landscape. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Cloudy with a chance of compromised credentials and scattered vulnerabilities—stay alert out there! ‍ In this episode of Storm⚡️Watch, we're unpacking some of the most pressing developments in cybersecurity and what they mean for the industry. First, we tackle the state of CISA and its mounting challenges. From allegations that the Trump administration ordered U.S. Cyber Command and CISA to stand down on addressing Russian cyber threats, to financial groups pushing back against CISA's proposed incident reporting rule, there's no shortage of turbulence. Adding fuel to the fire, Homeland Security Secretary Kristi Noem has disbanded eight federal advisory committees, including key cybersecurity groups, citing compliance with a Trump-era executive order. Critics argue these cuts could weaken public-private collaboration and hinder CISA's ability to protect critical infrastructure. We'll break down what all this means for the future of cybersecurity leadership in the U.S. Next, we revisit a shocking case involving a U.S. soldier who plans to plead guilty to hacking 15 telecom carriers. This story highlights the ongoing risks posed by insider threats and the vulnerabilities within telecom networks, which are often targeted for their treasure troves of sensitive data. We'll explore how this case unfolded, what it reveals about vetting processes for individuals with access to critical systems, and the broader implications for cybersecurity in government-affiliated organizations. We also spotlight some fascinating research from Censys on a phishing scam exploiting toll systems across multiple states. Attackers are leveraging cheap foreign SIM cards and Chinese-hosted infrastructure in a campaign that keeps evolving. Plus, RunZero sheds light on a critical vulnerability affecting Edimax IP cameras (CVE-2025-1316), while GreyNoise reports on mass exploitation of a PHP-CGI vulnerability (CVE-2024-4577) and active threats linked to Silk Typhoon-associated CVEs. Storm Watch Homepage >> Learn more about GreyNoise >>  

This week we are joined by Silas Cutler, Principal Security Researcher at Censys, asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure. The research can be found here: Will the Real Volt Typhoon Please Stand Up? Learn more about your ad choices. Visit megaphone.fm/adchoices

This week we are joined by Silas Cutler, Principal Security Researcher at Censys, asking the important question of "Will the Real Volt Typhoon Please Stand Up?" The FBI's disruption of the KV Botnet in December 2023, attributed to the Chinese threat group Volt Typhoon, targeted infected systems but did not affect the botnet's control infrastructure. Despite law enforcement efforts and technical exposure, the botnet's infrastructure has remained largely stable, with only changes in hosting providers, raising questions about whether another party operates the botnet. Censys scanning data from 2024 shows a shift in the botnet's control servers, indicating a response to disruption attempts, while the botnet's operators have shown limited efforts to obscure their infrastructure. The research can be found here: Will the Real Volt Typhoon Please Stand Up? Learn more about your ad choices. Visit megaphone.fm/adchoices

Forecast = Ransomware storms surge with an 87% spike in industrial attacks—brace for ICS strikes from GRAPHITE and BAUXITE! Infostealers hit healthcare and education, while VPN vulnerabilities pour in—grab your digital umbrella! ‍ It's report season and today the crew kicks things off with a breakdown of Veracode's State of Software Security 2025 Report, highlighting significant improvements in OWASP Top 10 pass rates but also noting concerning trends in high-severity flaws and security debt. Next, we take a peek at Dragos's 2025 OT/ICS Cybersecurity Report, which reveals an increase in ransomware attacks against industrial organizations and the emergence of new threat groups like GRAPHITE and BAUXITE. The report also details the evolution of malware targeting critical infrastructure, such as Fuxnet and FrostyGoop. The Huntress 2025 Cyber Threat Report is then discussed, showcasing the dominance of infostealers and malicious scripts in the threat landscape, with healthcare and education sectors being prime targets. The report also highlights the shift in ransomware tactics towards data theft and extortion. The team also quickly covers a recent and _massive_ $1.5 billion Ethereum heist. We *FINALLY* cover some recent findings from Censys, including their innovative approach to discovering non-standard port usage in Industrial Control System protocols. This segment also touches on the growing threat posed by vulnerabilities in edge security products. We also *FINALLY* get around to checking out VulnCheck's research, including an analysis of Black Basta ransomware group's tactics based on leaked chat logs, and their efforts to automate Stakeholder Specific Vulnerability Categorization (SSVC) for more effective vulnerability prioritization. The episode wraps up with mentions of GreyNoise's latest reports on mass internet exploitation and a newly discovered DDoS botnet, providing listeners with a well-rounded view of the current cybersecurity landscape. Storm Watch Homepage >> Learn more about GreyNoise >>  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Matt Lembright, Global Lead of Censys Search, discusses the company's role in scanning the entire internet for threats, focusing on frequency, accuracy, and data richness. Censys helps government agencies and private organizations manage their attack surfaces by identifying exposed devices and vulnerabilities. The conversation highlights the challenges of securing operational technology (OT) and Internet of Things (IoT) devices, emphasizing the importance of understanding device protocols and maintaining up-to-date software. Lembright stresses the need for community engagement, local government involvement, and effective communication to protect critical infrastructure. He also mentions Censys' cybersecurity glossary as a resource for understanding key terms and concepts.

Forecast = Expect a storm of insights as we tackle cybersecurity's cloudy diversity gaps, edge device downpours, and ransomware winds blowing from Black Basta! ‍ In this episode of Storm⚡️Watch, we kick things off with an insightful interview with Mary N. Chaney, the CEO of Minorities in Cybersecurity (MiC). MiC is a groundbreaking organization dedicated to addressing the lack of support and representation for women and minority leaders in cybersecurity. Mary shares how MiC is building a community that fosters leadership development and equips members with essential skills for career advancement. We also discuss the alarming statistics that highlight the underrepresentation of minorities in cybersecurity leadership roles and explore how MiC's programs, like The MiC Inclusive Community™ and The MiC Leadership Series™, are making a tangible difference. Next, the crew descends into a critical discussion about edge security products, drawing on insights from Censys. These devices, while vital for network protection, are increasingly becoming prime targets for attackers. We examine recent vulnerabilities added to CISA's Known Exploited Vulnerabilities catalog, including flaws in products from Palo Alto Networks and SonicWall, and explore how state-sponsored actors like Salt Typhoon are exploiting these weaknesses. The conversation underscores the importance of proactive patch management and tools like attack surface monitoring to mitigate risks. In the next segment, we analyze leaked chat logs from the Black Basta ransomware group with insights from VulnCheck. These logs reveal how Black Basta prioritizes vulnerabilities in widely used enterprise technologies, their rapid response to new advisories, and even their pre-publication knowledge of certain CVEs. We break down their strategy for selecting targets based on financial viability, industry focus, and vulnerability presence, offering actionable advice for defenders to stay ahead. Finally, we turn our attention to GreyNoise's recent observations of active exploitation campaigns targeting Cisco vulnerabilities by Salt Typhoon, a Chinese state-sponsored group. Using data from GreyNoise's global observation grid, we discuss how legacy vulnerabilities like CVE-2018-0171 remain valuable tools for advanced threat actors. This segment highlights the importance of patching unaddressed issues and leveraging real-time threat intelligence to protect critical infrastructure. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Expect increased malicious activity targeting enterprise network infrastructure and remote work platforms. ‍ In this episode of Storm⚡️Watch, the crew tackles some of the most pressing stories in cybersecurity and tech. First, we explore the case of Christian Marie Chapman, an Arizona woman who faces federal prison time for orchestrating a scheme that allowed North Korean IT workers to pose as U.S.-based employees. This operation, which generated over $17 million for North Korea, involved Chapman running a "laptop farm" that enabled remote access to U.S. company networks. The scheme not only compromised sensitive company data but also funneled money to North Korea's weapons programs. This story underscores the critical need for robust identity verification and background checks in hiring processes, especially in remote IT roles, to avoid inadvertently aiding malicious actors. Next, we discuss GreyNoise's findings on the active exploitation of a high-severity vulnerability in Palo Alto Networks PAN-OS (CVE-2025-0108). This authentication bypass flaw allows attackers to execute unauthorized PHP scripts, posing significant risks to unpatched systems. Organizations are urged to apply security patches immediately and restrict access to firewall management interfaces to mitigate potential breaches. GreyNoise's real-time intelligence highlights the importance of staying vigilant against evolving threats. In our featured segment, we sit down with Dennis Fisher, a celebrated journalist with over two decades of experience in cybersecurity reporting. Fisher shares insights from his career, including his work as co-founder of *Threatpost* and Editor-in-Chief at *Decipher*. Known for his analytical approach, Fisher has covered major cybersecurity events and delved into the motivations behind both attackers and defenders. His expertise offers a unique perspective on the complexities of information security. Finally, we touch on broader issues in vulnerability management and encryption policies. From GreyNoise's observations of exploitation surges in vulnerabilities like ThinkPHP and ownCloud to Censys' argument against weakening encryption standards, these discussions emphasize the need for proactive measures and smarter prioritization in cybersecurity strategies. Whether it's patching overlooked vulnerabilities or resisting calls to weaken encryption under the guise of security, staying informed is key to navigating today's threat landscape. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Punxsutawney Phil saw his shadow, so we can expect continued Musk-y days ahead in these remaining DOGE days of Winter. ‍ In this week's episode of GreyNoise Storm⚡️Watch, we have a bit of an AI-theme. First, the Department of Government Efficiency (DOGE), led by Elon Musk, has sparked significant privacy and security concerns by accessing sensitive federal systems like Treasury databases and Education Department records through AI-driven analysis. Critics highlight undisclosed partnerships with vendors like Inventry.ai, which allegedly introduced algorithmic bias by disproportionately targeting diversity programs and climate initiatives while retaining fossil fuel subsidies. Cybersecurity experts warn about unvetted API integrations and data security risks, as Inventry.ai processed taxpayer information without proper FedRAMP authorization. These issues have led to bipartisan calls for stricter AI procurement rules and transparency mandates to rebuild public trust. Meanwhile, Chinese AI startup DeepSeek faces scrutiny over its claims of rivaling GPT-4 at lower costs, with analysts questioning its $5.6M training budget and geopolitical alignment. The models show systematic pro-China biases, refusing to answer 88% of sensitive questions about Tiananmen Square or Taiwan while promoting CCP narratives in responses. Security researchers flag its opaque training data—potentially using OpenAI outputs—and anti-debugging features that hinder independent audits. These concerns have triggered bans in Australia, South Korea, and U.S. agencies like NASA, with EU officials noting non-compliance with cybersecurity standards. On the defense front, Splunk's DECEIVE AI honeypot introduces innovative deception tech by letting users simulate systems via text prompts, democratizing access to advanced threat detection. While it offers dynamic behavioral analysis and safe sandboxing, security professionals caution about LLM hallucination risks that could tip off attackers and ethical questions around logging fabricated credentials. The open-source tool shows promise but remains untested against sophisticated adversaries. Rounding out the cybersecurity landscape, Censys research exposes the BADBOX botnet's infrastructure and BeyondTrust vulnerabilities, while VulnCheck highlights 2024's exploitation trends and Zyxel's unpatched telnet flaws; and GreyNoise's latest Noiseletter showcases new platform features + upcoming events. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Murdoc botnet storms hit IoT devices, Mastercard's DNS flaw clouds visibility, and DHS shutdowns leave security in the dark. ‍ In this episode of Storm⚡️Watch, we explore a major DNS misconfiguration at Mastercard that went undetected for over four years. Security researcher Philippe Caturegli uncovered a simple but critical typo in Mastercard's DNS nameserver records where "akam.net" was written as "akam.ne". This error affected one in five DNS requests to Mastercard's infrastructure and could have allowed attackers to intercept emails, capture Windows authentication credentials, and distribute malware through trusted domains. The cybersecurity community was rocked by news that several crucial Department of Homeland Security advisory committees have been terminated. The Cyber Safety Review Board, which was actively investigating the Salt Typhoon hacks targeting U.S. telecommunications companies, was among the disbanded groups. This move has interrupted ongoing investigations into communications targeting high-profile political figures and raised concerns about gaps in information sharing and policy recommendations. A sophisticated new variant of the Mirai malware called the Murdoc Botnet has emerged, targeting IoT devices worldwide. With over 1,300 compromised devices and more than 100 command-and-control servers, this botnet specifically exploits vulnerabilities in AVTECH IP cameras and Huawei HG532 routers. Between December 2024 and January 2025, the botnet has launched significant DDoS campaigns against Japanese corporations, banks, and organizations across multiple sectors in various countries. The 2022 HIPAA Breach Report reveals concerning trends in healthcare security. There were 626 incidents affecting over 41 million people, with hacking and IT incidents accounting for 74% of all large breaches. Surprisingly, paper records remain a significant vulnerability, especially in smaller breaches. The report highlights persistent issues with weak authentication practices, insufficient audit controls, and incomplete risk analyses, resulting in major settlements totaling over $2.4 million. Join us for an in-depth discussion of these critical cybersecurity developments and their implications for the industry. Don't forget to check out the upcoming GreyNoise University Live event for more insights into threat intelligence and network security. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Breach storms surge with Chinese actors, Ivanti spreads wider, and malware disguises itself—stay alert and patched! ‍ This episode of Storm⚡️Watch features exciting developments in security tooling and concerning breaches in critical infrastructure. We're thrilled to finally talk about Censeye on the pod! It's Censys's powerful new automated hunting platform that's revolutionizing how security teams conduct threat hunting. This innovative tool combines automation with Censys's comprehensive internet scanning capabilities, complete with new gadgets that enhance threat detection and analysis capabilities. In major security news, a significant breach at the US Treasury's Committee on Foreign Investment (CFIUS) has been attributed to Chinese state-sponsored actors. This concerning development potentially exposed sensitive data about national security reviews of foreign investments in American companies. The Ivanti vulnerability situation continues to evolve, with UK domain registry giant Nominet now confirming they've been impacted by the recent Ivanti VPN exploits. This development highlights the expanding blast radius of this critical security issue. 2025 has already seen sophisticated threat actors weaponizing exploits, with researchers uncovering an information stealer disguised as a proof-of-concept exploit for the LDAPNightmare vulnerability (CVE-2024-49113). We'll explore how Censys Search is strengthening phishing prevention through advanced SSL/TLS certificate monitoring, providing organizations with crucial tools to identify and prevent potential phishing campaigns. The episode concludes with an in-depth look at GreyNoise classifications, particularly focusing on suspicious activity patterns identified in the last 24 hours. We'll break down what these classifications mean for security teams and how to leverage this intelligence effectively. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Glazed skies with Krispy breaches ahead! Holiday phishing flurries, fatigue fog, and scattered Clop showers roll in, with vulnerability storms on the horizon. ‍ On this week's episode of Storm⚡️Watch, we dive into our latest cybersecurity poll results, which revealed fascinating insights about holiday season security concerns. End-of-year tech fatigue emerged as the primary worry among respondents at 38%, while increased phishing scams followed at 34%. Holiday staffing gaps garnered 24% of responses, and supply chain threats rounded out the concerns at 14%. The cybersecurity world got a sweet taste of chaos this week with Krispy Kreme's cybersecurity incident making headlines. The famous doughnut maker faced disruptions to their online ordering system, leading to a flurry of creative headlines across the media landscape that couldn't resist playing with doughnut-themed puns while covering this serious security breach. We'll explore the latest insights from Censys's 2024 State of the Internet Report, offering a comprehensive look at the current digital landscape. The conversation then shifts to recent developments in the ransomware scene, specifically examining the Clop ransomware group's claimed responsibility for the Cleo data theft attacks. The show rounds out with an analysis of VulnCheck's latest research, covering exploitation detection through Initial Access Intelligence, an examination of the Common Vulnerability Scoring System (CVSS), and a deep look into active Command and Control (C2) servers. These technical insights provide valuable context for understanding current cyber threats and defensive strategies. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Visibility is low with a 43% chance of extended response times. Heavy downpours of healthcare vulnerabilities dominate, with brief breaks of exploit intelligence. ‍ In this week's episode of GreyNoise Storm⚡️Watch, we kick things off with our regular roundtable introductions before diving into some intriguing poll results about cybersecurity metrics. The community weighed in heavily on what drives action in their organizations, with Mean Time to Respond leading the pack at 43% of votes, followed by Mean Time to Detect at 28%. Notably, system patching status came in third at 26%, while the tongue-in-cheek option about whiskey levels in the team liquor cabinet garnered a surprising 13% of responses. The crew then gathers round the Festivus pole to channel their inner George Costanza's as they each air their grievances — cyber and possibly otherwise — from the past year. So many things were busted in 2024 that we're shocked we kept the episode under four hours. The episode features a crucial discussion on practical OPSEC fundamentals, particularly focusing on executive protection challenges. We explore how predictable movement patterns and excessive public information exposure can create security vulnerabilities. The conversation covers everything from website vulnerabilities to social media risks, emphasizing the importance of consistent security protocols and information control strategies. Healthcare cybersecurity takes center stage as we discuss recent research presented at the Health-ISAC Fall Americas Summit, courtesy of our friends at Censys. We also dig into VulnCheck's comprehensive analysis of Known Exploited Vulnerabilities for 2024, along with essential insights on exploit intelligence and vulnerability prioritization. The show wraps up with a look at the results of platform improvements since GreyNoise's "Greyt Migreytion". Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Strong vulnerability management systems roll in, with scattered threat hunting ahead. Brace for ProjectSend exploits and turbulence near Kansas City. ‍ In this episode of Storm⚡️Watch, we explore crucial cybersecurity trends and breaking developments across the industry. Our recent community poll revealed fascinating insights into resource allocation priorities, with Vulnerability Management and Patching emerging as the clear frontrunner, chosen by half of respondents. Threat Intelligence and Hunting secured the second spot with 27.3% of votes, while Security Awareness and Incident Response capabilities tied for third place. Breaking news from Kansas City highlights a significant cybersecurity incident with a federal indictment for computer hacking, demonstrating the ongoing challenges in cybercrime enforcement. Meanwhile, the cybersecurity community continues to experience shifts in social media dynamics, particularly noting the ongoing migration of cyber professionals from X (formerly Twitter) to alternative platforms. Censys has made waves with their latest release of Censeye, an innovative automated hunting tool now available to the security community. This development arrives alongside VulnCheck's critical discovery of CVE-2024-11680, a ProjectSend vulnerability currently being exploited in the wild, emphasizing the importance of rapid threat detection and response. The GreyNoise team shares exciting news about "The Greyt Migreytion," heralding the rollout of their new global observation grid, a game-changing advancement in threat detection and response. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: Stormy skies with APT28's Wi-Fi exploits and rough seas in the Baltics as undersea cables are mysteriously cut. ‍ In this episode of Storm⚡️Watch, we review the fascinating poll results that reveal communication with non-technical leaders as the most undervalued skill in modern security, garnering 220 votes across three social media platforms and significantly outpacing other critical abilities like incident report writing, OSINT, and threat hunting. The crew then examines a groundbreaking cyber attack technique dubbed the "Nearest Neighbor Attack," executed by Russian APT28. This sophisticated operation allowed attackers to breach a U.S. organization's network by exploiting nearby Wi-Fi networks through a series of calculated steps, including password spraying and compromising adjacent organizations. The attack, occurring just before Russia's invasion of Ukraine, showcases a novel vector that combines the advantages of physical proximity with remote operation capabilities. Maritime security takes center stage as we explore two major undersea cable cuts in the Baltic Sea this November. The BSC East-West Interlink between Sweden and Lithuania and the C-Lion1 connecting Finland and Germany were severed, causing notable network latency increases. A Chinese vessel, Yi Peng 3, has drawn attention in the investigation, with German Defense Minister Boris Pistorius suggesting these incidents were deliberate hybrid actions rather than accidents. We round out the episode with updates from our respective organizations, including Censys's 2024 State of the Internet Report, VulnCheck's analysis of CISA's top exploited vulnerabilities, and GreyNoise's latest insights on critical infrastructure risks and technical challenges involving null bytes. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast: High pressure systems of infrastructure attacks continues to build over U.S. utilities with scattered exploitation attempts, while the vulnerability forecast shows increasing cloudiness around CPE data availability. ‍ In today's episode, we're diving into network fingerprinting and vulnerability management with some fascinating developments in the cybersecurity landscape. Our featured guest is John Althouse, the creator of JA4+, who has developed an innovative suite of network fingerprinting methods that's making waves in threat detection. JA4+ builds on previous fingerprinting techniques but takes things further with human-readable formats and enhanced detection capabilities. John's work comes at a critical time, as we've seen an uptick in zero-day exploits targeting enterprise networks throughout 2023. The latest CISA report highlights how threat actors are becoming more sophisticated in their approaches, particularly in exploiting vulnerabilities before patches can be deployed. Speaking of vulnerabilities, we've got some concerning news about critical infrastructure security. Recent findings have exposed potential vulnerabilities in around 300 U.S. drinking water systems, highlighting the ongoing challenges in protecting our essential services. This ties directly into the importance of tools like JA4+ for detecting and preventing unauthorized access to critical systems. We're also discussing an interesting development in vulnerability management - VulnCheck's NVD++ initiative. They're outpacing NIST's National Vulnerability Database by providing CPE data for nearly 77% of CVEs published in 2024, compared to NIST's 41%. This is particularly relevant given the recent disruption in CPE data availability from the NVD. Throughout our conversation, we'll explore how these developments intersect and what they mean for the future of cybersecurity, especially in protecting critical infrastructure and managing vulnerabilities effectively. John's insights on JA4+ and its applications in real-world threat detection scenarios are particularly valuable as organizations face increasingly sophisticated cyber threats. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Turbulent conditions persist as major platforms face relentless attacks, with data breaches and DDoS storms threatening critical infrastructure and digital archives ‍ In this episode of Storm⚡️Watch, we wade into several significant cybersecurity incidents and updates. First, The American Water attack has raised concerns about the vulnerability of critical infrastructure, with potential implications for military services and water supply systems across the United States. We'll explore the details of this cyberattack and its broader impact on national security. The Internet Archive, a vital resource for digital preservation, has been facing a series of relentless attacks. We'll discuss the ongoing distributed denial-of-service (DDoS) attacks that have disrupted services, as well as a major data breach affecting 31 million users. Our conversation will cover the challenges of protecting such a vast repository of information and the potential motivations behind these persistent assaults on the "Wayback Machine" and other Archive services. On the tools and intelligence front, we'll highlight Censys' new CVE search feature, which promises to enhance vulnerability management for security professionals. We'll also discuss GreyNoise's latest analysis of Russian cyber threats, revealing that 9 out of 12 vulnerabilities tracked by GreyNoise from a recent U.S. and UK advisory are currently being actively probed. Additionally, we'll touch on GreyNoise's upcoming Quarterly Roadmap Showcase, offering listeners a glimpse into future developments. Lastly, we'll examine the recently disclosed ScienceLogic vulnerability, which has been added to CISA's Known Exploited Vulnerabilities catalog. This zero-day flaw has been linked to a breach at Rackspace, underscoring the critical nature of prompt patching and the ongoing challenges in securing third-party utilities. Join us as we break down these crucial cybersecurity stories and their implications for the digital world. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Healthcare and telecom under stormy skies—watch for cyber squalls and gusts of disinformation In this episode of Storm⚡️Watch, we dive into the world of cybersecurity with a focus on healthcare and telecommunications. We kick things off with a look at the current state of Internet of Healthcare Things (IoHT) exposures on public-facing networks. A recent study by Censys revealed some alarming findings about the security of DICOM servers, which are used for storing and transmitting medical images. With over 3,800 publicly exposed servers and data from 59 million patients at risk, it's clear that the healthcare industry needs to step up its cybersecurity game. We then shift gears to discuss a major cybersecurity incident involving Chinese hackers who managed to compromise wiretap systems of major U.S. telecom and internet providers. This breach is directly linked to the Communications Assistance for Law Enforcement Act (CALEA), a 30-year-old federal law that has long been criticized by security experts. The incident raises important questions about the balance between government surveillance needs and cybersecurity concerns. For those interested in staying up-to-date with the latest vulnerability intelligence, we highlight recent blog posts from VulnCheck, including their KEV Report and Initial Access Intelligence for September 2024. We also touch on GreyNoise's latest blog post about protecting democracy from the growing threat of deepfakes and disinformation. As always, we wrap up the episode with our "We Need to Talk About KEV" segment, where we discuss the latest additions to CISA's Known Exploited Vulnerabilities catalog. This roundup helps listeners stay informed about the most critical vulnerabilities that require immediate attention. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = 50% chance of unexpected software installations followed by scattered UDP packet sprays. ‍ In this episode of Storm⚡️Watch, we follow up on the intriguing 'Noise Storms' that had the cybersecurity community buzzing. Security researcher David Schuetz has made some fascinating discoveries about these mysterious ping packets flooding the internet. His investigation, detailed at darthnull.org/noisestorms/, takes us on a journey through packet analysis, timestamp decoding, and network protocol deep-dives, offering new perspectives on the potential origins of those enigmatic 'LOVE' packets. Our Cyberside Chat segment dives into the recent CUPS daemon vulnerability, exploring the implications of this daft uncoordinated disclosure. We'll break down the details provided by Censys in their analysis of the Common Unix Printing Service vulnerabilities. In our Cyber Focus segment, we discuss the surprising news about Kaspersky antivirus software deleting itself and installing UltraAV and other bits of code without warnings. We'll also highlight some recent blog posts from Censys, VulnCheck, and GreyNoise. These articles cover topics ranging from Fox Kitten infrastructure analysis to securing internet-exposed industrial control systems, and even delve into phishing tactics targeting election security. Our "We Need to Talk About KEV" segment rounds up the latest additions to CISA's Known Exploited Vulnerabilities catalog, keeping you informed about the most critical security issues to address. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Expect heavy BTLE storms with a high chance of UUID leaks. Pack your Faraday umbrellas and watch out for rogue packets raining from the cloud. ‍ On this episode of Storm⚡️Watch, we're diving into some major cybersecurity developments that have been making waves. We'll start by unpacking the ongoing saga of the Columbus, Ohio cyberattack, which has turned into a complex web of legal battles, data leaks, and questions about municipal cybersecurity preparedness. We'll explore how this incident is affecting the city's tech aspirations and what it means for residents' data security. Next, we're excited to bring you our Cyberside Chat, where we'll be discussing a fascinating topic: BLUUID. We'll explore how Bluetooth vulnerabilities are impacting everything from insulin pumps to firewalls. We'll break down the technical details of extracting BTLE UUIDs from Android APK files and how this process can be used to identify devices. We'll also delve into some serious vulnerabilities discovered in Firewalla firewall products, including potential remote code execution risks. As always, we'll be sharing some of our recent work in the cybersecurity field. We've got some intriguing analyses from Censys, including a deep dive into Fox Kitten infrastructure and a challenging look at securing internet-exposed industrial control systems. VulnCheck has been busy too, with a new blog post about the Flax Typhoon botnet. And don't miss our GreyNoise blog, where we're questioning assumptions about ICS security. We'll wrap up with our regular "We Need to Talk About KEV" segment, where we'll round up the latest additions to CISA's Known Exploited Vulnerabilities catalog. It's a packed episode that you won't want to miss, so tune in to stay on top of the latest in the world of cybersecurity. Storm Watch Homepage >> Learn more about GreyNoise >>  

On this episode, we're joined by GreyNoise Founder and Chief Architect, Andrew Morris, to take a ride in the Mystery Mobile to discover a hidden message buried in the payloads of over two million mis-directed ICMP packets. Along the way, we discuss the history of "noise storms" seen through the lens of GreyNoise's planetary-scale network of internet sensors, talk about some other, recent mega-storms, then don our bestest tin-foil hats to conspiracy theorize who sent this encoded message and why. Forecast - Digital Disturbance Advisory! Subscribe to Storm⚡️Watch - https://stormwatch.ing Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast - A volatile storm is brewing with lightning strikes of intrigue and clouds of legal turbulence on the horizon. In this episode of GreyNoise Storm⚡️Watch, we kick things off with intros and roundtable discussion before diving into the exciting news and discussion. Notably, Bob and Glenn are absent. In our Cyberside Chat segment, we discuss ransomware. First, we'll discuss how the US government has issued an advisory on the RansomHub ransomware group, which is believed to be responsible for a cyberattack on oil giant Halliburton. RansomHub is believed to have targeted at least 210 victims across various critical infrastructure sectors since February 2024. Then we'll examine the controversial legal battle unfolding in Columbus, Ohio. The city has taken the unusual step of suing security researcher David Leroy Ross after he publicly contradicted official statements about a recent ransomware attack. Then we'll shift gears to explore the discovery of a sophisticated espionage campaign dubbed "Voldemort," uncovered by Proofpoint researchers in August 2024. This custom malware, impersonating tax authorities across multiple countries, has targeted numerous organizations worldwide using innovative techniques. In our Shameless Self-Promotion segment, we highlight Emily and Glenn's involvement in Labscon, as well as some recent Censys advisories. Storm Watch Homepage >> Learn more about GreyNoise >>  

On this episode the crew kicks things off with a "Thorns and Roses" segment, sharing their experiences from the recent Black Hat, DEF CON, and BSides conferences. Next, they dive into the world of internet-connected industrial control systems, exploring the findings from a recent Censys research report that sheds light on the vulnerabilities and risks associated with these critical systems. The spotlight then turns to StormBamboo, a sophisticated threat actor that's been making waves in the cybersecurity community. The team breaks down how this group compromised an internet service provider to conduct DNS poisoning attacks and exploit insecure software update mechanisms. They discuss the implications of this attack, including the deployment of malware families like MACMA and POCOSTICK/MGBot, and the use of a malicious Chrome extension called RELOADEXT. Moving on, the hosts share insights from their recent work, including a look at state of exploitation in the first half of 2024 and fresh perspectives on vulnerability prioritization. They emphasize the importance of keeping vulnerability intelligence up-to-date and introduce GreyNoise's new offerings for vulnerability management teams. The episode wraps up with a look at the latest tags from GreyNoise's visualization tool and a roundupof the most recent additions to CISA's Known Exploited Vulnerabilities catalog. Forecast = Stormy skies ahead as ICS vulnerabilities rain down and foreign threat actors flood ISPs, with a high chance of KEV alerts and a 100% probability of cybersecurity drama! Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Expect a downpour of data breaches and a thick fog of trust issues. In this episode of Storm⚡️Watch, we dive into some critical cybersecurity issues affecting both government agencies and major corporations. The CISA Red Team's recent assessment of a Federal Civilian Executive Branch organization revealed significant vulnerabilities, highlighting the importance of defense-in-depth strategies. The exercise exposed weaknesses in patch management, credential security, and network segmentation, emphasizing the need for layered security controls and behavior-based threat detection. We also discuss the massive AT&T data breach linked to the Snowflake cyberattack. This incident compromised call and text records of nearly all AT&T wireless customers, spanning a six-month period in 2022. While the content of communications wasn't accessed, the breach included metadata such as phone numbers, call durations, and approximate location data. This event underscores the far-reaching consequences of supply chain attacks and the critical importance of robust cloud security measures. In our Shameless Self-Promotion segment, we highlight a recent GreyNoise Labs discovery of a path traversal vulnerability in the D-Link DIR-859 router. This perma-vuln, identified as CVE-2024-0769, leads to information disclosure and poses long-term exploitation risks as the product is no longer supported. We also touch on Censys's analysis of how Google's removal of Entrust from Chrome's Root Store will impact the internet, reflecting on the broader implications for digital certificate security. As always, we round up the latest cybersecurity trends and active campaigns in our Tag Roundup section, providing insights into the current threat landscape. We close with an update on known exploited vulnerabilities (KEVs) that organizations should prioritize in their security efforts. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Expect a 90% chance of phishing

In this episode Storm⚡️Watch, we dive into the turbulent world of cybersecurity, focusing on the latest threats and vulnerabilities shaking the digital landscape. Expect rogue VM squalls and intermittent atmospheric DNS instability as we dissect the complexities of these cyber phenomena. We kick off with our usual intros and a roundtable discussion, posing the thought-provoking question: "What's a belief you held as a child that you had to unlearn as you grew older?" This sets the stage for a reflective and engaging conversation among our hosts. Our first deep dive is into the mysterious C root-server outage, exploring the persistent issue that "It's Always DNS." Despite the fix, the cause remains unclear, leaving the internet's stability in a precarious state. We reference detailed analyses from Ars Technica and root-servers.org to unpack this enigma. Next, we shine a spotlight on the alarming rise of rogue virtual machines (VMs) in cyber intrusions, particularly focusing on MITRE's recent experiences. We discuss how threat actors have been abusing VMware environments to infiltrate defenses, as detailed in several insightful articles from MITRE Engenuity and other sources. This segment underscores the critical need for robust VM management and security practices. In our Tool Time segment, we introduce the MITRE Threat Report ATT&CK Mapper (TRAM), a powerful tool designed to enhance threat detection and response capabilities. We guide listeners through its features and practical applications, emphasizing its role in fortifying cybersecurity defenses. We take a moment for some shameless self-promotion, highlighting Censys's NextGen Mirth Connect and GreyNoise's upcoming webinar on AI for cybersecurity. These initiatives showcase the cutting-edge work being done to advance cyber defense technologies. Our tag roundup segment provides a snapshot of recent trends and active campaigns in the cybersecurity landscape, using GreyNoise's visualization tools to offer a clear and concise overview of the current threat environment. We wrap up with a KEV roundup, summarizing the latest updates from the Known Exploited Vulnerabilities catalog by CISA. This segment ensures our listeners are well-informed about the most pressing vulnerabilities and the necessary steps to mitigate them. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Intermittent internet-wide scanner probes with a 20% chance of DDoS. Believe it or not, it has been one year since we started Storm Watch. While we still don't understand it, we are so grateful to everyone who keeps coming back week after week to hear us discuss all things cybersecurity. In this episode, the team takes a look back at how we got here and looks forward at what's to come for our little podcast. We are also honored to talk with security expert and runZero Co-founder & CEO, HD Moore. Storm Watch Homepage >> Learn more about GreyNoise >>    

Forecast = Expect a stormy week ahead in the cyber world, with high chances of CWE showers. In this episode of Storm⚡️Watch, we're diving deep into the cyber world with a lineup of intriguing topics and expert insights. The spotlight of this episode shines on the 2024 Verizon Data Breach Investigations Report, a comprehensive analysis that sheds light on the evolving landscape of cyber threats and vulnerabilities. We'll quiz Glenn on the key findings of the report, discussing the significant increase in vulnerability exploitation as an initial access point, which nearly tripled in 2023. This segment will delve into the implications of these findings for organizations and the importance of robust cybersecurity measures. Our Cyber Spotlight segment will explore the impact of a recent solar storm on precision farming, highlighting how geomagnetic disturbances knocked out tractor GPS systems during a critical planting season. We'll discuss the broader implications of solar storms on GPS-dependent technologies and the steps industries can take to mitigate these risks. Additionally, we'll touch on the threats to precision agriculture in the U.S., including the warning about using Chinese-made drones in farming operations. In Tool Time, we introduce CISA's Vulnrichment, a tool designed to enrich vulnerability management processes. This segment will provide insights into how Vulnrichment can aid organizations in identifying and mitigating vulnerabilities more effectively. Our Shameless Self-Promotion segment will feature exciting updates from Censys & GreyNoise, including an upcoming report and webcast on AI for cybersecurity, and a recap of the NetNoiseCon event. We'll also drop a link to the "Year of the Vuln" as highlighted in the 2024 Verizon DBIR, a post which offers our take on surviving this challenging period. To wrap up, we'll discuss the latest trends in cyber threats and active campaigns, providing listeners and viewers with a comprehensive overview of the current cyber threat landscape. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Great weather for phishing, with a chance of scattered ransomware showers throughout the week. This week's episode features a detailed discussion on the use of anonymous proxies in cybersecurity. This segment will explore various facets of anonymous proxies, including their role in masking user identity and the challenges they pose to cybersecurity efforts. The discussion will be enriched with insights from several sources, including Okta, Orange Cyber Defense, Talos Intelligence, and DataDome, providing a comprehensive overview of how these proxies are used and detected in the cyber landscape. Another highlight of the episode is the "Cyber Spotlight" segment, which will delve into the intriguing world of vulnerability markets. This discussion will be informed by research from arXiv, offering listeners a deep dive into the complexities and ethical considerations surrounding the trade and exploitation of software vulnerabilities. Listeners will also be introduced to Arkime, an open-source tool designed for network traffic analysis, in the "Tool Time" segment. This tool is crucial for professionals looking to gain deeper insights into their network traffic and enhance their security posture. The episode will not shy away from promoting its own advancements and contributions to the cybersecurity field. Under "Shameless Self-Promotion," the podcast will discuss Censys and its recent findings on CVE-2024-4040, as well as GreyNoise's insights into Fortinet's FortiOS and their user-centric approach to cybersecurity. The "Tag Roundup" segment will provide updates on recent and active cybersecurity campaigns, offering listeners a snapshot of the current threat landscape, while the "We Need to Talk About KEV" segment will focus on a roundup of known exploited vulnerabilities, providing crucial information for cybersecurity defense. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Scattered AI showers with a chance of phishing breezes. ‍ In this episode of Storm⚡Watch, listeners delve into the latest AI technology and its impact on cybersecurity. Featuring Erick Galinkin, an esteemed AI expert, the discussion covers various topics, from Erick's AI security work at NVIDIA to recent AI-assisted threats affecting LastPass and healthcare facilities. Additionally, insights from Check Point's President on AI's evolving role in cybersecurity, as discussed in a December 2023 Fortune article, are shared. In the cyber spotlight, the team examines a XZ-style attack attempt on OpenJS, signaling a concerning development for the JavaScript community. The episode also includes a tool time segment featuring Malpedia, an extensive library of malware profiles, and a captivating data visualization project mapping out malware relationships. As usual, the show embraces a touch of self-promotion, providing updates on Censys' research into vulnerabilities affecting D-Link and Sisense. GreyNoise shares highlights from the recent NetNoiseCon event and discusses a command injection vulnerability in Palo Alto Networks' PAN-OS. We close it out with a tag roundup, spotlighting recent tags and active campaigns from GreyNoise's visualization tools. In addition, the episode offers a KEV roundup, summarizing the Known Exploited Vulnerabilities catalog from CISA, ensuring listeners are well-informed on current cybersecurity challenges. Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Hazy, with a 60% chance of KEV squals towards the end of the week. In this episode of Storm⚡Watch, we start by discussing Ivanti's CEO Jeff Abbott's pledge for a comprehensive security overhaul following a series of breaches linked to vulnerabilities, including CVE-2024-21894. We also explore Andres Freund's accidental heroism in uncovering a backdoor in Linux software, and delve into the vulnerability of D-Link NAS devices to remote code execution. Cybersecurity Frontlines: Ivanti's Pledge and Vulnerabilities Ivanti CEO Jeff Abbott has publicly committed to a comprehensive security overhaul following
a series of breaches linked to vulnerabilities in Ivanti's products. This episode will explore the
implications of Ivanti's new security initiatives and the recent discovery of critical
vulnerabilities, including CVE-2024-21894, a heap overflow vulnerability in Ivanti Connect Secure and Policy Secure. We'll discuss the company's promise to adopt a Secure-By-
Design ethos and the potential impact on the cybersecurity community. Andres Freund: The Accidental Hero
 Our Cyber Spotlight shines on Andres Freund, a software engineer whose routine
maintenance work led to the inadvertent discovery of a backdoor in a piece of Linux software
(XZ). This discovery potentially thwarted a major cyberattack, earning Freund accolades from
the tech community and a feature in The New York Times. We'll discuss the critical role of
open-source software maintainers in cybersecurity and the importance of vigilance in the
industry.
 D-Link NAS Devices Under Siege
 A significant threat looms over users of D-Link NAS devices as CVE-2024-3273, a remote
code execution vulnerability, is actively being exploited in the wild. With, perhaps, 92,000
devices at risk, we'll dissect the nature of the vulnerability, the hardcoded backdoor account,
and the command injection flaw that leaves these devices open to attack. We'll also cover the
steps D-Link has taken to address the issue and the importance of securing legacy devices.
 Shameless Self-Promotion: GreyNoise and Censys
 Don't miss our segment on GreyNoise and Censys, where we'll highlight their contributions to the cybersecurity field. GreyNoise's analysis of the D-Link NAS vulnerability and their
upcoming NetNoiseCon event are on the agenda, as well as Censys' Threat Hunting
Workshop in Philadelphia.
 Tag Round-Up: Vulnerability Alerts
 We'll wrap up with a rapid-fire rundown of recent vulnerability alerts, including a variety of
CVEs that have been identified and tagged for tracking. This segment will provide listeners
with a concise overview of the threats they should be aware of and the actions they can take
to protect their systems. Storm Watch Homepage >> Learn more about GreyNoise >>  

In this edition of Snake Oilers you'll hear pitches from three companies: Kodex: Makes a platform companies can use to interact with law enforcement (Solves the law enforcement impersonator problem, among others.) ClearVector: Cloud security startup from former FireEye/Mandiant SVP/CTO John Laliberte Censys: Scans the entire internet, identifies assets you didn't know were yours, helps you track attacker infrastructure like C2

In this edition of Snake Oilers you'll hear pitches from three companies: Kodex: Makes a platform companies can use to interact with law enforcement (Solves the law enforcement impersonator problem, among others.) ClearVector: Cloud security startup from former FireEye/Mandiant SVP/CTO John Laliberte Censys: Scans the entire internet, identifies assets you didn't know were yours, helps you track attacker infrastructure like C2

In this episode of Storm⚡️Watch we're bracing for a tempest of cybersecurity insights. The Cyberside Chat segment takes a deep dive into the Department of Justice's recent announcement regarding AI in crimes, signaling harsher sentences akin to weapon-enhanced offenses. We explore the implications of AI's double-edged sword in criminal justice, the DOJ's Justice AI initiative, and the broader Artificial Intelligence Strategy. We also discuss federal actions to regulate AI, including the Algorithmic Accountability Act of 2022, and the Executive Order on Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government. A study on AI-modified content in peer reviews at AI conferences is examined, highlighting the challenges of distinguishing AI-generated text from human-written content. In the Cyber Spotlight, we shine a light on the National Vulnerability Database (NVD) and its recent slowdown in updates. We discuss the implications for vulnerability management and the cybersecurity community's response, including NIST's efforts to form a consortium to address these issues. Tool Time introduces the Sunlight Certificate Transparency Log, a project aimed at enhancing the scalability and reliability of Certificate Transparency logs. We delve into the new tile-based architecture and its benefits for various stakeholders, including Certificate Authorities, CT monitors and auditors, web browsers, and security researchers. We also engage in some Shameless Self-Promotion, highlighting key insights from the 2024 State of Threat Hunting Report by Censys and tracking the aftermath of Atlassian's Confluence CVE-2023-22527 with GreyNoise. Our Tag Roundup covers recent tags and active campaigns, providing a snapshot of the current threat landscape. Finally, we wrap up the episode with our KEV Roundup, discussing the latest entries in CISA's Known Exploited Vulnerabilities Catalog, and close with a fun question about our dream fictional vehicles. Forecast = Expect a downpour of DDoS with a chance of ransomware gusts, and keep an umbrella handy for data breach drizzles. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Areal Cyber Flood Warning In this episode of Storm⚡️Watch we delve into a variety of cybersecurity topics that are essential for professionals in the field. The episode kicks off with a roundtable discussion, setting the stage for a deep dive into recent critical vulnerabilities in VMware's ESXi, as reported by SecurityWeek. We explore the history of VMware vulnerabilities, including the infamous log4j, and speculate on the company's future trajectory. The spotlight then shifts to Microsoft and the implications of Russia's breach of their systems, as well as the impact of the SEC's disclosure policies on Microsoft's transparency. This discussion is informed by reports from The Record and the SEC's official documentation. Our tool segment introduces listeners to aiocrioc, a project available on GitHub, and the work of James Brine, which can be found on his personal website. This tool represents the cutting edge of cybersecurity technology and is a must-know for industry professionals. We also touch on the resurgence of USB hacks by nation-states, a trend highlighted by Dark Reading, and discuss the implications of such low-tech yet effective attack vectors. In our self-promotion segment, we discuss Censys' insights on ConnectWise exposure and GreyNoise's own research on hunting for Fortinet's CVE-2024-21762. These resources are invaluable for cybersecurity practitioners looking to enhance their defensive strategies. The episode wraps up with a roundup of recent and active campaigns, as seen on GreyNoise's visualization trends, and a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, including the new KEV submission form available on the Federal Register. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

Forecast = Advanced Persistent Thunderstorms In this episode of Storm⚡️Watch, we dive deep into the evolving landscape of cybersecurity in 2024. The episode kicks off with a thought-provoking roundtable discussion, pondering the potential theme song of 2024, setting the tone for a year that's already shaping up to be full of significant cybersecurity developments. We then transition into a comprehensive analysis of recent cybersecurity events and trends that are shaping the digital world. First on the agenda is the international police operation that successfully disrupted the notorious Lockbit cybercrime gang, a significant victory in the ongoing battle against cybercrime. This is followed by an exploration of the Justice Department's court-authorized disruption of a botnet controlled by the Russian GRU, highlighting the global efforts to combat state-sponsored cyberthreats. The episode also delves into the discovery of new vulnerabilities within SolarWinds' software, some of which are unauthorized, underscoring the persistent challenges in securing widely used software platforms. The discussion then shifts to a series of high-profile hacks and leaks, including the Shanghai Anxun/I-SOON hack/leak and a significant state government leak and hack, illustrating the diverse nature of cyber threats facing organizations today. The episode emphasizes the critical need for security vendors to adopt Software Bill of Materials (SBOMs) and a resilient Software Development Life Cycle (SDLC), through the lens of Eclypsium's teardown of Ivanti. Additionally, the episode features Rezonate's guide to hardening Okta's security posture, offering practical advice for enhancing cybersecurity defenses. In company news, GreyNoise celebrates the appointment of a new CEO and shares insights from the Grimoire blog on CVE-2021-44529, further demonstrating the company's commitment to advancing cybersecurity knowledge. The episode concludes with a roundup of recent tags, active campaigns, and a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, providing listeners with a comprehensive overview of the current cybersecurity landscape and actionable insights for enhancing their security posture. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

In this episode of Storm⚡️Watch, we explore the captivating toothbrush scandal that's been stirring discussion within the infosec community. We dissect the narrative surrounding three million malware-infected smart toothbrushes allegedly manipulated into orchestrating a Swiss DDoS attack, an incident that has gained traction on platforms like InfoSec Exchange and Tom's Hardware. We then delve into the serious implications of Google's latest Spyware Report and the subsequent joint statement from various governments on the efforts to counter the proliferation and misuse of commercial spyware. These documents shed light on the alarming state of surveillance and the actions being taken at the highest levels to address these concerns. The episode continues with an analysis of the Volt Typhoon and a critical infrastructure blog post by Censys, highlighting the vulnerabilities in critical infrastructure security. This discussion is particularly timely given the recent compromise of U.S. critical infrastructure by state-sponsored actors, as reported by CISA and Lawfare Media. Canon's recent security update is also on our radar, with the company patching seven critical vulnerabilities in small office printers. This serves as a reminder of the ever-present need for vigilance in the realm of cybersecurity. We also cover CISA's guidance on 'Living Off The Land' tactics and the innovative 'Living Off The False Positives' project, which offers a fresh perspective on managing false positives in security monitoring. For those interested in malware tracking, we discuss Censys' Beginner's Guide to Tracking Malware Infrastructure, a valuable resource for anyone looking to enhance their threat intelligence capabilities. GreyNoise's contributions to the fight against ransomware are highlighted through their blog post detailing the tagging system used to battle these threats. Additionally, we touch upon the Flipper Zero controversy in Canada and the open-source SDR tech debate, as well as the latest happenings in the GreyNoise Community Forum and the Centripetal webcast. We wrap up the episode with a look at the recent tags and active campaigns visualized on GreyNoise's platform and a roundup of the Known Exploited Vulnerabilities (KEV) catalog by CISA. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

In this episode of Storm⚡️Watch, we delve into a variety of pressing cybersecurity topics, starting with a light-hearted roundtable discussion on our dream locations for the next DEFCON conference. We then move on to applaud Cloudflare for their exemplary response to a recent security breach, highlighting the importance of transparency and swift action in the face of cyber threats. The episode also covers the AnyDesk breach, shedding light on the incident and the company's response, underscoring the ever-present need for robust security measures. The conversation takes a serious turn as we discuss the CISA directive for Ivanti, mandating the shutdown of systems to mitigate vulnerabilities, a move that emphasizes the critical nature of software security in maintaining national cybersecurity. The episode also explores the alarming rise of deepfake technology, illustrated by a recent scam that defrauded a company of $25 million, and the clandestine world of fake ID creation by AI neural networks on the site OnlyFake. We delve into the technical with a look at the ICANN .internal proposal, a significant development that could impact the structure of the internet's domain name system. The episode also highlights recent vulnerabilities in Jenkins reported by Censys, providing listeners with crucial information to protect their systems. GreyNoise's contributions to the cybersecurity community are showcased through discussions on our latest blog posts, an open forum event, and a joint webcast with Centripetal, offering insights and opportunities for engagement with cybersecurity experts. The episode wraps up with a look at recent tags and active campaigns on the GreyNoise platform, providing a snapshot of the current cybersecurity landscape. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

In the latest episode of Storm⚡️Watch, we delve into the pressing issue of ransomware payments, which are on a notable decline as victims increasingly choose not to pay. The conversation then turns to the alarming frequency of cyberattacks that often go unnoticed by the public, and highlights one recent breach in the municipality where a major U.S. court case is occurring. We highlight several incidents at organizations across the globe, emphasizing the pervasive nature of these security breaches. We also dissect the sobering findings from the Dragos Industrial Ransomware Report for Q4, which reveals the increasing number of groups involved in ransomware attacks. This report underscores the challenges faced by industries in safeguarding their operations against such threats. A surprising revelation comes from Germany, where a job posting for a Windows 3.11 administrator for a rail line brings to light the outdated and insecure systems still in use, which pose significant security risks. The episode doesn't shy away from discussing major breaches, including the recent attacks on HPE and Microsoft, and the potential spillover effects these could have on the broader tech ecosystem. We also explore Cert Spotter, a Certificate Transparency log monitor from SSLMate that alerts you when an SSL/TLS certificate is issued for one of your domains. The team covers two recent blogs by Censys researchers, and takes a look at GreyNoise tags that are linked to ransomware gang activity. Lastly, we briefly note CISA's new Water and Wastewater Sector Incident Response Guid,e and touch upon the latest trends and active campaigns in the cybersecurity landscape, as well as a roundup of known exploited vulnerabilities, providing listeners with a comprehensive overview of the current state of cyber threats. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In the latest episode of GreyNoise Labs Storm⚡️Watch, we delve into a variety of cybersecurity topics that are crucial for professionals to stay abreast of. We kick off with a discussion on the World Economic Forum's Cybersecurity Outlook for 2024, providing insights into the anticipated challenges and strategies for the coming year. This is followed by an analysis of the Allianz Global Risk Barometer Redux 2024, which highlights the evolving landscape of cyber threats and their implications for global risk management. The episode also introduces LogBoost, a tool designed to enhance log analysis, which is essential for identifying and mitigating security incidents. We then shift our focus to a recent vulnerability in VMware's VCenter, as reported by Censys, and discuss its potential impact on virtual infrastructure security. GreyNoise's own research is featured prominently, with a deep dive into the F5 Big IP Remote Code Execution (RCE) vulnerabilities. We also revisit the last GreyNoise Tag Webinar, which offers a comprehensive understanding of GreyNoise tags and their application in cybersecurity. Additionally, we review the 2023 GreyNoise Retrospective Internet Exploitation Report, which provides a retrospective look at the past year's internet exploitation trends. To keep our listeners informed on the latest cyber threats, we cover the most recent tags and active campaigns as observed by GreyNoise, offering a real-time perspective on the threat landscape. Lastly, we round up the episode with a discussion on the Known Exploited Vulnerabilities (KEV) catalog from CISA, which is an essential resource for cybersecurity professionals to prioritize their defensive efforts. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In this episode of Storm⚡️Watch, we delve into a variety of cybersecurity topics, with a running theme of the vital need for Multi-Factor Authentication (MFA). We kick off with introductions and a roundtable discussion, followed by an exploration of a mass crypto-miner takedown, with insights drawn from reports by the Ukrainian Cyber Police and Bleeping Computer.  We then discuss the Ivanti debacle, referencing a blog post by Volexity. This is followed up by the note of two X account hacking events (SEC & Mandiant), as reported by The Register and Security Affairs. The NSA's warning about AI-enhanced phishing is also on our agenda, with sources from NBC News and Infosec Exchange.  We tap back to ancient Stuxnet news, the malware that cost a billion dollars, based on an article by Graham Cluley (there are some new twists to this tale). We also delve into the broad implications of the Orrick breach, as reported by Security Week.  In our tool spotlight, we feature Cyberwatch, a GitHub project by Casualtek. We also discuss a blog posts from Censys, about a Juniper vulnerability and encourage folks to attend the "Stop Predicting, Start Protecting" lunch-and-learn. From GreyNoise, we highlight the second 2024 Tag Webinar and  2023 GreyNoise Internet Exploitation Retrospective Report. We wrap up with a roundup of known exploited vulnerabilities from CISA. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>      

In this episode of Storm⚡️Watch podcast, we kick off the new year with a lively roundtable discussion. Our special guest for this episode is Andrew Morris, who brings a unique perspective to our conversation (given that he's, like, our CEO & Founder). Given Morris' propensity for “hot takes”, this should be a doozy of an interview. A significant part of our post-interview discussion revolves around the loanDepot breaches that occurred in 2023 and the start of 2024. We delve into the details of these incidents, providing insights into the cybersecurity implications and the broader impact on the industry. We also discuss the odds that little Suzie is homeless at this point. As we look ahead to the rest of 2024, we discuss several key topics. We examine the controversial stance of 23andMe, who blamed negligent breach victims for their own misfortune. We also discuss a thought-provoking article from The Economist, which suggests that ransomware could cripple entire countries, not just companies. Furthermore, we explore the disinformation landscape in the US political sphere for 2024, highlighting the potential for global disinformation and misinformation campaigns.  Tool Time shows how you, too, can be a cyber reporter by surfing the SEC EDGAR website for required breach reporting.   We engage in our usual shameless self-promption as we discuss the latest blog posts from Censys and GreyNoise, including a deep dive into the SnakeYAML deserialization vulnerability. We also discuss our first 2024 Tag Webinar, which offers a detailed exploration of GreyNoise tags. We wrap up the episode by discussing recent tags, active campaigns, and anomalies. We also highlight the wealth of information available on the CISA website, particularly focusing on the catalog of known exploited vulnerabilities and the massive KEV Drop this week. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In this episode of Storm⚡️Watch, we kick off with our usual intros and roundtable discussion between co-hosts Kimber Duke, Emily Austin, Glenn Thorpe, and boB Rudis. ​ The show continues with a celebration of the FBI's confirmation that ALPHV has, indeed, been taken down. ​ Moving on, a significant development this week is the effective implementation date of new SEC cyber reporting rules. These rules mandate that companies report "material cybersecurity incidents" to their investors. The rules went into effect this week, and VF Corporation was one of the first to report under these new guidelines. VF Corporation suffered a significant cyberattack on December 13, 2023, which has had a major impact on its operations, particularly its ability to fulfill orders during the holiday rush. We also discuss the hot-off-the-presses Xfinity breach announcement. ​ Looking ahead, we delve into our predictions for the cybersecurity landscape in 2024 (make sure to check out our companion blog post, "Weathering 2024: Storm Watch Predictions for the Year Ahead").  ​ In Tool Time, we also discuss ZOOM's Vulnerability Impact Scoring System (VISS), a resource that helps organizations assess their vulnerability to cyber threats. ​ In the realm of recent vulnerabilities, we review Censys's blog post about the JetBrains TeamCity Remote Code Execution (RCE) vulnerability (CVE-2023-42793). We also showcase a deep dive into the Apache Struts2 RCE vulnerability (CVE-2023-50164) in our blog post, "A Day in the Life of a GreyNoise Researcher." ​ In another deep dive, Ron Bowes of GreyNoise Labs digs deep into F5 BIG-IP systems, where he explored how threat actors are baiting these systems. You can read all about those findings in our blog post, "Mining the Undiscovered Country with GreyNoise EAP Sensors: F5 BIG-IP Edition." We note three new tags, including a WordPress Backup Migration RCE (CVE-2023-6553), the 3CX CRM SQL Injection (CVE-2023-49954), and the WuzhiCMS SQL Injection (CVE-2018-11528). ​ Finally, we wrap up with a discussion on the CISA's recent advisories. The first is a design alert urging manufacturers to eliminate default passwords, aptly titled "NO KEV!" The second is a joint advisory on Play Ransomware, providing crucial information to help organizations protect themselves against this threat. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In this episode of Storm⚡️Watch by GreyNoise Intelligence, we discuss the rumored takedown of the ALPHV/BlackCat ransomware site, which has been offline for days, fueling speculation that law enforcement may have finally caught up with the prolific ransomware group.  ​ We then delve into the North Korea-linked Lazarus Group's exploitation of the Log4j vulnerability in a global campaign targeting companies in the manufacturing, agriculture, and physical security sectors. This deep-dive Breaking News segment will shed some light on why attackers are still going after this two-year old weakness, and also discuss how attackers are using modern programming languages to gain efficiencies and thwart detections. ​ In our Tool Time segment, we explore the AWS Kill Switch, an open-source incident response tool for quickly locking down AWS accounts and IAM roles during a security incident.  ​ Our Shameless Self-Promotion segment drops details on upcoming GreyNoise webinars, Censys' new service tier, and a GreyNoise Labs blog on use of GreyNoise EAP sensors for novel exploitation discovery for CVE-2023-47246.  ​ Along with our CISA KEV roundup we provide a short readout on their Fourth Quarter Cybersecurity Advisory Committee Meeting and new CISA, jointly published guide on "The Case for Memory Safe Roadmaps". ​ Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

For this edition of Uncrewed Views, Scott Howe, Editorial Analyst for Commercial UAV News, spoke with Rob Knochenhauer, Director of Regulatory Affairs at Censys Technologies. Rob discussed his company's recent achievement: a 30-mile, BVLOS operation flying Sentaero 5 over a cellular network in South Florida. He also offered his perspectives on the regulatory issues facing drone operations and previewed his presentation at next February's Geo Week event, “Getting Off the Ground with UAV Survey.” Sources: Commercial UAV News: 30-Mile True BVLOS Flight – Scalable Operation for All Organizations with Sentaero 5 Geo Week: Getting Off the Ground with UAV Survey

In this episode of Storm Watch, we delve into a range of cybersecurity topics that have made headlines recently.  We kick off with a discussion on the recent agreement inked by the US, Britain, and other countries to make AI 'secure by design'. This landmark decision underscores the growing importance of cybersecurity in the era of artificial intelligence and the collective effort to ensure its safe implementation. Next, we turn our attention to the disruption of a Cyber Scam Organization through the seizure of nearly $9M in cryptocurrency. This case highlights the increasing use of digital currencies in cybercrime and the efforts by law enforcement to curb such activities. We then discuss a critical vulnerability in ownCloud, a top file-sharing service. The security bug, which reveals admin passwords, was quickly exploited in the wild, underscoring the need for swift action in addressing such vulnerabilities. The episode also covers the spread of the InfectedSlurs Botnet, which is disseminating Mirai via zero-days. This development is a stark reminder of the persistent threat posed by botnets and the importance of staying abreast of the latest cybersecurity threats. We also delve into the recent ransomware 'catastrophe' at Fidelity National Financial that caused panic among homeowners and buyers. This incident underscores the far-reaching implications of ransomware attacks and the urgent need for robust cybersecurity measures. In the automotive sector, we discuss the warning issued by auto parts giant AutoZone about a MOVEit data breach. This incident serves as a reminder of the pervasive nature of cyber threats across various industries. Celebrating its 10th anniversary, Microsoft's bug bounty program is another topic of discussion. Over the past decade, the program has awarded more than $60M, highlighting the tech giant's commitment to cybersecurity. We also touch on the intriguing topic of the 'Internet of Insecure Cows', a study that explores the vulnerabilities of IoT devices in the agricultural sector. The episode also includes discussions on Vidar tracking, a technique used to monitor the infrastructure of this notorious malware, and the concept of 'Living off the land', a stealthy cyberattack strategy. We wrap up with a look at the 'Have I Been Squatted?' service, an overview of the latest GreyNoise Tags, a roundup of Known Exploited Vulnerabilities (KEV), and a review of CISA's Ransomware Response Checklist. These resources provide valuable insights and tools for cybersecurity professionals and enthusiasts alike. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>    

Join us on an inspiring adventure through the world of cybersecurity, as we share a cup of digital coffee with our guest, Emily Austin, a seasoned professional in the tech field. Prepare to be enlightened and intrigued by her unlikely journey into the world of cybersecurity, a detour from psychology to tech that not only shows there's no single path into the industry but also demonstrates the value in diversity and unconventional paths. You'll gain insights into the world of security research, understanding the importance of different perspectives and the value of effective communication. Discover the nuances of internet mapping and security research, and get a glimpse into the day-to-day life of a team handling comprehensive internet scan data. Learn how modern conflicts shake the tech industry, as we unravel the complexities of cyber warfare and the critical role played by the Ukrainian IT army. Finally, brace yourself as we lay bare the underbelly of tech: the increased attacks on back office software. We'll take you through the potential risks and implications of assaults on file transfer tools and shed light on how these attacks are affecting enterprises and regulated industries. This episode is a thrilling exploration packed with insight and analysis - a must-listen for those curious about the ever-evolving tech field, cybersecurity, IT, and the true essence of a career in technology. Tune in to join the conversation!LinkedIn: https://www.linkedin.com/in/emilylaustin/Censys: https://censys.com/Support the showAffiliate Links:NordVPN: https://go.nordvpn.net/aff_c?offer_id=15&aff_id=87753&url_id=902 Follow the Podcast on Social Media!Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcastPatreon: https://www.patreon.com/SecurityUnfilteredPodcastYouTube: https://www.youtube.com/@securityunfilteredpodcastTikTok: Not today China! Not today

Welcome to the latest episode of Storm Watch by GreyNoise Intelligence, hosted by Emily Austin, Kimber Duke, Glenn Thorpe, and boB Rudis. In this episode, we're excited to share some good news about the takedown of the IPStorm Botnet, a significant victory in the fight against cybercrime. The Russian and Moldovan national behind the illegal botnet proxy service has pleaded guilty, marking a significant step forward in international cybersecurity efforts. In breaking news, we discuss the recent SEC complaint filed by AlphV against MeridianLink for not disclosing a breach to the SEC. The breach was linked to Confluence, and we delve into the details of this incident and its implications. We also focus on the CrushFTP RCE. In our regular programming segment, we discuss how Clorox is cleaning house after a cyberattack, with the company's cyber chief leaving as recovery efforts continue. We also talk about Rackspace's hefty $11M ransomware recovery bill, which was linked to an OWASSRF vulnerability. Toyota also makes headlines with a breach confirmed after the Medusa ransomware group threatened to leak data, an incident tied to the CitrixBleed vulnerability. We also discuss the upcoming IRISSCON cybersecurity conference, where Russian cybersecurity experts are expected to present. We reflect on the 20th anniversary of Patch Tuesday, a monthly event that has become a staple in the cybersecurity world. We also give a nod to the upcoming CAMLIS conference, which we'll cover in more detail next week. In our tool time segment, we introduce MaxCVE, a useful tool for cybersecurity professionals, and discuss the importance of container vulnerability scanning awareness.  In our self-promotion segment, we share some of the latest updates and discoveries from Censys and GreyNoise, including the introduction of Censys Search Teams, the discovery of NTC Vulkan infrastructure, and how to get a leg up on initial access ransomware with CISA KEV and GreyNoise tags. We also showcase UX and feature improvements in Sift. Finally, we discuss the latest trends in GreyNoise tags and the importance of the Known Exploited Vulnerabilities Catalog from CISA. We also cover CISA's new initiative to expand scalable cybersecurity services to protect broader critical infrastructure and their recently released Health Sector Guidance Document.  Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Himaja Motheram, Censys. In this episode: How can one create a security program around unknown problems? Don't we know a lot of the things we lack visibility into that can cause security issues? But what about the things you don't even know about in the first place? Will that thing we don't even know to look at, ever cause a security issue? Thanks to our podcast sponsor, Censys Censys is the leading Internet Intelligence Platform for Threat Hunting and Exposure Management. We provide the most comprehensive, accurate, and up-to-date map of the internet, which scans 45x more services than the nearest competitor across the world's largest certificate database (>10B). Learn more at www.censys.com.

Before we got the podcast going, we sent some love to Iceland, which is currently experiencing significant seismic activity. The Icelandic Meteorological Office has detected about 900 earthquakes in the region between Grindavík and Sundhnúkur, leading to the evacuation of the coastal town of Grindavík. The likelihood of a volcanic eruption is deemed considerable. In good news, an international syndicate involved in cybercrime has been busted with the arrest of eight people. This is a significant step in the fight against cybercrime and a testament to the hard work of law enforcement agencies worldwide. Breaking news from Maine involves a rant about MOVEit, a global data security incident that has raised concerns about data protection and privacy. We'll delve into this topic and discuss its implications. In tech news, a new cutting-edge attack has been discovered that can steal SSH cryptographic keys. This vulnerability occurs during the signature generation when a client and server are establishing a connection and affects keys using the RSA cryptographic algorithm. This discovery underscores the importance of constant vigilance and innovation in cybersecurity. In regular news, Sumo Logic has disclosed a security breach after discovering unauthorized access to its AWS account. The company has advised customers to rotate their API access keys and other credentials as a precautionary measure. Hive ransomware is back, and a new offspring, Hunters International, has taken the stage. We'll discuss this development and its potential impact on cybersecurity. We also talked about NotCVE, a new initiative in the cybersecurity world, and introduce you to a useful tool, the CVE Half Day Watcher. In our shameless self-promotion segment, we discussed the SLP Tag Blog and the new addition of PCAPs in Analysis.  We also did the usual roundup of the latest tags on GreyNoise. Finally, we discussed the latest updates from KEV, including the ACSC BCiB and the CISA Software Supply Chain Guide. Episodes Slides >> Join our Community Slack >> Learn more about GreyNoise >>    

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today. We've reached an inflection point in security. There are a handful of organizations regularly and successfully stopping cyber attacks. Most companies haven't gotten there, however. What separates these two groups? Why does it seem like we're still failing as an industry, despite seeming to collectively have all the tools, intel, and budget we've asked for? Kelly Shortridge has studied this problem in depth. She has created tools (https://www.deciduous.app/), and written books (https://www.securitychaoseng.com/) to help the community approach security challenges in a more logical and structured way. We'll discuss what hasn't worked for infosec in the past, and what Kelly thinks might work as we go into the future. During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first major exit for cybersecurity insuretechs, and discuss a few notable funding rounds. We discuss Kelly Shortridge's essay on the origins and nature of the term "security" and what it means. Stephen Schmidt suggests 6 questions every board should ask their CISO, we explore Cyentia Labs' meta analysis of MITRE ATT&CK techniques, and Phil Venables shares some hilarious takes on infosec stereotypes.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-339

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today. We've reached an inflection point in security. There are a handful of organizations regularly and successfully stopping cyber attacks. Most companies haven't gotten there, however. What separates these two groups? Why does it seem like we're still failing as an industry, despite seeming to collectively have all the tools, intel, and budget we've asked for? Kelly Shortridge has studied this problem in depth. She has created tools (https://www.deciduous.app/), and written books (https://www.securitychaoseng.com/) to help the community approach security challenges in a more logical and structured way. We'll discuss what hasn't worked for infosec in the past, and what Kelly thinks might work as we go into the future. During the news today, we went deep down the rabbithole of discussing security product efficacy. Adrian still doesn't believe in enterprise browsers beyond Google Chrome, but can't deny that Talon got a pretty favorable exit considering the state of the market. We see the first major exit for cybersecurity insuretechs, and discuss a few notable funding rounds. We discuss Kelly Shortridge's essay on the origins and nature of the term "security" and what it means. Stephen Schmidt suggests 6 questions every board should ask their CISO, we explore Cyentia Labs' meta analysis of MITRE ATT&CK techniques, and Phil Venables shares some hilarious takes on infosec stereotypes.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-339

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today. Show Notes: https://securityweekly.com/esw-339

Today, we discuss the state of attack surface across the Internet. We've known for decades now that putting an insecure service on the public Internet is a recipe for disaster, often within minutes. How has this knowledge changed the publicly accessible Internet? We find out when we talk to Censys's Aidan Holland today. Show Notes: https://securityweekly.com/esw-339

In this episode of Storm Watch our hosts discuss a variety of topics, including the top cyber conflicts, vulnerability remediation, and the latest issues with Confluence, F5, ApacheMQ, and VMware. The episode began with a brief introduction and some casual banter among the hosts. They discussed their Halloween experiences and a Glenn's obsession with Wordle. They also mentioned a movie called "Clown" that Kimber recommended for those with a fear of clowns. The hosts then moved on to discuss cybersecurity topics including: -Interview with Konstantin of CVECrowd.com - Good News: UK CVD legislation - Confluence Viz Activity - ActiveMQ Viz Activity - F5 Viz Activity - Okta breach update - QNAP vulns - Myth of the long-tail vulnerability - The release of CVSS4 - Quick FYI for the Microsoft/Foreign Policy "Digital Front Lines" magazine - Quick FYI on a Wiz blog - News about the joint Censys/GreyNoise workshop - Mention of the new GreyNoise Honeypots/honeytokens blog - Mention of the new GreyNoise Summary Stats Observable notebook - GreyNoise Tag roundup - KEV roundup - Notes that November is Critical Infra Security & Resilience Month The episode concluded with a discussion on the myth of the long tail vulnerability, a topic covered in a blog post by Ben from Cisco. The hosts agreed that the hype cycle for vulnerabilities is real and predictable, and there is no long tail vulnerability. This Episodes Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

The StormWatch podcast episode from October 31, 2023, began with the hosts in a light-hearted mood, donning costumes for Halloween. The hosts discussed the latest happenings in the cybersecurity world, focusing on the latest phones, developments at Censys and GreyNoise, and important cybersecurity news. They also touched on conspiracy theories. The hosts were in costumes, with one host dressed as the Invisible Man, another as Louise Belcher from Bob's Burgers, and another as Cozy Bear, a reference to APT 29, a cyber espionage group. They also discussed their "scariest vulnerabilities," with one host mentioning the mercenary spyware like Pegasus as a significant concern. The hosts then discussed the recent security breaches involving Okta, Beyond Trust, and 1Password. They praised 1Password for their transparent and detailed response to the incident. They also discussed the recent vulnerabilities found in SolarWinds and the subsequent charges filed by the SEC against SolarWinds and their Chief Information Security Officer for fraud and internal control failures. The hosts also discussed a tool called cvecrowd.com, which tracks CVE mentions on Mastodon, a social network. They praised the tool for its usefulness in tracking cybersecurity vulnerabilities and incidents. They also mentioned an upcoming event at a brewery where they would discuss threat hunting techniques and tips. The hosts then discussed the recent vulnerabilities found in Cisco IOS, with one host sharing her findings from her investigation into the vulnerabilities. They also discussed the importance of patching and updating systems to protect against these vulnerabilities. This Episodes Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this model are. This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-337

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this model are. This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-337

This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories. Show Notes: https://securityweekly.com/esw-337

This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories. Show Notes: https://securityweekly.com/esw-337

This episode of Storm Watch begins with introductions of the hosts - Bob, Emily (Censys), Glenn, Remy, and guest Jake Baines (VulnCheck).  The hosts discuss two ransomware groups being taken down - the Ukrainian Cyber Alliance taking down Trigona, and RagnarLocker ceasing operations. However, they note ransomware attacks often continue in new forms. The increase in Bitcoin value is also concerning, as it tends to correlate with more ransomware attacks. A significant portion of the podcast focuses on the vulnerabilities in Cisco routers and Citrix systems. The hosts explain the vulnerabilities, provide background, and detail the work done by their teams to analyze the issues. They are critical of Cisco's disclosure and patching process.  The hosts discuss the recent Okta breach, criticizing their response time and communication process. They explain how the breach occurred via access to support systems, and compromised session tokens and HAR files. The hosts emphasize the sensitivity of HAR files. Other topics covered include: Recent Citrix vulnerability Attackers targeting exposed Jupyter notebooks MGM Resorts data breach notification letters finally reaching Maine residents New open source tool Precursor for payload analysis The hosts close out with recommendations for tabletop incident response exercises, favorite Halloween candies, and a plea for better security awareness and coordination across the industry. This Episode's Slides >> Join our Community Slack >> Learn more about GreyNoise >>    

Free, ungated access to all 255+ episodes of “It's 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You're welcome to

This "Breaking News" edition of the Storm Watch podcast begins with the hosts introducing themselves and their guest, Mark from Censys. The hosts discuss the recent surge in activity around a new Cisco IOS vulnerability and the subsequent system implants. Censys has published a blog post on the topic and discovered that approximately 41,983 hosts had this implant installed, an increase of about 5,000 to 6,000 from the previous day. The hosts discuss the unique nature of this implant, noting that it does not persist through reboots or maintenance. However, attackers can establish a more permanent threshold or entry point post-implant pre-reboot. The hosts also discuss the development of a scan profile for this vulnerability, which was facilitated by information provided by Talos in their blog post. Then they discuss the distribution of the affected hosts, noting that they are spread across many different autonomous system organizations. They speculate that many of the affected systems are likely small businesses or residential users who received their devices from their Internet Service Providers (ISPs). The hosts also note that many different entities are scanning for this vulnerability, some of which are unknown, indicating that many people are opportunistically jumping on this issue. The hosts conclude the podcast by discussing the severity of this vulnerability, noting that it provides top-tier, or "God mode," access to people's networks. They encourage listeners to stay informed and safe, and they express hope that they won't have to report on another breaking news issue before their next scheduled episode. Be sure to check out the GreyNoise blog for more details and updates on this active vulnerability. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

On this episode of Storm Watch the hosts discuss a recent vulnerability in the Cisco IOS software, which they describe as a "legit terrible vulnerability". This vulnerability can be triggered to place an implant on a Cisco device, granting the attacker full access to the device. They emphasize that this is a serious issue and encourage listeners to look into it further. They also discuss a vulnerability in WordPad, which they find surprising given that WordPad is often forgotten about. They note that Microsoft has claimed to have updated WordPad to address this vulnerability and also that Microsoft is abandoning WordPad (though they made an update for this vuln). The hosts also discuss the importance of blocking outbound NTLM over SMB in Windows, with Glenn emphasizing that organizations should not allow SMB outbound from their perimeter. They discuss the challenges of restricting outbound internet access for the general user base, noting that it would require an application firewall and could potentially lead to a large number of help desk tickets. Another topic of discussion is a recent blog post by Vulncheck, which reveals that many devices have already been compromised due to the iOS software vulnerability. They note that the compromised devices were found in Digital Ocean, which they find amusing.  Finally the team reviews recent GreyNoise Tags, additions to CISA KEV, a new "KEV API" open-source tool, and the new KEV "ransomware" field, with a daily-updated visualization by GreyNoise. Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>    

In this episode of Storm Watch, the hosts were joined again by Emily Austin, a senior researcher from Censys, and Daniel Grant, a principal data scientist at GreyNoise. They discussed the SIFT tool, a new product from GreyNoise, and its potential applications in the field of cybersecurity. The hosts began by discussing a recent Microsoft report that suggested basic security hygiene could protect against 99% of attacks. They highlighted the importance of multi-factor authentication, zero trust, and patching as key elements of this basic security. The hosts also noted that 80% of ransomware compromises occur via unmanaged devices, emphasizing the need for organizations to prioritize their security efforts. Next, they discussed a recent vulnerability in Confluence, a popular team collaboration software. The vulnerability, which was exploited as a zero-day, allowed remote attackers to create new users. The hosts stressed the importance of auditing user accounts, even after patching, to ensure that no unauthorized users were created during the exploit. The hosts then turned their attention to the impact of a cyber attack on Clorox. The company has predicted a significant drop in sales due to the attack, which the hosts speculated might have been timed to coincide with flu season, a high-demand period for Clorox products. The episode also covered a new vulnerability in the HTTP/2 protocol, which could potentially be exploited for a denial-of-service (DoS) attack. The hosts noted that currently, the best protection against this type of attack is a DDoS mitigation service. Finally, the hosts discussed the addition and removal of certain devices from the Known Exploitable Vulnerabilities (KEV) list. They noted that the MeetingOwl, a device they had previously discussed, had been removed from the list. The hosts concluded the episode by emphasizing the importance of basic security measures and the role of cybersecurity professionals in protecting against threats. View Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>

Welcome to Storm Watch by GreyNoise Intelligence, where the hosts discuss the latest cybersecurity topics and news. In this episode, the hosts are joined by special guest Emily Austin, a security researcher at Censys. Censys is a company that scans the entire IPV4 space, providing fast internet-wide scan data for researchers, threat hunters, and others who need to understand the internet landscape. They also offer an attack surface management platform to help organizations identify and protect their assets. Emily is a senior researcher and leads the research team at Censys, focusing on new vulnerabilities and internet measurement analytics. During the podcast, the hosts discuss the challenges of analyzing scan data and the importance of being informed about potential threats. They also touch on the topic of threat hunting and the debate between the terms "threat hunting" and "thrunting." Emily then does a deep dive on the WS_FTP exposure situation. The hosts mention the upcoming nationwide test of the emergency alert system by FEMA, which will send alerts to cell phones, radios, and televisions. They emphasize the importance of being aware of this test and the potential for disruptions. The conversation then shifts to the recent libwebp debacle, which has made every Chromium instance vulnerable. The hosts express concern about the lack of attention this issue is receiving and the confusion caused by the changing CVEs. Along with other cyber news, the show announces a new GreyNoise Early Access Program (EAP) feature: Sift. Sift lets users with GreyNoise accounts access the same early attack triage tools the internal GreyNoise Detection Engineering team uses. GreyNoise Labs is releasing it now to get feedback from customers and the community to help make Sift as useful as possible when applied to the PCAP data coming from the GreyNoise Early Access Program new sensors. View Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

In this MeriTalking podcast, MeriTalk's Joe Franco is joined by Matt Lembright, director of Federal applications at Censys, which maintains a comprehensive internet map used for threat hunting. We'll discuss the findings in Censys's 2023 State of the Internet Report, the security vulnerabilities it uncovered, how Federal organizations can adapt – and how using data […]

This week, our guests are Emily Austin and Himaja Motheram from Censys and their sharing their research - "Months after first GoAnywhere MFT zero-day attacks, Censys still sees about 180 public admin panels." In early February 2023, Censys researchers discovered a zero-day RCE vulnerability in Fortra's “GoAnywhere MFT” (Managed File Transfer) software. After finding this the Clop ransomware gang claimed that they exploited this vulnerability to breach the data of 130 organizations and Censys found other ransomware groups were jumping on the bandwagon. They said " A single vulnerable instance has the potential to serve as a gateway to a data breach that could potentially impact millions of individuals." The research can be found here: Months after first GoAnywhere MFT zero-day attacks, Censys still sees ~180 public admin panels

This week, our guests are Emily Austin and Himaja Motheram from Censys and their sharing their research - "Months after first GoAnywhere MFT zero-day attacks, Censys still sees about 180 public admin panels." In early February 2023, Censys researchers discovered a zero-day RCE vulnerability in Fortra's “GoAnywhere MFT” (Managed File Transfer) software. After finding this the Clop ransomware gang claimed that they exploited this vulnerability to breach the data of 130 organizations and Censys found other ransomware groups were jumping on the bandwagon. They said " A single vulnerable instance has the potential to serve as a gateway to a data breach that could potentially impact millions of individuals." The research can be found here: Months after first GoAnywhere MFT zero-day attacks, Censys still sees ~180 public admin panels Learn more about your ad choices. Visit megaphone.fm/adchoices

ALPHV claims responsibility for a cyberattack on Constellation Software. A new Akira ransomware campaign spreads. CACTUS is a new ransomware leveraging VPNs to infiltrate its target. Many organizations are still vulnerable to the Go-Anywhere MFT vulnerability. Russian hacktivists interfere with the French Senate's website. Keith Mularski from EY, details their "State of the Hack" report. Emily Austin from Censys discusses the State of the Internet. And ransomware gangs target local governments in Texas and California.  For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/88 Selected reading. ALPHV gang claims ransomware attack on Constellation Software (BleepingComputer)  Constellation Software hit by cyber attack, some personal information stolen (IT World Canada)  Press Release of Constellation Software Inc. (GlobeNewswire News Room) Meet Akira — A new ransomware operation targeting the enterprise (BleepingComputer) New Cactus ransomware encrypts itself to evade antivirus (BleepingComputer)  Pro-Russian Hackers Claim Downing of French Senate Website (SecurityWeek) Dallas cyberattack highlights ransomware's risks to public safety, health (Washington Post)  Hacked: Dallas Ransomware Attack Disrupts City Services (Dallas Observer)  City of Dallas Continues Battling Ransomware Attack for Third Day (NBC 5 Dallas-Fort Worth)  San Bernardino County pays hackers $1.1 million ransom after cyber attack (Victorville Daily Press)  San Bernardino County pays $1.1M ransom after cyberattack disrupts Sheriff's Department systems (ABC7 Los Angeles) Atomic Data devastated by the unexpected death of CEO and co-owner Jim Wolford (Atomic Data)

December 28-tól új világ köszönt be a mobilozásban  IT Business     2022-12-12 11:30:02     Mobiltech Európai Unió Telefon Mobiltelefon Már csak kicsivel több, mint két esztendőt kell várnunk és megtörténik a (szinte) csoda: minden mobiltelefont ugyanolyan töltőcsatlakozással fog rendelkezni. Ez azonban nem azt jelenti, hogy bármit tölthetünk bármivel.    Az Európai Unió direktívájának hivatalos publikálása egyben azt is jelenti, hogy az 20 nap múlva, azaz december 28-án lép életbe Kísérleti állatok halála miatt dőlhet dugába Elon Musk nagy álma Rakéta     2022-12-12 06:12:07     Tudomány Elon Musk Az orvostudomány fejlődésének ma még elkerülhetetlen részét képezik az állatokon végzett kísérletek, ám a gyanú szerint a Neuralinknél a túlzott sietség a szükségesnél sokkal több kísérleti állat pusztulásához vezetett. Ütésálló Samsung okostelefonra érkezett meg az Android 13 GSMring     2022-12-12 08:04:32     Mobiltech Telefon Okostelefon Dél-Korea Samsung Android A Samsung nem áll le a frissítésekkel az idei évre, ugyanis a napokban újabb Galaxy okostelefon kapta meg a legújabb verziófrissítést. A cég egyik strapabíró telefonján van most a sor, ami itthon is kapható volt. A dél-koreai vállalat hatalmas portfólióval rendelkezik még itt Magyarországon is, ugyanis nem csak a fő szériái érhetőek el, hanem vanna Furcsa eredményeket hoztak az első kiszivárgott RX 7900 XTX benchmarkok PCWorld     2022-12-12 06:03:25     Infotech Valószínűleg a legtöbb játékos nem ilyen számokra számított, de valami egyértelműen nincs rendben az eredményekkel. A japán rizsföldeken is rendet tenne a mesterséges intelligencia Bitport     2022-12-12 09:42:02     Infotech Japán Mesterséges intelligencia BASF A német BASF technológiája olyan előrejelzésekkel látja el a gazdálkodókat, amelyekel látványos hatékonyságnövelést érhetnek el az egyre bénítóbb munkaerőhiány közepette. Történelmi siker a NASA-nál, új időszámítás kezdődött az űrkutatásban Promotions     2022-12-12 13:32:00     Tudomány Világűr NASA Sokan izgultak, hogy mi lesz a misszió végeredménye, de végre mindenki megnyugodhat. Génterápia hozhat fordulatot a rákgyógyításban 24.hu     2022-12-12 12:53:04     Tudomány A forradalmi technikát egy olyan 13 éves lányon próbálták ki, akin a hagyományos módszerek nem segítettek. A digitális marketing ismeretek gyors elavulása Márkamonitor     2022-12-12 05:06:07     Infotech Oktatás Amikor házon belülre vitted a kommunikációt, akkor még nem gondoltad, hogy a képzések ennyire fontosak lesznek. Pedig az online marketing egy kimondottan képzésintenzív terület, kevés ennyire dinamikusan változó szektor van. A Webbyskill szerint legalább 36 jól elkülöníthető területe van a professzionális digitális kommunikációnak. Ezek közül, az a Több ezer sérülékeny VPN szolgáltatás érhető el az Interneten NKI     2022-12-12 12:04:39     Infotech A VPN biztonságos kommunikációt tesz lehetővé ─ feltéve, ha az „rendesen” patchelt. A Censys legutóbbi jelentése alapján azonban épp az látszik, hogy ez sajnos sok esetben elmarad.  2000 fényévre nézett el a James Webb űrteleszkóp, különös dolgot látott hvg.hu     2022-12-12 08:03:00     Infotech Világűr Ausztrália Ausztrál csillagászok elemezték a James Webb űrteleszkóp felvételét a Déli Gyűrűs-Ködről. Óriási csillaghullás lesz: óránként akár 150 Librarius     2022-12-12 13:59:46     Tudomány Világűr Csillaghullás Geminidák Szerdáról csütörtökre virradó éjjel látványos csillaghullás figyelhető meg az égen, amikor megérkezik a Geminidák meteorraj.   A nap képe - Maxar felvételen az ISS Spacejunkie     2022-12-12 07:05:00     Tudomány Világűr Műhold Űrállomás A Maxar lefényképezte a Nemzetközi Űrállomást egy magasabban keringő műhold segítségével. Újabb csavar a Twitter-történetben? IT Business     2022-12-12 13:48:07     Infotech Twitter Elon Musk Ha van 2022-nek olyan sztorija, amely szinte csak meglepetésekkel és jogászokkal van tele, az a Twitter felvásárlása, majd az Elon Musk nevével fémjelzett működése. Hihetetlen fordulatokban eddig sem volt hiány, de itt az újabb izgalom: az ismét újraindított „kék” státusz.   A népszerű csevegőalkalmazásban korábban a hitelesnek talált csatornák kap

December 28-tól új világ köszönt be a mobilozásban  IT Business     2022-12-12 11:30:02     Mobiltech Európai Unió Telefon Mobiltelefon Már csak kicsivel több, mint két esztendőt kell várnunk és megtörténik a (szinte) csoda: minden mobiltelefont ugyanolyan töltőcsatlakozással fog rendelkezni. Ez azonban nem azt jelenti, hogy bármit tölthetünk bármivel.    Az Európai Unió direktívájának hivatalos publikálása egyben azt is jelenti, hogy az 20 nap múlva, azaz december 28-án lép életbe Kísérleti állatok halála miatt dőlhet dugába Elon Musk nagy álma Rakéta     2022-12-12 06:12:07     Tudomány Elon Musk Az orvostudomány fejlődésének ma még elkerülhetetlen részét képezik az állatokon végzett kísérletek, ám a gyanú szerint a Neuralinknél a túlzott sietség a szükségesnél sokkal több kísérleti állat pusztulásához vezetett. Ütésálló Samsung okostelefonra érkezett meg az Android 13 GSMring     2022-12-12 08:04:32     Mobiltech Telefon Okostelefon Dél-Korea Samsung Android A Samsung nem áll le a frissítésekkel az idei évre, ugyanis a napokban újabb Galaxy okostelefon kapta meg a legújabb verziófrissítést. A cég egyik strapabíró telefonján van most a sor, ami itthon is kapható volt. A dél-koreai vállalat hatalmas portfólióval rendelkezik még itt Magyarországon is, ugyanis nem csak a fő szériái érhetőek el, hanem vanna Furcsa eredményeket hoztak az első kiszivárgott RX 7900 XTX benchmarkok PCWorld     2022-12-12 06:03:25     Infotech Valószínűleg a legtöbb játékos nem ilyen számokra számított, de valami egyértelműen nincs rendben az eredményekkel. A japán rizsföldeken is rendet tenne a mesterséges intelligencia Bitport     2022-12-12 09:42:02     Infotech Japán Mesterséges intelligencia BASF A német BASF technológiája olyan előrejelzésekkel látja el a gazdálkodókat, amelyekel látványos hatékonyságnövelést érhetnek el az egyre bénítóbb munkaerőhiány közepette. Történelmi siker a NASA-nál, új időszámítás kezdődött az űrkutatásban Promotions     2022-12-12 13:32:00     Tudomány Világűr NASA Sokan izgultak, hogy mi lesz a misszió végeredménye, de végre mindenki megnyugodhat. Génterápia hozhat fordulatot a rákgyógyításban 24.hu     2022-12-12 12:53:04     Tudomány A forradalmi technikát egy olyan 13 éves lányon próbálták ki, akin a hagyományos módszerek nem segítettek. A digitális marketing ismeretek gyors elavulása Márkamonitor     2022-12-12 05:06:07     Infotech Oktatás Amikor házon belülre vitted a kommunikációt, akkor még nem gondoltad, hogy a képzések ennyire fontosak lesznek. Pedig az online marketing egy kimondottan képzésintenzív terület, kevés ennyire dinamikusan változó szektor van. A Webbyskill szerint legalább 36 jól elkülöníthető területe van a professzionális digitális kommunikációnak. Ezek közül, az a Több ezer sérülékeny VPN szolgáltatás érhető el az Interneten NKI     2022-12-12 12:04:39     Infotech A VPN biztonságos kommunikációt tesz lehetővé ─ feltéve, ha az „rendesen” patchelt. A Censys legutóbbi jelentése alapján azonban épp az látszik, hogy ez sajnos sok esetben elmarad.  2000 fényévre nézett el a James Webb űrteleszkóp, különös dolgot látott hvg.hu     2022-12-12 08:03:00     Infotech Világűr Ausztrália Ausztrál csillagászok elemezték a James Webb űrteleszkóp felvételét a Déli Gyűrűs-Ködről. Óriási csillaghullás lesz: óránként akár 150 Librarius     2022-12-12 13:59:46     Tudomány Világűr Csillaghullás Geminidák Szerdáról csütörtökre virradó éjjel látványos csillaghullás figyelhető meg az égen, amikor megérkezik a Geminidák meteorraj.   A nap képe - Maxar felvételen az ISS Spacejunkie     2022-12-12 07:05:00     Tudomány Világűr Műhold Űrállomás A Maxar lefényképezte a Nemzetközi Űrállomást egy magasabban keringő műhold segítségével. Újabb csavar a Twitter-történetben? IT Business     2022-12-12 13:48:07     Infotech Twitter Elon Musk Ha van 2022-nek olyan sztorija, amely szinte csak meglepetésekkel és jogászokkal van tele, az a Twitter felvásárlása, majd az Elon Musk nevével fémjelzett működése. Hihetetlen fordulatokban eddig sem volt hiány, de itt az újabb izgalom: az ismét újraindított „kék” státusz.   A népszerű csevegőalkalmazásban korábban a hitelesnek talált csatornák kap

In this episode of PiXL, Greg and Haye talk with Rob Knochenhauer, Director of Regulatory Affairs at Censys Technologies. Censys specializes in EVTOL fixed wings that are especially good at BVLOS operations. Rob has spearheaded the process of many Censys customers through the BVLOS waiver Process. The PiXL Drone Show is a partnership between Pilot Institute (PI) and DroneXL (XL).

Being successful is not only determined by hard work. It also involves being in the right place at the right time, having the right resources, and cultivating curiosity about what comes next. But the battle isn't over once success is achieved. There's also an inevitable learning curve that comes with being a leader. In this episode, Tommy speaks to David Corcoran, Entrepreneur in Residence at Purdue DIAL Ventures. David describes himself as a builder of various things. His stint as a web developer at Purdue in college led to pivotal roles at Apple, Schlumberger, and the Department of Homeland Security. Dave honed his leadership skills by founding two cybersecurity organizations, TrustBearer Labs and Censys.  David talks to Tommy about the challenges experienced by first-time founders and how important it is for leaders to trust their own judgment. Key Takeaways [02:15] - How David fell in love with computers. [06:19] - The campus job that impacted David's life trajectory. [08:14] - David's role in building smart cards at Schlumberger. [11:37] - David's first cybersecurity business, TrustBearer Labs. [13:36] - Why David shifted away from corporate life to focus on family. [15:11] - David's next entrepreneurial endeavor at Censys. [18:02] - The challenges of being a CEO and the Wheel of Misfortune. [21:55] - Why the best leaders can be disappointing.  [27:00] - The inspiration behind David's pandemic road trip. [28:32] - Why knowledge sharing and divergent perspectives are important. [36:20] - How and why first-time founders should get in touch with David. Quotes [18:17]- “A lot of people think that being a CEO is this amazing, glamorous job and it's so great to own your own company. And it is, but there's a reason why CEOs get paid a lot of money. There are a lot of hardships that they have to deal with.” ~ David Corcoran [21:21] - “The moral of the story is ‘know what you don't know'. As a first-time founder, know what you don't know and surround yourself with the people that fill those knowledge gaps.” ~ David Corcoran [23:29] - “One of the challenges that I've faced in being CEO is the questioning of decisions. Sometimes I would find myself worrying about that too much, and losing sleep. You've got to be really good at breaking yourself out of that. Not everyone is going to like your decision and you've got to make hard decisions and move on.” ~ David Corcoran Links  David Corcoran on LinkedIn Purdue University Schlumberger Censys VeriSign  Pear Deck Connect with our hosts Mammoth Tommy on LinkedIn Subscribe and stay in touch Apple Podcasts Spotify Google Podcasts Learn more about Mammoth Scientific's Health & Tech Fund 1 When you move beyond the point of making sure your retirement goals are on track, your investment opportunities are wider than just publicly traded funds. Step into the world of investing in venture capital by learning more about Mammoth Scientific's Health & Tech Fund 1. Curated by some of the leading medical and fintech experts, Mammoth's Fund 1 is paving the way for health science and tech innovation. If you're interested in helping patient care, provider insight, and instrumentation go beyond possibility and into reality, check it out today at Mammoth.vc. Visit Mammoth.vc today!

In this edition of SMBCP, Host Karl catches up with Jadon and Erin of Bitdefender on the latest of Modern Security Operations. Learn the differences between EDR, XDR, and MDR as we delve into why detection and response services are necassary for your business.  Erin has been in the technology industry for over a decade, beginning in Public and Analyst Relations before transitioning to her true passion, product marketing. As Senior Manager, Product Marketing at Bitdefender, Erin focuses on all things Managed Detection & Response (MDR) and is responsible for developing messaging, positioning, and go-to-market strategies that reflect the voice of the customer and convey the true value-props of managed cybersecurity services. Before joining Bitdefender, Erin was a product marketer at Expel, focusing on MDR, threat hunting, and partner integrations.  Jadon is a product manager who specializes in bringing new technologies to market, including a SOAR platform at Rapid7 and a Cloud Attack Surface Management Product at Censys. He recently created Rapid7's Active Response capability for their MDR service, ensuring expeditious remediation in the case of an incident. As a Senior Director of Product Management at Bitdefender, Jadon is the product leader of the MDR service. Jadon is a Las Vegas native whose true joys in life are chicken wings, mezcal, and watching reality TV.   Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, business, and government environments, Bitdefender is one of the industry's most trusted experts for eliminating threats, protecting privacy and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers over 400 new threats each minute and validates around 40 billion daily threat queries. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence, and its technology is licensed by more than 150 of the world's most recognized technology brands. Launched in 2001, Bitdefender has customers in 170+ countries with offices around the world.   For more information, visit https://www.bitdefender.com   Resources and Links: https://www.bitdefender.com/content/dam/bitdefender/business/products/managed-detection-and-response/Bitdefender-GravityZone-MDR-Datasheet-en.pdf   https://www.bitdefender.com/business/enterprise-products/managed-detection-response-service.html   Sponsor Memo: Cisco   Did you know Cisco helps Managed Services Providers directly? Know about the Cisco Partner Program? Focused on helping partners combine managed services expertise and service creation with innovative Cisco technology and proven go-to-market resources, there's a program option for you. With provider pricing, MDF, and marketing resources coupled with Cisco's leading technologies inculding Meraki, Duo, and Umbrella, learn more with the link right in the show notes.     https://lnkd.in/gsydMya   

Skill gap, tools complexity, alert fatigue, and other market challenges have become increasingly difficult to navigate in the MSP space. And for those with limited resources, these obstacles will continue to inhibit successful customer service.   In this exclusive interview, Host Karl spoke with Bitdefender's Erin Meyers and Jadon Montero in response to these growing issues and how MDR Foundations look to act as its solution.     Erin has been in the technology industry for over a decade, beginning in Public and Analyst Relations before transitioning to her true passion, product marketing. As Senior Manager, Product Marketing at Bitdefender, Erin focuses on all things Managed Detection & Response (MDR) and is responsible for developing messaging, positioning, and go-to-market strategies that reflect the voice of the customer and convey the true value-props of managed cybersecurity services. Before joining Bitdefender, Erin was a product marketer at Expel, focusing on MDR, threat hunting, and partner integrations.  Jadon is a product manager who specializes in bringing new technologies to market, including a SOAR platform at Rapid7 and a Cloud Attack Surface Management Product at Censys. He recently created Rapid7's Active Response capability for their MDR service, ensuring expeditious remediation in the case of an incident. As a Senior Director of Product Management at Bitdefender, Jadon is the product leader of the MDR service. Jadon is a Las Vegas native whose true joys in life are chicken wings, mezcal, and watching reality TV. Resources and Links: For more information, visit https://www.bitdefender.com MDR Foundations for MSPs Datasheet: https://www.bitdefender.com/content/dam/bitdefender/business/msp/Bitdefender-MDR-Foundations-for-MSPs-Datasheet_en.pdf MDR Datasheet: https://www.bitdefender.com/content/dam/bitdefender/business/products/managed-detection-and-response/Bitdefender-GravityZone-MDR-Datasheet-en.pdf Sponsor Memo: Linode Linode – a top Infrastructure as a Service provider has resources specifically for helping MSPs explore  the alternative cloud. Discover this growing market: one of the best-kept secrets in building a scalable, thriving, modern Managed Service Provider business. Learn about the cloud provider landscape, improving KPIs, security, and more in Linode's free ebook, The MSP's Guide to Modern Cloud Infrastructure, available now. This resource and more at linode.com/mspradio.   :-)  

On this episode, Darren talks to Matt Lembright, Director of Federal Applications, Censys, about how Censys assesses the attack surface for internet-connected devices, allowing organizations to eliminate vulnerabilities. Video: https://youtu.be/zyIH533JhyM Blog: https://www.intel.com/content/www/us/en/government/podcasts/embracing-digital-transformation-episode92.html

Attack surface management is the sustained monitoring, classifying, and inventory of a businesses IT infrastructure. It sounds as simple as asset management, but ASM is different in the way it approaches these responsibilities from an attacker's perspective. The security of an enterprise's surface is paramount in the current era of cloud - but how can companies manage their cloud security posture management and tackle basic misconfigurations? In this episode of the EM360 Podcast, Chief Research Analyst at IT-Harvest Richard Stiennon speaks to David SooHoo, Director of Product Management at Censys, as the pair discuss:  Attack surface management vs asset management The shift of the cloud Zero-day attacks and how to mitigate them

Link to Blog Post This week's Cyber Security Headlines – Week in Review, May 2-6, is hosted by Rich Stroffolino with our guest, Shawn Bowen, CISO, World Fuel Services Thanks to our episode sponsor, Censys Why Censys? Our Attack Surface Management tool is designed from the ground up to seamlessly integrate with existing security workflows. It's the only ASM tool that discovers modern cloud specific assets like storage buckets and our scanning platform finds more than 85% more services than our nearest competitor. Start with Censys at censys.io. All links and the video of this episode can be found on CISO Series.com    

Decade-old bugs discovered in Avast, AVG antivirus software Thailand and Hong Kong Banks used most in BEC Every ISP in the US must block these 3 pirate streaming services Thanks to today's episode sponsor, Censys Why Censys? Our Attack Surface Management tool is designed from the ground up to seamlessly integrate with existing security workflows. It's the only ASM tool that discovers modern cloud specific assets like storage buckets and our scanning platform finds more than 85% more services than our nearest competitor. Start with Censys at censys.io. For the stories behind the headlines, head to CISOseries.com.

CuckooBees campaign stings targets for years Health and Human Services hammered over security Docker images used to DDoS Russian sites Thanks to today's episode sponsor, Censys Censys' Attack Surface Management tool discovers and inventories all Internet-facing assets including traditional assets like hosts, IPs, and cloud services like storage buckets across all accounts and networks. ASM gives you a continuous picture of your attack surface. Start with Censys at censys.io.

Google claims to have blocked billions of malicious app downloads NortonLifeLock willfully infringed malware patents Former eBay exec pleads guilty to cyber stalking Thanks to today's episode sponsor, Censys Tom the CTO can't go into the boardroom unprepared. It's his job to know all the risks to his company – especially the one that could land him on the front page of the newspaper. His best bet for survival is staying ahead of the most critical threats. Tom, you can be that source of truth; start with Censys at censys.io right now. For the stories behind the headlines, head to CISOseries.com

Solana network goes dark after bot swarm The spyware in Spain falls mostly on the politicians Security isn't top of mind for mental health apps Thanks to today's episode sponsor, Censys All Pat the Security Practitioner wants is to do a good job and be the frontline in keeping his company safe. He's got great tools, but nothing that can show him if there are company assets that have somehow made their way onto the internet. If only Pat knew about Censys' Attack Surface Management tool. Now you do – start with Censys at censys.io.

Top 15 exploited security vulnerabilities in 2021 India gives orgs 6 hours to report cyber incidents The White House wants more powers to crack down on rogue drones Thanks to today's episode sponsor, Censys What Chris the CISO wants is to protect against revenue loss and damage to his company's brand from data breaches and compliance failures. But he's got a blind spot around his internet exposure. What assets are out there on the internet that his team doesn't know about? Well, Chris, it's simple – start with Censys at censys.io. For the stories behind the headlines, visit CISOseries.com.

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Watering hole attacks are getting much better How Israel's government used NSO to strengthen its diplomatic ties Randori sat on some PAN 0day. This is fine. Facebook outs state-backed ops FBi has unfortunate incident with its mail boxes Much, much more This week's sponsor interview is with HD Moore. He's the founder of Rumble, the network asset discovery scanner, and he's joining us to talk about some new tricks he's added to the product, like integrations with cloud service APIs and external discovery products like Censys. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes British news website was hacked to control readers' computers, report says Strategic web compromises in the Middle East with a pinch of Candiru | WeLiveSecurity Analyzing a watering hole campaign using macOS exploits Israel, spyware and corruption: NSO ties to Netanyahu, Bennett and other politicians - Israel News - Haaretz.com Pakistani hackers operated a fake app store to target former Afghan officials - The Record by Recorded Future Exclusive: A Cyber Mercenary Is Hacking The Google And Telegram Accounts Of Presidential Candidates, Journalists And Doctors New Moses Staff group targets Israeli organizations in destructive attacks - The Record by Recorded Future Kevin Beaumont on Twitter: "Pay attention to this one when it's out. I haven't seen it, but it's possible to use BitLocker to remotely (re)encrypt every endpoint in AD in a way that only the attacker can decrypt… and it bypasses sec solutions. So I imagine it's that." / Twitter Hacker sends spam to 100,000 from FBI email address Booking.com was reportedly hacked by a US intel agency but never told customers | Ars Technica ‘Ghostwriter' Looks Like a Purely Russian Op—Except It's Not | WIRED Emotet botnet returns after law enforcement mass-uninstall operation - The Record by Recorded Future Canadian health systems recovering from breach that forced thousands of appointment cancellations Dustin Volz on Twitter: "@riskybusiness @DAlperovitch I think folks outside government can also underestimate how much agencies rehearse talking points and in testimony like this and try to be always on the same page—unless they don't want to be. And that adds to the sense of “conflict” or “disagreement” for some of us." / Twitter CERT-PL employees rally around politically-dismissed chief - The Record by Recorded Future US detains crypto-exchange exec for helping Ryuk ransomware gang launder profits - The Record by Recorded Future Researchers wait 12 months to report vulnerability with 9.8 out of 10 severity rating | Ars Technica DDR4 memory protections are broken wide open by new Rowhammer technique | Ars Technica New secret-spilling hole in Intel CPUs sends company patching (again) | Ars Technica GoCD bug chain provides second springboard for supply chain attacks | The Daily Swig ‘Add yourself as super admin' – Researcher details easy-to-exploit bug that exposed GSuite accounts to full takeover | The Daily Swig Adult cam site StripChat exposes the data of millions of users and cam models - The Record by Recorded Future Hundreds of WordPress sites defaced in fake ransomware attacks - The Record by Recorded Future

Guest: Derek Abdine, CTO @ Censys.io Topics: Attack Surface Management (ASM). Why do we need a new toolset and  a new category? Isn't this just 1980s asset management or CMDB? How do we find those assets that may have been misplaced by the organizations? How can any technology do this reliably? ASM seems to often rely on network layer 3 and 4. Can't bad guys just hit the app endpoints and all your network is irrelevant then? When you think about the threats organizations face due to unknown assets, is data theft at the top of the stack? What should organizations keep in mind as a priority here? Who at an organization is best set up to receive, triage, investigate, and respond to the  alerts about the attack surface? Are there proactive steps organizations can take to prevent shadow IT, or are we stuck responding to each new signal? Isn't preventing new assets the same as preventing business? Resources: “Cloud Misconfiguration Mayhem An Analysis of Service Exposure Across Cloud Providers“ “Attack Surface Management Buyer's Guide”

FBI and CISA release SVR (Cozy Bear) TTPs, CISA releases an RTOS advisory around ICS, a task force has a plan for the Biden administration to counter ransomware, there's a vulnerability in the ipaddress library in Python, Krebs says Experian leaked credit scores, Censys found 1.93 million online databases, Technology News, Content, Ideas & Analysis, Notes, Discovery, Recommendations, and the Aphorism of the Week… Support the show: https://danielmiessler.com/support/ See omnystudio.com/listener for privacy information.

Unmanned aerial vehicles started out as a military technology, but now have applications in fields like agriculture, surveying, search and rescue, pipeline monitoring, emergency response, infrastructure inspection, and disaster relief. Trevor Perrott, CEO and co-founder of Censys Technologies, explains what it’s like to start and run an aerospace startup company, and its market niche in Beyond Visual Line of Sight (BVLOS) drones. TRANSCRIPT: Intro: 0:01 Inventors and their inventions. Welcome to Radio Cade a podcast from the Cade Museum for Creativity and Invention in Gainesville, Florida. The museum is named after James Robert Cade, who invented Gatorade in 1965. My name is Richard Miles. We’ll introduce you to inventors and the things that motivate them, we’ll learn about their personal stories, how their inventions work, and how their ideas get from the laboratory to the marketplace. Richard Miles: 0:38 Unmanned aerial vehicles started out as a military technology, but are now used in agriculture, surveying, search and rescue, pipeline, monitoring, emergency response, infrastructure inspection, and disaster relief. Welcome to Radio Cade . I’m your host Richard Miles. Today, my guest is Trevor Perrott, CEO, and co-founder of a UFA company called Censys Technologies in Daytona Beach, Florida. Welcome to Radio Cade, Trevor. Trevor Perrott: 1:02 Thank you very much. Appreciate the opportunity and the platform. Richard Miles: 1:06 So, I was getting a little bit of research on UAVs and I’m going to let you correct me to see how much, if it’s I , I get right or wrong, but UAV’s or drones is a lot of people refer to them now. And this dictatology has surprisingly been around a while in one form another, going back to the mid 19th century, 1849, when the Austrians used balloons loaded up with explosives to attack Venice. And then the concept was further developed also during war time, world war one, world war two, but it wasn’t really until the 1990s and two thousands that UAV’s started taking off so to speak. So now, we’re at the point where Amazon can make drone deliveries of small packages, consumers, and I’m guessing one day my pizza and beer will arrive the same way in the backyard, should be great. But my point is that this has grown to be an incredibly competitive market. So tell us where Censys is positioned in the market. What are your current line of products and how do you plan to grow and succeed and what has got to be a huge and rapidly growing market? Trevor Perrott: 2:02 Well, the only thing I’m going to correct you on is that Amazon still can’t deliver packages. At least not at mass market. They’ve got some limited approvals to do some trial runs, but there’s still quite the problem still exists. And proving, we call resilient communications, resilient, UAS operations. A lot of those mass market opportunities hinge on something that we call it, BVLOS, which is actually an acronym that stands for Beyond Visual Line of Sight. So BVLOS, kind of slurring it a little bit then to BVLOS, that’s kind of where Censys position. We’re in a very small segment of companies that has onboard detect and avoid technology, which what that does is our drones are able to look across the sky and identify potential collisions and then avoid those collisions before they encroach what’s called a near miss. So, what was that to about a 4,000 feet or so is generally what we call a near miss. I think a lot of people kind of struggle with that spatial understanding that 4,000 feet is not a lot when objects are moving at hundreds of miles an hour. So it sounds big, but I promise that’s actually really close and the three dimensions, so where we’re at is aggregating all those technological pieces together. So mass market package delivery isn’t going to happen until communications are reliable and collisions are extremely unlikely, mitigated, almost in full . So that’s where we’re at. Richard Miles: 3:40 So Trevor, just so I understand this correctly, it sounds like your line of UAVs are built and designed for much longer journeys than say some of the UAVs that people are used to seeing now that like say a construction company will use to fly around a building or even a farmer will use to survey of field and then critical to that is obviously the communications the entire time. Who are some of your clients? I don’t need company names, sort of like sectors or types of companies. What are the end users look like for your line of UAVs ? Trevor Perrott: 4:09 So far, we’ve been selling a lot into the energy industry vertical, which includes the enterprise energy companies, as well as you can imagine, those enterprises have dozens of industrial service providers. So there are two main clientele in that market segment. We also very similarly, when you look at other verticals, construction or engineering firms, corporate agriculture is another big vertical. I think one of the things that I answered in the questionnaire is that the biggest thing that impresses me every day is that just application after application, after application keeps coming around , we just sold the drone it’s going to be used for low atmospheric weather research, which is something we had not done before. We’re selling several to validate different types of communications equipment. So it’s not necessarily performing a data acquisition mission, as you would think of it like taking pictures or video, it’s more proving that you can actually communicate in a reliable fashion. Richard Miles: 5:13 Got it. So this year 2020, which we’re recording this episodes have been a tough year for a lot of companies, but for you all, it appears that it’s been pretty good in the sense that you’ve hit a couple of big milestones. I saw you got a grant from the Florida Israel innovation partnership, and then also significant investment later in the year from the venture fund. Tell us, what does the grant that you got for the Florida Israel partnership? It was to develop a communications platform, right? Something like that. Give us a few details about that. Trevor Perrott: 5:41 Sure. So the grant was a little bit about the program. It’s an into stimulate economic activity between Florida and Israel. And we had an existing supplier that made a piece of communications hardware that we were using in the UAV. But some weaknesses with the current state-of-the-art are different frequencies will get blocked out by different things. For example, some frequencies get highly absorbed by vegetation because vegetation contains a lot of water. Other frequencies do not do well with terrain. They cannot bounce over Hills and mountains. So what we’re doing with mobile ACOM is developing a resilient communication system. That’s closer to frequency agnostic. And what that means is if you have frequency, A, B, a nd C, the same information is being shot down all three, but on the receiving end if you got a third of the message on frequency, a, a third on B and a third on C , we can actually rejoin all of those pieces and still get the information on the other side. So it’s just a way of reducing data loss over long range communications. Which are going to be key to making UAV’s stay for i n commercially viable. Richard Miles: 7:04 Tell me what the partnership looks like. Do members of your team, are they in Israel or vice versa or the Israelis over in , Daytona Beach? Is this real time limited? Is this an agreement that you’ll work together for a certain amount of time, or is this indefinite where you’re working on a product development or software development that will eventually result in some sort of end use? Trevor Perrott: 7:23 The end goal here is that our teams in Daytona Beach and Mobili Comms team is near Tel Aviv and Israel. And we’re kind of, co-developing what will eventually be a communications product. So this is not just R and D for fun. And it’s R and D to commercial lots . Richard Miles: 7:42 Trevor, if you could just, for the benefit of our listeners, what are some applications that either you’re doing now or you think are possible say in the next couple years that are intuitively obvious to people in terms of applications of UAVs or drones. Trevor Perrott: 7:56 There’s really starting to be a huge opening and environmental applications. So a lot of people don’t realize this, but the petroleum industry has tremendous problems with leaks in the pipelines. And it’s not just fluids, it’s gases . So how can you cost effectively patrol millions of miles of infrastructure and get an idea for where our methane leaks coming from? How much is it leaking? What’s going to be the cost to fix it. The current workflow is drive a truck down the right away and look for defects. That doesn’t sound that expensive, but when you carry that over, as I said, millions of miles, that’s one that I think is really interesting to see. So there are certain payloads, we call them sniffer payloads. They literally have air pass through them looking for different compounds. And from empirical data, you can kind of draw a line between, okay, if I saw this many parts per million at this distance, from the pipeline, then the leak is approximately X pounds of methane an hour. Richard Miles: 9:06 Wow. That’s fascinating. Does this sort of capability, even in theory, could you do it over an underwater pipeline as well as a way to detect leakage? Or is that a little bit beyond the horizon at this point? Trevor Perrott: 9:16 So underwater applications, there’s a lot of challenges. First of all, underwater communications is just a pain. You typically get stuck using extremely low frequency communications. And as you can get information from A to B, but you can’t get very much. So the higher, the frequency, typically the higher, the data rate, the lower, the frequency, the further away you can speak, but the less you can send at a time think morse code versus a phone call to kind of give you an analogy. So gas leaks, underwater, the gases do not disperse the water on the same way they do in the air, different fluid rules if you will. Richard Miles: 9:55 Trevor, let’s talk a little bit about the company, your development of it. I noticed in August, you got a pretty significant investment from a venture fund in Florida. What part of your day, what part of your week is spent now talking to investors and as opposed to your engineers, is that a big part of your job now is finding that capital as your company starts expanding? Trevor Perrott: 10:14 Well, I believe I’m probably in the minority of CEOs where as part of the transaction that you’re referring to, we got a couple of new directors that are just absolute all-stars and have really lightened my load in the pursuit of other sources of capital. So that freed me up, the name of the game for me is racking the revenue number as high as I can. And one of the things about this kind of a business where it does take investment capital to get it going is that capital gets capital is the name of it. So if you can get the investor capital, then you can get the revenue. If you get the revenue the nation, you have more investor capital. And then the, so goes the engine, but kind of like a pull start on a lawnmower if you never get the first spark. And it’s kind of hard to, because of the turnover. Richard Miles: 11:03 Well , you are in an enviable position because the common complaint from a lot of startup CEOs is that here you are spending 90% of your time in design development, doing that first prototype, and then boom, you make it big. And all of a sudden that CEO has got to be on the road, hustling to get the resources, to develop the company and keep going. And it’s a little bit of shock because it’s a different world entirely. So the fact that you have some board members that can help you do that is fantastic because otherwise you would hit a sort of design and production bottom up pretty quickly. If one person is trying to do it all. I’d really like to explore a bit about your development as an entrepreneur, because clearly it sounds like you know what you’re doing and learned quite a bit. You’re a relatively young guy. Of course, the older I get, everyone looks a little bit younger to me. So you’re probably not as young as I think you are, but you started and founded and running a mid-sized company now. Tell us about your journey as an entrepreneur. I know you grew up in a small town in Illinois in the middle of a cornfield as he put it, and your dad was a carpenter. Your mom was a teacher and you learned how to mill metal from your grandfather. So tell us about that experience growing up, how you think it shaped you in terms of who you are now growing up in that hands-on environment. And bonus question is, were you a good student in school? So I know it’s a big question, but lets start there. Trevor Perrott: 12:12 Let me hit the bonus question first, if you measure by my grades alone, I was an excellent student, but if I’m being honest, I would say, no, I wasn’t. And what I’m getting at with that is I would feel that generally speaking, I was blessed with a pretty sharp mind and I never had to study, never had do this, just did not have to put in nearly as much effort to yield the same result as some of my classmates. And I’m not saying that to boast. I’m saying that as when I got to college, it kind of kicked my butt because I went straight from high school into engineering school and it was night and day. So coming back to the other points that you asked about the hands-on environment, I think was very essential to who I am. It may terrify some people, but I’m going to say it anyway. You would be amazed at how many people will not just get into engineering school, but graduated, still having never changed the oil on the car. And what I’ve learned is that that basic skillset of having to fix things, having to build things, whatever is not something that’s natural. So in the business context, I’ve had to be extremely selective about the people that they come into the organization. And a lot of it has been focused on. Have you ever built something before? Have you ever had to do the colloquial square peg in the round hole problem and were you successful? So, the nice thing about being in a cornfield I guess, is that you get to experiment with a bunch of things that you wouldn’t be able to do in the city environment. I’m a piro at heart. I love to blow things up. And I think doing that in the country is a blessing you can’t pick up in the study environment. Richard Miles: 14:03 Are your grandfather and father still living? Trevor Perrott: 14:06 My father is, my grandfather passed a few years ago. Richard Miles: 14:09 Had you already you started the company before your grandfather passed away? Trevor Perrott: 14:13 About a year before he died. Yes. Richard Miles: 14:15 Alright. I’m sure he must’ve been very proud to see that sort of hands-on training come to fruition. Number of years later. Trevor Perrott: 14:21 You got to hear about several failures and that first year, how much prompting was there? I’m not sure. Richard Miles: 14:27 Well, grandparents are usually good at hiding their worries. So maybe he was worried, but in the end you certainly proved them right in starting and running your own company, Trevor, what have been your biggest surprises? What were your expectations when you founded the company and then what would have been those big surprises ? Is there anything you’ve looked back on and said, man, I was totally wrong about that. And then if you’d like to share any big failures early on, and what did you learn from them? Trevor Perrott: 14:50 So cards on the table, this is the first venture back company that I have been involved with. And I would say the biggest weakness that I walked in with that I think I’ve turned into a strength is I was actually really weak in finance. I did not have a lot of understanding about how to control and articulate financial mechanisms to get a particular objective accomplished. I kind of have taken myself to school a little bit on corporate finance, a lot of reading, a lot of textbook greeting on corporate finance and one of the most important lessons, curve balls, that I’d say hit me definitely the first year and a half of the company is you have to be extremely judicious on who you allow to advise you. Because one of the things that I’ve learned is that I was actually getting fed a lot of what makes perfect sense, but it’s still not true about how to start this kind of a company . The best example I have for that is that the first business plan I ever read from this company said, I’m going to need about two and a half million dollars of capital. I’m going to need three years and it is impractical and hazardous to try and do it a different way. And what I found myself getting into was we raised capital $25,000 at a time. And we were in this perpetual cycle of a little bit of revenue, a little bit of investor capital and the peace meal, very, very nearly killed us. So I think that the big lesson for me is you really got a stick to your guns about there is a minimum amount of capital you need to get going and don’t put your customers on the hook if you can’t get a hold of it. So that’s something that was definitely a learning experience for me . Richard Miles: 16:46 So one thing that founders of companies get asked to do, and certainly a successful companies is to speak to students and you probably already have had that experience. But if you haven’t, you will soon, whether it’s a bunch of bright high school students or engineering or business students in college, what would be some pearls of wisdom that you would dispense if you have somebody similar, like it’s say a first-year engineering student at some university is saying, wow, I really admire what you’ve done. I want to do something like that. What would be your advice from that angle? Say a bright 12th grader or a freshman or sophomore at an engineering or a business program at a university? Trevor Perrott: 17:20 Well, believe it or not, I don’t have a whole lot of great things to say, because to do the kind of company that I did, it was very capital intensive. The things we sell are expensive, which is good, except you also need a lot of capital to build it in the first place. So what that really means is I think I commented to you in the questionnaire that you got to do things like take a second mortgage on your house and max out your card. And I do not come from a bunch of money, but I’m the son of the teacher and a carpenter. Now I know there are people in this world that are far worse off than I am. Well , let’s just say we weren’t sitting on 2 million in cash to put into a business endeavor . So you have to walk into this and you have to really, really ask yourself, will I literally bet the farm to do this? And if the answer is no, then don’t start, don’t waste anybody else’s time, including your own, because you can always make more money, but time when it’s gone, it’s gone. So some of the risks that I took or so large and still continued to be pretty big actually, then I’m just not so sure that it’s for everybody. And I think our culture, we like to glorify entrepreneurship a lot, like universities have entire centers of entrepreneurship established. And I think that we really have to be more honest culturally with entrepreneurs. Like one of the comments that I also made is that founding CEOs are not overpaid. If they take all of those risks and then they end up absolutely killing it, extremely high risk, extremely high reward. I just think we have to be more honest culturally with entrepreneurs. And what really goes into that because a lot of times entrepreneurs are so busy that they never sit down to tell you exactly how high the stakes were. Richard Miles: 19:17 Those are great observations, Trevor, and got me thinking you’re right. There is a way in which popular culture and university programs and so on have kind of made entrepreneurship seem safer than it is, or like less risky than it is. And they hype the exciting part of it, right? But not the potential downsides. And it also strikes me too, that there’s this continuum between risk tolerance, where you’re willing to try new things, but also kind of gut confidence. Right? I imagine you wouldn’t do something like take out a second mortgage unless you had high confidence in the product, and the idea you’re developing was really solid. You didn’t just take a flyer and like, eh , maybe this work may be a wall and I’m guessing you told yourself, I know this is going to work. I just got to find the path there. Trevor Perrott: 19:57 Yeah. The thing that has driven me to really keep my foot on the gas is every now and again, I’ll see a video clip of a guy hanging out of a helicopter, working on a power line. And I know the stats about how risky his job is. And I just shake my head and say, there has got to be a better way. There has to be. And there’s 8% of every seat we put in the ground is lost to something preventable, poor irrigation, some disease that we didn’t know about that ended up eating the whole field. If the world’s food consumption is going to double between now and 2050, how the hell are you going to solve that problem? If 8% of what you plant now is lost . So there’s a lot of very, very global, very, very real problems that what we’re working on will solve. And sometimes I have to set my own team down and say things like we are going to have a lot of problems this week, but we are paid to solve them. We are paid problem solvers . So the way I tried to describe it as my job is ultimately leading people into a love affair with problem solving. Because if you do not have this passion to just go from one problem to the next to the next to the next, it will overwhelm you. Richard Miles: 21:18 That’s a great quote, I love it. Leaving people in the love affair with problem solving . I remember talking to another CEO once of a startup company. And he said that he had to strike the right balance in sharing updates on the company, how it was doing with the employees, but not too much because what he found was if he, every day sort of gave an update, like here’s our cashflow , here’s our burn rate. They were getting totally stressed out and they couldn’t concentrate on the work anymore. So he decided I need to dial back on the transparency for their sake. So you’re honest with them. You tell them where you are, but you don’t necessarily have to share every single up and down every single day, because you don’t want the people under you to have unrealistic picture, but you also need to give them that room to focus. I imagine that happens with you as well, right? You don’t want them to be too distracted by everything that comes across your desk . Trevor Perrott: 21:58 Absolutely. I have two co-founders and one of the growing pains of 2020 has been listen, guys, I’m not trying to hide anything from you, but for you to be effective and do the role that the company needs you to do, I can not bog you down with every single issue that comes across my desk, nor do I want you to bog me down with every single thing that comes across your desk. Ask yourself, do I need him? And if the answer is, yes, I need him. Then you’d call every time. But if you don’t then handle it yourself, that’s been something that in our core team, we’ve really had the work on this year, especially with all the moving parts. You talk about that I’m in an enviable position in a lot of ways. That’s very true, except we are still expected to perform. Our customers still expect us to be there. The product still has to work right. The revenue has got to be where it needs to be. There are very real things where the buck stops somewhere. And I guess that’s what me. Richard Miles: 23:05 Trevor, one final question, you certainly have gotten off to a great start. Where do you see the company where to see Censys Technologies? Let’s say in five years? Trevor Perrott: 23:13 Well, in five years, I want to be one of the companies that was responsible for mass market adoption of commercial drones. I want to be in that large middle ground between not really quiet household like Amazon yet, but people see our logo. It’s not novel. We’re trying to build a multi-billion dollar company here and that’s no small feat is going to take more investor capital. It’s going to take a lot of wins on the commercial front to get there, but I truly believe we can get there that there is a well , that is deep enough for that condition to be true. I always ask myself, okay, this thing that we’re about to go do, if we got 1% of 1% of the total market share, is it still a big number? And so long as that answer is yes, then we go forward. I just think that I can lead an effort where we control a few percentage points of the market. And if we do that and you’re talking in billions, how many people are happily employed because of that? How many people aren’t on the unemployment line because of that? How many people then die in a helicopter this year? Because of that, there’s some very real metrics that I think we can put a dent in. Richard Miles: 24:27 Well, I’m certainly off, like I said to a very good start. And I think it strikes me that you benefit highly from being in a highly competitive market. Because as you said, you can’t rest. I mean, the market demands certain things and your company needs to have that revenue and so on. And it’s a market accountability. That’s I think going to make you grow. That’s where I take back what I said earlier. Maybe you shouldn’t spend any time doing motivational speaking at all because that’s usually the one sign , right? When a CEO has gone wrong and they become a celebrity CEO and they quit running their companies, you probably shouldn’t do that yet. But Trevor, thanks for being on the show today. Really appreciate your insights and wish you the best of luck. Trevor Perrott: 25:01 Well, I really appreciate the invitation again, man . Thank you so much. And let me know when the podcast goes, live. Richard Miles: 25:08 Will do. Outro: 25:11 Radio Cade is produced by the Cade Museum for Creativity and Invention located in Gainesville, Florida. Richard Miles is the podcast host and Ellie Thom coordinates, inventor interviews, podcasts are recorded at Heartwood Soundstage, and edited and mixed by Bob McPeak. The Radio Cade theme song was produced and performed by Tracy Collins and features violinist, Jacob Lawson.

In this talk, we'll explore how internet scan data layered with different open-source tools can start to make sense of what is publicly exposed and potentially a threat.  Predominantly, we'll focus on three investigations:  1. how to find attacker infrastructure, using IOCs from MITRE and Web Application Logs2. how to identify trends in common misconfigurations and vulnerabilities3. how to find assets related to your organization Throughout the talk, we'll identify and use risk indicators to find relevant exposed devices.  We'll also touch on historical trends that relate to different types of attacks, security risks that have surfaced in the past year, and what some of the challenges are in identifying rouge assets in the haystack of internet data. About the speaker: Morgan Princing is a solutions engineer at Censys, focused on identifying trends and tracking threat groups and vulnerabilities using Censys data.  Her career in cybersecurity began in botnet detection, where she worked to protect websites, APIs and mobile apps from bots by detecting anomalies in web traffic and interrogating user-identification systems. Morgan holds a Bachelor of Arts in Economics, Urban Studies from University of Michigan.  Morgan is a 2019 World IT Award Winner for Women in Security.

The world is full of great business ideas. But your time on earth is finite so you have to make choices about where to invest your time. Your career might last fifty years and if it takes ten years to build a company then you're not getting too many chances. But if you don't go for it sometimes then you'll never really start anything. It's tough. All of the hardest decisions I've ever made have been about whether to dig in or give up. Choosing badly can cost you time, money, relationships, and your health. What happens sometimes is that you get excited and dive into a startup idea that has a lot going for it, grind it out for a long time, and then at some point you look back and wish you would have been more deliberate and selective about the opportunity up front. This is a three-part episode. Brian Kelly is going to tell you how he and Dave Corcoran evaluated potential business ideas, passed on one that sounded promising, and picked the one that turned into Censys, a successful early stage technology company. Brian has been a founder or early employee at a series of technology companies including Duo Security, TrustBearer Labs, Nutshell, and Censys. He has been a host for A2NewTech and a generous contributor to the Ann Arbor tech community. Let's start by hearing about what Brian and Dave were trying to do back in 2016.

Webcast no.9 released on 2019/03/24 In episode 9 of the OSINTCurious webcast we discuss: An older but still very relevant article by theGrugq about influencing public opinions. A new article by Brenna Smith (Bellingcat) about tracking cryptocurrencies. Blog raising awareness about operations security in public by Matthias Wilson Chinese woman arrested carrying a USB stick with malware in Mar-A-Lago The uprising of ‘deepfakes' and the risk that involve this uprising for conducting OSINT research And we have special Guest Chris Kucbecka, Author of two OSINT books. She tells us about the type of OSINT research she does and gives us a hands on demo on how to leverage valuable information from Censys.io. People in this episode: ▪ Micah Hoffman ▪ Dutch Osint Guy ▪ Ginsberg5150 ▪ Sector035 ▪ Chris Kubecka Links to what was discussed can be found here: https://osintcurio.us/webcast/ The official webcast of the OSINTCurious (https://osintcurio.us/) community. --- Support this podcast: https://anchor.fm/osintcurious/support

In this episode of Ask SME Anything: 1. Which attacks are generally the most impactful? 3:10 2. Should I avoid connecting to public wifi? 11:09 3. Are passwords a secure way to authenticate users, or should we move other methods like biometrics? 19:45 4. What are Shodan and Censys? 26:48

After an update on Chris's bread project, Soroush tells Chris about Firebase Cloud Functions, and we discuss deduplicating some report-generation code in Soroush's current project.Saltie's FocacciaChris’s breadCensysEpisode 44: Grab BagFirebase AnalyticsFirebase Realtime DatabaseFirebase StorageFirebase Cloud FunctionsAWS LambdaParse (Wikipedia)ES7 Async/AwaitBabeltoLocaleDateString()React NativeSuperdistribution - Brad CoxChris Lattner: Concurrency in Swift: One approachMozilla Hacks: Why WebAssembly is Faster Than asm.jsJavaScriptCoreCertificate Transparency

During the reconnaissance phase of a penetration test being able to discover the external assets of an organization is extremely important. It is also important to do so as stealthily as possible. Using open-source techniques and tools it is possible to enumerate an organizations external assets without sending any data directly from your computer system to the target organization's subnets. In this episode of Tradecraft Security Weekly Beau Bullock (@dafthack) discusses some of the tools and techniques that can be used to do this. LINKS: Recon-ng: https://bitbucket.org/LaNMaSteR53/recon-ng Datasploit: https://github.com/DataSploit/datasploit Spiderfoot: http://www.spiderfoot.net/ Censys: https://censys.io/ Shodan: https://www.shodan.io/ Threatcrowd: https://www.threatcrowd.org/ HackerTarget: https://hackertarget.com/ Netcraft: https://www.netcraft.com/ Certificate Search Tool - crt.sh Internet-Wide Scan Data Repository - scans.io Full Show Notes: https://wiki.securityweekly.com/TS_Episode08  

ControlTalk NOW — Smart Buildings VideoCast for week ending June 12, 2016 features a rather deep and dark Cyber Security update from Fred Gordy, and an enlightening interview with Automated Buildings’ Ken Sinclair discussing his June edition; next, a look at new technology with Cisco’s Digital Ceiling and Optigo Networks’ solution to eliminate BACnet complexity; Lynxspring and SkyFoundry offer a combo webinar on Data and Analytics; Functional Devices released a pre-enclosed panel; and don’t miss out on Neptronic’s special product sample offering — available through ControlTrends! Cyber Security Expert Fred Gordy Waives the Cyber Security Caution Flag! Censys Device Search Engine Picking Up Exposed Niagara 4 — Wake Up! Thanks once again to Intelligent Buildings’ Director of Cyber Security, Fred Gordy, who keeps the global ControlTrends Community and systems integrators current with his Cyber Security updates. Fred is calling for the widest dissemination of this information possible, and for responsible parties, at every level to take immediate actions to eliminate their exposure and safeguard their building against eminent attack. Fred Gordy: “I did a cursory search using Censys device search engine of building control systems and the first systems to pop up were Niagara 4 systems.” Cisco’s Digital Ceiling WILL Change the Way You Do Smart Building Controls. Building Automation Systems Integrators, meet your new BAS partner — Cisco. That’s right, Cisco. Cisco just might be your new front end, and the ceiling in the building you are working in, right now, might be your new junction box to the future. The lighting world is evolving from the analog world to the digital world and soon, those lights connected to the network, not just for a data path, but also for power, will have temperature, occupancy, and daylight harvesting sensors in them — that will finally bridge the gap between building automation and connected lighting control. ControlTalk NOW Interview with Ken Sinclair, owner and editor of Automated Buildings. Always an informative experience, Ken Sinclair reviews Automated Buildings’ June theme of Measured Variables; Health, Wellbeing, & Productivity. More insight into HVAC by engineers and HVAC by Behavioral Experts that are driving the $3-$30-$300 metrics, and the realization that the most promising potential value lies in building wellness that leads to greater productivity, greater tenant retention, and less absenteeism. Also, understanding the benefit differences between digital ceilings versus the 24 VDC ceiling (Edison wins the current war after all, though Tesla has scheduled a return bout) and much more! 30 Minutes with Lynxspring Webinar Series — Data and Analytics by Lynxspring and SkyFoundry. 30 Minutes with Lynxspring Webinar Series Presents: Data and Analytics. The next “30 Minutes with Lynxspring,” our monthly webinar series featuring Lynxspring subject-matter experts and special guests, is scheduled for Wednesday, June 15th at 12:00 PM CDT. This month’s installment looks at Data and Analytics. Data and analytics are changing the way companies in EVERY industry do business and manage business. And yes, it is changing ours — it’s changing the way buildings and facilities are managed and operated. Optigo — The New Way to Cut through BACnet Complexity. As IoT continues to intersect with the Smart Buildings Controls Industry, more and more new players are showing up in our space with proven solutions that will work well in our applications. Ken and I had the chance to connect with just such a company, Optigo Networks. We had the privilege of speaking with their CEO Pook-Ping Yao. We were very impressed with Ping and his product solutions. Check out the video below to see the elegance and efficiency of the of the Optigo Connect network solution. A Special Offer From Neptronic at the 2016 Niagara Summit. We had a chance to catch up with Biagio Delorenzio and Luis Melgares from Neptronic at the 2016 Niagara Summit. Great stuff from our innovative friends in Canada. As you can see in the video, the TUCB is a very flexible universal wall mount controller with built-in temperature sensor and scheduler. The unit is designed for simple and accurate control of a heat pump or other heating/cooling equipment. Its field configurable algorithms enable versatile implementation of required control sequences. but what is even more impressive is the new TRLG 24. The TRLG 24 takes al that is good about the TUCB and adds an on board humidity and CO2 sensor. Functional Devices — Innovation at the Panel Level. Nick Walker at the 2016 Niagara Summit Vendor Show. Functional Devices — Innovation at the Panel Level 2016 Niagara Summit Vendor Show. Nick Walker, Strategic Account Manager for Functional Devices walks the ControlTrends Community through the new MHP pre-enclosed enclosure series that features a 100 VA (or (2) 100 VA) transformers along with with a convenience outlet and a polymetal or perforated back drop. Functional Devices products are a contractors’ best friend — offering savings in installation time and money for all of your building automation projects. The post ControlTalk NOW — Smart Buildings VideoCast for Week Ending June 12, 2016 appeared first on ControlTrends.