Podcasts about claroty

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Danielle Jablanski on Critical Infrastructure ProtectionPub date: 2025-05-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDanielle Jablanski, Industrial Control Systems Strategist & Subject Matter Expert at CISA, joins the Nexus podcast to discuss her perspectives on critical infrastructure protection and government's role as a cybersecurity partner on implementation guidance and enablement. Danielle touches on a number of areas of CI security and protection, ranging from the challenges arising from the high percentage of private sector ownership of critical infrastructure, to the assistance available from CISA and other agencies to lesser-resourced entities in the 16 CI sectors. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Cassie Crossley on Hardware Security, HBOMsPub date: 2025-05-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationSchneider Electric Vice President of Supply Chain Security Cassie Crossley joins the Nexus Podcast to discuss the nuances of hardware security and the growing need for hardware bills of materials (HBOMs) within critical infrastructure.Cassie covers the use cases and features that matter most within an HBOM, some of the threats and weaknesses they can illuminate for users, and how they can change the current status quo for CI sectors that have concerns about the provenance of hardware components and the threats they pose. Cassie is an experienced cybersecurity technology executive in information technology and product development and author of “Software Supply Chain Security: Securing the End-to-End Supply Chain for Software, Firmware, and Hardware.”Listen and subscribe to the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Christiaan Beek on Ransomware's Evolution and EconomicsPub date: 2025-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRapid7 Senior Director of Threat Analytics Christiaan Beek joins the Nexus Podcast to discuss the technical evolution and economic models that maintain ransomware's viability among threat actors. Ransomware became a for-profit threat more than a decade ago and has progressed into the No. 1 threat facing many critical infrastructure organizations. In this episode, Beek covers extortion characteristics, the stealthiness of some attacks, and how the future may include hardware-based ransomware that maintains indefinite persistence. Follow and subscribe to the Nexus Podcast. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Florence Hudson on the IEEE/UL 2933 Clinical IOT Cybersecurity StandardPub date: 2025-03-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationFlorence Hudson, working group chair of the IEEE/UL 2933 standard and framework for Clinical IOT Data and Device Interoperability with TIPPSS, joins the Nexus Podcast. Published last September, the standard establishes a framework for secure data exchanges between clinical IoT and medical devices and systems. The frameworks is based on TIPPSS principles (trust, identity, privacy, protection, safety, and security) clinical IoT such as in-hospital devices, wearable devices, investigational devices.Follow and subscribe to the Nexus Podcast.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Mike Holcomb on Starting and Succeeding in OT CybersecurityPub date: 2025-03-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMike Holcomb, global lead for ICS and OT cybersecurity at Fluor, joins the Nexus Podcast to discuss his advocacy and efforts to educate engineers and IT cybersecurity professionals in the nuances of protecting operational technology and industrial control systems. Mike produces and hosts a learning series available for free on YouTube called "Getting Started in ICS/OT Cyber Security" where he explains the fundamentals of this unique cybersecurity discipline On the podcast, he discusses his experience with those in IT now responsible for OT, how to best assess and mitigate risk within OT, and some of the practical threats that matter most to practitioners. Follow the Nexus Podcast here.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Ron Fabela on Low-Skilled OT and ICS Threat ActorsPub date: 2025-02-24Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRon Fabela of ABS Consulting joins the Nexus Podcast to dispel some of the myths surrounding threat actors targeting operational technology and industrial control systems. Groups such as the Russian Cyber Army, UserSec, and the CyberAv3ngers have different ideological motivations, and have decidedly carried out low-impact attacks on OT. Fabela covers some of their tactics, whether they're better marketers than hackers, and reminds users that their exploits still merit investigation and remediation. Listen to every episode of the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Error Code (LS 26 · TOP 10% what is this?)Episode: EP 56: Hacking OT and ICS in the Era of Cloud and AutomationPub date: 2025-02-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationAs industrial enterprises lurch toward digital transformation and Industry 4.0, a new report looks at the security OT systems and finds it wanting. Grant Geyer, the Chief Strategy Officer for Claroty, talks about the findings from over one million devices in the field today, and what industries must do now to secure them.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

As industrial enterprises lurch toward digital transformation and Industry 4.0, a new report looks at the security OT systems and finds it wanting. Grant Geyer, the Chief Strategy Officer for Claroty, talks about the findings from over one million devices in the field today, and what industries must do now to secure them.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Munish Walther-Puri on Creating a Scale for Cybersecurity IncidentsPub date: 2025-02-17Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMunish Walther-Puri of the Center for Global Affairs at New York University joins the Claroty Nexus podcast to discuss a homegrown severity scale for critical infrastructure cybersecurity incidents. The Infrastructure Cyber Incident Scale, or INCI Scale, brings a Richter-Scale-like criticality index to incidents based on the intensity, magnitude, and duration of an event. Walther-Puri unveiled the scale at the S4 Conference in Tampa. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Nexus Podcast: Brian Foster on the Risks of a Hyperconnected GridPub date: 2025-02-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationBrian Foster, Senior Advisor for Grid Security at Southern California Edison, joins the Nexus Podcast to discuss a presentation he gave at the S4 Conference called . Foster covers the impending risk and host of exposures expected as smart meters and other similar devices are centrally managed online. This scenario gives attackers the ability to attack devices at scale and potentially cause catastrophic damage. Listen to every episode of the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this exclusive episode of our “Automation Chat” podcast from the Automation Fair 2024 show floor, The Journal's Managing Editor Amanda Joshi talks with Mike Wurster, Director of Strategic Alliances and Dave Ulmer, Channel Support Engineer at Stratus Technologies. Learn about the company's ztC Edge, a secure, zero-touch, DIN-rail mountable edge-computing platform with built-in virtualization and fault-tolerant workload protection. With industrial interoperability and OT manageability, it enables quick, easy delivery of both highly available and fault-tolerant virtualized edge applications. Also learn how the company collaborates with Claroty, Fortinet and Rockwell Automation to include pre-validated cybersecurity protection. And as always, get your family-friendly, silly Joke of the Day. Resources from this episode: Watch their discussion on YouTube at https://youtu.be/rAW7qSGVu_I. Learn more about Stratus Technologies. Subscribe to The Journal's 4 digital magazines at http://rok.auto/thejournal-subscribe.   Automation Chat is brought to you by The Journal From Rockwell Automation and Our PartnerNetwork magazine. Find us on YouTube. Find us on LinkedIn. Find us on Facebook. Find us on X (Twitter). Please share this episode with others who would benefit from the information. ** Named “Best Podcast” 3 Consecutive Years! 2022-2024 Apex Award of Publication Excellence.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: CISA's Matthew Rogers on Secure by Demand for OTPub date: 2025-01-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMatthew Rogers, ICS Cybersecurity Strategy & R&D Lead at the Cybersecurity & Infrastructure Security Agency (CISA) joins the Nexus Podcast to discuss the agency's latest publication: “Secure by Demand: Priority Considerations for Operational Technology Owners and Operators when Selecting Digital Products.” This guide features 12 cybersecurity recommendations that OT owners and operators should be looking for during procurement cycles with automation and control system vendors. Read Claroty's blog on the guide.Listen to every episode of the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The continued evolution of the CyberAv3ngers hacking group and its IIoT-focused malware.We talk a lot about change on Security Breach. Some of it's good and obviously some of it makes us want to tear our hair out. Well, this episode, surprisingly, should go easy on the scalp, even though it will focus on the IOCONTROL malware strand recently detected by Noam Moshe and Claroty's Team82. The malware is described as a custom-built IoT/OT strand created by the Iran-based hacktivist group, the CyberAv3ngers. The malware targeted OT/IoT devices in Israel and the U.S. Moshe's team detected the malware being used to attack IoT and SCADA/OT devices of various types including IP cameras, routers, PLCs, HMIs and firewalls. Typically, this is the part of the story that takes us down a dark and frustrating road, but as you'll hear, that's not necessarily the case this time.For more information on Team82's findings on IOCONTROL, click here.Also, just a bit of housekeeping – we're switching the frequency of Security Breach from weekly to bi-weekly. This change will allow me to spend more time on each episode, which will translate to greater depth and expanded coverage on all the pressing topics of industrial cybersecurity. And remember, this is your podcast – let me know your thoughts and feelings on the change and anything else you'd like to see on the show.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Everyday AI: Your daily guide to grown with Generative AICan't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Podcast: ICS Cyber Talks PodcastEpisode: Sharon Brizinov Director of Research @Claroty (Team82) finding OT variabilities before the attackerPub date: 2024-12-25Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationקבוצה82 היא אחת מקבוצות מחקר הסייבר המוערכות בעולם, המחקרים שלהם משפיעים על יצרנים ועולם הסייבר למערכות תפעוליות בכלל ולא רק. נחשון פינקו מארח את שרון בריזינוב דירקטור מחקר בחברת קלארוטי וראש קבוצת82 בשיחה על סייבר בעולמות התפעולים, איומים, תוקפים וכול מה שביניהם. מה ההבדל בין מחקר סייבר בעולמות הדאטה וסביבות תפעוליות כיצד מגיבים יצרנים למחקרים ועוד הבלוג של קבוצת82 : http://claroty.com/team82 Team82 is one of the most prestigious research teams. Its research has dramatically influenced OT vendors and the OT cyber industry. Nachshon Pincu hosts Sharon Brizinov, Director of Research at Claroty and head of Team82, to discuss operational technology (OT) cybersecurity research, threats, attacks, and related topics. The conversation explores key questions such as: What distinguishes IT from OT cybersecurity research? How do vendors respond to researchers' findings? And more. Team82 blog: http://claroty.com/team82  The podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Noam Moshe on the IOCONTROL MalwarePub date: 2024-12-19Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationClaroty Team82 researcher Noam Moshe joins the Nexus Podcast to discuss the IOCONTROL malware used by an Iranian APT actor known as the CyberAv3ngers to target civilian critical infrastructure in the U.S. and Israel. The malware acts as a Linux-based backdoor and has a modular configuration that can be adapted for IoT, OT, and SCADA devices. Read Team82's research blog: "Inside a New OT/IoT Cyberweapon: IONCONTROL"Listen and subscribe to the Nexus Podcast here.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Team82 on Attacking the Insecure IoT CloudPub date: 2024-12-13Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationClaroty Team82's Noam Moshe and Tomer Goldschmidt join the Nexus Podcast to discuss the research team's latest publication on 10 vulnerabilities discovered in Ruijie Networks' Reyee OS cloud platform. A chain of these vulnerabilities could allow an attacker to remotely execute code on any device connected to the Ruijie cloud. Team82 also developed an attack they call Open Sesame which allows an attacker in proximity of a Ruijie device to use leaked device information and access the internal network.You can find the research here on Team82's website. Listen and subscribe to the Nexus Podcast here.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The U.S. dismantles the Rydox criminal marketplace.  File-sharing provider Cleo urges customers to immediately patch a critical vulnerability. A Japanese media giant reportedly paid nearly $3 million to a Russia-linked ransomware group. The largest Bitcoin ATM operator in the U.S. confirms a data breach. Microsoft quietly patches two potentially critical vulnerabilities. Researchers at Claroty describe a malware tool used by nation-state actors to target critical IoT and OT systems. Dell releases patches for a pair of critical vulnerabilities. A federal court indicts 14 North Korean nationals for a scheme funding North Korea's weapons programs. Texas accuses a data broker of sharing sensitive driving data without consent. Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. How the bots stole Christmas.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Tim Starks, senior reporter at CyberScoop, joins Dave to explore the FCC's groundbreaking proposal to introduce cybersecurity rules linked to wiretapping laws. Read more about it in Tim's article. Selected Reading Rydox Cybercrime Marketplace Disrupted, Administrators Arrested (SecurityWeek) Cleo urges customers to ‘immediately' apply new patch as researchers discover new malware (The Record) Japanese game and anime publisher reportedly pays $3 million ransom to Russia-linked hackers (The Record) Bitcoin ATM Giant Byte Federal Hit by Hackers, 58,000 Users Impacted (Hackread) Microsoft Patches Vulnerabilities in Windows Defender, Update Catalog (SecurityWeek) Researchers Discover Malware Used by Nation-Sates to Attack OT Systems (Infosecurity Magazine) Critical Dell Security Vulnerabilities Let Attackers Compromise Affected Systems (Cyber Security News) 14 North Korean IT Workers Charged, US to Offer $5 Million Rewards for Info (Cyber Security News) Texas adds data broker specializing in driver behavior to list of alleged privacy law violators (The Record) UK Shoppers Frustrated as Bots Snap Up Popular Christmas Gifts (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Three Buddy Problem - Episode 25: An update on Romania's cancelled election, the implications of TikTok on democratic processes, and the broader issues around surveillance capitalism and micro-targeting. Plus, news on Turla piggybacking on cybercriminal malware to hit Ukraine, the return of Careto and the absence of IOCs, Claroty report on an Iran-linked cyberweapon targeting critical infrastructure, ethical considerations in cyberwarfare, and the implications of quantum computing on security and cryptocurrencies. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Costin Raiu (https://twitter.com/craiu) and Ryan Naraine (https://twitter.com/ryanaraine).

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Volexity's Steven Adair on the Nearest Neighbor AttackPub date: 2024-12-09Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationVolexity founder Steven Adair joins the Claroty Nexus Podcast to discuss the Nearest Neighbor Attack, a unique attack carried out by Russia's APT 28 against a high-value target in an attempt to gain intelligence on Ukraine prior to the start of the war in February 2022. APT 28 was able to compromise the Wi-Fi network of its target without being in physical proximity of it. They did so by remotely compromising neighboring organizations, accessing their Wi-Fi networks—creating a daisy-chain of breaches and compromises—until they were able to reach their target. Volexity's blog contains additional technical details. Listen to every episode of the Nexus Podcast here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

On today's Strategy Series program, sponsored by General Atomics Aeronautical Systems, Dr. Darrell Bricker, the CEO of Ipsos Public Affairs and adviser on the annual agenda of the annual Halifax International Security Forum, discusses the results of the HISF-Ipsos Threat Index derived from polling 22, 000 people in more than 30 countries; and retired US Navy Adm. Mike Rogers, a former director of the National Security Agency and commander of US Cyber Command who is now the chairman of the advisory board of cybersecurity firm Claroty, discusses China's Salt Typhoon attack on US and allied communications systems, the cutting of a fiber-optic cable between Finland and Germany, and takeaways from this year's Halifax Forum with Defense & Aerospace Report Editor Vago Muradian.

Episode 98: In this episode of Critical Thinking - Bug Bounty Podcast Justin Gardner sits down with Sharon,to discuss his journey from early iOS development to leading a research team at Claroty. They address the differences between HackerOne and Pwn2Own, and talk through some intricacies of IoT security, and some less common IoT attack surfaces.Follow us on twitter at: @ctbbpodcastWe're new to this podcasting thing, so feel free to send us any feedback here: info@criticalthinkingpodcast.ioShoutout to YTCracker for the awesome intro music!------ Links ------Follow your hosts Rhynorater & Teknogeek on twitter:https://twitter.com/0xteknogeekhttps://twitter.com/rhynorater------ Ways to Support CTBBPodcast ------Hop on the CTBB Discord at https://ctbb.show/discord!We also do Discord subs at $25, $10, and $5 - premium subscribers get access to private masterclasses, exploits, tools, scripts, un-redacted bug reports, etc.Today's Sponsor - ThreatLocker: Check out Network Control!https://www.criticalthinkingpodcast.io/tl-ncAnd AssetNote: Check out their ASMR board (no not that kind!)https://assetnote.io/asmrToday's Guest: https://sharonbrizinov.com/ResourcesThe Claroty Research Teamhttps://claroty.com/team82Pwntoolshttps://github.com/Gallopsled/pwntoolsScan My SMShttp://scanmysms.comGotta Catch 'Em All: Phishing, Smishing, and the birth of ScanMySMShttps://www.youtube.com/watch?v=EhNsXXbDp3UTimestamps(00:00:00) Introduction(00:03:31) Sharon's Origin Story(00:21:58) Transition to Bug Bounty and Pwn2Own vs HackerOne(00:47:05) IoT/ICS Hacking Methodology(01:10:13) Cloud to Device Communication(01:18:15) Bug replication and uncommon attack surfaces(01:30:58) Documentation tracker, reCaptcha bypass, and ScanMySMS

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Joe Saunders on Advanced Cyberattacks Against Critical InfrastructurePub date: 2024-11-07Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationRunsafe Security CEO and Cofounder Joe Saunders joins the Nexus Podcast to discuss the strategic shift from certain APTs toward destructive cyberattacks targeting U.S. critical infrastructure. Groups such as Volt Typhoon and Sandworm have aggressively focused their efforts on hacking OT, IoT, and healthcare organizations, opening new fronts that asset owners and operators, as well as manufacturers of embedded systems must now contend with. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Grant Geyer on the Business Impact of Disruptions from CyberattacksPub date: 2024-10-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationClaroty Chief Strategy Officer Grant Geyer joins the Nexus Podcast to discuss the results of a survey of 1,100 cybersecurity leaders and practitioners on the business impact of disruptions from cyberattacks on cyber-physical systems. The financial losses are steep from these attacks impacting connected systems that are so central to our way of life, as are the recovery costs and operational impacts such as downtime, which is often intolerable in critical industries such as manufacturing and healthcare.Geyer brings his unique insights to the discussions, including attackers' motivations in targeting CPS, why ransomware continues to impact healthcare delivery organizations, and the risks of unsecured third-party and supply chain connections to the enterprise.  Get the full survey results here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Operation Magnus disrupts notorious infostealers. Pennsylvania officials debunk election disinformation attributed to Russia. TeamTNT targets Docker daemons. Delta sues CrowdStrike. NVIDIA released a critical GPU Display Driver update. Fog and Akira ransomware exploit SonicWall VPNs. A researcher demonstrates Downgrade attacks against Windows systems. Qilin ransomware grows more evasive and disruptive. Pwn2Own Ireland awards over $1 million for more than 70 zero-day vulnerabilities. Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. At long last, it's legal to fix your McFlurry.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Grant Geyer, Chief Strategy Officer at Claroty, talking about safeguarding our nation's critical food infrastructure. The FBI recently held an Agriculture Threats Symposium in Nebraska, spotlighting growing concerns over the security of the nation's critical food infrastructure amid rising threats. As cyberattacks and bioterrorism increasingly target agriculture, the event highlighted urgent calls for stronger safety measures to protect the food supply chain.  Selected Reading Operation Magnus Disrupted Redline and Meta Infostealer Malware (Cyber Security News) Pennsylvania officials rebut false voter fraud claims from home and abroad (CyberScoop) TeamTNT Exploits 16 Million IPs in Malware Attack on Docker Clusters (Hackread) Delta sues CrowdStrike for $500 million in damages caused by massive airline cancelations (The Independent) NVIDIA GPU Vulnerabilities Allow Attackers To Execute Remote Code on Windows & Linux (Cyber Security News) Fog ransomware targets SonicWall VPNs to breach corporate networks (Bleeping Computer) New Windows Driver Signature bypass allows kernel rootkit installs (Bleeping Computer) Updated Qilin Ransomware Escalates Encryption and Evasion (BankInfo Security) Researchers Discover Over 70 Zero-Day Bugs at Pwn2Own Ireland (Infosecurity Magazine) It Is Now Legal to Hack McFlurry Machines (and Medical Devices) to Fix Them (404 Media) DisMis: Explore our 3-part series on election propaganda. (N2K) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Industrial Cybersecurity InsiderEpisode: AI, Global Trends, and More: A Glimpse into the Future of OT Cybersecurity with ClarotyPub date: 2024-10-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this week's episode, Dino Busalachi is joined by Gary Kneeland from Claroty. With over nine years of experience at Claroty, Gary discusses the evolution of OT security, the convergence of IT and OT, and the growing importance of cybersecurity in protecting critical infrastructure. The conversation touches on how regulatory changes, ransomware threats, and AI advancements are shaping the industry. Whether you're dealing with outdated systems or navigating complex industrial environments, this episode provides practical insights into the challenges and opportunities ahead.Chapters:00:00:00 - Pandemic's Impact on Critical Infrastructure00:01:08 - Introduction to Gary Neelan and Claroty00:01:41 - Gary's Role in OT Cybersecurity00:02:49 - Evolution of OT Cybersecurity: From Compliance to Strategy00:05:23 - IT and OT Convergence: Securing Cyber-Physical Systems00:09:46 - Addressing Complex Challenges in OT Cybersecurity00:11:56 - OT Cybersecurity Talent Shortage and Managed Services00:13:01 - Future of OT Cybersecurity: Adapting to New Threats00:14:36 - Modernizing Manufacturing Systems for Enhanced Security00:15:52 - Global Cybersecurity Trends in Critical Infrastructure00:18:01 - Regional OT Cybersecurity Challenges and Responses00:25:01 - The Role of AI in Defending OT Environments00:28:19 - Final Thoughts on OT Cybersecurity's FutureLinks And Resources:Gary Kneeland on LinkedInDino Busalachi on LinkedInJim Cook on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Velta Technology, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-420

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-420

AI Fest, American Water, Broadband, Claroty, Okta, Meta, Phishing, Robocop, Josh Marpet, and more on the Security Weekly News. Show Notes: https://securityweekly.com/swn-420

Podcast: Error Code (LS 26 · TOP 10% what is this?)Episode: EP 46: Hacking Israeli-made Water Treatment Devices In PennsylvaniaPub date: 2024-09-24Political hacktivism once mainly focused on website defacement. Now it has shifted to targeting physical devices, affecting critical infrastructure such as water treatment plants. At Black Hat USA 2024, Noam Moshe from Claroty highlighted how the HMIs in PLC devices from Israeli manufacturers may be susceptible to political attacks by nation-state actors using unknown vulnerabilities in the PComm protocol.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Political hacktivism once mainly focused on website defacement. Now it has shifted to targeting physical devices, affecting critical infrastructure such as water treatment plants. At Black Hat USA 2024, Noam Moshe from Claroty highlighted how the HMIs in PLC devices from Israeli manufacturers may be susceptible to political attacks by nation-state actors using unknown vulnerabilities in the PComm protocol.

Adm. Mike Rogers, USN Ret., a former director of the National Security Agency and commander of US Cyber Command who is now the chairman of the advisory board of cybersecurity firm Claroty, joins Defense & Aerospace Report Editor Vago Muradian to discuss the recent revelation that Chinese hackers have for the first time taken the provocative step of installing malware in key US infrastructure; how Washington must respond to restore deterrence, the range of actions the Biden administration should consider including a targeted cyber operations to damage the Chinese economy; actions Congress should take to curb Chinese access to US technology and networks; countering the growing coordination among China, Russia, Iran and North Korea; increasingly sophisticated Russian efforts to undermine US elections; and why creating an independent cyber force is a bad idea.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Alethe Denis on Social Engineering, Red-TeamingPub date: 2024-08-26Bishop Fox senior security consultant Alethe Denis joins the Claroty Nexus podcast to discuss social engineering in cybersecurity and how it has become part of red-team engagements, especially inside critical infrastructure organizations. She explains the value of open source intelligence and data stolen in breaches to scammers and extortionists in creating pretexts for their schemes. She also explains how to best defend against these tactics that aid threat actors in weaponizing personal information against victims and organizations. For more, visit nexusconnect.io/podcasts.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Alon Dankner on Extracting Crypto Keys from PLCsPub date: 2024-08-19Alon Dankner of the Technion Institute for Technology in TelAviv Israel joins the Claroty Nexus Podcast to discuss a presentation he gave at the recent Black Hat cybersecurity conference in Las Vegas. Dankner and colleague Nadav Adir's presentation looked at the attack surface of programmable logic controllers (PLCs), in particular Siemens' S7 protocol. Dankner and Adir developed six attacks against the encryption implementation in the protocol that expose private crypto keys and allow an attacker full control over the industrial control system.For more, visit nexusconnect.io/podcasts The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Noam Moshe on Extracting Forensic Data from Unitronics PLCsPub date: 2024-08-08Claroty Team82 researcher Noam Moshe joins the Nexus Podcast to talk about Team82's research into Unitronics Vision series integrated HMI/PLC devices. The OT devices were exploited last year in attacks against water treatment facilities in the U.S. and Israel. Team82 researched the security of these devices and developed a pair of tools that allowed them to extract forensic information from the PLCs. Both tools were released to open source on Team82's Github page.Moshe also presented this research today at the Black Hat Briefings in Las Vegas. Read Team82's research blog here.Download the forensics tools here.For more, visit nexusconnect.io/podcasts The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Alexander Antukh on Cyber Risk QuantificationPub date: 2024-08-01Alexander Antukh, CISO of AboitizPower in the Philippines, the country's largest power and renewable energy provider, joins the Nexus Podcast to discuss cyber risk quantification (CRQ). CRQ is a framework used to assess the financial impact of a cybersecurity threat on an organization. Antukh is an advocate of CRQ, and discusses his approach to using it to predict risk in his organization, what level of organizational maturity is required for this approach to succeed, and how it's being applied in operational technology (OT) environments.  For more, visit nexusconnect.io/podcastsThe podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Notorious Russian cybercriminals head home after an historic prisoner exchange. An Israeli hacktivist group claims responsibility for a cyberattack that disrupted internet access in Iran. The U.S. Copyright Office calls for federal legislation to combat deep fakes. Cybercriminals are using a Cloudflare testing service for malware campaigns. The GAO instructs the EPA to address rising cyber threats to water and wastewater systems. Claroty reports a vulnerability in Rockwell Automation's ControlLogix devices. Apple has open-sourced its homomorphic encryption (HE) library. CISA warns of a high severity vulnerability in Avtech Security cameras, and the agency appoints its first Chief AI Officer.  We welcome Tim Starks of CyberScoop back to the show today to discuss President Biden's cybersecurity legacy. Can an AI chatbot recognize its own reflection? Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests Welcoming Tim Starks of CyberScoop back to the show today to discuss Biden's cybersecurity legacy. For more information, you can check out Tim's article “Biden's cybersecurity legacy: ‘a big shift' to private sector responsibility.” The National Cybersecurity Strategy can be found here.  Dave also sits down with Errol Weiss, CSO of Health-ISAC, sharing their reaction to the ransomware attacks against healthcare. Health-ISAC and the American Hospital Association (AHA) have issued an advisory to raise awareness of the potential cascading impacts of cyberattacks on healthcare suppliers and the importance of mitigating single points of failure in supply chains. Recent ransomware attacks on OneBlood, Synnovis, and Octapharma by Russian cybercrime gangs have caused significant disruptions to patient care, emphasizing the need for healthcare organizations to incorporate mission-critical third-party suppliers into their risk and emergency management plans. Selected Reading Jailed cybercriminals returned to Russia in historic prisoner swap (CyberScoop) American Hospital Association and Health-ISAC Joint Threat Bulletin - TLP White  (American Hospital Association and Health-ISAC)  Iranian Internet Attacked by Israeli Hacktivist Group: Reports (Security Boulevard) Copyright and Artificial Intelligence, Part 1 Digital Replicas Report (US Copyright Office) Hackers abuse free TryCloudflare to deliver remote access malware (Bleeping Computer) EPA Told to Address Cyber Risks to Water Systems (Infosecurity Magazine) Security Bypass Vulnerability Found in Rockwell Automation Logix Controllers (SecurityWeek) Apple open-sources its Homomorphic Encryption library (The Stack) CISA Warns of Avtech Camera Vulnerability Exploited in Wild (SecurityWeek) Lisa Einstein Appointed as CISA's First Chief AI Officer (Homeland Security Today) Can a Large Language Model Recognize Itself? (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Vincente Diaz on Using AI for Malware AnalysisPub date: 2024-07-21Vincente Diaz, Threat Intelligence Strategist on Google's VirusTotal team and formerly the EU director of Kaspersky Lab's Global Research & Analysis Team, joins the Nexus Podcast to discuss how artificial intelligence and machine learning is an integral part of what VirusTotal is doing around malware analysis. Vincente describes the advantages these advanced technologies bring to malware analysis, in particular how it cuts down analysis time, and improves exploit detection. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Ahmik Hindman on Patching OT and ICSPub date: 2024-07-08Ahmik Hindman, Senior Network and Security Solution Consultant at Rockwell Automation, joins the Claroty Nexus podcast to discuss the challenges and success stories he's experienced in patching operational technology equipment and industrial control systems. Hindman has been at Rockwell Automation for 28 years and has expansive experience with customers solving these complex cybersecurity issues. Hindman shares some of the frameworks, tools, and approaches he's worked with, and how convergence and other recent trends have changed how organizations handle vulnerabilities. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Dr. Bilyana Lilly on Information WarfarePub date: 2024-07-01Dr. Bilyana Lilly,  an expert on geopolitics and Russia's codification of information warfare as a strategy, says that the war in Ukraine has only temporarily delayed Russia's activity against the West in cyberspace. On this episode of the Nexus podcast, she reinforces the idea that despite the fact that Russia is operating under severe resource constraints, CISOs should be preparing for the inevitable. “I think it's important to identify the conditions and the constraints that currently the Russian government is currently experiencing. Because once these constraints are lifted then I think we'll see an increase in cyber activity, which gives us some time to prepare,” Lilly said. “That's what I think we should be doing right now. I think we shouldn't be letting our guard down because I think those attacks are coming.”The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Vinnie Liu on Offensive Security Testing During IncidentsPub date: 2024-06-10Bishop Fox CEO and Cofounder Vinnie Liu joins the Nexus Podcast to discuss his team's role during security incidents in conducting offensive security testing alongside incident response activities. In healthcare environments where ransomware is the leading threat, red-teams and other offensive security specialists are called in, Liu said, to ensure that secondary attack vectors cannot be leveraged by attackers to maintain persistence inside an organization. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Vinnie Liu on Offensive Security Testing During IncidentsPub date: 2024-06-10Bishop Fox CEO and Cofounder Vinnie Liu joins the Nexus Podcast to discuss his team's role during security incidents in conducting offensive security testing alongside incident response activities. In healthcare environments where ransomware is the leading threat, red-teams and other offensive security specialists are called in, Liu said, to ensure that secondary attack vectors cannot be leveraged by attackers to maintain persistence inside an organization. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Diana Kelly on Protecting the AI LifecyclePub date: 2024-06-03Protect AI Chief Information Security Officer Diana Kelly joins the Claroty Nexus podcast to discuss the intricacies of securing machine learning and artificial intelligence use inside the enterprise. She also explains the concept of MLSecOps and how it compares and contrasts to DevOps used in application development. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Diana Kelly on Protecting the AI LifecyclePub date: 2024-06-03Protect AI Chief Information Security Officer Diana Kelly joins the Claroty Nexus podcast to discuss the intricacies of securing machine learning and artificial intelligence use inside the enterprise. She also explains the concept of MLSecOps and how it compares and contrasts to DevOps used in application development. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Jennifer Minella on OT Cybersecurity ConvergencePub date: 2024-05-28Jennifer Minella, founder and principal advisor of Viszen Security,  joins the Claroty Nexus podcast to discuss her experiences advising organizations on operational technology implementations, risk management, and succeeding at IT/OT convergence. This episode was recorded during RSA Conference where Jennifer and Bryson Bort gave a talk on convergence from the perspectives of a defender of industrial networks, and from the viewpoint of an offensive security specialist. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Jennifer Minella on OT Cybersecurity ConvergencePub date: 2024-05-28Jennifer Minella, founder and principal advisor of Viszen Security,  joins the Claroty Nexus podcast to discuss her experiences advising organizations on operational technology implementations, risk management, and succeeding at IT/OT convergence. This episode was recorded during RSA Conference where Jennifer and Bryson Bort gave a talk on convergence from the perspectives of a defender of industrial networks, and from the viewpoint of an offensive security specialist. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode, we dissect the unexpected connections of Onerep.com's founder with the people-search industry, explore Google Chrome's upcoming real-time phishing protection, and unravel the cybersecurity concerns plaguing medical devices as per Claroty's latest research. Dive into the complexities of ensuring data privacy, the innovative steps taken by Google to balance security with user privacy, and the urgent cybersecurity measures needed in the healthcare sector. Sources: Data Privacy CEO: krebsonsecurity.com/2024/03/ceo-of-data-privacy-company-onerep-com-founded-dozens-of-people-search-firms/ Chrome Phishing Protection: bleepingcomputer.com/news/google/google-chrome-gets-real-time-phishing-protection-later-this-month/#google_vignette Medical Devices: helpnetsecurity.com/2024/03/14/medical-devices-cybersecurity-concerns/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: cybersecurity, data privacy, Google Chrome, phishing protection, medical devices, healthcare security, Onerep.com, endpoint protection, known exploited vulnerabilities, Claroty, network segmentation, secure remote access Search Phrases: cybersecurity updates and insights data privacy company controversy Google Chrome real-time phishing protection medical device cybersecurity risks Onerep.com founder's background protecting healthcare networks from cyber threats endpoint protection in medical devices addressing known exploited vulnerabilities in healthcare network segmentation for medical device security secure remote access strategies for healthcare latest cybersecurity trends and solutions Claroty's research on medical device vulnerabilities Transcript: [00:00:00] offsetkeyz: Google is updating Chrome with real time phishing and malware protection that enhances security for all users without compromising their privacy. I'm offsetkeyz and you're listening to the Daily Decrypt. Research from Krebs on Security reveals that OneRep. com, a company that offers to remove personal information from people search websites, was founded by Dimitri Shellest, who has previously launched numerous people search services. Does OneRep. com have connections to the very people search firms it claims to protect against? And research from Clarity reveals that only 13 percent of medical devices support endpoint protection agents, exposing a vast majority to cyber risks with 23 percent harboring at least one known exploited vulnerability. How does this affect patient safety and healthcare operations? [00:01:00] [00:01:03] offsetkeyz: Onerep. com is a company that marks itself as a As a guardian of data privacy, promising to erase personal information from a vast network of people search websites. However, recent investigations have unveiled that this Virginia based entity is in fact operating from Belarus and Cyprus, and is led by Dimitri Shalest, who is deeply entwined in the very industry he claims to protect against. OneRep. com charges individuals and families a fee to remove their data from nearly 200 people search websites, while also extending its services to corporations, offering them the ability to continuously cleanse their employees data from these platforms. So despite its proclaimed mission, the company's background paints a contradictory picture. Celeste, the CEO, is not just linked to, but has founded numerous people search services globally. So there's a lot of deception going on here. Firstly, that it's marketing itself as a Virginia based [00:02:00] company, when in reality it's operating out of Belarus and Cyprus. And it's marketing to remove your data from search websites, while the owner also owns search websites. What's interesting about these sites is, in order to find the information that they're trying to remove, they need to gather all the information that they want to find. So I recently signed up for a site that I won't mention, but it's not OneRep. And in order for them to go and hunt down my information, I needed to provide them with all my information. And this was over a year ago, and it felt pretty weird, but I thought, hey, I'll give it a shot. And, you know, turns out it did actually reduce the amount of spam calls I was getting, junk email that I was getting, and hopefully improved my privacy online. But, yeah, There's something weird about providing this company with all of my data in order to go remove it from the web. So this CEO [00:03:00] likely has realized how much data these companies get and is in turn just charging people and in turn is making money while also bolstering his people search websites with the data that you freely provided to him. So hey, hats off to this Dimitri guy, but your jig is up, so sucks to suck, honestly. [00:03:24] transition: Do, do, do, do, do, do. [00:03:30] offsetkeyz: Some recent research by Clarity reveals that only 13 percent of medical devices are capable of supporting endpoint protection agents. Highlighting a significant cybersecurity gap within healthcare networks. This vulnerability is compounded by findings that 63 percent of known exploited vulnerabilities tracked by the Cybersecurity and Infrastructure Security Agency, or CISA, are present on these networks. With 23 percent of medical devices, including crucial imaging, clinical [00:04:00] IOT, and surgical equipment, this are harboring at least one known exploitable vulnerability. So that's almost one in four medical devices are vulnerable to something that's exploitable. And this is just a reminder that there are multiple types of vulnerabilities, but the ones that are exploitable, well all vulnerabilities are exploitable, but what this is referring to is ones that are actively exploited. Like, I could go on Google with that medical device name and Google would return its exploits and vulnerabilities. Like, it's not that complicated. And many of you might be wondering, What is endpoint protection? Well, an endpoint is the device itself and protection is like what in the 90s we would call antivirus or whatever, like Norton. Every Windows 95 computer came with Norton. That's sort of endpoint protection, but it's essentially, yeah, just blocking things that shouldn't be [00:05:00] accessing the device. and it stores a dictionary of known signatures of threats and malwares and potentially unwanted applications and, and things that are launching code and, and all these things. It's, it's going to block things that you don't want on these devices. So without endpoint protection, medical devices are way more susceptible to malware and ransomware and cyber threats. Which can be exploited to gain unauthorized access, which could be exploited to steal patient data or disrupt medical services, maybe even tamper with the results. Giving inaccurate results would reduce credibility. Lots of things that maybe not your everyday attacker would want to do, but maybe a nation state actor would want to do like. Cyber enemies like Russia and China. These vulnerabilities can also put healthcare services in risk of compliance. [00:06:00] Which just causes way more headaches. And the system here in America is already pretty bogged down, we don't need any more headaches. So this is just to add to the increasing need for cyber security in the healthcare industry. We're seeing these megacorporations get breached by ransomware, shutting down services to people who need healthcare services. And look, threat actors know that there's one thing that anybody on the planet will pay for, and that's their life. Which means it's very exploitable. So there's no excuse for these devices to be less secure than my iPhone. I'm really hoping for a shift towards healthcare security. And there, of course, are some challenges to some of these devices. They don't have the computing power. They don't have X, Y, and Z. But some of them, like pacemakers and stuff, I'm are directly tied to your life. If that's hacked, they can be shut off, and so can your [00:07:00] heart. Like, that's pretty crazy. So, there's a lot of money to be had in healthcare, if you've listened to any of my previous episodes. Tons of money. It's one of the top industries in America, yet it's one of the least secure. So, something's gotta give, alright? [00:07:25] offsetkeyz: And finally, Google is set to enhance its Chrome browser with an update that introduces real time phishing and malware protection for all users, aiming to improve security without compromising privacy. This update is building off of Google's Safe Browsing feature, which was launched in 2005. And that feature protects users from web based threats by blocking malicious domains. So unlike the current system which updates its list of dangerous URLs every 30 to 60 minutes, the new real time capability will allow Google to check sites against its server side list [00:08:00] instantaneously. This change is expected to increase the efficiency of blocking phishing attempts by 25 percent. That's pretty huge. There's a lot of stuff that can be done to prevent phishing. This is gonna be great. The technology behind this allows for a much speedier and wider net to be cast. Which might not be a perfect solution now, noting that it's only about 25 percent increase, but it does open the door to a more robust solution. And I think there could be different levels that the user can opt into. For example, like, at my place of work, I tried to navigate to dailyDecrypt. com, but being that the podcast is less than a couple months old, the website is also less than a couple months old, and my workplace just blocks new websites. Like, hey, that's a Marvel idea! At least throw up a banner if the website you're trying to navigate to is less than a month or two months old. [00:09:00] Like, hey, you're navigating to a brand new website. Is this intentional? Because, hey, attacks aren't very long run until they're figured out and the website's shut down. So most websites that contain phishing are pretty new. So that would be great if Google had something like that. Now I'm sure there are a lot of smaller companies that provide these services to IT departments that would be pretty bummed by Google taking this and making it free. And there is no such thing as free. Google's gonna get their money through your data, which turns out you can't remove using services like OneRep. But hey, sorry to the smaller companies. If the bigger companies are gonna come in and do it better, That's capitalism. We need safety. So, hats off to Google. Let's keep it up. Let's make this more robust. And, frickin stop phishing in its tracks, alright? Alright, but that's [00:10:00] all I got for you today. Happy Friday. We've tried out a couple new things this week, like getting rid of the super seductive AI announcer at the beginning, so Let us know if you miss him. Or if you're glad that he's gone, I miss him a little, but I think it takes away from the episode introduction. [00:10:20] offsetkeyz: So I'm giving it a shot, but let, let me know if you want to hear more hot girl farmer, if you want to hear more dialogue, if you want to hear more expert guests, um, I've got some interest from across the industry and in appearing on this podcast, but I'm not quite sure how to weave them in. So literally any suggestion, if you want to be on this podcast, If you find value in this podcast, I'd love to hear from you. I've heard from a few people that I haven't heard from in years or ever saying they're enjoying it and that really helps keep it going. You know, I'm reaching the point where without little dopamine hits, it's harder and harder to keep going. So anything you can throw at me is greatly appreciated. I hope you have a great weekend and [00:11:00] we will talk to you on Monday.

The US House votes to enact restrictions on TikTok. HHS launches an investigation into Change Healthcare. An Irish Covid-19 portal puts over a million vaccination records at risk. Google distributes $10 million in bug bounty rewards. Nissan Oceana reports a data breach resulting from an Akira ransomware attack. Meta sues a former VP for alleged data theft.  eSentire sees Blind Eagle focusing on the manufacturing sector. Claroty outlines threats to health care devices. A major provider of yachts is rocked by a cyber incident. In our Threat Vector segment, David Moulton explores the new SEC cybersecurity regulations with legal expert and Unit 42 Consultant Jacqueline Wudyka. And ransomware victims want their overtime pay.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On the Threat Vector segment, host David Moulton explores the new SEC cybersecurity regulations that reshape how public companies handle cyber risks with legal expert and Unit 42 Consultant Jacqueline Wudyka. They discuss the challenges of defining 'materiality,' the enforcement hurdles, and the impact on the cybersecurity landscape.  Selected Reading Bill that could spur TikTok ban gains House OK  (SC Media) What would a TikTok ban look like for users? (NBC News) HHS to investigate UnitedHealth and ransomware attack on Change Healthcare (The Record) How a user access bug in Ireland's vaccination website exposed more than a million records (ITPro) Google Paid $10m in Bug Bounties to Security Researchers in 2023 (Infosecurity Magazine) Nearly 100K impacted by Nissan Oceania cyberattack (SC Media) Meta Sues Former VP After Defection to AI Startup (Infosecurity Magazine) Malware Analysis: Blind Eagle's North American Journey (esentire) Only 13% of medical devices support endpoint protection agents (Help Net Security) Billion-dollar boat seller MarineMax reports cyberattack to SEC (The Record) City workers not getting paid overtime amid Hamilton's ransomware attack: unions (CBS News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors. Segment Resources: CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management Report: Enterprise SIEMs offer inadequate threat detection 2023 State of SIEM Detection Risk Report In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-352

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors. Segment Resources: CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management Report: Enterprise SIEMs offer inadequate threat detection 2023 State of SIEM Detection Risk Report In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-352