Podcasts about cybersecurity

Deepfake spear phishing, unpatched systems vulnerability, MongoDB on the evolution of data storage tech, and more. A new, remarkably sophisticated malware is attacking routers Criminals use deepfake videos to interview for remote work Arduino launches IP40-rated Edge Control Enclosure Kit with on-board LCD user interface A world-first computer chip transmits data via sound waves rather than electrons Cyberattacks via unpatched systems cost organizations more than phishing MongoDB SVP of Cloud Products Andrew Davidson returns to talk more about MongoDB and the evolution of data storage technologies Hosts: Louis Maresca, Brian Chee, and Curt Franklin Guest: Andrew Davidson Download or subscribe to this show at https://twit.tv/shows/this-week-in-enterprise-tech. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsors: UserWay.org/twit Nuvei.com Compiler - TWIET

This episode features a discussion on a regulator's order to Canadian telecom providers to block botnets, the CISA's recommendation to companies using Microsoft Exchange Online to move to better authentication and more

Breaking Into Cybersecurity: Svetlomir Balevski 7.1.22 https://www.linkedin.com/in/svetlomir-balevski-a366767/ It's really a conversation about what they did before, why did they pivot into cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber - Twitch: https://www.twitch.tv/breakingintocybersecurity

Kim shares her passion for helping others through her volunteer efforts in numerous cybersecurity organizations helping the under-represented.Kim not only volunteers in multiple cybersecurity organizations, she also founded her own non profit. Not only does she focus on helping people gain skills in cybersecurity, she wants to educate people at all ages, from children to the retired. Her efforts are also focused on providing security education to help all people defend themselves from threat actors._______________________GuestKim KennedyFounder & CEO of EMPIRE of WEOn Twitter | https://twitter.com/broncobailey303On LinkedIn | https://www.linkedin.com/in/kim-possible/______________________HostPhillip WylieOn ITSPmagazine  

A daily look at the relevant information security news from overnight - 01 July, 2022Episode 256 - 01 June 2022Critical Gitlab Patch- https://portswigger.net/daily-swig/gitlab-patches-critical-rce-bug-in-latest-security-release Jenkins Janky Plugins - https://www.bleepingcomputer.com/news/security/jenkins-discloses-dozens-of-zero-day-bugs-in-multiple-plugins/WAP Fraud- https://www.zdnet.com/article/microsoft-this-android-malware-will-switch-off-your-wi-fi-empty-your-wallet/Macmillan Incident - https://www.securityweek.com/brocade-vulnerabilities-could-impact-storage-solutions-several-major-companiesMicrosoft Backdoor - https://thehackernews.com/2022/07/new-sessionmanager-backdoor-targeting.htmlDangling Chromium - https://portswigger.net/daily-swig/chromium-browsers-vulnerable-to-dangling-markup-injectionHi, I'm Paul Torgersen. It's Friday July 1st 2022, and this is a look at the information security news from overnight. From PortSwigger.netGitlab has patched a vulnerability that could allow remote code execution. The critical severity flaw affects all versions of GitLab. A fix has been released for this and a number of other vulnerabilities, including two separate cross-site scripting bugs. Link to the Gitlab advisory in the article. From BleepingComputer.com:Jenkins announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched. Jenkins supports over 1,700 plugins, with those affected by this disclosure having more than 22,000 installs. Fortunately none of these are rated critical as there are no fixes as of yet for most of them. See the list of affected plugins in the article. From ZDNet.com:Microsoft shared its detailed technical analysis of what it says is one of the most prevalent types of Android malware. It's called 'toll billing', or Wireless Application Protocol fraud. This involves using an infected device to connect to payment pages of a premium service via a device's WAP connection. From there, payments are automatically charged to a device's phone bill. Details and a link to the analysis in the article. From BleepingComputer.comPublishing giant Macmillan was forced to shut down their network and offices while recovering from a security incident. In emails to customers, Macmillan stated the incident involves the encryption of certain files on their network, so this is almost certainly a ransomware attack. No word on the threat actor as Macmillian has slowly started to bring systems back online. And last today, from TheHackerNews.comA newly discovered malware called SessionManager, has backdoored Microsoft Exchange servers since at least March of 2021. If you recall, that was right after the ProxyLogon flaw was discovered. The malware masquerades as a module for Internet Information Services, with capabilities to read, write, and delete arbitrary files; execute binaries from the server; and establish communications with other endpoints in the network. That's all for me this week. Have a great Fourth of July long weekend, and until next time, be safe out there.

As online threats grow, it pays to stay in the know about cybersecurity. Thankfully, there are plenty of events you can attend this July to keep updated on the latest news and opportunities. Check back next month to hear all about August's upcoming cybersecurity events. • For more on cybersecurity, visit us at https://cybersecurityventures.com/

The World Economic Forum's Global Cybersecurity Outlook report indicates that cyberattacks increased 125% globally in 2021, with evidence suggesting a continued uptick through 2022. In this fast-changing landscape it is vital for leaders to take a strategic approach to cyber risks.How can leaders better prepare for future cyber shocks? What individual and collective actions will foster a more secure and resilient digital ecosystem?This is the full audio from a panel discussion at the World Economic Forum's Annual Meeting 2022 in Davos Moderator: Karen Tso, CNBC InternationalSpeakers: Jürgen Stock, Secretary-General, International Criminal Police Organization (INTERPOL) Josephine Teo, Minister for Communications and Information of Singapore Chander Prakash Gurnani, Chief Executive Officer, Tech Mahindra Limited Robert M. Lee, Chief Executive Officer and Co-Founder, Dragos Read the Global Cybersecurity Outlook 2022 here: https://www.weforum.org/reports/global-cybersecurity-outlook-2022/ Transcript: https://www.weforum.org/agenda/2022/07/global-cybersecurity-outlook-davos-2022

This episode reports on why Carnival Cruise Line was fined over cyber inadequacies, an FBI warning to HR departments over deepfake video job applications, and more

We hope you've enjoyed the first seven episodes of The Hacker Chronicles! Stay tuned for the next five episodes – all leading up to a thrilling season finale.We know you've been waiting patiently to hear the rest of the season, and we're excited to share that new episodes will be released this July.But while you wait, we wanted to give you a look behind the scenes at how The Hacker Chronicles was made. Caspian Studios CEO and series executive producer Ian Faison leads a roundtable with Jérôme Robert, Tenable's Senior Marketing Director and the creator of The Hacker Chronicles, Skyler Schmanski, the Head of the Marketing Innovation Lab at Tenable and the author of The Hacker Chronicles novella; and Caspian's Rex New, who adapted the series for audio.They'll break down why a cybersecurity firm decided to create an audio drama, the authenticity of the show, and what's coming next for the series.If you want to learn why and how the cybersecurity teams at Tenable transformed cyber reality into podcast fiction, check out tenable.com/alice. Learn more about Caspian Studios at Caspianstudios.com

Veteran cybersecurity journalist and author Joseph Menn, now at the Washington Post, talks about his books and the best reporting on hacking and defense today. Since he began writing on the subject in 1999, Menn has broken some of the biggest stories in the industry and written two of most widely read books in the Cybersecurity Canon.   Segment Resources: https://www.amazon.com/Joseph-Menn/e/B001HD1MF6%3Fref=dbs_a_mng_rwt_scns_share https://www.washingtonpost.com/technology/2022/05/01/russia-cyber-attacks-hacking/ https://www.reuters.com/investigates/special-report/usa-politics-beto-orourke/ https://www.reuters.com/article/us-usa-security-rsa/exclusive-secret-contract-tied-nsa-and-security-industry-pioneer-idUSBRE9BJ1C220131220 https://www.reuters.com/article/microsoft-china/insight-microsoft-failed-to-warn-victims-of-chinese-email-hack-former-employees-idUKL1N14I1LU20151231 https://www.wired.com/story/cult-of-the-dead-cow-at-stake-hackers-excerpt/   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw746

Case Study: Cobalt Strike Server Lives on After its Domain is Suspended https://isc.sans.edu/forums/diary/Case+Study+Cobalt+Strike+Server+Lives+on+After+Its+Domain+Is+Suspended/28804/ CVE-2022-28219: Unauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus https://www.horizon3.ai/red-team-blog-cve-2022-28219/ CWE Top 25 Update https://cwe.mitre.org/top25/archive/2022/2022_cwe_top25.html#analysis

I chat with the inspirational Jaeson Schultz, a technical leader for Cisco Talos Security Intelligence & Research Group. Jaeson has over 20 years' experience in Information Security and his experience ranges from hardware hacking, to log analysis and security policy recommendations, to thwarting misuse of Internet application layer protocols like DNS, HTTP, and SMTP. We discuss securing Web3 and what cybersecurity in the metaverse might look like. I also learn more about Cisco's how Talos Group is dedicated to advancing the state-of-the-art of threat defense and enhancing the value of Cisco's security products.

Case Study: Lessons Learned from Conducting a Cybersecurity Audit by Disaster Recovery Journal & Asfalis Advisors

Breaking Into Cybersecurity + Federal Career Connection: Resume + Interview Tips 6.29.22 We are excited to have Federal Career Connection back for another discussion on breaking into federal careers! Today's guest is Tim Lo who will discuss resume and interviewing tips. https://www.linkedin.com/in/timothyclo/ Tim Lo is from Fishkill, New York and went to school at Carnegie Mellon in Pittsburgh for both his undergraduate and master's degrees. Tim has over a decade of experience in business strategy and process improvement. He has worked for several top-tier international consulting firms and has been involved in the hiring of many new team members. He volunteers as a mentor to many recent grads and moonlights as a serial entrepreneur. Tim is a PARW/CC certified resume writer and professional career coach. It's really a conversation about what they did before, why did they pivot into cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber - Twitch: https://www.twitch.tv/breakingintocybersecurity

#CISOThursday - Breaking into Cybersecurity: Pete Strouse 6.29.22 https://www.linkedin.com/in/pete-strouse-mba-phr-b2193b42/ Are you a CISO and interested in sharing your story or insights on attracting and retaining cybersecurity talent and other topics of the week on the Breaking Into Cybersecurity hashtag#CISOThursdays? Let us know. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI -------------------- About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com Website: https://www.cyberhubpodcast.com/breakingintocybersecurity Podcast: https://anchor.fm/breakingintocybersecurity YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ Twitter: https://twitter.com/BreakintoCyber Twitch: https://www.twitch.tv/breakingintocybersecurity

A daily look at the relevant information security news from overnight - 30 June, 2022Episode 255 - 30 June 2022OpenSea Makes Waves- https://techcrunch.com/2022/06/30/nft-opensea-data-breach/ XFiles XPands - https://www.bleepingcomputer.com/news/security/xfiles-info-stealing-malware-adds-support-for-follina-delivery/8220 Miner Upgrade- https://www.zdnet.com/article/microsoft-warning-this-malware-that-targets-linux-just-got-a-big-update/Brocade Broken - https://www.securityweek.com/brocade-vulnerabilities-could-impact-storage-solutions-several-major-companiesAstraLocker Attack - https://www.bleepingcomputer.com/news/security/astralocker-20-infects-users-directly-from-word-attachments/Dangling Chromium - https://portswigger.net/daily-swig/chromium-browsers-vulnerable-to-dangling-markup-injectionHi, I'm Paul Torgersen. It's Thursday June 30th 2022, happy birthday Jayden, and this is a look at the information security news from overnight. From TechCrunch.comNFT marketplace OpenSea, has suffered a massive data breach. It seems a staffer at their vendor Customer.io shared the entire email database with a third party. If you have shared your email with OpenSea at any time in the past, you should assume you were impacted. Be on the lookout for targeted phishing emails coming your way. From BleepingComputer.com:These next two are quick hits on malware strains upgrading their exploits. The XFiles info-stealer has added a delivery module that exploits the Windows Follina vulnerability. On a side note, XFiles has also recruited new members recently and is launching new products. Details in the article. From ZDNet.com:Along those same lines, Microsoft is warning about notable updates to malware targeting Linux servers to install cryptominers and IRC bots. The 8220 gang has added new functionality to exploit the recent Confluence vulnerability, as well as an old 2019 WebLogic bug. Details in the article. From SecurityWeek.com:Broadcom revealed that the Brocade SANnav storage area network is affected by nine vulnerabilities, some of which could impact the products of their partner companies, such as HPE, NetApp, Oracle, Dell, Fujitsu, IBM, Lenovo and others. There is no evidence as of yet that these have been exploited in the wild, but get your patch on kids. From BleepingComputer.comThe ransomware strain called AstraLocker has recently released its second major version that drops its payload directly from email attachments. Specifically Word docs. Obviously this smash and grab type of attack is looking for quick payouts and not trying for persistence or lateral movement. Full write up in the article. And last today, from PortSwigger.netA recently-patched security hole in Chromium browsers allowed attackers to bypass safeguards against dangling markup injection, and extract sensitive information from webpages. While dangling markup injection is well-known and -addressed in Chrome, the new attack took advantage of an unaddressed case in how the browser upgrades unsafe HTTP connections. You know where to find the details. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

On this week's Industrial Talk we're talking to Jon Clay, VP of Threat Intelligence with Trend Micro about "Securing your Digital Transformation Strategy ".  Get the answers to your "Cybersecurity" questions along with Jon's unique insight on the “How” on this Industrial Talk interview! Finally, get your exclusive free access to the https://industrialtalk.com/wp-admin/inforum-industrial-academy-discount/ (Industrial Academy) and a series on “https://industrialtalk.com/why-you-need-to-podcast/ (Why You Need To Podcast)” for Greater Success in 2022. All links designed for keeping you current in this rapidly changing Industrial Market. Learn! Grow! Enjoy! JON CLAY'S CONTACT INFORMATION: Personal LinkedIn: https://www.linkedin.com/in/jon-clay-0880512/ (https://www.linkedin.com/in/jon-clay-0880512/) Company LinkedIn: https://www.linkedin.com/company/trend-micro/ (https://www.linkedin.com/company/trend-micro/) Company Website: https://www.trendmicro.com/en_us/business.html (https://www.trendmicro.com/en_us/business.html) PODCAST VIDEO: https://youtu.be/hJdL5mJNoZY THE STRATEGIC REASON "WHY YOU NEED TO PODCAST": https://industrialtalk.com/why-you-need-to-podcast/ () OTHER GREAT INDUSTRIAL RESOURCES: NEOM:  https://www.neom.com/en-us (https://www.neom.com/en-us) Hitachi Vantara: https://www.hitachivantara.com/en-us/home.html (https://www.hitachivantara.com/en-us/home.html) Industrial Marketing Solutions:  https://industrialtalk.com/industrial-marketing/ (https://industrialtalk.com/industrial-marketing/) Industrial Academy: https://industrialtalk.com/industrial-academy/ (https://industrialtalk.com/industrial-academy/) Industrial Dojo: https://industrialtalk.com/industrial_dojo/ (https://industrialtalk.com/industrial_dojo/) We the 15:https://www.wethe15.org/ ( https://www.wethe15.org/) YOUR INDUSTRIAL DIGITAL TOOLBOX: LifterLMS: Get One Month Free for $1 – https://lifterlms.com/ (https://lifterlms.com/) Active Campaign: https://www.activecampaign.com/?_r=H855VEPU (Active Campaign Link) Social Jukebox: https://www.socialjukebox.com/ (https://www.socialjukebox.com/) Industrial Academy (One Month Free Access And One Free License For Future Industrial Leader): https://industrialtalk.com/wp-admin/inforum-industrial-academy-discount/ () Business Beatitude the Book Do you desire a more joy-filled, deeply-enduring sense of accomplishment and success? Live your business the way you want to live with the BUSINESS BEATITUDES...The Bridge connecting sacrifice to success. YOU NEED THE BUSINESS BEATITUDES! TAP INTO YOUR INDUSTRIAL SOUL, RESERVE YOUR COPY NOW! BE BOLD. BE BRAVE. DARE GREATLY AND CHANGE THE WORLD. GET THE BUSINESS BEATITUDES! https://industrialtalk.com/business-beatitude-reserve/ ( Reserve My Copy and My 25% Discount) PODCAST TRANSCRIPT: Thu, 6/30 6:51PM • 44:47 SUMMARY KEYWORDS network, work, cybersecurity, organization, trend micro, companies, attack, tx, scott, backdoors, digital transformation, industry, threat, cyber, targeting, people, systems, critical infrastructure, build, ransomware 00:00 Hey industrial Talk is brought to you by CAP logistics. You want to minimize downtime. Absolutely increase reliability, you bet ensure operational profitability. Yes you do. That means you need 24/7 365 insights into your supply chain look no further cap logistics go to cap logistics.com Or just call them they're great people 800-227-2471 also TX one now you know cybersecurity is important if you're on this digital transformation journey, TX one networks has the solutions for you. And you're saying to yourself, Scott, they're going to be complex, they're going to be difficult. No TX one's taken that into consideration. And they provide a suite of solutions that truly meet your cybersecurity needs. Go out to TX, one dash networks.com and find out more, you're not going to be disappointed. 01:05 Welcome to the industrial talk podcast with Scott Mackenzie. Scott is a

As the business environment rapidly evolves, so does the accounting profession. In this episode, we're highlighting some of the areas that are growing in popularity and will become topics accountants need to contend with in the near future. We spoke to three experts and you can hear their episode in full here:  "What accountants should know about ESG" https://podcasts.apple.com/us/podcast/what-accountants-should-know-about-esg/id1377649472?i=1000562412394   "The evolution of work continues to speed up"  https://podcasts.apple.com/us/podcast/the-evolution-of-work-continues-to-speed-up/id1377649472?i=1000558194225   "Cybersecurity practices to follow in 2022"  https://podcasts.apple.com/us/podcast/cybersecurity-practices-to-follow-in-2022/id1377649472?i=1000551325549    Register for the accounting shows here: https://ohiocpa.com/cpe/featured-learning 

The digital revolution has significantly changed how the real estate industry does business, exposing Realtors® to digital security breaches. So, we're glad to have tech expert Burton Kelso back in this informative episode about online security for real estate agents. Plus, you'll hear a bizarre but entertaining conversation about chickens, raccoons, movies, and orange trees!   Key takeaways to listen for Why do hackers target the accounts of real estate professionals? 2 ways people are scammed on social networks The best advice to keep your social media accounts safe When is the right time to get identity theft protection software? Common internet security errors made by Realtors® and how to solve them   Resources mentioned in this episode NSA Influence Conference BlackNSA Undercover Brother | Blu-ray and Prime Video Crazy Sh*T In Real Estate #251: Burton Kelso Part 1 Crazy Sh*T In Real Estate #252: Burton Kelso Part 2 LifeLock Norton AOL Google Voice Whatsapp   About Burton Kelso Burton is a keynote speaker for technology and cybersecurity who has appeared on TV as a guest tech expert and consumer products expert. He is also the owner and Chief Tech Expert at Integral. He helps people overcome the frustrations and complexities of computers and technology, allowing them to explore new ideas, experiences, and opportunities. He adores technology and is dedicated to making technology simple, safe, and enjoyable.   Connect with Burton Website: Burton Kelso Facebook: Burton Kelso, The Technology Expert Instagram: @burtonkelso Twitter: @BurtonKelso TikTok: @burtonkelso LinkedIn: Burton Kelso, Technology Expert Email: burton@burtonkelso.com   Connect with Leigh Please subscribe to this podcast on iTunes or the Podcasts App on your phone, and never miss a beat from Leigh by visiting https://leighbrown.com. DM Leigh Brown on Instagram @ LeighThomasBrown. Subscribe to Leigh's other podcast Real Estate From The Rooftops! Sponsor Leigh Brown University Enroll NOW to start scaling YOUR Real Estate business! Link: https://www.leighbrownuniversity.com/advanced

Host Karl chats with Richard Tallman & Michael Reeves of BitDefender.  Richard Tallman is a 20+ year veteran in the technology industry merging the physical & virtual worlds under one umbrella. At Bitdefender, he manages Global Cloud Markets & Managed Service Providers (MSP) working directly with the Remote Monitoring & Management (RMM) Platforms and Cloud & Distribution Marketplaces. Prior to Bitdefender, Richard led the charge at some of the biggest technology companies in the world to streamline and secure customer and partner application enhancements to the cloud for both on and off premise solutions. When not at work he enjoys spending time with his wife and two children while sharing his love of beach volleyball, mountain biking and surfing.  Michael Reeves is the CISSP - Technical Director, Cloud & MSP at BitDefender. With over 22 years in the industry, Mike is a true pioneer of cloud security. His ability to translate engineering concepts to a business audience is unmatched. He enjoys spending time with his family, playing bass guitar, and four wheeling in his Jeep - especially at the same time!   Bitdefender is a cybersecurity leader delivering best-in-class threat prevention, detection, and response solutions worldwide. Guardian over millions of consumer, business, and government environments, Bitdefender is one of the industry's most trusted experts for eliminating threats, protecting privacy and data, and enabling cyber resilience. With deep investments in research and development, Bitdefender Labs discovers over 400 new threats each minute and validates around 40 billion daily threat queries. The company has pioneered breakthrough innovations in antimalware, IoT security, behavioral analytics, and artificial intelligence, and its technology is licensed by more than 150 of the world's most recognized technology brands. Launched in 2001, Bitdefender has customers in 170+ countries with offices around the world.  In this edition of SMBCP, we briefly overview the current threat landscape for MSPs and SMBs and how these segments are impacted by the current market trends.  Skills gap, complex tooling, alert fatigue, insufficient or poor onboarding all lead to slow provisioning and license restrictions. Richard and Michael discuss how an MDR service can address these struggles.  Resources and links:  https://www.bitdefender.com Blog: MDR—What is it and Why Should SMBs Care? https://businessinsights.bitdefender.com/mdr-what-is-it-and-why-should-smbs-care Article (MSPs): 10 Things MSPs Should Know About Cybersecurity Insurance https://connect.comptia.org/blog/10-things-msps-should-know-about-cybersecurity-insurance   Sponsor Memo: Acronis  Are you still relying on a frustrating patchwork of legacy solutions? Modernize your cybersecurity and data protection with Acronis Cyber Protect Cloud. It's a single solution that combines backup, anti-malware, and endpoint protection management. As an MSP, you can easily improve clients' security posture, eliminate complexity, and generate more recurring revenue. Learn more about Acronis Cyber Protect Cloud at Acronis.com   :-) 

Who's your ideal client and what's the biggest challenge they face?What are the common mistakes people make when trying to solve that problem?What is one valuable free action that our audience can implement that will help with that issue?What is one valuable free resource that you can direct people to that will help with that issue?What's the one question I should have asked you that would be of great value to our audience?When was the last time you experienced Goosebumps with your family and why?Path to ProfitabilityGet in touch with Kristen:  Website, Instagram, FacebookLearn more about how Uwe helps in-demand professionals and their VIPs to get back their family mojo, double their financial security, and live in abundance in all areas of their life (without feeling guilty or constantly questioning themselves): Visit www.uwedockhorn.com. Or when you feel you'd be interested in working together you can Book A Chat With Uwe

Its New Phone Day: Time to Migrate Your MFA https://isc.sans.edu/forums/diary/Its+New+Phone+Day+Time+to+migrate+your+MFA/28800/ Managing Human Risk Security Awareness Report https://go.sans.org/lp-wp-2022-sans-security-awareness-report Microsoft Azure Service Fabric Container Elevation of Privilege Vulnerability https://unit42.paloaltonetworks.com/fabricscape-cve-2022-30137/#The-Vulnerability https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-30137 Zimbra RCE Vulnerability https://blog.sonarsource.com/zimbra-pre-auth-rce-via-unrar-0day/ FBI Warns of Deep Fakes Beeing Used in Job Interviews https://www.ic3.gov/Media/Y2022/PSA220628

Episode 181 of the Unsecurity Podcast is now live! This week, Evan sits down to host the show one last time. Joined by Oscar Minks and Brad Nigh, who will be taking the reins, the trio looks back through almost 3 years of the podcast, security conferences, this year's DEFCON event, and more!Give episode 181 a listen or watch and send any questions, comments, or feedback to unsecurity@protonmail.com.

Peggy talks all about manufacturing on the first segment. She says in today's world with broken supply chains and soaring costs, we need effective manufacturing practices now more than ever before. She also discusses: A new report that suggests manufacturing is data rich but information poor. Challenges that still exist in the manufacturing industry today. How manufacturers can move toward being data transformers. peggysmedleyshow.com  (6/28/22 - 777) IoT, Internet of Things, Peggy Smedley, artificial intelligence, machine learning, big data, digital transformation, cybersecurity, blockchain, 5G, cloud, sustainability, future of work, podcast This episode is available on all major streaming platforms. If you enjoyed this segment, please consider leaving a review on Apple Podcasts.

Peggy and Rohit Malpani, consultant, World Health Organization, talk about the latest healthcare trends. He says different countries can try to tackle issues separately, but there is a large level of interdependence that countries have with each other when it comes to pandemics, climate change, and even AI (artificial intelligence). They also discuss: How the COVID-19 pandemic impacted the focus to address AIDS, tuberculosis, and malaria and bring countries into universal health coverage. How the pharmaceutical industry is changing from developing medicines we have relied on for the last 100 years to medicines that use new technologies. The growing use of artificial intelligence in healthcare, which is about automation of healthcare that can provide significant benefits, but also disruptions. who.int  (6/28/22 - 777) IoT, Internet of Things, Peggy Smedley, artificial intelligence, machine learning, big data, digital transformation, cybersecurity, blockchain, 5G, cloud, sustainability, future of work, podcast, Rohit Malpani, World Health Organization This episode is available on all major streaming platforms. If you enjoyed this segment, please consider leaving a review on Apple Podcasts.

Peggy and Danielle McGeary, vice president, healthcare technology management, AAMI, talk about why healthcare technology management is so important. She says it is the unsung hero of healthcare, making sure all the medical technology and equipment is working behind the scenes and is available when clinicians and patients need it the most. They also discuss: How they helped make sure technology was up and running during the pandemic. The aging workforce and how more than 60% of the field is over 50 and getting ready to retire, with a weak pipeline coming into the field. How we get past the challenges that currently exist in healthcare technology management. aami.org  (6/28/22 - 777) IoT, Internet of Things, Peggy Smedley, artificial intelligence, machine learning, big data, digital transformation, cybersecurity, blockchain, 5G, cloud, sustainability, future of work, podcast, Danielle McGeary, AAMI This episode is available on all major streaming platforms. If you enjoyed this segment, please consider leaving a review on Apple Podcasts.

This episode reports on the updating of two important vulnerabilities list, a warning to Kubernetes administrators, a U.S. regulator punishes the current and former owners of a website for a data breach and SOHO routers being targeted

Who's your ideal client and what's the biggest challenge they face?What are the common mistakes people make when trying to solve that problem?What is one valuable free action that our audience can implement that will help with that issue?What is one valuable free resource that you can direct people to that will help with that issue?What's the one question I should have asked you that would be of great value to our audience?When was the last time you experienced Goosebumps with your family and why?Conversational IntelligenceGet in touch with Michael:  Website, YouTube, LinkedInLearn more about how Uwe helps in-demand professionals and their VIPs to get back their family mojo, double their financial security, and live in abundance in all areas of their life (without feeling guilty or constantly questioning themselves): Visit www.uwedockhorn.com. Or when you feel you'd be interested in working together you can Book A Chat With Uwe

Living in the Information Age means that we have a wide world of knowledge and networks at our fingertips, but where do we find that balance between enlightenment and exhaustion? If you're weary from doomscrolling and tired of putting bandaids on burnout, you'll want to hear what Chloé Messdaghi has to say about maintaining sanity in the security industry. Join Chloé as she kicks off her latest gig as the co-host of the 401 Access Denied podcast, where she will share insights on prioritizing mental health support and positive leadership in cybersecurity. Follow us on Social!! ~Cybrary Twitter ~Delinea Twitter ~Instagram ~Facebook ~YouTube ~Cybrary LinkedIn ~Delinea LinkedIn

In this podcast, me and a close friend of mine, Koshal Makhija have a discussion on Cyber Security; What was it like in school, what is it like now in the industry and why is it important. Koshal also gives advice to anyone who wants to join the field of cyber security and what resources are freely available in order to make that decision. I hope this podcast is insightful and I hope you enjoy it as much as we did.

Possible Scans for HiByMusic Devices https://isc.sans.edu/forums/diary/Possible+Scans+for+HiByMusic+Devices/28796/ OpenSSL Heap Overflow https://guidovranken.com/2022/06/27/notes-on-openssl-remote-memory-corruption/ https://github.com/openssl/openssl/issues/18625#issuecomment-1165012549 ZuoRat MalwareHijacking Home Office Routers https://blog.lumen.com/zuorat-hijacks-soho-routers-to-silently-stalk-networks/

Software development and hardware manufacturing has become increasingly globalized over the last 10 years. A single application can contain hundreds, or even thousands, of software components sourced from just as many vendors located all over the world. And each one of these components presents a potential entry point for attack. As evidenced by the Solar Winds hack, the lack of transparency in our supply chains represents a significant impediment to securing the United States' IT systems . The Biden Administration said as much with last year's Executive Order 14028, "Improving the Nation's Cybersecurity".Now, a year later, federal agencies are beginning to roll out new requirements and guidelines for contracting firms to improve the integrity of these IT supply chains and reduce systemic risk. As with much of cybersecurity, this will require comprehensive efforts throughout the federal technology ecosystem, and a careful balancing of security and ease of use.This week, The Buzz is joined by Leo Alvarez, Principal at Baker-Tilly and member of ACT-IAC's Cybersecurity Supply Chain Risk Management (C-SCRM) Working Group. He shares some insights on what effective C-SCRM strategies look like and how these new requirements will affect the acquisitions process.Referenced in this episode:CISA C-SCRM Task ForceNIST C-SCRM PracticesACT-IAC Acquisitions C-SCRM Working GroupSubscribe on your favorite podcast platform to never miss an episode! For more from ACT-IAC, follow us on Twitter @ACTIAC or visit http://www.actiac.org.

20220628 - Dustin Carmack On The Cyber Security Front That Russia And China Continue To Exploit by Kevin McCullough Radio

A daily look at the relevant information security news from overnight - 27 June, 2022Episode 253 - 27 June 2022BBVA 2FA Clone- https://thehackernews.com/2022/06/new-android-banking-trojan-revive.html ICS ShadowPad - https://www.bleepingcomputer.com/news/security/microsoft-exchange-bug-abused-to-hack-building-automation-systems/LockBit Bounty- https://www.pcmag.com/news/ransomware-gang-offers-bug-bounty-promises-payouts-up-to-1-millionRaccoon 2.0 - https://www.bleepingcomputer.com/news/security/raccoon-stealer-is-back-with-a-new-version-to-steal-your-passwords/OpenSSL Bad Memory - https://www.theregister.com/2022/06/27/openssl_304_memory_corruption_bug/?td=rt-3aHi, I'm Paul Torgersen. It's Tuesday June 28th, 2022, and I want to say a quick thank you as I have just passed 100 subscribers on YouTube. Which is great, but let's not stop there. If you find this valuable, please share with your networks and colleagues. Let's see if we can't add a zero or two to that number. And now, this is a look at the information security news from overnight. From TheHackerNews.comA new Android banking trojan called Revive has been discovered specifically targeting users of the Spanish financial services company BBVA. Phishing campaigns push a look alike website where victims download an app which impersonates the bank's two factor authentication app. Italian cybersecurity firm Cleafy first spotted the malware in mid June, and says it appears to be in its early stages of development. From BleepingComputer.com:A new Chinese-speaking threat actor is hacking into the building automation systems of several Asian organizations and loading the ShadowPad backdoor. The group focused on devices that have not yet patched the Microsoft Exchange vulnerability collectively known as ProxyLogon. According to Dutch research, there are about 46,000 such machines. Kaspersky believes the group is ultimately hunting for sensitive information. From PCMag.com:In what seems to be a first, the LockBit ransomware group has launched a bug bounty program. Evidently they have been successful enough to be able to afford to buy new zero-days. Their current rates run from $1,000 to $1 million, although the million bucks for is you can dox the LockBit leader. If this is compelling to any of you, keep in mind that the main targets for this group are healthcare and education, two of the most vulnerable populations out there. Do you really want to help somebody like that? From BleepingComputer.com:I mentioned last week that the Raccoon Stealer group had temporarily shuttered operations after one of their leaders was killed in the Russian invasion of Ukraine. Well, they're back in action with 2.0, a new and completely re-coded version of their malware offering elevated password-stealing functionality and upgraded operational capacity. Details in the article. And last today, from TheRegister.comOpenSSL 3.0.4 was released on June 21 to address a command-injection vulnerability that they hadn't quite completely patched earlier. Unfortunately, the new release contains a memory corruption which can be triggered trivially by an attacker. This targets the Intel Advanced Vector Extensions 512, or AVX512. The researcher said that if this bug can be exploited remotely, and they are not certain yet that it can, it could be more severe than Heartbleed, at least from a purely technical point of view. Details in the link. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Has a Google AI chatbot become sentient? And will a U.S. ban on the sale of location and health data make a difference? Join us this episode to find out, as we discuss everything from savory croissants to cross-site browser cookies.

Ryan O'Hara is an entrepreneur, cybersecurity expert and founder of Sphinx Cybersecurity, an IT and Cybersecurity service provider in Dearborn, Michigan.

Ron Gula, President and Co-Founder of Gula Tech Adventures, has a very specific goal: To defend the country in cyberspace by investing in companies and nonprofits that help close the gap in technology and the workforce.  He also knows that in order to successfully achieve this goal, organizations must understand the basics of data protection.  Today, Ron joins the show to talk about the mindset shift that can start in the information security disciplines through communication.  Join us as we also discuss: The importance of asking the right questions of business owners Building a trusted ecosystem within the information security disciplines Creating a measure of security to determine the safety of your company's data The small business IT shops defining corporate America To hear this episode, and many more like it, you can subscribe to The Virtual CISO Podcast here. If you don't use Apple Podcasts, you can find all our episodes here. Listening on a desktop & can't see the links? Just search for The Virtual CISO Podcast in your favorite podcast player.

Who's your ideal client and what's the biggest challenge they face?What are the common mistakes people make when trying to solve that problem?What is one valuable free action that our audience can implement that will help with that issue?What is one valuable free resource that you can direct people to that will help with that issue?What's the one question I should have asked you that would be of great value to our audience?When was the last time you experienced Goosebumps with your family and why?Four Interpersonal Motivators: Reduce Threat and Support Your Team in Turbulent TimesGet in touch with Patty:  Website, Podcast, LinkedInLearn more about how Uwe helps in-demand professionals and their VIPs to get back their family mojo, double their financial security, and live in abundance in all areas of their life (without feeling guilty or constantly questioning themselves): Visit www.uwedockhorn.com. Or when you feel you'd be interested in working together you can Book A Chat With Uwe

¡Aprende SecTY! La importancia de las organizaciones en la educación continua en la industria de la tecnología Hoy en día existen varias maneras de adquirir conocimiento y educarte de manera continua. Sin embargo, hay organizaciones que nos ayudan de gran manera con muchos beneficios. Escucha y disfruta de la entrevista a 4 profesionales en representación de las organizaciones como; ISACA PR, WOMCY, HIMSS PR y PMI PR.   Información sobre cada organización: ISACA PR (Information Systems Audit and Control Association): https://www.isaca.org/membership http://www.isacapuertorico.com/ @ISACAPR en Instagram y Facebook, LinkedIn: https://www.linkedin.com/company/isaca-de-puerto-rico/ TikTok: @isacapr   Twitter @isacapr2014   WOMCY (Latam Women in Cybersecurity) https://womcy.org/ https://womcy.org/membership/ @WOMCY en Instagram y Facebook LinkedIn: https://www.linkedin.com/company/womcy/ Twitter: @lwomcy   HIMSS PR (Healthcare Information and Management Systems Society) http://pr.himsschapter.org/ https://www.himss.org/ https://www.himss.org/membership-types/individual @HIMSSPR en Instagram y Facebook LinkedIN: https://www.linkedin.com/in/himsspuertoricochapter/ Twitter: @HimssRico   PMI PR (Project Management Institute Puerto Rico) https://pmipr.org https://pmipr.org/quiero-ser-miembro/ @pmi.pr en Instagram @PMIPuertoRico en Facebook LinkedIN: https://www.linkedin.com/company/projectmanagementinstitute/ Twitter: @PMInstitute   La entrevista completa puedes verla Suscribiéndote en nuestro canal de YouTube Aprende SecTY: https://www.youtube.com/channel/UC1E9yilgLf5HZMQVDf_ViRw   Anótate para el taller “Como hacer backup en la nube de manera segura utilizando MS OneDrive”: Anótate AQUI àhttps://aprendesecty.com/tallerbackupenlanube Si deseas capacitar a tus empleados sobre seguridad de información en tu negocio, escríbeme a itsec@sectycs.com para poder ayudarte porque ofrecemos capacitación de seguridad a grupos de usuarios para pequeños negocios. Recuerda: Entra a nuestra página de Aprende SecTY https://www.aprendesecty.com  para que puedas obtener las guías, tips y pasos que ya he compartido anteriormente de manera GRATIS. Síguenos en Facebook, Instagram, Twitter y LinkedIN como: @SecTYCS Envíame tus preguntas o recomendaciones a: itsec@sectycs.com Deja tu reseña en iTunes/Apple Podcast y compártelo con personas que necesiten mejorar la seguridad en su negocio y en su vida. Puedes escucharnos también por medio de: iTunes/Apple Podcast, Spotify, Stitcher, Google Podcast, Amazon Music y iHeartRadio.

The scale and sophistication of cyberattacks are rising exponentially. But so are the levels of investment, innovation and corporate activity in the space. In the latest episode Exchanges at Goldman Sachs, David Campbell, managing director in growth equity in Goldman Sachs Asset Management, and Marco Poletti, Goldman Sachs' head of cybersecurity Investment Banking, discuss the evolution of cyber-technology and the acceleration in investment activity within the cybersecurity space.

Encrypted Client Hello: Anybody Using it Yet? https://isc.sans.edu/forums/diary/Encrypted+Client+Hello+Anybody+Using+it+Yet/28792/ Jenkins Advisory https://www.jenkins.io/security/advisory/2022-06-22/ Instagram Age Verification https://about.fb.com/news/2022/06/new-ways-to-verify-age-on-instagram/ CodeSys V2 Vulnerability https://github.com/ic3sw0rd/Codesys_V2_Vulnerability

Justin Macorin, CTO and Co-founder at Ponsero discussed with me some cybersecurity use cases for NLP and behavioral biometric technology, especially when it comes to phishing and spam!We also discussed AI and ML misconceptions, the importance of quality data sets to train the models and how all of this can help give companies a fighting chance against cyber-criminals. Show Links Check out Ponsero  Connect with Justin-Macorin on LinkedIn  Follow IRONSCALES on LinkedIn or Twitter Connect with Brendon Rod on LinkedIn  -------- CyberSecurity Heroes is brought to you by IRONSCALES. An email security platform powered by AI, enhanced by thousands of customer security teams and built around detecting and removing threats in the inbox. We offer a service that is fast to deploy, easy to operate and is unparalleled in the ability to stop all types of email threats, including advanced attacks like BEC, ATO and more. Learn more at ironscales.com 

Two things to know today Gartner's four predictions for cybersecurity AND Roe v Wade's impact on IT services   Do you want to get the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/   Support the show on Patreon:  https://patreon.com/mspradio/   Want our stuff?  Cool Merch?  Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com   Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/  

Guests: Dave “Merk” Merkel, CEO @ Expel Peter Silberman,  CTO @ Expel Topics: Many MDRs claim to be “security from the cloud”, but they actually don't know much about cloud security. What does good looks like for MDR in the cloud (cloud being a full range from IaaS to SaaS)? What are the key challenges for clients picking an MDR for their cloud environments?  What are the questions to ask your potential MDR? Do clients want the same security outcomes done in the cloud vs on-premise?   Does it mean that MSSP/MDR capabilities must be different for good coverage of the cloud?  Is MDR technology different for Cloud detection and response as opposed to on-prem D&R?  How do you communicate with clients about the importance and value of cloud specific detection vs detection for endpoints running in the cloud?  What are the top threats against client cloud environments that you see, detect and protect from? Which clouds (IaaS?) are easiest for MDR to protect? What makes them easier to handle than the other Clouds? Resources: Who Does What In Cloud Threat Detection? How to Think about Threat Detection in the Cloud Cattle vs Pets reminder Expel Blog - Incident report: Spotting an attacker in GCP  Expel Great eXpeltations 2022: Cybersecurity trends and predictions Expel Quarterly Threat Report: Q1 2022

(Part 2) If you want to land a big money DoD contract, you had better have your cybersecurity ducks in a row. Learn how businesses can shield themselves (and our country) from hackers with nefarious plans, while attaining new levels of compliance that could open doors to receiving lucrative DoD contracts.We invite Scott Singer, President of CyberNINES, to discuss.Connect with Scott here: https://www.linkedin.com/in/scottfsinger/Learn more about CyberNINES: https://cybernines.com/Questions? Comments? Continue the discussion by requesting access to our exclusive WVF Facebook Group.⭐⭐⭐⭐⭐Wisconsin Veterans Forward is brought to you by the Wisconsin Veterans Chamber of Commerce, a nonprofit organization that serves veterans and military families by supporting veteran owned and veteran-friendly businesses throughout the state. On behalf of our members, we serve as an advocate for Wisconsin's veteran business community and promote economic opportunity for military veterans, military families, and veteran-friendly businesses.Follow us on all platforms: https://linktr.ee/Wivetschamber Intro & Outro Themes: Barry Dallas - I'm Gone (https://uppbeat.io/t/barry-dallas/im-gone)Noise Cake - Light It Up (https://uppbeat.io/t/noise-cake/light-it-up)

(Part 1) If you want to land a big money DoD contract, you had better have your cybersecurity ducks in a row. Learn how businesses can shield themselves (and our country) from hackers with nefarious plans, while attaining new levels of compliance that could open doors to receiving lucrative DoD contracts.We invite Scott Singer, President of CyberNINES, to discuss.Connect with Scott here: https://www.linkedin.com/in/scottfsinger/Learn more about CyberNINES: https://cybernines.com/Questions? Comments? Continue the discussion by requesting access to our exclusive WVF Facebook Group.⭐⭐⭐⭐⭐Wisconsin Veterans Forward is brought to you by the Wisconsin Veterans Chamber of Commerce, a nonprofit organization that serves veterans and military families by supporting veteran owned and veteran-friendly businesses throughout the state. On behalf of our members, we serve as an advocate for Wisconsin's veteran business community and promote economic opportunity for military veterans, military families, and veteran-friendly businesses.Follow us on all platforms: https://linktr.ee/Wivetschamber Intro & Outro Themes: Barry Dallas - I'm Gone (https://uppbeat.io/t/barry-dallas/im-gone)Noise Cake - Light It Up (https://uppbeat.io/t/noise-cake/light-it-up)