Podcasts about cybersecurity

Malware Quiz https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Odd Zip Files https://isc.sans.edu/forums/diary/Phishing+ZIP+With+Malformed+Filename/27966/ Decrypting Cobalt Strike Configurations Using Known Secret Keys https://blog.nviso.eu/2021/10/21/cobalt-strike-using-known-private-keys-to-decrypt-traffic-part-1/ Tracking BLE Fingerprints https://cseweb.ucsd.edu/~nibhaska/papers/sp22_paper.pdf GPS Software Bug https://us-cert.cisa.gov/ncas/current-activity/2021/10/21/gps-daemon-gpsd-rollover-bug https://isc.sans.edu/forums/diary/Keeping+Track+of+Time+Network+Time+Protocol+and+a+GPSD+Bug/27886/

The business of Security is gaining in maturity, from being an obscure corner of IT to becoming a core part of the C-Suite. How is this transformation happening and what can we learn from the similar trend that occurred in IT for the last decade?   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw715

Cybersecurity is a topic that is not to be taken lightly. We're working with Georgian's Head of Security and Privacy, Alex Manea, to bring you a series of content for your company's cybersecurity needs. In this episode, we approach cybersecurity metaphorically — we take you back to the middle ages where castles, kings, and knights existed. Think of your company as the castle you're protecting and dive into the systems to consider when creating a security architecture. You'll hear about: The concept of good and bad people is very contextualCybersecurity attacks and how to prevent themWays to spread out your risks Hiring security expertsDetecting potential security threats Drawing the line to protect the company while being mindful of legislation and employees' rights Responding to a DDoS attack What we can learn from the SolarWinds attack Anonymity and what it means for your data

Rana discovered application security as a software developer which inspired her interest in web app pentesting.During her studies and journey to prepare for the OSCP certification, Rana started sharing what she learned in blogs and went on to create video learning content for aspiring pentesters and security professionals._______________________GuestRana KhalilOn Linkedin | https://www.linkedin.com/in/ranakhalil1/On Twitter | https://twitter.com/rana__khalilOn YouTube | https://www.youtube.com/channel/UCKaK-XPQAbznwIISC46b1oAOn Medium | https://ranakhalil101.medium.com/______________________HostPhillip WylieOn ITSPmagazine  

Cybersecurity: In this episode of Cloud Talk, we discuss the evolution of cybercrime with 20+ year veterans of IT security. From early-90s IRC battles to today's nation-state backed hacker industry, we discuss how companies can make small changes to combat these forces. Special Guests: Gary Alterson and Vinnie Liu.

The future of digital transformation is the future of business, the workforce, and the world.  Today's host FCCS Chief Learning Officer Jean Cantey Segal welcomes Future Point of View thought leader and speaker Scott Klososky, for a conversation about the future of digital transformation over the next five to ten years. Scott works to help companies understand how technology can be harnessed to create a bright and prosperous future, and he has joined the podcast today to share insights into what exactly companies can expect in the digital future, how to prepare for these rapidly approaching changes, and how to utilize technology to strengthen customer and company relationships.  Today's Insights Include: The rapidly advancing pace of digital transformation The pandemic has played a significant role in speeding up the pace of the digital transformation.  Today's technology provided a foundation that kept businesses running during the shutdown.  The pandemic also improved organization collaboration, communication, and automation.  Tools that were at our fingertips prior to the pandemic have been activated in meaningful ways.    Advice for the leaders in any organization  The pace of change in technology can catch leaders off guard, but it doesn't have to be that way.  Leaders need to invest more time and energy in staying up-to-date on digital transformations.  Board members are valued for their wisdom- this requires learning about foundational technologies and applying it to preexisting knowledge.  Cybersecurity is a key threat that leaders need to be prepared for with playbooks and cyber insurance.    The future of the digital backbone and the digital halo  The digital backbone refers to the core pieces of software that companies use to do business.  Leaders need to consider how they are utilizing and modernizing their backbone.  The digital backbone has grown in importance as a piece of an organization. A digital halo refers to the ability of a company to utilize technology to provide an exceptional customer experience.  Seek the digital halo that your customers want to experience.  The digital halo is critical today, and will be mandatory in the future.    Creating a personalized digital experience Companies need to use the gathered information about customers to create personalized experiences for them.  Building a digital collection means utilizing the technology that enhances the customer relationship.  There are plenty of options in the technology toolbox that can be used to the advantage of the business-customer relationship.  Companies need to be mindful of what tools to use and when.    Changes to ag lending in the next 10 years  There will not and should not be a quick return to in-office work.  Collaboration software should continue to be used to improve company communication.  High end human skills have to continue to mix with high end technology skills.  In the future, more work will be done with less, but more powerful people.  As automation continues to improve, customers will be able to do more with less company assistance, making strong relationships more important than ever.  Relationships with borrowers will not change in the future- they will continue to be critical.    Navigating a VUCA world  Companies today are faced with a volatile, uncertain, complex and ambiguity world.  The digital transformation offers a complex world that many of us are not built to navigate well.  Calm down!  Forward thinking companies make sure their people take time for their health.    Rise of the centaur A centaur is a highly skilled human with high technology skills.  Growing and developing centaurs is in the future of every company.  Digital wellness is key to keeping centaurs healthy and happy at work.  Companies need to be prepared to nurture and develop the centaurs of the future.    Scott's forward thinking advice Take time to go off the grid Spend as much time with people as you do with screens.  Identify areas that feel off balance and take the time to correct them.  This podcast is powered by FCCS. Resources Future Point of View Get in touch info@fccsconsulting.com

Tune in to hear from Jay Ryerse and Jason Ballard from Sadona as they discuss Sadona's Cybersecurity journey and share advice for other MSPs.  

Stolen Images Evidence Campaign Pushes Sliver Based Malware https://isc.sans.edu/forums/diary/Stolen+Images+Evidence+campaign+pushes+Sliverbased+malware/27954/ FiveSys Rootkit Signed By Microsoft https://www.bitdefender.com/files/News/CaseStudies/study/405/Bitdefender-DT-Whitepaper-Fivesys-creat5699-en-EN.pdf Oracle Critical Patch Update https://www.oracle.com/security-alerts/cpuoct2021.html WinRAR Vulnerability https://swarm.ptsecurity.com/winrars-vulnerable-trialware-when-free-software-isnt-free/ Crypto Mining npm Libraries https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices

In this episode, Jen McHale-Bryar, Managing Director - Global IT, Strategic Programs & Operations dig into cloud security with two of our own experts Don Galzarano, Managing Director - Global IT, Enterprise Architecture and Simon Gooch, Managing Director - Global IT, Cyber Security and Digital Identity Lead.

There are tons of cybersecurity job openings for folks with 3-5 years of experience, but where are the junior roles? How are people getting their initial 3-5 years in? Josh and the ESW hosts discuss the finer points and challenges of breaking into InfoSec via the analyst path. - As mentors: where do we struggle with our mentees? - There are a million certs and degree programs - which are worth the time and money? - How can folks learn and hone cybersecurity skills prior to getting a job in InfoSec? We've even included a handy cheat sheet full of recommendations and resources: https://securityweekly.com/wp-content/uploads/2021/10/Starting-a-Cybersecurity-Career-Cheat-Sheet.pdf   This segment is sponsored by Devo. Visit https://securityweekly.com/devo to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw247

Join ISACA's Director of Communications, Kristen Kessinger as she interviews ISACA's Information Security Professional Practices Lead, Jon Brandt about what is currently happening in the cybersecurity workforce. Listen in as Jon explains how the demand for cybersecurity resources is large, but the workforce pipeline is not keeping pace and how that makes hiring difficult for organizations. Jon and Kristen also discuss the “Great Resignation”, how the pandemic has helped make job hunters more selective, and if the NIST/NICE frameworks are still valued. Take a listen and enjoy!

Are you looking for the perfect IT cert to help make 6-figures and level up your career? Tune in to this episode and find out which IT cert is setting the industry on fire! 

More than half a million jobs in cybersecurity go unfilled each year, showing a major need for more individuals to enter this ever-growing field. Think you might be up to the challenge? John and Sharon talk with Rob Lee about training available through the SANS Institute and the current hottest areas in the profession. Rob also offers recommendations, both for young people hoping to orient their college education toward cybersecurity and professionals looking to make a career shift into the field.  Rob Lee is the chief curriculum director and faculty lead at the SANS Institute. Special thanks to our sponsors CaseFleet and PInow.

More than half a million jobs in cybersecurity go unfilled each year, showing a major need for more individuals to enter this ever-growing field. Think you might be up to the challenge? John and Sharon talk with Rob Lee about training available through the SANS Institute and the current hottest areas in the profession. Rob also offers recommendations, both for young people hoping to orient their college education toward cybersecurity and professionals looking to make a career shift into the field.  Rob Lee is the chief curriculum director and faculty lead at the SANS Institute. Special thanks to our sponsors CaseFleet and PInow.

E284 Human Scott Augenbaum is a cybercrime specialist, retired FBI supervisory special agent and former Crimes Against Children coordinator. He's the author of “The Secret to Cybersecurity,” and spends his time helping to empower people against cyber attacks on their work and home computers, and phones – from phishing to romance scams to password shenanigans […]

Thanks to Covid 19: New Types of Documents are Lost in the Wild https://isc.sans.edu/forums/diary/Thanks+to+COVID19+New+Types+of+Documents+are+Lost+in+The+Wild/27952/ Google Chrome 95 Released https://chromestatus.com/roadmap Squirrel VM Bug https://thehackernews.com/2021/10/squirrel-engine-bug-could-let-attackers.html BlackByte Decryptor Released https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/blackbyte-ransomware-pt-1-in-depth-analysis/ https://github.com/SpiderLabs/BlackByteDecryptor

Owning The Customer Experience with Larry Gordon Larry Gordon and Joe Lynch discuss owning the customer experience. Larry is is the Managing Director, GTM, Emtec Digital, a global technology services company that provides digital software engineering and transformation solutions to clients across multiple industries. About Larry Gordon  Larry Gordon is the Managing Director, GTM, Emtec Digital. Prior to joining Emtec, Larry has held senior leadership positions at Cognizant and Capgemini and has founded and led IT services and software companies in the security, devops and digital transformation segments. He has also been a successful angel investor in the energy and cloud spaces. About Emtec Emtec is a global IT consultancy dedicated to helping world class organizations in the enterprise, education, and government markets drive transformation and growth by employing the latest enterprise technologies and innovative business processes. We empower our clients to accelerate innovation and deliver amazing client experiences to better compete and ultimately lead in their industry. Our “Client for Life” approach is built upon over 20 years of delivering rapid, meaningful, and lasting business value. Our offerings span the IT spectrum from Advisory, Applications (Enterprise, Custom, Mobile and Cloud) as well as Intelligent Automation, Analytic, Cyber Security and Infrastructure Services. Key Takeaways: Owning The Customer Experience Larry Gordon is the Managing Director, GTM, Emtec Digital, a firm that empowers their transportation and logistics clients to accelerate innovation and deliver amazing client experiences. In the podcast interview, Larry explains how the customer experience is increasingly enabled by technology. Consumer technology companies like Amazon have raised the bar on customer experience. Leading transportation, logistics, and warehousing companies are investing to deliver the best customer experience. The 3PL market is separating between the “haves” who have game-changing technology and the “have-nots” who are unable or unwilling to invest in technology. In the past, IT service companies developed systems that were focused on operational and financial functions that were not seen or use by the firm's customers. Today, IT service companies are not just not just developing systems that streamline the process – they are delivering customer experiences. When the customer is regularly interacting with the technology, the bar is very high. IT services companies who are developing customer experiences, work closely with customers (end customers) to understand their unique preferences. Emtec develops digital products or platforms that are customer facing – products that have the ability to delight customers and give your company a competitive advantage. Emtec is a global technology services company providing digital software engineering and transformation solutions to clients in logistics, transportation, and warehousing. Emtec also works some of the leading technology companies in the freight tech space. Learn More About Owning The Customer Experience Larry Gordon LinkedIn Emtec Emtec Digital The Logistics of Logistics Podcast If you enjoy the podcast, please leave a positive review, subscribe, and share it with your friends and colleagues. The Logistics of Logistics Podcast: Google, Apple, Castbox, Spotify, Stitcher, PlayerFM, Tunein, Podbean, Owltail, Libsyn, Overcast Check out The Logistics of Logistics on Youtube

Peggy talks about supply-chain disruptions and how the bottlenecks we are witnessing are unlike anything we have experienced in our lifetime. She looks to the future and presents strategies for what needs to happen next to create a more sustainable supply chain. She also discusses: Forces shaping supply chain sustainability. Next steps for our supply chains. Specific examples of how digital transformation can improve our supply chains. peggysmedleyshow.com  (10/19/21 - 742) IoT, Internet of Things, Peggy Smedley, artificial intelligence, machine learning, big data, digital transformation, cybersecurity, blockchain, 5G cloud, sustainability, future of work, podcast

Peggy and Heidi Roop, assistant professor, University of Minnesota, talk about her journey with climate change, saying today she is an ambassador for climate science and is thinking about the implications and risks we are going to face. They also discuss: Climate history and new research and technologies. How to incorporate climate models into other models to think about what is possible in the future. The importance of corporate responsibility and accountability with emissions of greenhouse gases and preparing communities for the changes set in motion. How to encourage others to lead change with climate change.  climate.umn.edu  (10/19/21 - 742) IoT, Internet of Things, Peggy Smedley, artificial intelligence, machine learning, big data, digital transformation, cybersecurity, blockchain, 5G cloud, sustainability, future of work, podcast, Heidi Roop, University of Minnesota

Earlier this year, meat giant JBS was forced to pay millions in ransom when a cybersecurity breach left data critical to their operation vulnerable to online criminals. Since then, otherorganizations, from cooperatives to pipelines, have also been attacked, and with more and more of agriculture's critical information being stored online, anxiety is growing. Today, DTN's Victoria Myers joins us to discuss her ongoing series on Cybersecurity in the ag sector, walking us through the hacks we've seen, how companies and law enforcement are responding, and what might be ahead in terms of future risk. Then, Victoria will bring us up to date on the best tips for keeping your systems and data secure.

When it comes to keeping a business safe from cyber attacks, it's rarely enough to have the latest security software or even the best information technology team. What's needed is a holistic approach - that brings in a company's best security experts, technology experts, HR and more from across a spectrum of expertise. In this podcast, host and RANE founder, David Lawrence speaks to Mike Kenney, a cybersecurity expert at consortium network and RANE director of safety and security, Brian Lynch.Individuals and organizations turn to RANE, for risk intelligence that cuts through the hype to focus on what they need to know, what to expect, and what to do. Are you a Business? Click here to learn more about RANE.

Contact us:Jerry Buckley | jbuckley@buckleyfirm.comJody Westby | westby@globalcyberrisk.comADCG | info@adcg.org

Laura continues her discussion with Sean and Bryce, today they talk about how some of the trending attacks work and how we can watch for it. So, join us here on Health Care High Wire!

This episode is one of the top downloaded episodes of 2021 thus far, Microsoft Is Now A Cybersecurity Monster. New shows will return Tuesday, Oct. 26th, 2021. Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

In this episode of Cybercrime Radio, Roy Zur, CEO, ThriveDX SaaS, joins host Steve Morgan to discuss his background, the history of ThriveDX, how ThriveDX is upskilling the cyber workforce, and more. Sponsored by https://thrivedx.com/ • For more on cybersecurity, visit us at https://cybersecurityventures.com/

Welcome to Mastering Cyber with Host Alissa (Dr Jay) Abdullah, PhD, SVP & Deputy CSO at Mastercard, and former White House technology executive. Listen to this weekly one-minute podcast to help you maneuver cybersecurity industry tips, terms, and topics. Buckle up, your 60 seconds of cyber starts now! Sponsored by Mastercard. https://mastercard.us/en-us.html

Stan McChrystal has spent a long career considering questions of risk, leadership, and the role of America's military, having risen through the Army's ranks ultimately to take command of all US and NATO forces in Afghanistan, a force representing 150,000 troops from 45 countries. Retiring as a four-star general in 2010, he has gone on to lecture at Yale and launched the McChrystal Group, where he taps that experience to help organizations build stronger teams and devise winning strategies. His latest book, which he tells Tyler will be his last, is called Risk: A User's Guide. He joined Tyler to discuss whether we've gotten better or worse at analyzing risk, the dangerous urge among policymakers to oversimplify the past, why being a good military commander is about more than winning battlefield victories, why we're underestimating the risk that China will invade Taiwan, how to maintain a long view of history, what set Henry Kissinger apart, the usefulness of war games, how well we understand China and Russia, why there haven't been any major attacks on US soil since 9/11, the danger of a “soldier class” in America, his take on wokeness and the military, what's needed to have women as truly senior commanders in the armed forces, why officers with bad experiences should still be considered for promotion, how to address extremists in the military, why he supports a draft, the most interesting class he took at West Point, how to care for disabled veterans, his advice to enlisted soldiers on writing a will, the most emotionally difficult part and greatest joys of his military career, the prospect of drone assassinations, what he eats for his only meal of the day, why he's done writing books, and more. Visit our website: https://conversationswithtyler.com Email: cowenconvos@mercatus.gmu.edu Follow us on Twitter: https://twitter.com/cowenconvos Follow us on Instagram: https://instagram.com/cowenconvos/ Follow Tyler on Twitter: https://twitter.com/tylercowen Follow Stanley on Twitter: https://twitter.com/StanMcChrystal Like us on Facebook: https://facebook.com/cowenconvos Subscribe to our Newsletter: https://go.mercatus.org/l/278272/2017-09-19/g4ms Thumbnail photo credit: Leading Authorities, Inc.

Ongoing cyber threats to local water and wastewater systems were flagged in an advisory jointly sent out by the FBI, the EPA, and the Cybersecurity and Infrastructure Security Agency (CISA) last week. It warned that systems to ensure that sewage and other biohazards stay out of our drinking water are vulnerable. The advisory pointed to several cyberattacks in the last few years, like one in Oldsmar, Florida where someone tried to hack in and dump extra chemicals in one municipal system. CISA is urging water and wastewater facilities to plan for, and get ready to block, these attacks. Marketplace’s Kimberly Adams speaks with Kim Zetter, a cybersecurity journalist and author.

Ongoing cyber threats to local water and wastewater systems were flagged in an advisory jointly sent out by the FBI, the EPA, and the Cybersecurity and Infrastructure Security Agency (CISA) last week. It warned that systems to ensure that sewage and other biohazards stay out of our drinking water are vulnerable. The advisory pointed to several cyberattacks in the last few years, like one in Oldsmar, Florida where someone tried to hack in and dump extra chemicals in one municipal system. CISA is urging water and wastewater facilities to plan for, and get ready to block, these attacks. Marketplace’s Kimberly Adams speaks with Kim Zetter, a cybersecurity journalist and author.

You have just received your first-time role in cybersecurity as a Security Analyst - congratulations! How has your first experience been so far in this new role?LinkedIn can be a powerful method of meeting others. Of all the amazing things you've done - what is the best advice you could give for someone trying to break into cybersecurity?On the flip side - what is something you would like for hiring managers to consider when they are interviewing potential security analysts?Of the conference volunteering, speaking at conferences, networking, and certifications that you've been working towards, what do you feel like was the most helpful to land your first job?As someone who's been trying to break into cyber, what did you find were the biggest impediments?What can we do as an industry to make the field more inclusive to aspiring entrants of all backgrounds?

Ransomware and other cyber threats have evolved in recent years , and with that so has cybersecurity. In this episode we'll share stories of modern day cyber attacks that keep IT professionals up at night. We'll hear about a cyber attack that impacted a country's health service, an attack on a legal firm's web server that exposed sensitive client data, and we'll hear how attackers found vulnerable systems in a small company's network and got in.  Experts share advice about best security practices for organizations and individuals alike. It's #CyberSecurityMonth, and this is an episode you won't want to miss.Kurt Roemer, Chief Security Strategist for Citrix, shares his expertise in preventing attacks on IT departments and individuals.Fahmida Rashid is a cybersecurity journalist. She has been writing about information security for 15 years for technology publications such as Dark Reading, Security Week and Infosecurity Magazine.Citrix is supplying you with critical intelligence to write the new work playbook. Explore research and perspectives for a successful hybrid work model on Fieldwork by Citrix. [LINK: https://www.citrix.com/fieldwork/flexible-work/virtual-series.html] filled with research, tools, and best practices to guide, support, and enable the flexible workforce.To learn more about best practices for a secure workforce, visit us here:https://www.citrix.com/fieldwork/secure-workforce/

Everybody has their own path to finding the job that's right for them. It's often easy to get discouraged when you're in the middle of the path to reach your desired goal. Tune in this week as Jen Stone (MCIS, CISSP, CISA, QSA) speaks with Luana Pascu (Cybersecurity Researcher, GSEC) about her personal journey, and how you can find the path in data security that's right for you.Listen to learn:- How to find your passion within cybersecurity- Education steps to reach your desired role- How to track your journey into the workforceConnect with our guest: https://www.linkedin.com/in/luanapascu/

A distinguished public servant, Dan has served as a member of the U.S. House of Representatives; the District Attorney for Richmond County, New York; and the Deputy Bureau Chief for the New York County District Attorney's Office. He has decades of experience working with high-level government officials on the federal, state, and city level. As Representative for the 11th Congressional District of the State of New York, he was appointed to the Homeland Security Committee, where he served as chairman of the Emergency Preparedness, Response, and Communication Subcommittee and was a member of the Cyber Security and Infrastructure Protection Subcommittee. He was also appointed to the Foreign Affairs Committee, where he served as a member of the Middle East and North Africa Subcommittee and the Africa, Global Health, Human Rights, and International Organizations Subcommittee. As District Attorney for Richmond County, Staten Island, New York, he served as the Chief Law Enforcement Officer and presided over 125 prosecutors, administrative staff, and NYPD detective squad. In this role he was responsible for the prosecution of more than 12,000 criminal cases per year. He also represented Staten Island as Deputy Borough President and as Chief of Staff for the Office of the Staten Island Borough President, where he oversaw public safety, education, transportation, healthcare, environmental, and city planning matters. As Deputy Bureau Chief for the New York County District Attorney's Office, Dan served the NYC Special Narcotics Prosecutor and managed New York City–wide felony narcotics cases. Dan received his J.D., cum laude, from Fordham University School of Law, where he was a member of the Fordham Law Review, and his B.S. from St. John's University.

Can You Make the Great Chinese Firewall Work For You https://isc.sans.edu/forums/diary/Can+you+make+the+Great+Chinese+Firewall+work+for+you/27948/ Fake Government Assistance Websites https://www.ic3.gov/Media/Y2021/PSA211015 TA505 Coming Back https://www.proofpoint.com/us/blog/threat-insight/whatta-ta-ta505-ramps-activity-delivers-new-flawedgrace-variant BlackMatter Ransomware https://us-cert.cisa.gov/ncas/alerts/aa21-291a

Nobody wants to be hacked through their toaster. Or even worse, their toaster joining an army of toasters that attack critical infrastructure and send me 50 spam emails a day. The Internet of Things is the idea that any device connected to electricity will eventually be connected to the internet. It's super cool and super frightening at the same time. When researchers report these vulnerabilities to companies they're often ignored and sometimes even retaliated against. Will our defenses catch up to our technology or are we all just f****d? This episode includes expert insight from Jack Rhysider, Craig Young and Beau Woods. Episodes I mention of Jack's show Darknet Diaries: Episode 21 - Black Duck Eggs Episode 45 XBox Underground Episode 60 - dawgyg Episode 99 - The Spy Learn more about your ad-choices at https://www.iheartpodcastnetwork.com

We mainly spend this episode doing some catching up because it's been a while since we recorded. But on the actual, helpful, front, we discuss a recently released list of the vulnerabilities that are most often exploited in the wild, according to the U.S. Cybersecurity and Infrastructure Security Agency. It's particularly interesting to compare the lists from 2020 and 2021 to see how threat actors have changed up their tactics and parse through all the information to tell you what you need to know. It's also important to question these types of reports and how helpful they are to defenders. This is also a great episode for any Snort fans out there who are interested in the old days of writing rules for some Y2K-era malware.

With the influx of electric vehicles into the U.S. market, utilities—including electric cooperatives—and other interests are working to build EV infrastructure that can keep pace with the expected demand, and this growing web of connected charging stations will create a host of new cybersecurity vulnerabilities. To learn more about what those vulnerabilities are and how to mitigate them, we're joined by Shannon Murry with the FBI's Cyber Division along with NRECA's Brian Sloboda.

PSST! Want to know a secret? You can now securely share 1Password items with anyone! Tune in to learn more about our new secure sharing tool and how it will transform your digital life. We also go behind-the-scenes with Beyer and Nick to discover how they created the browser experience for iOS15 and what the future holds for 1Password in the browser.Plus, it's us vs the memorable password generator for our last ever Three Word Password, and Matt randomly, but memorably, shows off his royal mug collection. Don't say we don't spoil you. ☕️

Firm regulatory risks and priorities don't exist in a vacuum. And that is perhaps nowhere clearer than when it comes to a firm's anti-money laundering responsibilities. A firm's AML risks can overlap with any number of other priorities. On this episode, we're looking at the intersection of a firm's AML and cybersecurity risks. Joining us are Jason Foye, a director with FINRA's Anti-Money Laundering Investigative Unit, and Dave Kelley, a director with FINRA's Cybersecurity Specialist Program, both with FINRA's National Cause and Financial Crimes Detection Program. Resources mentioned in this episode:Episode 60: Introducing Greg Ruppert and the NCFCEpisode 33: Money Laundering in the Securities IndustryEpisode 34: AML Priorities and Best Practices SWIFT: How Cyber Attackers ‘Cash Out' Following Large-Scale HeistsFinCEN October 2020 Advisory on Ransomware FinCEN July 2020 Advisory on CybercrimeFinCEN October 2016 Advisory on Cyber EventsFINRA Cybersecurity ResourcesRegulatory Notice 20-32 on Fraudulent Options TradingRegulatory Notice 20-13 on Fraud During the Coronavirus Pandemic

Today we have a fascinating conversation with Rob Dyson, someone with decades of experience in the security space and the current Global OT and IoT Security Services Business Development Leader at IBM! We have a wide-ranging conversation looking at the impacts of cyber security in Industry 4.0 transformations, the main drivers of cyber security risks in manufacturing, why security should never be relegated or de-prioritized, and how companies can go about building a strong culture of cyber security. This is our second conversation dealing with IBM, and this episode promises to be just as informative as our previous one, and is definitely not to be missed! On a more general note, this is the last episode of our second season, during which we have had such a great time bringing you these impactful conversations with different leaders. We look forward to Season 3 and hope you carry on with us on this journey!   Key Points From This Episode: A little of Rob's professional background, and his current role at IBM.  The trend towards Industry 4.0 and the reasons and aims for this. Impacts and results of transformation that Rob witnessed recently. The current causes for increased cybersecurity risks in manufacturing.  Unpacking this history of the air gap in industrial environments.  Using interconnected and integrated systems to create better, stronger security environments.  Translating the understanding and effort around security in the IT world to the OT space. How to run security teams and driving individual members to optimal performance.    The key areas that companies need to focus on in the current security climate.  The continuous nature of security programs and avoiding naive approaches to the ongoing challenges.  Taking the programs beyond just the technology; including people in your security processes.  Finding the right expertise for your company; building a well-suited security team.   Advice from Rob about getting started with a security journey; his three-pronged strategy!

Freedom is not something to fear; in fact, it's an essential component of creativity. Chaos is something to avoid, however. Many creative people confuse freedom with chaos and think a chaotic environment inspires creative passion. The most creative environments are those that provide enough order, and essential security, that allows individuals to stretch out to create something new. As security information management has evolved with the cloud, a new form of defense has been required. Dave Frampton, the VP/GM Cloud SIEM & Security Analytics at Sumo Logic, describes this system as living in the middle of the cloud chaos. “What you really need to do is rethink this and deliver this SIM from the cloud, like as a cloud service itself. So that's it's right there in the midst of all that chaos [and] able to ingest all of that data and it's savvy and smart about all those different new threat surfaces, because, in and [of] itself, this service is built and made from all of these same components: microservices, and containers, and modular, modern software that communicates by APIs.”By living in the midst of the cloud chaos, a security platform such as Sumo Logic is in the middle of the action and is creating a secure place for business and creativity to flourish. In Greek mythology, Atlas was forced to hold up the sky as a punishment by Zeus. Cybersecurty forces must hold back those with ill intent and to do so they dwell inside the chaos and create a safe place there. They don't do this because they are condemned to this fate. Instead, they do so because they have chosen this role of protector and this is their mission.On this episode of IT Visionaries, Dave chats about how cybersecurity has evolved to decrease silos and increase automation. He explains how humanity, and ethics, are required to make judgements on how A.I. and automation should be used to further security aims. Enjoy the episode!Main TakeawaysMoving Into the Cloud Chaos: If the action is in the cloud, then security needs to be in the cloud too to ingest necessary data and to disrupt attacks. The security product must be at the same level, and made with the same parts, as that which it is intended to protect. Platform Disrupts Silos: In companies, silos are often made out of a sense of necessity. People work in their areas with their specific knowledge and access. In security, however, it is important to have a platform that connects those on the application and security teams so they can work together to protect the company.  Automation with Ethics: There's a drive to automate as much as possible in the security realm because there is so much data and so many threats with everything moving so fast. This is reasonable, but humanity must lead decision-making concerning automation. It's a matter of ethics. People must choose when to automate and for what purpose. They must weigh the pros and cons of their actions and accept any consequences. Fear and Greed: People are often driven by fear and greed. This is the case when considering A.I. and automation advances in security. On the fear side, it's reasonable to be concerned about potential technological overreaches and unintended consequences. On the greed side, A.I. and automation has vast potential to deal with so much incoming data and to make quick decisions.---IT Visionaries is brought to you by the Salesforce Platform - the #1 cloud platform for digital transformation of every experience. Build connected experiences, empower every employee, and deliver continuous innovation - with the customer at the center of everything you do. Learn more at salesforce.com/platform 

Alphabet CEO Sundar Pichai discussed cybersecurity, tech innovation and government oversight with WSJ Editor in Chief Matt Murray at the WSJ's Tech Live conference. Register and tune in at techlive.wsj.com/tlpodcast. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week Grant and Zoe are joined by Bryan Read, Director of Cyber-Espionage Analysis at Mandiant and Adjunct Professor at Georgetown University. Ben talks about the importance of Cyber Hygiene, the impact of cryptocurrencies on ransomware, and the balance between private and public defenses. In the final segment, Zoe talks about some news out of Guantanamo Bay, Ben suggests The Children's Illustrated Clausewitz, Grant continues to sound the alarm on the situation in Ethiopia. If you are under 40 and interested in being featured on the podcast, be sure to fill out this form: https://airtable.com/shr5IpK32opINN5e9

Malcious PowerShell Script Using Client Certificate Authentication https://isc.sans.edu/forums/diary/Malicious+PowerShell+Using+Client+Certificate+Authentication/27944/ PowerShell Updates https://github.com/PowerShell/Announcements/issues/27 Juniper JunOS Patches https://kb.juniper.net/InfoCenter/index?page=content&channel=SECURITY_ADVISORIES TianFu Cup https://tianfucup.com/en/#canjia

Boyd Clewis, is an internationally recognized cybersecurity expert, author, speaker, and is featured on Forbes, NBC, ABC, and CBS news. As the Vice President and Chief Information Security Officer at Baxter Clewis Consulting.  He is dedicated to helping businesses implement effective security and compliance programs. He is trusted by many of the largest Fortune 500 companies, in which he plays a major role in their compliance audits.  Boyd serves on the Texas-STEM Advisory Board for Castleberry ISD, advising on curriculum for their Cybersecurity education program. He also holds multiple certifications including, CISSP, CCSK, CISA and QSA.  He is regularly praised for his innovative and creative presentations for some of the worlds' leading cybersecurity conferences, including the PCI Community Meeting, held in Europe.  Through his consulting work, Boyd discovered the need for more qualified individuals in the cybersecurity space, therefore, he has spent the  last 4 years training other cybersecurity specialists, through the Baxter Clewis Training Academy.  Clewis and I discuss cyber security in a changing world, the professional certifications that pay, and how to add value to any organization.https://www.linkedin.com/in/boydclewis/

This month Chris Hadnagy and Ryan MacDougall are joined by Les Correia, who leads the evangelization of Estee Lauders Application Security. In his position Les wears many hats, but they are all worn with the mission of protecting Estee Lauders critical assets from the risk of a security breach. Prior to this, Les held Senior and Advisory roles providing thought leadership at companies such as AT&T and Lucent. Les also holds an MSc in Cyber Security as well as an exhaustive list of certifications. In his free time, Les pilots small aircraft and drives racecars. October 18, 2021 00:00 – Intro  www.social-engineer.com     Managed Voice Phishing       Managed Email Phishing       Adversarial Simulations       Social-Engineer channel on SLACK       CLUTCH       www.innocentlivesfoundation.org    Human Behavior Conference – website coming soon  05:10 – Les Correia Intro  09:15 – How did you get into this industry?  12:05 – How are you trying to be proactive in stopping breaches?  14:00 – How important has top level support been?  15:03 – How do you get other business units to give you time for what you're doing?  16:30 – Understanding the business like a business consultant helps them know you care about that business unit  20:19 Whisky  24:08 – What kind of attacks have you seen in the wild that people need to be aware of?  26:10 – How do we get people that may not think they can be a victim to understand these threats can still be against them?  27:55 – Being a worldwide company, how do you translate your security processes through all those different cultures?  32:01 – How important is it to have hobbies outside of your work?  34:41 – How do you help your team deal with burnout when you have so much work on your plate?  37:56 – Has there anyone you could consider your greatest mentor?  Dr. Tafar   INS (International Network Services)  Dr. Patarsh   Dr. Menamen – NYU   39:32 – Book Recommendations  Thinking Fast and Slow Seven Habits of Highly Effective People Good To Great  Chris' Books  41:57 – Guest Wrap Up  42:20 – Reaching Les on social media:  linkedin.com/in/les-correia   43:12 – Outro   www.social-engineer.org  www.social-engineer.com    www.innocentlivesfoundation.org 

October is Cybersecurity Awareness month, but being cyber aware is something we must be every day.  Cybersecurity subject matter expert Max Greene is back to give us the latest on the threat environment, plus give us the latest tips on remaining cyber diligent at home and on all of our devices.  Do I really need a strong password?  What about two-factor authentication?  Did I really win a $100 gift card like the text I just received indicates?  Find out on Episode 39 of the Tyler Tech Podcast. Here's Jeff's notes from Max on staying cyber diligent at home:Designate certain devices for certain activities (ex: business use vs. personal use)Use your VPN (virtual private network)Use a strong passwordsUse two-factor authenticationHover over links and use the "first forward slash, two dots back" rule to see where the link is taking youFor more information, go to Tylertech.com 

Active Scanning for Apache Vulnerabilities CVE-2021-41773 and 42013 https://isc.sans.edu/forums/diary/Apache+is+Actively+Scan+for+CVE202141773+CVE202142013/27940/ Warranty Repairs and Non Removable Storage Risks https://isc.sans.edu/forums/diary/Warranty+Repairs+and+NonRemovable+Storage+Risks/27938/ Crypto Wallet Compromised on OpenSea NFT Marketplace https://blog.checkpoint.com/2021/10/13/check-point-software-prevents-theft-of-crypto-wallets-on-opensea-the-worlds-largest-nft-marketplace/ $5.2 Billion worth of Bitcoin Transactions Linked to Ransomware https://www.fincen.gov/sites/default/files/shared/Financial%20Trend%20Analysis_Ransomeware%20508%20FINAL.pdf

Organizations are increasingly adopting a Zero Trust model, which is based on the philosophy that there should be no implicit trust in a corporate network. Rooted in the principle of “Never Trust, Always Verify”, Zero Trust is designed to protect modern digital environments against successful data breaches. While it has existed for over a decade, Zero Trust is one of the most misused “buzzwords” in the industry today. Vendor marketing and other misleading data has unfortunately caused mass confusion about what Zero Trust really is and how to use it properly.Former Forrester Research analyst and creator of Zero Trust, John Kindervag, stops in to demystify the term, while explaining how it's a proven security strategy within enterprise security. Our conversation at the bar includes properly defining the term, the value of adoption, implementation techniques, exemptions, and more!Tony the Bartender develops a “Python”.Support the show (https://www.patreon.com/barcodepodcast)