POPULARITY
Parce que… c'est l'épisode 0x591! Shameless plug 03 au 05 juin 2025 - Infosecurity Europe 27 et 29 juin 2025 - LeHACK 12 au 17 octobre 2025 - Objective by the sea v8 10 au 12 novembre 2025 - IAQ - Le Rendez-vous IA Québec 17 au 20 novembre 2025 - European Cyber Week 25 et 26 février 2026 - SéQCure 2065 Description Contexte et Participants Ce quatrième épisode de collaboration entre “Cyber Citoyen” et “PolySécure” réunit Catherine Dupot-Gagnon et Sam Harper, animé par Nicolas-Loïc Fortin. L'enregistrement fait suite à leur participation au NorthSec (NSec), une conférence de cybersécurité qui vient de se terminer. Retour sur NorthSec 2024 Impressions Générales Catherine exprime son enthousiasme pour NorthSec, qu'elle considère comme sa conférence préférée dans l'écosystème cybersécurité. Elle souligne l'aspect inclusif et accueillant de la communauté, même pour ceux qui ne correspondent pas au profil typique des participants. La diversité et la richesse des conférences, ainsi que l'authenticité des présentations (versus les conférences trop sponsorisées), contribuent à cette appréciation positive. Sam partage cette vision positive, notant que malgré une fatigue initiale, il a apprécié la variété des présentations allant du très technique à la gouvernance. Il souligne particulièrement la présence d'académiques présentant leurs recherches pour la première fois, ce qui enrichit considérablement le contenu. L'événement se distingue par son degré d'inclusion remarquable, comparable selon Nicolas au Blue Team Con de Chicago. Cette atmosphère inclusive est attribuée aux valeurs du comité organisateur qui se propagent naturellement à travers l'événement. Conférence Coup de Cœur : Le Phishing Basé sur des Données Sam présente en détail une conférence particulièrement marquante sur le phishing, adoptant une approche scientifique et non-jugeante. Cette présentation analysait les comportements face aux tentatives de phishing sans blâmer les individus, mais en se concentrant sur les données statistiques. Les résultats révèlent des patterns fascinants : même 5 minutes après une formation sur le phishing, 0,3% des personnes cliquent encore sur les liens malveillants. L'étude montre qu'il est impossible d'atteindre un taux de réussite de 100%, certaines personnes continuant à cliquer indépendamment des formations reçues. Un élément particulièrement intéressant concerne le timing : la plupart des clics se produisent le lundi matin, quand les employés arrivent au travail avec des boîtes de réception pleines. Cette découverte suggère des solutions organisationnelles plutôt que techniques, comme reporter les réunions du lundi matin ou gérer différemment les emails de fin de semaine. Activités Annexes Les participants évoquent également les activités de soudure (badge hacking) et les CTF (Capture The Flag). Cette année, le thème était celui d'un bateau de croisière avec un casino intégré, permettant aux participants d'interagir avec des machines de casino pour découvrir des “flags” cachés. Ces activités offrent des défis variés, incluant des éléments plus “puzzle” accessibles aux non-programmeurs. Actualités Cybersécurité Storm-1516 : Opérations d'Influence Russe Sam présente un rapport détaillé de Viginum, l'agence française de vigilance numérique, sur Storm-1516, une opération d'influence russe active depuis août 2023. Cette analyse de 77 opérations révèle une machine de désinformation sophistiquée. Objectifs et Méthodes Les campagnes visent principalement à discréditer le gouvernement ukrainien, particulièrement Zelensky, tout en s'attaquant à l'opposition russe et aux gouvernements occidentaux. Une vingtaine d'opérations ciblaient spécifiquement des élections (européennes, françaises, américaines, allemandes). Schéma de Diffusion Le rapport détaille un processus en plusieurs étapes : Planification : Rédaction de scripts, recrutement d'acteurs, création de deepfakes et montages vidéo Primo-diffusion : Utilisation de comptes jetables se faisant passer pour des lanceurs d'alerte ou journalistes pigistes Blanchiment : Reprise par des médias étrangers rémunérés, particulièrement en Afrique et Asie, et par des influenceurs payés Amplification : Utilisation de réseaux comme CopyСop pour créer de faux sites d'information Récupération : Reprise finale par les médias pro-russes et l'écosystème occidental sympathisant Implications et Sophistication Catherine fait le parallèle avec le jeu éducatif “Get Bad News” qu'elle utilise dans ses cours sur la désinformation, qui reproduit exactement ces stratégies. La sophistication de ces opérations rend leur détection par les utilisateurs ordinaires quasi impossible, même pour des experts du domaine. Telegram : Coopération Forcée L'arrestation de Pavel Durov, fondateur de Telegram, a marqué un tournant dans la coopération de la plateforme avec les autorités. Environ 5000 requêtes gouvernementales ont abouti à la transmission de données sur 20000 utilisateurs, principalement suite à des demandes françaises et américaines. Contexte et Controverses Catherine souligne l'ironie de la situation : Telegram, qui se vantait d'être une plateforme de libre expression sans contrôle, a rapidement changé de position face aux pressions judiciaires. Elle évoque le scandale des “Nth rooms” en Corée du Sud, où 73 victimes (dont 26 mineures) avaient été exploitées via des salles de conversation Telegram, illustrant les dérives possibles de la liberté d'expression absolue. Débat sur la Liberté d'Expression La discussion révèle la tension fondamentale entre liberté d'expression et protection des droits humains. Sam note que l'anonymat combiné au “free speech” total crée un environnement sans conséquences, favorisant les comportements extrêmes. L'expérience historique montre qu'aucune plateforme de libre expression absolue n'a eu d'issue positive. Catherine et Sam reconnaissent néanmoins l'importance de préserver des espaces de communication sécurisés pour les communautés persécutées (LGBTQ+, dissidents politiques). L'équilibre reste difficile à trouver entre protection des vulnérables et prévention des abus. SignalGate : Nouvelles Préoccupations Nicolas introduit un nouveau volet du “SignalGate” concernant TeleMessage, un client Signal utilisé par des fonctionnaires américains pour la rétention légale des messages. Cette plateforme a été compromise facilement, soulevant des questions sur l'écosystème distribué de Signal. Problème Fondamental Le modèle de sécurité de Signal repose sur la confiance accordée aux clients. Or, rien ne garantit que l'interlocuteur utilise un client légitime. TeleMessage enregistrait tous les messages, contredisant les promesses de confidentialité de Signal. Absence de Réponse Catherine exprime sa déception face au silence de Signal sur cette problématique. Contrairement à leur habitude de communication proactive, l'organisation n'a émis aucun communiqué ni annoncé de solution pour détecter les clients non-officiels. Solutions Techniques Possibles Les participants discutent de solutions potentielles : Signal pourrait alerter les utilisateurs quand leur correspondant utilise un client desktop ou non-officiel. Cette information existe déjà dans le protocole, rendant l'implémentation techniquement faisable. Sam note que l'impact va au-delà : le groupe Distributed Denial of Secrets a publié 410 Go de données extraites de TeleMessage, incluant messages et métadonnées, compromettant potentiellement des lanceurs d'alerte. Réflexions sur l'Écosystème Numérique Gestion du Risque et Éducation La discussion révèle un déficit généralisé dans la compréhension et la gestion du risque numérique. Les participants soulignent que même des personnes éduquées (secrétaires d'État, universitaires) peinent à évaluer correctement les risques liés aux outils qu'ils utilisent. Guillaume insiste sur la nécessité d'intégrer une forme de gestion de risque rapide dans l'usage quotidien des technologies, reconnaissant que l'humain résiste naturellement au changement d'habitudes, même face à des statistiques alarmantes. Évolution des Menaces L'ensemble des sujets abordés illustre une sophistication croissante des menaces, que ce soit dans la désinformation d'État ou l'exploitation des plateformes de communication. Les “gentils” se retrouvent systématiquement en position défensive, avec des moyens limités face à des adversaires qui exploitent efficacement les technologies conçues pour faciliter la communication. Incident du Chicago Sun-Times En conclusion plus légère, Catherine présente le cas du Chicago Sun-Times qui a publié une liste de livres d'été générée par IA, incluant des titres complètement inventés (hallucinations). Cet incident illustre une paresse journalistique préoccupante où l'économie de temps permise par l'IA (réduire 5 jours de travail à 3) ne s'accompagne même pas d'une vérification minimale. Problème de Compréhension des Outils IA Catherine souligne que beaucoup de personnes, même éduquées, ne comprennent pas la différence fondamentale entre une recherche Google (qui indexe du contenu existant) et une requête ChatGPT (qui génère statistiquement des réponses plausibles). Cette confusion contribue à l'acceptation aveugle de contenus générés artificiellement. L'exemple de l'étudiant ayant demandé à ChatGPT une citation de Catherine Dupot-Gagnon, aboutissant à une référence vers un livre inexistant, illustre parfaitement ces dérives. Les modèles IA peuvent également être manipulés, comme l'exemple de Bing temporairement convaincu que l'Australie n'existait pas après avoir été entraîné sur des blagues Reddit. Conclusions et Perspectives Ce podcast révèle un écosystème numérique en mutation profonde, où les technologies conçues pour faciliter la communication et l'accès à l'information sont systématiquement détournées par des acteurs malveillants. Que ce soit les opérations de désinformation d'État, l'exploitation des plateformes de communication, ou la génération de fausses informations par IA, les défis s'accumulent. Les participants identifient plusieurs problèmes structurels : le déficit d'éducation à la gestion du risque numérique, la difficulté à maintenir un équilibre entre liberté d'expression et protection des droits humains, et l'asymétrie fondamentale entre la facilité de créer de fausses informations et la difficulté de les combattre. Malgré ce tableau sombre, l'échange maintient une note d'espoir, rappelant que la sensibilisation et l'éducation restent nos meilleurs outils. L'exemple de NorthSec montre qu'il est possible de créer des espaces inclusifs et constructifs pour aborder ces défis collectivement. La discussion se termine sur une note humoristique évoquant une retraite vers “une cabane dans le bois” avec élevage de brebis et poules pour échapper à la singularité technologique, illustrant avec ironie les sentiments d'impuissance face à l'ampleur des défis identifiés. Collaborateurs Nicolas-Loïc Fortin Catherine Dupont-Gagnon Samuel Harper Crédits Montage par Intrasecure inc Locaux virtuels par Riverside.fm
In episode 133 of Cybersecurity Where You Are, Sean Atkinson is joined by Lauren McFayden, Threat Intelligence Analyst at the Center for Internet Security® (CIS®). Together, they discuss the Distributed Denial of Service (DDoS) hacktivism of DieNet and how the group continues to evolve its Tactics, Techniques, and Procedures (TTPs). Here are some highlights from our episode:01:22. An overview of DieNet and its emergence on Telegram01:55. DDoS attacks and the potential for service disruptions02:55. DieNet's pro-Palestinian ideology and opposition to the 47th U.S. Presidential Administration05:00. U.S. and foreign targets claimed by the group06:30. DieNet's history of claiming attacks against U.S. critical national infrastructure (CNI)10:33. Two pieces of evidence used to partially assess the credibility of a claimed attack15:16. How DieNet v2 suggests an escalation of attack strategies20:43. How the DDoS hacktivist group may continue to evolve its TTPs in subsequent versions23:48. The use of the CIS Critical Security Controls (CIS Controls) to reduce an attack surface25:56. How ThreatWA stands out in keeping you informed about emerging threatsResourcesHacktivist Group DieNet Claims DDoS Attacks against U.S. CNIMS-ISAC Guide to DDoS AttacksThreatWACIS Critical Security Control 1: Inventory and Control of Enterprise AssetsCIS Critical Security Control 2: Inventory and Control of Software AssetsCIS Critical Security Control 3: Data ProtectionEpisode 44: A Zero Trust Framework Knows No EndIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.
March 19, 2025: Troy Ament, Industry Leader for Healthcare at Palo Alto Networks Joins Drex for the News. The conversation delves into the importance of establishing relationships with law enforcement before a crisis occurs and why including them in tabletop exercises is crucial. Troy examines why threat actors deliberately target healthcare systems during weekend hours when staffing is minimal. From DDoS attacks serving as distractions to threat actors contacting board members directly, this episode provides an insider's view of today's cybersecurity landscape.Key Points:03:03 The FBI and Cyber Threats07:36 Ransomware Attack Patterns12:31 Distributed Denial of Service (DDoS) Attacks15:52 Personal and Organizational CybersecurityNews Articles:This is the FBI, open up. China's Volt Typhoon is on your networkInvestigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcementX suffered a DDoS attack. Its CEO and security researchers can't agree on who did it.Subscribe: This Week HealthTwitter: This Week HealthLinkedIn: This Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer
Erweitere dein Wissen über digitale Sicherheit mit "Cybersecurity ist Chefsache".In der neuesten Episode begrüßt Nico Werner die Unternehmenssprecherin der Link11 GmbH, Lisa Fröhlich. Gemeinsam werfen sie einen Blick auf die Welt der DDoS-Angriffe, die zunehmend komplexer und gefährlicher werden.Themen dieser Folge:DDoS erklärt: Was steckt hinter Distributed Denial of Service?Angriffsarten: Von volumetrischen Attacken bis zu Layer-7-Angriffen.IoT-Geräte und Botnetze: Warum die Anzahl der Angriffsressourcen stetig wächst.Die Kosten eines DDoS-Angriffs: Von Reputationsschäden bis zu Traffic-Kosten in der Cloud.Abwehrmaßnahmen: Segmentierung, automatisierte Lösungen und die Zusammenarbeit mit ISPs.Politisch motivierte Angriffe: Wie DDoS für gezielte Ablenkungsmanöver genutzt wird.Lisa teilt spannende Insights aus ihrer Tätigkeit bei Link11, dem Experten für Network Security und Web Protection. Erfahre, wie sich Unternehmen gegen DDoS-Angriffe wappnen können – und warum präventiver Schutz unverzichtbar ist.
Erweitere dein Wissen über digitale Sicherheit mit "Cybersecurity ist Chefsache".In der neuesten Episode begrüßt Nico Werner die Unternehmenssprecherin der Link11 GmbH, Lisa Fröhlich. Gemeinsam werfen sie einen Blick auf die Welt der DDoS-Angriffe, die zunehmend komplexer und gefährlicher werden.Themen dieser Folge:DDoS erklärt: Was steckt hinter Distributed Denial of Service?Angriffsarten: Von volumetrischen Attacken bis zu Layer-7-Angriffen.IoT-Geräte und Botnetze: Warum die Anzahl der Angriffsressourcen stetig wächst.Die Kosten eines DDoS-Angriffs: Von Reputationsschäden bis zu Traffic-Kosten in der Cloud.Abwehrmaßnahmen: Segmentierung, automatisierte Lösungen und die Zusammenarbeit mit ISPs.Politisch motivierte Angriffe: Wie DDoS für gezielte Ablenkungsmanöver genutzt wird.Lisa teilt spannende Insights aus ihrer Tätigkeit bei Link11, dem Experten für Network Security und Web Protection. Erfahre, wie sich Unternehmen gegen DDoS-Angriffe wappnen können – und warum präventiver Schutz unverzichtbar ist.
Erweitere dein Wissen über digitale Sicherheit mit "Cybersecurity ist Chefsache".In der neuesten Episode begrüßt Nico Werner die Unternehmenssprecherin der Link11 GmbH, Lisa Fröhlich. Gemeinsam werfen sie einen Blick auf die Welt der DDoS-Angriffe, die zunehmend komplexer und gefährlicher werden.Themen dieser Folge:DDoS erklärt: Was steckt hinter Distributed Denial of Service?Angriffsarten: Von volumetrischen Attacken bis zu Layer-7-Angriffen.IoT-Geräte und Botnetze: Warum die Anzahl der Angriffsressourcen stetig wächst.Die Kosten eines DDoS-Angriffs: Von Reputationsschäden bis zu Traffic-Kosten in der Cloud.Abwehrmaßnahmen: Segmentierung, automatisierte Lösungen und die Zusammenarbeit mit ISPs.Politisch motivierte Angriffe: Wie DDoS für gezielte Ablenkungsmanöver genutzt wird.Lisa teilt spannende Insights aus ihrer Tätigkeit bei Link11, dem Experten für Network Security und Web Protection. Erfahre, wie sich Unternehmen gegen DDoS-Angriffe wappnen können – und warum präventiver Schutz unverzichtbar ist.
How can artificial intelligence be used in cybersecurity? Matthias and Alexei asked ChatGPT exactly this question and it came up with quite a list of use cases. They go through this list and discuss it. They explore the different forms of AI aside from generative AI, such as non-generative AI and traditional machine learning. They highlight the limitations and risks associated with large language models like GPTs and the need for more sustainable and efficient AI solutions. The conversation covers various AI use cases in cybersecurity, including threat detection, behavioral analytics, cloud security monitoring, and automated incident response. They emphasize the importance of human involvement and decision-making in AI-driven cybersecurity solutions. Here's ChatGPT's list of AI use cases for cybersecurity: AI for Threat Detection: AI analyzes large datasets to identify anomalies or suspicious activities that signal potential cyber threats. Behavioral Analytics: AI tracks user behavior to detect abnormal patterns that may indicate compromised credentials or insider threats. Cloud Security Monitoring: AI monitors cloud infrastructure, detecting security misconfigurations and policy violations to ensure compliance. Automated Incident Response: AI helps automate responses to cyber incidents, reducing response time and mitigating damage. Malware Detection: AI-driven solutions recognize evolving malware signatures and flag zero-day attacks through advanced pattern recognition. Phishing Detection: AI analyzes communication patterns, spotting phishing emails or fake websites before users fall victim. Vulnerability Management: AI identifies system vulnerabilities, predicts which flaws are most likely to be exploited, and suggests patch prioritization. AI-Driven Penetration Testing: AI automates and enhances pen-testing by simulating potential cyberattacks and finding weaknesses in a network. Anomaly Detection in Network Traffic: AI inspects network traffic for unusual patterns, preventing attacks like Distributed Denial of Service (DDoS). Cybersecurity Training Simulations: AI-powered platforms create dynamic, realistic simulations for training cybersecurity teams, preparing them for real-world scenarios. Threat Intelligence: NLP-based AI interprets textual data like threat reports, social media, and news to assess emerging risks. Predictive Risk Assessment: AI assesses and predicts potential future security risks by evaluating system vulnerabilities and attack likelihood.
[Referências do Episódio] [TREND MICRO NO FORRESTER] - https://www.trendmicro.com/explore/forrester-wave-xdr/01054-v1-en-www Security Advisory Ivanti Cloud Service Appliance (CSA) (CVE-2024-8190) - https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Cloud-Service-Appliance-CSA-CVE-2024-8190?language=en_US Attacking PowerShell CLIXML Deserialization - https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization Gomorrah Stealer v5.1: An In-Depth Analysis of a .NET-Based Malware - https://www.cyfirma.com/research/gomorrah-stealer-v5-1-an-in-depth-analysis-of-a-net-based-malware/ CUCKOO SPEAR Part 1: Analyzing NOOPDOOR from an IR Perspective - https://www.cybereason.com/blog/cuckoo-spear-analyzing-noopdoor Stealthy Fileless Attack Targets Attendees of Upcoming US-Taiwan Defense Industry Event - https://cyble.com/blog/stealthy-fileless-attack-targets-attendees-of-us-taiwan-defense-industry-event/ Apple Vision Pro Vulnerability Exposed Virtual Keyboard Inputs to Attackers - https://thehackernews.com/2024/09/apple-vision-pro-vulnerability-exposed.html Distributed Denial of Truth (DDoT): The Mechanics of Influence Operations and The Weaponization of Social Media - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/distributed-denial-of-truth-ddot-the-mechanics-of-influence-operations-and-the-weaponization-of-social-media/ CVE-2024-29847 Deep Dive: Ivanti Endpoint Manager AgentPortal Deserialization of Untrusted Data Remote Code Execution Vulnerability - https://www.horizon3.ai/attack-research/attack-blogs/cve-2024-29847-deep-dive-ivanti-endpoint-manager-agentportal-deserialization-of-untrusted-data-remote-code-execution-vulnerability/ Roteiro e apresentação: Carlos Cabral e Bianca Oliveira Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia
How can artificial intelligence be used in cybersecurity? Matthias and Alexei asked ChatGPT exactly this question and it came up with quite a list of use cases. They go through this list and discuss it. They explore the different forms of AI aside from generative AI, such as non-generative AI and traditional machine learning. They highlight the limitations and risks associated with large language models like GPTs and the need for more sustainable and efficient AI solutions. The conversation covers various AI use cases in cybersecurity, including threat detection, behavioral analytics, cloud security monitoring, and automated incident response. They emphasize the importance of human involvement and decision-making in AI-driven cybersecurity solutions. Here's ChatGPT's list of AI use cases for cybersecurity: AI for Threat Detection: AI analyzes large datasets to identify anomalies or suspicious activities that signal potential cyber threats. Behavioral Analytics: AI tracks user behavior to detect abnormal patterns that may indicate compromised credentials or insider threats. Cloud Security Monitoring: AI monitors cloud infrastructure, detecting security misconfigurations and policy violations to ensure compliance. Automated Incident Response: AI helps automate responses to cyber incidents, reducing response time and mitigating damage. Malware Detection: AI-driven solutions recognize evolving malware signatures and flag zero-day attacks through advanced pattern recognition. Phishing Detection: AI analyzes communication patterns, spotting phishing emails or fake websites before users fall victim. Vulnerability Management: AI identifies system vulnerabilities, predicts which flaws are most likely to be exploited, and suggests patch prioritization. AI-Driven Penetration Testing: AI automates and enhances pen-testing by simulating potential cyberattacks and finding weaknesses in a network. Anomaly Detection in Network Traffic: AI inspects network traffic for unusual patterns, preventing attacks like Distributed Denial of Service (DDoS). Cybersecurity Training Simulations: AI-powered platforms create dynamic, realistic simulations for training cybersecurity teams, preparing them for real-world scenarios. Threat Intelligence: NLP-based AI interprets textual data like threat reports, social media, and news to assess emerging risks. Predictive Risk Assessment: AI assesses and predicts potential future security risks by evaluating system vulnerabilities and attack likelihood.
Elon Musk attributed a delay during a livestream with Donald Trump to a potential cyberattack. The livestream, which started over 40 minutes late, may have been affected by a Distributed Denial-of-Service (DDoS) attack, according to Musk. He noted that the platform had been tested for high traffic but opted to continue with fewer viewers and planned to release the audio afterward. Cybersecurity expert Lisa Plaggemier explained that DDoS attacks involve multiple compromised systems overwhelming a server, resulting in disruptions for websites and applications. These attacks can lead to significant downtime and financial losses for businesses. While the specific cause of the delay remains unconfirmed, Plaggemier highlighted that DDoS attacks commonly disrupt livestreams. High-profile entities such as financial institutions and media companies frequently experience these attacks, with thousands reported daily. This incident reflects ongoing challenges X has faced with its livestream feature.Learn more on this news visit us at: https://greyjournal.net/ Hosted on Acast. See acast.com/privacy for more information.
A global outage affecting Microsoft products, including Outlook and Minecraft, was resolved after nearly 10 hours. The outage, allegedly caused by a Distributed Denial-of-Service (DDoS) attack and a failure in defense implementation, led to thousands of user reports, writes the BBC. It comes less than two weeks after a major global outage left around 8.5 million computers using Microsoft systems inaccessible, impacting healthcare and travel, after a flawed software update by cybersecurity firm CrowdStrike. From what we have seen over the last couple of weeks, we have learned to expect the unexpected more than ever. To witness two major outages in such a short space of time is unprecedented but maybe not entirely independent. Cybercriminals are clearly testing their skill sets at greater lengths, and this needs to reflect on the amount of robust protection that is now required to hold off this next generation of attacks. Guest post by ESET Ireland. You can follow ESET Ireland on X (ex-Twitter), Facebook or LinkedIn for more cybersecurity tips.
The Medcurity Podcast: Security | Compliance | Technology | Healthcare
DDoS attacks are a growing threat to organizations of all sizes. What are they and what impact do they have on you? Tune in to find out. In this episode, we'er covering: Understanding DDoS Attacks: What DDoS attacks are and how they work to disrupt your services. Immediate Impact: The potential damage to business operations, financial losses, and customer trust. DDoS Prevention Essentials: Practical steps and tools every organization should use to safeguard against DDoS attacks. Learn more about Medcurity here: https://medcurity.com
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
Cybersecurity threats are like fashion; wait a few years and they come back in style. The Internet was designed to take a series of digits and resolve them to a website address. This was deemed the Domain Name Service, or DNS. In 1996, we saw the first malicious actor flooding a system with an attack. This was called a Distributed Denial of Service Attack, or DDOS. Over the years new methods of attack have proliferated and DDOS has taken a back seat. However, the number of endpoints has risen exponentially. It certainly looks like we are in a perfect storm to revive good old-fashioned DDOS. During today's interview, Rob San Martin tells the audience that Akamai processes over 11 trillion DNS requests a day and can see trends. According to Akamai's internal threat intelligence, in 2023, 60% of DDOS attacks had a DNS component. Looks like we are Back to the Future! Sean Lyons from Akamai shared an amazing story from last year. A local government was attacked more than 6,000 times. This attack was sustained for over three- and one-half hours. If you work for a federal agency and are looking for an on-premises solution for this problem, you may want to consider Akamai's new offering in hybrid DNS infrastructure security called Shield NS53. Listen to the interview to gain a better understanding of options for controlling DNS issues in your system. = = = Want to leverage you next podcast appearance? www.podscorecard.com Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com
A new report from Zayo unveils a concerning trend in Distributed Denial of Service (DDoS) attacks, indicating a significant increase in intensity and duration throughout 2023. With the average attack lasting 68 minutes and costing businesses nearly half a million dollars on average, the financial toll is staggering. Notably, the shift towards multi-vector attacks adds a new layer of complexity, targeting specific components like IP addresses and email systems with heightened precision, making detection and mitigation increasingly challenging. Industry-specific findings underscore the widespread vulnerability, with telecommunications companies experiencing the highest frequency of attacks, closely followed by sectors such as retail, healthcare, government, and education. In this evolving cyber landscape, characterized by political unrest and hybrid work environments, the need for advanced DDoS protection is paramount. Anna Claiborne, Zayo's Senior VP of Network Connectivity, joins Doug Green to discuss findings from the recent report and how businesses can navigate these challenges. Visit www.zayo.com
Sophisticated phishing attacks targeting Apple users, the challenges of defending Minecraft servers against DDoS attacks, and the hidden dangers of apps turning devices into proxy network nodes. [00:05] - Intro [01:03] - MFA Bombings targeting apple users [05:00] - Crafting Shields: Defending Minecraft Servers Against DDoS Attacks [07:47] - Apps secretly turning devices into proxy network nodes removed from Google PlayOriginal URLs:MFA Bombings targeting Apple users: https://krebsonsecurity.com/2024/03/recent-mfa-bombing-attacks-targeting-apple-users/ Crafting Shields: Defending Minecraft Servers Against DDoS Attacks: https://thehackernews.com/2024/03/crafting-shields-defending-minecraft.html Apps secretly turning devices into proxy network nodes removed from Google Play: https://www.helpnetsecurity.com/2024/03/26/smartphone-apps-proxy-network/Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/Tags: cybersecurity, phishing attacks, Apple security, DDoS attacks, Minecraft, proxy networks, digital defense, tech threats, cybersecurity awareness, app security, network security, online privacy, cybercrime tactics, digital safety, secure gaming, mobile app risks, cyber defense strategies Search Phrases: Latest phishing scams targeting Apple users How to defend Minecraft servers from DDoS attacks Uncovering proxy networks through smartphone apps Strategies for digital defense against cyber threats Awareness and prevention of app-based security risks Cybersecurity tips for Apple device owners Protecting online privacy and security in digital gaming Combatting cybercrime with effective defense tactics Enhancing network security against unauthorized access Safeguarding against mobile app threats and vulnerabilities Transcript: Mar 27 Hey, welcome back to the Daily Decrypt. Attackers are leveraging MFA fatigue by overwhelming Apple users with relentless password reset notifications and cunningly spoofed support calls, significantly compromising their account security and personal information. What steps can individuals take to safeguard against MFA fatigue and these advanced phishing tactics targeting Apple accounts? Minecraft servers are under siege by DDoS attacks, exploiting the game's immense popularity to disrupt service, degrade player experience, and inflict financial and reputational damage on server owners. And security researchers have discovered that popular smartphone apps might be secretly turning your device into a node within a proxy network, exposing users to cyber threats and potentially facilitating criminal activities. How can you tell if your device is part of a proxy network? Stick around to find out. Cyber security researchers have uncovered a sophisticated phishing attack targeting Apple users. Attackers bombard devices with password reset prompts. followed by a fake call from Apple Support in an effort to gain access to Apple IDs and potentially wipe users devices. So, this is one of the oldest tricks in the book. I'm surprised it's taken this long to make headlines. If an attacker has access to your email address, which they likely do. They can attempt to log into, let's say, your Yahoo account, and underneath the login information is a little button that says reset password. When they click that, it will likely reach out to your phone or some other device, or maybe it'll ask security questions, which usually can be searched for and found online. in an attempt to reset your password. Okay, so a little bit on that. Never tell the truth on these security questions. That's my pro tip for the day. Make up a lie and store it in your password manager. So what was my first job? Chef. You know, something that it's not, and then I store that answer in my password manager in a secure note. So I can always reference it. And that way. When someone looks up and finds out that my first job was actually a Jimmy John's delivery driver, and they enter that in, it's wrong. But, to get back on track here, that's all that attackers are doing is they have your email address, which is also your Apple ID, and they're requesting permission to change your password. That's where MFA fatigue comes into play, which is a very common technique you may not have heard of. where attackers send push notifications asking to log in over and over and over and over and over again. All day, all night, you're getting beeps being asked to log in. Eventually, you get so sick of these beeps, psychologically, you're just gonna approve them. So that's what they're doing here. They're requesting a password change, which creates a little push notification on your phone. and they do it hundreds of times. You essentially can't use your phone because you're continuing to get these push notifications. Eventually, you're gonna just give in. Now, don't give in. Instead, go to your desktop computer or some other device that you have and change your Apple ID email address. That way, when they send push notifications to that email address, it's no longer coming to you, you can move on with your life. Make sure you delete the old email address as well. So that's step one. if this starts happening to you. But another piece of general advice is to always beware of unsolicited support calls. Apple's not going to call you, making you change your password. Make sure to verify the identity of the caller as well. So if Apple does call you, hang up the phone. Go find Apple support. It's probably in your iPhone somewhere official. Don't click on an ad for Apple support when you Google it. Find the actual number, call them in, tell them what is happening. They will let you know if it was a scam or if it's real. But now you have verified that you are talking to the real Apple. I think you can even text message with Apple now. Um, so anyone who calls you, never accept a request to reset your password. These attacks do point out a potential flaw in Apple's rate limiting service. Like, there's no reason that this should be making it through this many times, once or twice, and then it should shut down and lock you out, right? I personally have been locked out of my Apple devices for failing to enter my password multiple times. They do not care. They will lock you out of your device. So it's interesting why this is happening. So if, yeah, if you keep up to date with your Apple updates, hopefully this will soon be a thing of the past. Minecraft is a very old but very beloved video game, primarily on PCs, but it involves players to host their own servers that other players can join. Now this can be scaled to As big or as small as you'd like it. Like I've played Minecraft with a couple of my friends and that's it. But there can be hundreds of thousands of players on a single server as well. It's pretty much like an open source game in that realm. Well, This makes it a prime target for DDoS, or Distributed Denial of Service attacks. These attacks aim to disrupt the game by overwhelming servers with a flood of internet traffic, rendering them slow or completely unresponsive. Despite their frequency, many attacks go unnoticed and unreported. underlying a critical need for enhanced vigilance and protection measures. So during a DDoS attack, attackers use a network of compromised computers to send an enormous amount of traffic to a Minecraft server. This deluge of requests overwhelms the server's capacity to respond, leading to login issues, lag, or total server shutdowns. And having been a casual gamer in the online gaming community. People in this community are relentless. If they figure out a way to attack you, they will do it. So the motivations aren't particularly clear. There are Minecraft servers out there that are monetizing, I'm sure, and maybe they pissed someone off and now they're the victim of a DDoS attack. So how do you protect your Minecraft server against this attack? Start with the basics, like updating your server and plugins, install antivirus software, and use secure connections. There are specialized services like G Core DDoS Protection that offer tailored real time safeguards to ensure your gaming experience remains uninterrupted. If you're trying to run a giant Minecraft server, I'd recommend one of these tailored services. You can also set up a VPN, but if you're letting anyone You're really opening the floodgates for DDoS attacks. So like, if you're just running a small Minecraft server, try to use a VPN. It'll be fun to figure out, and then your friends, whom you better trust, can enter into a more secure network. Have you ever faced a DDoS attack on your server? Let us know. We'd love to hear a tweet or a Instagram message from you. Just hearing how it happened and what it looked like. Your smartphone could unwittingly become part of a proxy network through seemingly innocuous app downloads. Apps found on the official or third party stores may rope your device into these networks without explicit consent or knowledge, posing security risks and potential involvement in cybercriminal activities. There was a recent investigation by Human Security's Satori Threat Intelligence team that unveiled a widespread issue where apps, including a VPN service that's been removed by Google, they utilize a library called ProxyLib, or its variants like LumiApps SDK, to enroll devices in proxy networks. These networks can then be used for ad fraud, among other illicit activities, with developers possibly unaware of the underlying functionality. Apps leveraging the LumiApps SDK, freely available and advertised even on the dark web, may not clearly disclose their operations to end users. Such activities could include enrolling your device as a node in a residential proxy network which could be leveraged by threat actors for malicious purposes. So in this context, a proxy network is a system that allows internet traffic to be routed through various devices, such as smartphones, acting as intermediary servers or, quote, nodes. This setup can mask the original source of the traffic, making it appear as if it originates from a different location or device. Proxy networks can often be used for legitimate purposes like anonymizing internet usage for privacy protection or bypassing geo restrictions, or even conducting market research. So when you get an ad for NordVPN or another VPN to mask your IP address, that's being done by a proxy. But if someone has the ability to route their traffic through your device, they can do anything on the internet. including nefarious activities, and make it look like it's you. That is one of the biggest risks of using the dark web because it works in a similar way. On the surface, you probably won't even notice anything's different, maybe a little bit of a slower connection, who knows. But this goes back to my episode yesterday where I cautioned everyone, if you have unused apps, on your phone or on your computer, it's best to delete them because they might have permissions that grant them access to everything on your phone. And the more things that have those permissions, the less secure you are, right? And so the same goes for these apps. It sounds honestly like the developers don't even know that their app is creating this proxy network, like it's a little bit downstream from that. It's a package that they're using to develop. that is a malicious intent. But yeah, always exercise caution too when you're downloading apps, especially from third party sites. Google Play and the Apple App Store offer some level of protection from these apps, but even still, make sure it's an app that you need and will utilize. And when you're done needing it and utilizing it, remove it from your phone or device. And that's all we've got for you today. Thanks so much for listening. Tomorrow we'll be bringing in a guest, dogespan, to talk about some Microsoft stuff. So we're pretty excited about that, but until then, thanks for listening and we'll talk to you tomorrow.
Advanced wiper malware hits Ukraine. Nemesis gets dismantled. Apple deals with an unpatchable vulnerability. FortiGuard rises to the rescue. CISA and FBI join forces against DDoS attacks. US airlines data security and privacy policies are under review. Hackers hit thousands in Jacksonville Beach. Geoffrey Mattson, CEO of Xage Security sits down to discuss CISA's 2024 JCDC priorities. And Hotel keycard locks can't be that hard to crack. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest Geoffrey Mattson, CEO of Xage Security, joins us to discuss CISA's 2024 JCDC priorities. You can connect with Geoff on LinkedIn and learn more about Xage Security on their website and read about the JCDC 2024 Priorities here. Geoff's interview first appeared on March 21st's episode of T-Minus Space Daily. Check out T-Minus here. Selected Reading Sandworm-linked group likely knocked down Ukrainian internet providers (The Record) AcidPour wiper suspected to be used against Ukrainian telecom networks (SC Media) Never-before-seen data wiper may have been used by Russia against Ukraine (Ars Technica) AcidPour | New Embedded Wiper Variant of AcidRain Appears in Ukraine (SentinelOne) F5, ScreenConnect vulnerabilities leveraged in global Chinese cyberattacks (SC Media) Nemesis darknet marketplace raided in Germany-led operation (The Record) Unpatchable vulnerability in Apple chip leaks secret encryption keys (Ars Technica) Exploit Released For Critical Fortinet RCE Flaw: Patch Soon! (GBHackers on Security) CISA & FBI Released Guide to Respond for DDoS Attacks (Cyber Security News) CISA, FBI, and MS-ISAC Release Update to Joint Guidance on Distributed Denial-of-Service Techniques (CISA) US airlines' data security, privacy policies to be under federal review (SC Media) Jacksonville Beach and other US municipalities report data breaches following cyberattacks (The Record) Hackers Found a Way to Open Any of 3 Million Hotel Keycard Locks in Seconds (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.
Ahh, I love the smell of predictive programming in the morning, don't you? Consider the following. In December of 2023, the Netflix production company Higher Ground, run by Barack and Michelle Obama, released the movie ‘Leave The World Behind' about the US government deploying an EMP attack on the American people to wipe out our mobile devices. Since then, the Chinese cyber army successfully hacked into the US power grid, and yesterday the majority of cell phone service all across America was down for 13 hours for reasons still left unexplained.On this episode of the NTEB Prophecy News Podcast, we ask a simple question. Like 2020 before it, is 2024 the year they've selected for another major advance of the New World Order? Lee McKnight, associate professor at Syracuse University in New York, said the widespread nature of yesterday's mobile service outage appears to be ‘a massive Distributed Denial of Service (DDOS) attack on core Internet infrastructure.' I guess the question would be who, or whom, launched the attack, and how soon until the next one? Today we connect the dots of this already over-the-top year of 2024 that is not even 2 months old, and show you just how many dominoes are falling on a daily basis. Remember that another new end-of America movie, ‘Civil War', is queued up and ready for release on April 12th. On top of all this, we have what just may be the most insane presidential election in our history. Now you know why all the tech billionaires are building underground bunkers. Today, all this and much more on the Prophecy News Podcast!
2023 tavaszától rendkívüli mértékben elszaporodtak az úgynevezett DDoS, azaz elosztott túlterheléses (Distributed Denial-of-Service) típusú kibertámadások Magyarországon. Először mintegy 40, majd azután további 10 magyar hírportált ért DDoS támadás. De egyáltalán lehet-e hatékonyan védekezni ezek ellen úgy, hogy ennek ne lássák kárát az oldalak látogatói? Erről beszélgettünk Keleti Arthur IT-biztonsági szakemberrel, az ITBN (Informatikai Biztonság Napja) ... Olvass tovább The post Keleti Arthur IT-biztonsági szakértővel a magyar médiát ért kibertámadásokról, DDoS jellegű túlterhelésekről (Media1, 2023.07.10.) first appeared on Vipcast.hu powered by Media1.
Free, ungated access to all 280+ episodes of “It's 5:05!” on your favorite podcast platforms: https://bit.ly/505-updates. You're welcome to
Distributed Denial of Service attacks, or DDoS, have plagued the Internet for decades. And attackers are finding new ways to take advantage of higher levels of bandwidth and the ever-growing number of network-connected devices. Today on Tech Bytes, sponsored by Nokia, we'll talk about what's brewing on the DDoS front and how Nokia's Deepfield is... Read more »
Distributed Denial of Service attacks, or DDoS, have plagued the Internet for decades. And attackers are finding new ways to take advantage of higher levels of bandwidth and the ever-growing number of network-connected devices. Today on Tech Bytes, sponsored by Nokia, we'll talk about what's brewing on the DDoS front and how Nokia's Deepfield is... Read more »
Distributed Denial of Service attacks, or DDoS, have plagued the Internet for decades. And attackers are finding new ways to take advantage of higher levels of bandwidth and the ever-growing number of network-connected devices. Today on Tech Bytes, sponsored by Nokia, we'll talk about what's brewing on the DDoS front and how Nokia's Deepfield is... Read more »
In this insightful podcast episode, we delve into the world of cybersecurity to equip you with the knowledge and strategies needed to protect your digital assets effectively. Our cybersecurity expert, Ramon Henry, President of Ants Business Solutions, shares practical insights on countering a range of cyber threats, including Distributed Denial of Service (DDoS) attacks, Brute Force attacks, Worms, and more. Discover proactive measures and cutting-edge technologies to safeguard your data and systems. Ramon explores the importance of antivirus software, firewalls, and VPNs, both for individuals and businesses. Learn how to recognize and defend against phishing attacks, gain insights into the vulnerabilities that make executives and directors prime targets, and understand the significance of endpoint security. Tune in to this episode for actionable steps, expert advice, and valuable tips on fortifying your cybersecurity defenses against the ever-evolving landscape of cyber threats. Don't wait until it's too late – empower yourself with the knowledge needed to protect your digital world effectively. Ramon Henry is the IT Vice President at The NeoLiberal Corporation and President at Anyz Business Solutions a partner of The NeoLiberal Corporation. To learn more about how to defend against cyber threats, malware and spyware and or to access any of Antz Business Solutions services, visit them at https://antzbusinesssolutions.com/. Host and Producer: Renaldo McKenzie is President and Chairman at The NeoLiberal Corporation, Adjunct Professor @jtsintersection Jamaica Theological Seminary, Doctoral candidate @georgetownuniversity, a@pennalumni, graduated from @penn, Author of Neoliberalism, Globalization, Income Inequality, Poverty and Resistance and the upcoming Book: Neoliberal Globalization Reconsidered, Neo-Capitaism and the Death of Nations, available at The NeoLiberal Bookstore or any store worldwide in all formats: ebook, paperback, audible and hardcover. This Video Podcast episode is also available in Audio Podcast via any podcast stream such as Apple Podcast, Anchor by Spotify, Spotify, Audible, Amazon Music, Radio Public, Podvine, Google Podcast, iHeartradio etc. You may donate to this podcast to help us grow and promote the podcast by visiting https://anchor.fm/theneoliberal/support. The Neoliberal Corporation is a think tank, digital news media and publishing company providing web and content/academic support to professionals, businesses, schools, churches etc. We are all about: "serving the world today to solve tomorrow's challenges by making popular what was the monopoly! Visit us at: https://renaldocmckenzie.com and https://theneoliberal.com. Subscribe, share, and support our @RenaldoMckenzie @YouTube channel. --- Send in a voice message: https://podcasters.spotify.com/pod/show/theneoliberal/message Support this podcast: https://podcasters.spotify.com/pod/show/theneoliberal/support
Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of Distributed Denial of Service (DDOS) prevention with CyberWire Hash Table guests Steve Winterfeld, Akamai's Field CSO, and Jim Gilbert, Akamai's Director Product Management, and Rick Doten, the CISO for Healthcare Enterprises and Centene. Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083. Azure Network Security Team, 2023. 2022 in review: DDoS attack trends and insights [Website]. Microsoft Security Blog. URL https://www.microsoft.com/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/ Howard, R., 2014. Fatal System Error [Book Review]. Cybersecurity Canon Project. URL https://icdt.osu.edu/fatal-system-error Mashable, 2019. The World's First Cyber Crime: The Morris Worm [KERNEL PANIC] [Video]. YouTube. URL https://www.youtube.com/watch?v=o2dj2gnxjtU (accessed 8.8.23). Montgomery, D., Sriram, K., Santay, D.J., 2022. Advanced DDoS Mitigation Techniques [Website]. NIST. URL https://www.nist.gov/programs-projects/advanced-ddos-mitigation-techniques. Schomp, K., Bhardwaj, O., Kurdoglu, E., Muhaimen, M., Sitaraman, R.K., 2020. Akamai DNS: Providing Authoritative Answers to theWorld's Queries [Conference Paper]. Proceedings of the Annual conference of the ACM Special Interest Group on Data Communication on the applications, technologies, architectures, and protocols for computer communication. URL https://groups.cs.umass.edu/ramesh/wp-content/uploads/sites/3/2020/07/sigcomm2020-final289.pdf Sparling, C., Gebhardt, M., 2022. The Relentless Evolution of DDoS Attacks [Blog]. Akamai Technologies. URL https://www.akamai.com/blog/security/relentless-evolution-of-ddos-attacks. Staff, January 2023. The Evolution of DDoS: Return of the Hacktivist [Akamai White Paper]. FS-ISAC. URL https://www.fsisac.com/akamai-ddos-report. Staff , 2023. 2023 The Edge Ecosystem [White Paper]. AT&T Cybersecurity. URL https://cybersecurity.att.com/resource-center/infographics/2023-securing-the-edge. Winterfeld, S., 2023. Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days [Website]. Akamai Technologies. URL https://www.akamai.com/blog/security/ransomware-on-the-move-evolving-exploitation-techniques Radware, 2012. DNS Amplification Attack [Video. YouTube. URL https://www.youtube.com/watch?v=xTKjHWkDwP0 Chickowski, E., 2020. Types of DDoS attacks explained [Website]. AT&T Cybersecurity. URL https://cybersecurity.att.com/blogs/security-essentials/types-of-ddos-attacks-explained Nilsson, J., 2010. The Book of Numbers: A History of the Telephone Book [Website]. The Saturday Evening Post. URL https://www.saturdayeveningpost.com/2010/02/book-numbers
DDoS or Distributed Denial of Service attacks are growing in frequency, intensity and sophistication, from DDoS malware infected hosts such as drones right through to a range of different server protocol exploitations! The list goes on - but critically DDoS delivery methods are actually largely unchanged via bots and servers. So after recently evaluating a staggering 15.4 Million DDoS attacks alongside launching a superb real-time DDoS Weapons Intelligence Map to help build collective cross-sector intelligence, who better to be joined now than by Paul Nicholson, Sr. Director of Product Marketing at A10 to discuss all the latest! Within this, we share a particular focus on the role of Intelligent Automation, Zero Trust, and Network Monitoring as the 3 critical pillars of an effective and proactive DDoS cyber defense strategy - and tailorable to organizations of all sizes. And we would love your thoughts on the show too - thanks for listening! Sally, Paul and the #TTT TeamPlus please join us on Twitter to continue the conversation! @techradiotttToday's guest on LinkedIn:Paul: http://www.linkedin.com/in/paul-nicholson-9b1851And our host Prof. Sally Eaves on Twitter @sallyeavesAnd LinkedIn http://www.linkedin.com/in/sally-eavesThanks for listening,Sally, Paul and the TTT Team!
In this episode of Tech Talks Daily, I sit down with cybersecurity expert Richard Hummel from NETSCOUT to explore the alarming rise of Distributed Denial of Service (DDoS) attacks in the digital landscape. Richard unveils the key findings from NETSCOUT's 5th Anniversary DDoS Threat Intelligence Report, which provides a comprehensive overview of the new threat landscape. With an average visibility of a staggering 401 Tbps of internet traffic and over two decades of data from more than 500 internet service providers (ISPs), NETSCOUT's ATLAS platform presents crucial insights into the evolving tactics of adversaries. From the emergence of direct-path bot attacks dominating the attack toolkit to the increasing complexity and motivations behind DDoS attacks, Neil and Richard delve into the growing challenges faced by enterprises and service providers alike. Learn about the dangerous trends observed in the second half of 2022, such as the surge in bandwidth and throughput, the prevalence of multi-vector attacks, and the evolving techniques like carpet-bombing and application-layer attacks. Discover how these attacks are affecting various industries, from national security and government to manufacturing, wireless telecommunications, and more. Neil and Richard discuss the critical importance of global visibility in assessing the DDoS threat landscape, enabling organizations to identify trends, prepare for attacks, and implement effective defense strategies. They emphasize the need for adaptive DDoS solutions to combat both short-lived and long-lived attacks, showcasing real-world scenarios where enterprises and service providers can benefit from this approach. Tune in to this informative episode to gain insights into the ever-changing world of DDoS attacks and how NETSCOUT's Threat Intelligence Report offers valuable knowledge to enhance cybersecurity practices. Stay ahead of the evolving threat landscape and protect your organization against the rising tides of DDoS attacks.
Article: https://therightpodcast.substack.com/p/russiancensorfiles?sd=pf Video: Behind Closed Doors: Investigating #RussianCensorFiles Part 2 - YouTube Website: The Right Podcast | politics Buy me a book: The Right Podcast is Videos, Podcasts, Articles and Research Aids. (buymeacoffee.com) Episode two of three. This episode will review topics from Uncovering the Colossal Censorship Hack from Russia - #RussianCensorFiles Part 1 including the Belarusian Cyber Partisans and Distributed Denial of Secrets Collective. It then delves into the actual hacked Russian government (General Radio Frequency Center/Roskomnadzor) datasets showing both original and translated emails, documents, reports, Excel workbooks and more. Chapters: 0:00 Introduction 01:43 Examples of censored information 11:04 Discrediting the use of the Armed Forces of the Russian Federation 13:33 Criticism of Vladimir Putin 15:36 Russian losses in the invasion of Ukraine 16:58 Criticism of the invasion of Ukraine 19:54 Protest 28:47 Opposition 30:00 Non-Traditional Sexual Orientation 32:00 Censorship Methods and Improvement 34:00 Elon Musk 36:00 Conclusion Continued Research: Belarusian Cyber-Partisans: https://t.me/cpartisans Distributed Denial of Secrets: https://ddosecrets.com/wiki/ Crimean Tatar deportation: https://www.baltictimes.com/lithuanian_parliament_recognizes_soviet_crimes_against_crimean_tatars_as_genocide/ Russian Ex-Mercenary Says Kremlin Should Stay Off Foreign Soil By Stuart Williams for AFP and Marine Pennetier for AFP. https://www.themoscowtimes.com/2022/05/12/russian-ex-mercenary-says-kremlin-should-stay-off-foreign-soil-a77653 Torture in pre-trial detention center and dozens of saved lives: a volunteer spoke about the life of occupied Mariupol – Mariupol news. https://donbass.center/pytki-v-sizo-i-desiatki-spasennyh-jiznei-volonter-rasskazal-o-jizni-okkypirovannogo-mariypolia-novosti-mariypolia/ Social media and state repression: The case of VKontakte and the anti-garbage protests in Shies, in Far Northern Russia. https://firstmonday.org/ojs/index.php/fm/article/view/11711/10135 Putin Signs Expanded ‘Foreign Agents' Law. https://www.themoscowtimes.com/2022/07/14/putin-signs-expanded-foreign-agents-law-a78298 Rashism or why russians are the new Nazi - Vladlen Marayev, Julia Bilyk.https://voxukraine.org/en/rashism-or-why-russians-are-the-new-nazi St. Petersburg Spring Telegram: https://t.me/spb_vesna/3622
In Episode 340, Ben and Scott talk about some of the takeaways from the recent DDoS attacks on the Azure Portal, a (new to them) Terraform module for working with Azure AD, and how to start preparing your Microsoft 365 tenant for Microsoft Copilot. Like what you hear and want to support the show? Check out our membership options. Show Notes Microsoft Response to Layer 7 Distributed Denial of Service (DDoS) Attacks AzCopy - Use multiple clients to run jobs in parallel Azure AD intro with Terraform examples Terraform on Azure June Update How to prepare for Microsoft 365 Copilot Overview of update channels for Microsoft 365 Apps Semantic Index for Copilot: Explained by Microsoft How Microsoft 365 Copilot works Microsoft AI help & learning Microsoft Viva and Glint Video https://youtu.be/15ueLjgBESA About the sponsors Intelligink utilizes their skill and passion for the Microsoft cloud to empower their customers with the freedom to focus on their core business. They partner with them to implement and administer their cloud technology deployments and solutions. Visit Intelligink.com for more info.
Fixing audio from previous post. Video link:(2) Uncovering the Colossal Censorship Hack from Russia - #RussianCensorFiles Part 1 - YouTube Episode one of three. This episode will introduce audiences to both the Belarusian Cyber Partisans and Distributed Denial of Secrets Collective. These groups participated in and store one of the largest hacks/leaks of Russian government data regarding censorship. These groups have been called the successor to Wikileaks yet very little has been reported on them in the West. This is especially true for anti-imperialist, anti-censorship and "anti-war" groups on the internet. This episode also covers reporting that has occurred mostly from eastern European outlets. Topics in the leak to be censored range from anti-war protests to the use of artificial intelligence and ocular technology for automating censorship. Cyber Partisans Telegram: https://t.me/cpartisans DDoS page/wiki: https://ddosecrets.com/wiki/Distributed_Denial_of_Secrets Timestamps: 0:00 Who and Why #RussianCensorFiles 03:00 What are the #RussianCensorFiles 0:6:20 Three Episode Overview 07:20 Background on Cyber Partisans and DDoS 013:00 #Censoring on #twitter and ignored by Western "anti-imperialists" and "anti-censorship" accounts. 019:20 Reporting noted on DDoS site 021:40 Categories of censored content 024:15 Top reasons for protest in Russia 026:00 Censorship of anti-war and general protests 029:15 Censoring of independent and outside media in occupied Ukraine 030:50 Censorship of military conscription for mobilization 034:25 Government participation in the unblocking of pro-Russian accounts on social media 037:00 Foreign Agents Designation to individuals 041:00 Organizers of the dissemination of information on the internet status 042:20 Censoring criticism of Vladimir Putin and discussion of his health 043:45 Censoring of non-traditional/moral values aka LGBTQ+ 044:50 Use of bot farms for censorship and proliferation of pro-Russian propaganda 046:45 Proposed use of ocular technology with artificial intelligence to automate censorship 49:40 Example of leaked data. A Power Point describing the development of artificial intelligence to automate censorship. 052:20 Next Episode Sources: Most articles found here under Research https://ddosecrets.com/wiki/RussianCensorFiles#research Also: https://www.wired.com/story/ddosecrets-blueleaks-wikileaks/ https://meduza.io/feature/2021/08/27/belorusskie-kiberpartizany-kazhetsya-vzlomali-bazy-dannyh-mvd-i-uzhe-mesyats-publikuyut-komprometiruyuschuyu-silovikov-informatsiyu https://zona.media/article/2023/02/08/rkn-files
Welcome to another episode of Conf T with your SE! We're excited to bring you a deep dive into Distributed Denial of Service (DDoS) attacks with our hosts Bryan and Tom, and special guests Mike Geller and Bryan Green. In this episode, we cover: Current and Recent DDoS Attacks and Hacktivism: We kick things off with an overview of recent events in the world of DDoS attacks, shining a light on the alarming rise of hacktivism. Reasons for DDoS Campaigns: Understand the motivations behind these malicious actions, from political motivations to cybercrime. Impacts to Businesses and Organizations: We delve into the repercussions of service unavailability, including the need to go out of band – the desperate behaviors that result from DDoS attacks. Pre-Attack Planning: Our guests highlight the importance of having an action plan before the crisis hits. Types of DDoS Attacks: From volumetric attacks to application layer attacks, we break down the different DDoS strategies cybercriminals use. DDoS as a Distraction: We discuss how DDoS attacks can be a smokescreen for a much larger, more devastating attack, and how this can go unnoticed due to resource saturation. The Importance of Defense in Depth: Discover the necessity of a multi-layered security approach to combat DDoS attacks effectively. The Democratization of DDoS Attacks: As barriers to entry lower, sophisticated DDoS attacks are becoming a commodity. We explore this dangerous trend and its implications. Don't miss this insightful discussion, packed with essential advice for fortifying your defenses against the ever-present threat of DDoS attacks! Connect with the Show Like us on Facebook: https://www.facebook.com/conft.show Follow us on Twitter: https://twitter.com/ConftShow
The members of Operation Uplift join Liam Sturgess and Mathew Crawford to explore the concept of the "Distributed Denial of Service (DDoS) attack on the mind."Specifically, we were joined by Cody Porter, Diane Biegel and Gabriel of Libre Solutions Network.Follow Operation Uplift on Substack: https://operationuplift.substack.com/Follow Cody Porter on Substack: https://mootpoint.substack.com/Follow Libre Solutions Network: https://libresolutions.network/---Visit us at https://www.RoundingtheEarth.comJoin our Locals community for supporters-only content: https://roundingtheearth.locals.com/Subscribe to Rounding the Earth on Substack: https://roundingtheearth.substack.com/Follow us on all our platforms:Rumble: https://rumble.com/c/c-1718605Odysee: https://odysee.com/@RoundingtheEarth:8Rokfin: https://rokfin.com/RoundingtheEarthSovren: https://sovren.media/u/roundingtheearth/BitChute: https://www.bitchute.com/channel/roundingtheearth/Brighteon: https://www.brighteon.com/channels/roundingtheearthTwitter: https://www.twitter.com/RoundEarthClub/Visit the Campfire Wiki: https://www.campfire.wiki/
You've probably heard of DDOS (or Distributed Denial of Service attacks). They are a common scourge of the modern web and are something you will occasionally see if you work on a popular product. Read more › The post DDOS Attacks appeared first on Complete Developer Podcast.
Cyber security is no longer an option for small business owners – it's a necessity. Cyber threats are rising, and small businesses must stay ahead of the curve to protect their data and networks from malicious actors. This show will uncover the most dangerous cyber threats to small businesses and what steps you can take to stay secure. Ransomware Attacks Ransomware attacks are one of the most dangerous cyber threats to small businesses. Ransomware is malicious software (malware) that's typically delivered via malicious links or email attachments. Once installed on a network, the ransomware will encrypt all of the data and demand a ransom from the victim before releasing the data. To stay safe from ransomware, all small businesses should educate their employees about the dangers of clicking on malicious links or opening unexpected email attachments. Additionally, businesses should back up their data frequently and ensure that all software is up-to-date. Phishing Scams Phishing is a type of attack designed to steal sensitive information, such as usernames, passwords, and credit card numbers. In phishing attacks, cybercriminals will send out emails pretending to be from a legitimate source, such as a bank or government agency, asking the recipient to click on a malicious link or provide confidential information. To stay safe from phishing attacks, small businesses should educate their employees about the dangers of clicking on suspicious links and ensure that all emails sent out to customers are legitimate. Advanced Persistent Threats (APTs) Advanced persistent threats (APTs) are malicious cyber attacks designed to steal data or sabotage systems. APTs are often targeted and can be challenging to detect and remove. To stay safe from APTs, small businesses should use strong passwords, regularly update their software, and perform regular security audits. Insider Threats Insider threats occur when employees or contractors deliberately or inadvertently exploit the data or resources of a company. To prevent insider threats, small business owners should ensure that all employees and contractors know the company's security policies and procedures. Additionally, businesses should have clear data access and security policies and implement security measures, such as two-factor authentication. Distributed Denial of Service (DDoS) Attacks Distributed denial of service (DDoS) attacks are designed to overwhelm a network with traffic, causing it to become unavailable to legitimate users. To stay safe from DDoS attacks, small businesses should ensure adequate network security measures, such as firewalls and intrusion detection systems. Additionally, companies should have the plan to respond to a DDoS attack, such as enlisting the help of a DDoS protection service. IoT Botnets are networks of Internet-connected devices, such as surveillance cameras and smart thermostats, that are used to send spam or launch denial-of-service attacks. To stay safe from IoT botnets, small business owners should ensure that all Internet-connected devices are up-to-date and properly configured with strong passwords. Additionally, businesses should take steps to monitor and secure their networks, such as using a virtual private network (VPN) or implementing network access control (NAC) systems. In conclusion, small businesses need to stay ahead of the curve regarding cyber security. By understanding the most dangerous cyber threats, companies can take the necessary steps to protect themselves from malicious actors. Additionally, businesses should ensure that their employees have educated on cybersecurity best practices, such as avoiding clicking on suspicious links or opening unexpected email attachments. By staying ahead of the curve, small businesses can protect themselves from cyber threats and ensure the safety of their data and networks.
Lorax Horne from Distributed Denial of Secrets and Arseny join the panel, ChatGPT passes Wharton MBA exam, elected officials object to MSG's use of facial recognition, T-Mobile hacked again, only half of smart appliance owners connect them to the Internet, MA high school smart lights have been on for over a year, Lorax discusses the leak of the no-fly list.
Lorax Horne from Distributed Denial of Secrets and Arseny join the panel, ChatGPT passes Wharton MBA exam, elected officials object to MSG's use of facial recognition, T-Mobile hacked again, only half of smart appliance owners connect them to the Internet, MA high school smart lights have been on for over a year, Lorax discusses the leak of the no-fly list.
We kick off a jam-packed episode of the Cyberlaw Podcast by flagging the news that ransomware revenue fell substantially in 2022. There is lots of room for error in that Chainalysis finding, Nick Weaver notes, but the effect is large. Among the reasons to think it might also be real is resistance to paying ransoms on the part of companies and their insurers, who are especially concerned about liability for payments to sanctioned ransomware gangs. I also note that a fascinating additional insight from Jon DiMaggio, who infiltrated the Lockbit ransomware gang. He says that Entrust was hit by Lockbit, which threatened to release its internal files, and that the company responded with days of Distributed Denial of Service (DDoS) attacks on Lockbit's infrastructure – and never did pay up. That would be a heartening display of courage. It would also be a felony, at least according to the conventional wisdom that condemns hacking back. So I cannot help thinking there is more to the story. Like, maybe Canadian Security Intelligence Service is joining Australian Signals Directorate in releasing the hounds on ransomware gangs. I look forward to more stories on this undercovered disclosure. Gus Hurwitz offers two explanations for the Federal Aviation Administration system outage, which grounded planes across the country. There's the official version and the conspiracy theory, as with everything else these days. Nick breaks down the latest cryptocurrency failure; this time it's Genesis. Nick's not a fan of this prepackaged bankruptcy. And Gus and I puzzle over the Federal Trade Commission's determination to write regulations to outlaw most non-compete clauses. Justin Sherman, a first-timer on the podcast, covers recent research showing that alleged Russian social media interference had no meaningful effect on the 2016 election. That spurs an outburst from me about the cynical scam that was the “Russia, Russia, Russia” narrative—a kind of 2016 election denial for which the press and the left have never apologized. Nick explains the looming impact of Twitter's interest payment obligation. We're going to learn a lot more about Elon Musk's business plans from how he deals with that crisis than from anything he's tweeted in recent months. It does not get more cyberlawyerly than a case the Supreme Court will be taking up this term—Gonzalez v. Google. This case will put Section 230 squarely on the Court's docket, and the amicus briefs can be measured by the shovelful. The issue is whether YouTube's recommendation of terrorist videos can ever lead to liability—or whether any judgment is barred by Section 230. Gus and I are on different sides of that question, but we agree that this is going to be a hot case, a divided Court, and a big deal. And, just to show that our foray into cyberlaw was no fluke, Gus and I also predict that the United States Court of Appeals for the District of Columbia Circuit is going to strike down the Allow States and Victims to Fight Online Sex Trafficking Act, also known as FOSTA-SESTA—the legislative exception to Section 230 that civil society loves to hate. Its prohibition on promotion of prostitution may fall to first amendment fears on the court, but the practical impact of the law may remain. Next, Justin gives us a quick primer on the national security reasons for regulation of submarine cables. Nick covers the leak of the terror watchlist thanks to an commuter airline's sloppy security. Justin explains TikTok's latest charm offensive in Washington. Finally, I provide an update on the UK's online safety bill, which just keeps getting tougher, from criminal penalties, to “ten percent of revenue” fines, to mandating age checks that may fail technically or drive away users, or both. And I review the latest theatrical offering from Madison Square Garden—“The Revenge of the Lawyers.” You may root for the snake or for the scorpions, but you will not want to miss it.
We kick off a jam-packed episode of the Cyberlaw Podcast by flagging the news that ransomware revenue fell substantially in 2022. There is lots of room for error in that Chainalysis finding, Nick Weaver notes, but the effect is large. Among the reasons to think it might also be real is resistance to paying ransoms on the part of companies and their insurers, who are especially concerned about liability for payments to sanctioned ransomware gangs. I also note that a fascinating additional insight from Jon DiMaggio, who infiltrated the Lockbit ransomware gang. He says that Entrust was hit by Lockbit, which threatened to release its internal files, and that the company responded with days of Distributed Denial of Service (DDoS) attacks on Lockbit's infrastructure – and never did pay up. That would be a heartening display of courage. It would also be a felony, at least according to the conventional wisdom that condemns hacking back. So I cannot help thinking there is more to the story. Like, maybe Canadian Security Intelligence Service is joining Australian Signals Directorate in releasing the hounds on ransomware gangs. I look forward to more stories on this undercovered disclosure. Gus Hurwitz offers two explanations for the Federal Aviation Administration system outage, which grounded planes across the country. There's the official version and the conspiracy theory, as with everything else these days. Nick breaks down the latest cryptocurrency failure; this time it's Genesis. Nick's not a fan of this prepackaged bankruptcy. And Gus and I puzzle over the Federal Trade Commission's determination to write regulations to outlaw most non-compete clauses. Justin Sherman, a first-timer on the podcast, covers recent research showing that alleged Russian social media interference had no meaningful effect on the 2016 election. That spurs an outburst from me about the cynical scam that was the “Russia, Russia, Russia” narrative—a kind of 2016 election denial for which the press and the left have never apologized. Nick explains the looming impact of Twitter's interest payment obligation. We're going to learn a lot more about Elon Musk's business plans from how he deals with that crisis than from anything he's tweeted in recent months. It does not get more cyberlawyerly than a case the Supreme Court will be taking up this term—Gonzalez v. Google. This case will put Section 230 squarely on the Court's docket, and the amicus briefs can be measured by the shovelful. The issue is whether YouTube's recommendation of terrorist videos can ever lead to liability—or whether any judgment is barred by Section 230. Gus and I are on different sides of that question, but we agree that this is going to be a hot case, a divided Court, and a big deal. And, just to show that our foray into cyberlaw was no fluke, Gus and I also predict that the United States Court of Appeals for the District of Columbia Circuit is going to strike down the Allow States and Victims to Fight Online Sex Trafficking Act, also known as FOSTA-SESTA—the legislative exception to Section 230 that civil society loves to hate. Its prohibition on promotion of prostitution may fall to first amendment fears on the court, but the practical impact of the law may remain. Next, Justin gives us a quick primer on the national security reasons for regulation of submarine cables. Nick covers the leak of the terror watchlist thanks to an commuter airline's sloppy security. Justin explains TikTok's latest charm offensive in Washington. Finally, I provide an update on the UK's online safety bill, which just keeps getting tougher, from criminal penalties, to “ten percent of revenue” fines, to mandating age checks that may fail technically or drive away users, or both. And I review the latest theatrical offering from Madison Square Garden—“The Revenge of the Lawyers.” You may root for the snake or for the scorpions, but you will not want to miss it.
Micah Lee, a computer security engineer who develops technology to protect whistleblowers, gives his unique thoughts in this episode. He shares why he believes whistleblowers are important to our democracy and how the Espionage Act of 1917 reveals the imbalance in the American justice system. MICAH LEE - BIO Micah Lee is First Look Media's Director of Information Security. He is a computer security engineer and an open-source software developer who writes about technical topics like digital and operational security, encryption tools, whistleblowing, and hacking using language that everyone can understand without dumbing it down. He develops security and privacy tools such as OnionShare, Dangerzone, and semiphemeral. Before joining The Intercept, he worked as a staff technologist at the Electronic Frontier Foundation, where he explained how technologies work to journalists and lawyers, and worked to encrypt the web. He is a founder and former board member of the Freedom of the Press Foundation, a member of the Distributed Denial of Secrets advisory board, and a Tor Project core contributor. Learn more about your ad choices. Visit megaphone.fm/adchoices
Google's new addition: How your SEO plans might have to change. Also: Social commerce comes to connected TV. The move away from time-based agency compensation. Meta shuts down one of its competitor clones. And Elon Musk shuts down Twitter Spaces because people are using it to talk about him.✅ Follow Us on Social MediaIf you like us, you'll love the Ariyh Marketing Science Newsletter — marketing tactics based on science. Get three-minute marketing recommendations based on the latest scientific research from top business schools.
About AndyAndy is on a lifelong journey to understand, invent, apply, and leverage technology in our world. Both personally and professionally technology is at the root of his interests and passions.Andy has always had an interest in understanding how things work at their fundamental level. In addition to figuring out how something works, the recursive journey of learning about enabling technologies and underlying principles is a fascinating experience which he greatly enjoys.The early Internet afforded tremendous opportunities for learning and discovery. Andy's early work focused on network engineering and architecture for regional Internet service providers in the late 1990s – a time of fantastic expansion on the Internet.Since joining Akamai in 2000, Akamai has afforded countless opportunities for learning and curiosity through its practically limitless globally distributed compute platform. Throughout his time at Akamai, Andy has held a variety of engineering and product leadership roles, resulting in the creation of many external and internal products, features, and intellectual property.Andy's role today at Akamai – Senior Vice President within the CTO Team - offers broad access and input to the full spectrum of Akamai's applied operations – from detailed patent filings to strategic company direction. Working to grow and scale Akamai's technology and business from a few hundred people to roughly 10,000 with a world-class team is an amazing environment for learning and creating connections.Personally Andy is an avid adventurer, observer, and photographer of nature, marine, and astronomical subjects. Hiking, typically in the varied terrain of New England, with his family is a common endeavor. He enjoys compact/embedded systems development and networking with a view towards their applications in drone technology.Links Referenced: Macrometa: https://www.macrometa.com/ Akamai: https://www.akamai.com/ LinkedIn: https://www.linkedin.com/in/andychampagne/ TranscriptAnnouncer: Hello, and welcome to Screaming in the Cloud with your host, Chief Cloud Economist at The Duckbill Group, Corey Quinn. This weekly show features conversations with people doing interesting work in the world of cloud, thoughtful commentary on the state of the technical world, and ridiculous titles for which Corey refuses to apologize. This is Screaming in the Cloud.Corey: Forget everything you know about SSH and try Tailscale. Imagine if you didn't need to manage PKI or rotate SSH keys every time someone leaves. That'd be pretty sweet, wouldn't it? With Tailscale SSH, you can do exactly that. Tailscale gives each server and user device a node key to connect to its VPN, and it uses the same node key to authorize and authenticate SSH.Basically you're SSHing the same way you manage access to your app. What's the benefit here? Built-in key rotation, permissions as code, connectivity between any two devices, reduce latency, and there's a lot more, but there's a time limit here. You can also ask users to reauthenticate for that extra bit of security. Sounds expensive?Nope, I wish it were. Tailscale is completely free for personal use on up to 20 devices. To learn more, visit snark.cloud/tailscale. Again, that's snark.cloud/tailscaleCorey: Managing shards. Maintenance windows. Overprovisioning. ElastiCache bills. I know, I know. It's a spooky season and you're already shaking. It's time for caching to be simpler. Momento Serverless Cache lets you forget the backend to focus on good code and great user experiences. With true autoscaling and a pay-per-use pricing model, it makes caching easy. No matter your cloud provider, get going for free at gomomento.co/screaming That's GO M-O-M-E-N-T-O dot co slash screamingCorey: Welcome to Screaming in the Cloud. I'm Corey Quinn. I like doing promoted guest episodes like this one. Not that I don't enjoy all of my promoted guest episodes. But every once in a while, I generally have the ability to wind up winning an argument with one of my customers. Namely, it's great to talk to you folks, but why don't you send me someone who doesn't work at your company? Maybe a partner, maybe an investor, maybe a customer. At Macrometa who's sponsoring this episode said, okay, my guest today is Andy Champagne, SVP at the CTO office at Akamai. Andy, thanks for joining me.Andy: Thanks, Corey. Appreciate you having me. And appreciate Macrometa letting me come.Corey: Let's start with talking about you, and then we'll get around to the Macrometa discussion in the fullness of time. You've been at an Akamai for 22 years, which in tech company terms, it's like staying at a normal job for 75 years. What's it been like being in the same place for over two decades?Andy: Yeah, I've got several gold watches. I've been retired twice. Nobody—you know, Akamai—so in the late-90s, I was in the ISP universe, right? So, I was in network engineering at regional ISPs, you know, kind of cutting teeth on, you know, trying to scale networks and deal with the flux of user traffic coming in from the growth of the web. And, you know, frankly, it wasn't working, right?Companies were trying to scale up at the time by adding bigger and bigger servers, and buying literally, you know, servers, the size of refrigerators. And all of a sudden, there was this company that was coming together out in Cambridge, I'm from Massachusetts, and Akamai started in Cambridge, Massachusetts, still headquartered there. And Akamai was forming up and they had a totally different solution to how to solve this, which was amazing. And it was compelling and it drew me there, and I am still there, 22-odd years in, trying to solve challenging problems.Corey: Akamai is one of those companies that I often will describe to people who aren't quite as inclined in the network direction as I've been previously, as one of the biggest companies of the internet that you've never heard of. You are—the way that I think of you historically, I know this is not how you folks frame yourself these days, but I always thought of you as the CDN that you use when it really mattered, especially in the earlier days of the internet where there were not a whole lot of good options to choose from, and the failure mode that Akamai had when I was looking at it many years ago, is that, well, it feels enterprise-y. Well, what does that mean exactly because that's usually used as a disparaging term by any developer in San Francisco. What does that actually unpack to? And to my mind, it was, well, it was one of the more expensive options, which yes, that's generally not a terrible thing, and also that it felt relatively stodgy, for lack of a better term, where it felt like updating things through an API was more of a JSON API—namely a guy named Jason—who would take a ticket, possibly from Jira if they were that modern or not, and then implement it by hand. I don't believe that it is quite that bad these days because, again, this was circa 2012 that we're talking here. But how do you view what Akamai is and does in 2022?Andy: Yeah. Awesome question. There's a lot to unpack in there, including a few clever jabs you threw in. But all good.Corey: [laugh].Andy: [laugh]. I think Akamai has been through a tremendous, tremendous series of evolutions on the internet. And really the one that, you know, we're most excited about today is, you know, earlier this year, we kind of concluded our acquisition of Linode. And if we think about Linode, which brings compute into our platform, you know, ultimately Akamai today is a compute company that has a security offering and has a delivery offering as well. We do more security than delivery, so you know, delivery is kind of something that was really important during our first ten or twelve years, and security during the last ten, and we think compute during the next ten.The great news there is that if you look at Linode, you can't really find a more developer-focused company than Linode. You essentially fall into a virtual machine, you may accidentally set up a virtual machine inadvertently it's so easy. And that is how we see the interface evolving. We see a compute-centric interface becoming standard for people as time moves on.Corey: I'm reminded of one of those ancient advertisements, I forget, I think would have been Sun that put it out where the network is the computer or the computer is the network. The idea of that a computer sitting by itself unplugged was basically just this side of useless, whereas a bunch of interconnected computers was incredibly powerful. That today and 2022 sounds like an extraordinarily obvious statement, but it feels like this is sort of a natural outgrowth of that, where, okay, you've wound up solving the CDN piece of it pretty effectively. Now, you're expanding out into, as you say, compute through the Linode acquisition and others, and the question I have is, is that because there's a larger picture that's currently unfolding, or is this a scenario where well, we nailed the CDN side of the world, well, on that side of the universe, there's no new worlds left to conquer. Let's see what else we can do. Next, maybe we'll start making toasters.Andy: Bunch of bored guys in Cambridge, and we're just like, “Hey, let's go after compute. We don't know what we're doing.” No. There's a little bit more—Corey: Exactly. “We have money and time. Let's combine the two and see what we can come up with.”Andy: [laugh]. Hey, folks, compute: it's the new thing. No, it's more than that. And you know, Akamai has a very long history with the edge, right? And Akamai started—and again, arrogantly saying, we invented the concept of the edge, right, out there in '99, 2000, deploying hundreds and then to thousands of different locations, which is what our CDN ran on top of.And that was a really new, novel concept at the time. We extended that. We've always been flirting with what is called edge computing, which is how do we take pieces of application logic and move them from a centralized point and move them out to the edge. And I mean, cripes, if you go back and Google, like, ‘Akamai edge computing,' we were working on that in 2003, which is a bit like ancient history, right? And we are still on a quest.And literally, we think about it in the company this way: we are on a quest to make edge computing a reality, which is how do you take applications that have centralized chokepoints? And how do you move as much of those applications as possible out to the edge of the network to unblock user performance and experience, and then see what folks developers can enable with that kind of platform?Corey: For me, it seems that the rise of AWS—which is, by extension, the rise of cloud—has been, okay, you wind up building whatever you want for the internet and you stuff it into an AWS region, and oh, that's far away from your customers and/or your entire architecture is terrible so it has to make 20 different calls to the data center in series rather than in parallel. Great, how do we reduce the latency as much as possible? And their answer has largely seemed to be, ah, we'll build more regions, ever closer to you. One of these days, I expect to wake up and find that there's an announcement that they're launching a new region in my spare room here. It just seems to get closer and closer and closer. You look around, and there's a cloud construction crew stalking you to the mall and whatnot. I don't believe that is the direction that the future necessarily wants to be going in.Andy: Yeah, I think there's a lot there. And I would say it this way, which is, you know, having two-ish dozen uber-large data centers is probably not the peak technology of the internet, right? There's more we need to do to be able to get applications truly distributed. And, you know, just to be clear, I mean, Amazon AWS's done amazing stuff, they've projected phenomenal scale and they continue to do so. You know, but at Akamai, the problem we're trying to solve is really different than how do we put a bunch of stuff in a small number of data centers?It's, you know, obviously, there's going to be a centralized aspect, but there also needs to be incredibly integrated and seamless, moves through a gradient of compute, where hey, maybe you're in a very large data center for your AI/ML, kind of, you know, offline data lake type stuff. And then maybe you're in hundreds of locations for mid-tier application processing, and, you know, reconciliation of databases, et cetera. And then all the way out at the edge, you know, in thousands of locations, you should be there for user interactivity. And when I say user interactivity, I don't just mean, you know, read-only, but you've got to be able to do a read-write operation in synchronous fashion with the edge. And that's what we're after is building ultimately a platform for that and looking at tools, technology, and people along the way to help us with it.Corey: I've built something out, my lasttweetinaws.com threading Twitter client, and that's… it's fine. It's stateless, but it's a little too intricate to effectively run in the Lambda@Edge approach, so using their CloudFront offering is simply a non-starter. So, in order to get low latency for people using it around the world, I now have to deploy it simultaneously to 20 different AWS regions.And that is, to be direct, a colossal pain in the ass. No one is really doing stuff like that, that I can see. I had to build a whole lot of customs tooling just to get a CI/CD system up and working. Their strong regional isolation is great for containing blast radii, but obnoxious when you're trying to get something deployed globally. It's not the only way.Combine that with the reality that ingress data transfer to any of their regions is free—generally—but sending data to the internet is a jewel beyond price because all my stars, that is egress bandwidth; there is nothing more valuable on this planet or any other. And that doesn't quite seem right. Because if that were actively true, a whole swath of industries and apps would not be able to exist.Andy: Yeah, you know, Akamai, a huge part of our business is effectively distributing egress bandwidth to the world, right? And that is a big focus of ours. So, when we look at customers that are well positioned to do compute with Akamai, candidly, the filtering question that I typically ask with customers is, “Hey, do you have a highly distributed audience that you want to engage with, you know, a lot of interactivity or you're pushing a lot of content, video, updates, whatever it is, to them?” And that notion of highly distributed applications that have high egress requirements is exactly the sweet spot that we think Akamai has, you know, just a great advantage with, between our edge platform that we've been working on for the last 20-odd years and obviously, the platform that Linode brings into the conversation.Corey: Let's talk a little bit about Macrometa.Andy: Sure.Corey: What is the nature of your involvement with those folks? Because it seems like you sort of crossed into a whole bunch of different areas simultaneously, which is fascinating and great to see, but to my understanding, you do not own them.Andy: No, we don't. No, they're an independent company doing their thing. So, one of the fun hats that I get to wear at Akamai is, I'm responsible for our Akamai Ventures Program. So, we do our corporate investing and all this kind of thing. And we work with a wide array of companies that we think are contributing to the progression of the internet.So, there's a bunch of other folks out there that we work with as well. And Macrometa is on that list, which is we've done an investment in Macrometa, we're board observers there, so we get to sit in and give them input on, kind of, how they're doing things, but they don't have to listen to us since we're only observers. And we've also struck a preferred partnership with them. And what that means is that as our customers are building solutions, or as we're building solutions for our customers, utilizing the edge, you know, we're really excited and we've got Macrometa at the table to help with that. And Macrometa is—you know, just kind of as a refresher—is trying to solve the problem of distributed data access at the edge in a high-performance and almost non-blocking, developer-friendly way. And that is very, very exciting to us, so that's the context in which they're interesting to our continuing evolution of how the edge works.Corey: One of the questions I always like to ask, and it's usually not considered a personal attack when I asked the question—Andy: Oh, good.Corey: But it's, “Describe what the company does.” Now, at some places like the latter days of Yahoo, for example, it's very much a personal attack. But what is it that Macrometa does?Andy: So, Macrometa provides a worldwide, high-speed distributed database that is resident on what today, you could call the edge of the network. And the advantage here is, instead of having one SQL server sitting somewhere, or what you would call a distributed SQL Server, which is two SQL Servers sitting next to one another, Macrometa has a high-speed data store that allows you to, instead of having that centralized SQL Server, have it run natively at the edge of the network. And when you're building applications that run on the edge or anywhere, you need to try to think about how do you have the data as close to the user or to the access point as possible. And that's the problem Macrometa is after and that's what their products today solve. It's an incredibly bright team over there, a fantastic founder-CEO team, and we're really excited to be working with him.Corey: It wasn't intentionally designed this way as a setup when I mentioned a few minutes ago, but yeah, my Twitter client works across the 20-some-odd AWS regions, specifically because it's stateless. All of the state, other than a couple of API keys at provision time, wind up living in the user's browser. If this was something that needed to retain state in any way, like, you know, basically every real application under the sun, this strategy would absolutely not work unless I wound up with some heinous form of circular replication, and then you wind up with a single region going down and everything explodes. Having a cohesive, coherent data layer that spans all of that is key.Andy: Yeah, and you're on to the classical, you know, CompSci issue here around edge, which is if you have 100 edge regions, how do you have consistent state storage between applications running on N of those? And that is the problem Macrometa is after, and, you know, Akamai has been working on this and other variants of the edge problem for some time. We're very excited to be working with the folks at Macrometa. It's a cool group of folks. And it's an interesting approach to the technology. And from what we've seen so far, it's been working great.Corey: The idea of how do I wind up having persistent, scalable state across a bunch of different edge locations is not just a hard computer science problem; it's also a hard cloud economics problem, given the cost of data transit in a bunch of different directions between different providers. It turns, “How much does it cost?” In most cases to a question that can only be answered by well let's run it for a few days and find out. Which is not usually the best way to answer some questions. Like, “Is that power socket live?” “Let's touch it and find out.” Yeah, there are ways you learn that are extraordinarily painful.Andy: Yeah no, nobody should be doing that with power sockets. I think this is one of these interesting areas, which is this is really right in Akamai's backyard but it's not realized by a lot of folks. So, you know, Akamai has, for the last 20-odd-years, been all about how do we egress as much as possible to the entire internet. The weird areas, the big areas, the small areas, the up-and-coming areas, we serve them all. And in doing that, we've built a very large global fabric network, which allows us to get between those locations at a very low cost because we have to move our own content around.And hooking those together, having a essentially private network fabric that hooks the vast majority of our big locations together and then having very high-speed egress out of all of the locations to the internet, you know, that's been how we operate our business at scale effectively and economically for years, and utilizing that for compute data replication, data synchronization tasks is what we're doing.Corey: There are a lot of different solutions that could be used to solve a lot of the persistent data layer question. For example, when you had to solve a similar problem with compute, you had a few options in front of you. Well, we could buy a whole bunch of computers and stuff them in a rack somewhere because, eh, cloud; how hard could it be? Saner heads prevailed, and no, no, no, we're going to buy Linode, which was honestly a genius approach on about three different levels, and I'm still unconvinced the industry sees that for the savvy move that it was. I'm confident that'll change in time.Why not build it yourself? Or alternately, acquire another company that was working on something similar? Instead, you're an investor in a company that's doing this effectively, but not buying them outright?Andy: Yeah, you know, and I think that's—Akamai is beyond at this point in thinking that it's just about ownership, right? I think that this—we don't have to own everything in order to have a successful ecosystem. You know, certainly, we're going to want to own key parts of it and that's where you saw the Linode acquisition, where we felt that was kind of core. But ultimately, we believe in promoting customer choice here. And there's a pretty big role that we have that we think we can help with companies, such as folks like Macrometa where they have, you know, really interesting technology, but they can use leverage, they can use some of our go-to-market, they can use, you know, some of our, you know, kind of guidance and expertise on running a startup—which, by the way, it's not an easy job for these folks—and that's what we're there to do.So, with things like Linode, you know, we want to bring it in, and we want to own it because we think it's just so compelling, and it fits so well with where we want to go. With folks like Macrometa, you know, that's still a really young area. I mean, you know, Linode was in business for many, many, many years and was a good-sized business, you know, before we bought them.Corey: Yeah, there's something to be said, for letting the market shake something out rather than having to do it all yourself as trailblazers. I'm a big believer in letting other companies do things. I mean, one of the more annoying things, from my position, is this idea where AWS takes a product strategy of, “Yes.” That becomes a bit of a challenge when they're trying to wind up building compete decks, and how do we defeat the competition? And it's like, “Wh—oh, you're talking about the other hyperscalers?” “No, we're talking with the service team one floor away.”That just seems a little on the strange side to—some companies get too big and too expensive on some level. I think that there's a very real risk of Akamai trying to do everything on the internet if you continue to expand and start listing out things that are not currently in your portfolio. And, oh, we should do that, too, and we should do that, too, and we should do that, too. And suddenly, it feels pretty closely aligned with you're trying to do everything.Andy: Yeah. I think we've been a company who has been really disciplined and not doing everything. You know, we started with CDN. And you know, we're talking '98 to 2010, you know, CDN was really our thing, and we feel we executed really well on that. We probably executed quite quietly and well, but feel we executed pretty well on that.Really from 2010, 2012 to 2020, it was all about security, right? And, you know, we built, you know, pretty amazing security business, hundred percent of SaaS business, on top of our CDN platform with security. And now we're thinking about—we did that route relatively quietly, as well, and now we're thinking about the next ten years and how do we have that same kind of impact on cloud. And that is exciting because it's not just centralized cloud; it's about a distributed cloud vision. And that is really compelling and that's why you know, we've got great folks that are still here and working on it.Corey: I'm a big believer in the idea that you can start getting distilled truth out of folks, particularly companies, the more you compress the space they have to wind up saying. Something that's why Twitter very often lets people tip their hands. But a commonplace that I look for is the title field on a company's website. So, when I go over to akamai.com, you position yourself as something that fits in a small portion of a tweet, which is good. Whenever have a Tolstoy-length paragraph in the tooltip title for the browser tab, that's a problem.But you say simply, “Security, cloud delivery, performance. Akamai.” Which is beautifully well done, but security comes first. I have a mental model of Akamai as being a CDN and some other stuff that I don't fully understand. But again, I first encountered you folks in the early-2000s.It turns out that it's hard to change existing opinions. Are you a CDN Company or are you a security company?Andy: Oh, super—Corey: In other words, if someone wind up mis-alphabetizing that and they're about to get censured after this show because, “No, we're a CDN, first; why did you put security first?”Andy: You know, so all those things feed off each other, right? And this has been a question where it's like, you know, our security layer and our distributed WAF and other security offerings run on top of the CDN layer. So, it's all about building a common compute edge and then leveraging that for new applications. CDN was the first application. The next and second application was security.And we think the third application, but probably not the final one, is compute. So, I think I don't think anyone in marketing will be fired by the ordering that they did on that. I think that ultimately now, you know, for—just if we look at it from a monetary perspective, right, we do more security than we do CDN. So, there's a lot that we have in the security business. And you know, compute's got a long way to go, especially because it's not just one big data center of compute; it is a different flavor than I think folks have seen before.Corey: When I was at RSA, you folks were one of the exhibitors there. And I like to make the common observation that there are basically six companies that exhibit at RSA. Yeah, there are hundreds of booths, but it's the same six products, all marketed are different logos with different words. And they all seem to approach it from a few relatively expectable personas and positions. I've always found myself agreeing with the things that you folks say, and maybe it's because of my own network-centric background, but it doesn't seem like you take the same approach that a number of other companies do or it's, “Oh, it has to start with the way that developers write their first line of code.” Instead, it seems to take a holistic view that comes from the starting position of everything talks to each other on a network basis, and from here, let's move forward. Is that accurate to how you view the security space?Andy: Yeah, you know, our view of the security space is—again, it's a network-centric one, right? And our work in the security space initially came from really big DDoS attacks, right? And how do we stop Distributed Denial of Service attacks from impacting folks? And that was the initial benefit that we brought. And from there, we evolved our story around, you know, how do we have a more sophisticated WAF? How do we have predictive capabilities at the edge?So ultimately, we're not about ingraining into your process of how your thing was written or telling you how to write it. We're about, you know, essentially being that perimeter edge that is watching and monitoring everything that comes into you to make sure that, you know, hey, we're not seeing Log4j-type exploits coming at you, and we'll let you know if we do, or to block malicious activity. So, we fit on anything, which is why our security business has been so successful. If you have an application on the edge, you can put Akamai Security in front of it and it's going to make your application better. That's been super compelling for the last, you know, again, last decade or so that we've really been focused on security.Corey: I think that it is a mistake to take a security model that starts with a view of what people have in front of them day-to-day—like, I look at my laptop and say, “Oh, this is what I spend my time on. This is where all security must start and stop.” Because yeah, okay, great. If you get physical access to my laptop, it's pretty much game over on some level. But yeah, if you're at a point where you're going to bust into my house and threaten me in order to get access to my laptop, here you go.There are no secrets that I am in possession of that are worth dying for. It's just money and that's okay. But looking at it through a lens of the internet has gone from science experiment to thing that the nerds love to use to a cornerstone of the fabric of modern society. And that's not because of the magic supercomputer that we all have in our pockets, but rather because those magic supercomputers can talk to the sum total of human knowledge and any other human anywhere on the planet, basically, ever. And I don't know that that evolution has been really appreciated by society at large as far as just how empowering that can be. But it completely changes the entire security paradigm from back in the '80s when I got started, don't put untrusted floppy disks into your computer or it might literally explode on your desk.Andy: [laugh]. So, we're talking about floppy disks now? Yes. So, first of all, the scope of impact of the internet has increased, meaning what you can do with it has increased. And directly proportional to that increase the threat vectors have increased, right? And the more systems are connected, the more vulnerabilities there are.So listen, it's easy to scare anybody about security on the internet. It is a topic that is an infinite well of scariness. At the same time, you know, and not just Akamai, but there's a lot of companies out there that can, whether it's making your development more secure, making your pipeline, your digital supply chain a more secure, or then you know where Akamai is, we're at the end, which is you know, helping to wrap around your entire web presence to make it more secure, there's a variety of companies that are out there really making the internet work from a security perspective. And honestly, there's also been tremendous progress on the operating system front in the last several years, which previously was not as good—probably is way to characterize it—as it is today. So, and you know, at the end of the day, the nerds are still out there working, right?We are out here still working on making the internet, you know, scale better, making it more secure, making it more robust because we're probably not done, right? You know, phones are awesome, and tablet devices, et cetera, are awesome, but we've probably got more coming. We don't quite know what that is yet, but we want to have the capacity, safety, and compute to power it.Corey: How does Macrometa as a persistent data layer tie into your future vision of security first as what Akamai does? I can see a few directions, but I'm going to go out on a limb and guess that before you folks decided to make an investment in such a thing, you probably gave it more than the 30 seconds or whatnot or so a thought that I've had to wind up putting these pieces together.Andy: So, a few things there. First of all, Macrometa, ultimately, we see them coming in the front door with our compute solution, right? Because as folks are building capabilities on the edge, “Hey, I want to run compute on the edge. How do I interoperate with data?” The worst answer possible is, “Well, call back to the centralized data store.”So, we want to ensure that customers have choice and performance options for distributed data access. Macrometa fits great there. However, now pause that; let's transition back to the security point you raised, which is, you know, coordinating an edge data security platform is a really complicated thing. Because you want to make sure that threats that are coming in on one side of the network, or you know, in one given country, you know, are also understood throughout the network. And there's a definite role for a data platform in doing that.We obviously, you know, for the last ten years have built several that help accomplish that at scale for our network, but we also recognize that, you know, innovation in data platforms is probably not done. And you know, Macrometa's got some pretty interesting approaches. So, we're very interested in working with them and talking jointly with customers, which we've done a bunch of, to see how that progresses. But there's tie-ins, I would say, mostly on compute, but secondarily, there's a lot of interesting areas with real-time security intel, they can be very useful as well.Corey: Since I have you here, I would love to ask you something that's a little orthogonal to the rest of this conversation, but I don't even care about that because that's why it's my show; I can ask what I want.Andy: Oh, no.Corey: Talk to me a little bit about the Linode acquisition. Because when it first came out, I thought, “Oh, Linode must not be doing well, so it's an acqui-hire scenario.” Followed by, “Wait a minute, that doesn't seem quite right.” And I dug deeper, and suddenly, I started to see a bunch of things that made sense. But that's just my outside perspective. I prefer to see you justify what it is that you've done.Andy: Justify what we've done. Well, with that positive framing—Corey: Exactly. “Explain yourself. How dare you, sir?”Andy: [laugh]. “What are you doing?” So, to take that, which is first of all, Linode was doing great when we bought them and they're continuing to do great now. You know, backstory here is actually a fun one. So, I personally have been a customer of Linode for about 13 years, and you know, super familiar with their offerings, as we're a bunch of other folks at Akamai.And what ultimately attracted us to Linode was, first of all, from a strategic perspective, is we talked about how Akamai thinks about Compute being a gradient of compute: you've got the edge, you've got kind of a middle tier, and you've got more centralized locations. Akamai has the edge, we've got the middle, we didn't have the central. Linode has got the central. And obviously, you know, we're going to see some significant expansion of capacity and scale there, but they've got the central location. And, you know, ultimately, we feel that there's a lot of passion in Linode.You know, they're a Linux open-source-centric company, and believe it or not Akamai is, too. I mean, you know, that's kind of how it works. And there was a great connection between the sorts of folks that they had and how they think about customers. Linode was a really customer-driven company. I mean, they were fanatical.I mean, I as a, you know, customer of $30 a month personally, could open a ticket and I'd get an answer in five minutes. And that's very similar to kind of how Akamai is driven, which is we're very customer-centric, and when a customer has a problem or need something different, you know, we're on it. So, there's literally nothing bad there and it's a super exciting beginning of a new chapter for Akamai, which is really how do we tackle compute? We're super excited to have the Linode team. You know, they're still mostly down in Philadelphia doing their thing.And, you know, we've hired substantially and we're continuing to do so, so if you want to work there, drop a note over. And it's been fantastic. And it's one of our, you know, really large acquisitions that we've done, and I think we were really lucky to find a great company in such a good position and be able to make it work.Corey: From my perspective, one of the areas that has me excited about the acquisition stems from what I would consider to be something of a customer-base culture misalignment between the two companies. One of the things that I have always enjoyed about Linode—and in the interest of full transparency, they have been a periodic sponsor over the last five or six years of my ridiculous nonsense. I believe that they are not at the moment which I expect you to immediately rectify after this conversation, of course.Andy: I'll give you my credit card. Yeah.Corey: Excellent. Excellent. We do not get in the way of people trying to give you money. But it was great because that's exactly it. I could take a credit card in the middle of the night and spin up things on Linode.And it was one of those companies that aligned very closely to how I tended to view cloud infrastructure from the perspective of, I need a Linux box, or I need a bunch of Linux boxes right there, right now, and I don't have 12 weeks to go to cloud school to learn the intricacies of a given provider. It more or less just worked in a whole bunch of easy ways. Whereas if I wanted to roll out at Akamai, it was always I would pull up the website, and it's, “Click here to talk to our enterprise sales team.” And that tells me two things. One, it is probably going to be outside of my signing authority because no one trusts me with money for obvious reasons, when I was an employee, and two, you will not be going to space today because those conversations always take time.And it's going to be—if I'm in a hurry and trying to get something out the door, that is going to act as a significant drag on capability. Now, most of your customers do not launch things by the seat of their pants, three hours after the idea first occurs to them, but on Linode, that often seems to be the case. The idea of addressing developers early on in the ‘it's just an idea' phase. I can't shake the feeling that there's a definite future in which Linode winds up being able to speak much more effectively to enterprise, while Akamai also learns to speak to, honestly, half-awake shitposters at 2 a.m. when we're building something heinous.Andy: I feel like you've been sitting in on our strategy presentations. Maybe not the shitposters, but the rest of it. And I think the way that I would couch it, my corporate-speak of that, would be that there's a distinct yin and yang, there a complementary nature between the customer bases of Akamai, which has, you know, an incredible list of enterprise customers—I mean, the who's-who of enterprise customers, Akamai works with them—but then, you know, Linode, who has really tremendous representation of developers—that's what we'll use for the name posts—like, folks like myself included, right, who want to throw something together, want to spin up a VM, and then maybe tear it down and never do it again, or maybe set up 100 of them. And, to your point, the crossover opportunities there, which is, you know, Linode has done a really good job of having small customers that grow over time. And by having Akamai, you know, you can now grow, and never have to leave because we're going to be able to bring enough scale and throughput and, you know, professional help services as you need it to help you stay in the ecosystem.And similarly, Akamai has a tremendous—you know, the benefit of a tremendous set of enterprise customers who are out there, you know, frankly, looking to solve their compute challenges, saying, “Hey, I have a highly distributed application. Akamai, how can you help me with this?” Or, “Hey, I need presence in x or y.” And now we have, you know, with Linode, the right tools to support that. And yes, we can make all kinds of jokes about, you know, Akamai and Linode and different, you know, people and archetypes we appeal to, but ultimately, there's an alignment between Akamai and Linode on how we approach things, which is about Linux, open-source, it's about technical honesty and simplicity. So, great group of folks. And secondly, like, I think the customer crossover, you're right on it. And we're very excited for how that goes.Corey: I also want to call out that Macrometa seems to have split this difference perfectly. One of the first things I visit on any given company's page when I'm trying to understand them is the pricing page. It's one of those areas where people spend the least time, early on, but it's also where they tend to be the most honest. Maybe that's why. And I look for two things, and Macrometa has both of them.The first is a ‘try it for free, right now, get started.' It's a free-tier approach. Because even if you charge $10 or whatnot, there are many developers working on things in odd hours where they don't necessarily either have the ability to make that purchase decision, know that they have the ability to make that purchase decision, or are willing to do that by the seat of their pants. So, ‘get started for free' is important; it means you can develop right now. Conversely, there are a bunch of enterprise procurement departments out there who will want a whole bunch of custom things.Custom SLAs, custom support responses, custom everything, and they also don't know how to sign a check that doesn't have two commas in it. So, you don't probably want to avoid those customers, but what they're looking for is an enterprise offering that is no price. There should not be a price tag on that because you will never get it right for everyone, but what they want to see is ‘click here to contact sales.' That is coded language for, “We are serious professionals and know who you are and how you like to operate.” They've got both and I think that is absolutely the right decision.Andy: It do—Corey: And whatever you have in between those two is almost irrelevant.Andy: No, I think you're on it. And Macrometa, their pricing philosophy allows you to get in and try it with zero friction, which is super important. Like, I don't even have to use a credit card. I can experiment for free, I can try it for free, but then as I grow their pricing tier kind of scales along with that. And it's a—you know, that is the way that folks try applications.I always try to think about, hey, you know, if I'm on a team and we're tasked with putting together a proof of concept for something in two days, and I've got, you know, a couple folks working with me, how do I do that? And you don't have time for procurement, you might need to use the free thing to experiment. So, there is a lot that they can do. And you know, their pricing—this transparency of pricing that they have is fantastic. Now, Linode, also very transparent, we don't have a free tier, but you know, you can get in for very low friction and try that as well.Corey: Yeah, companies tend to go through a maturity curve evolution on these things. I've talked to companies that purely view it is how much money a given customer is spending determines how much attention they get. And it's like, “Yeah, maybe take a look through some of your smaller users or new signups there.” Yeah, they're spending $10 a month or whatnot, but their email address is@cocacola.com. Just spitballing here; maybe you might want a white-glove a few of those folks, just because not everyone comes in the door via an RFP.Andy: Yep. We look at customers for what your potential is, right? Like, you know, how much could you end up spending with us, right? You know, so if you're building your application on Linode, and you're going to spend $20, for the first couple months, that's totally fine. Get in there, experiment, and then you know, in the next several years, let's see where it goes. So, you're exactly right, which is, you know, that username@enterprisedomain.com is often much more indicative than what the actual bill is on a monthly basis.Corey: I always find it a little strange when I have a vendor that I'm doing business with, and then suddenly, an account person reaches out, like, hey, let's just have a call for half an hour to talk about what you're doing and how you're doing it. It's my immediate response to that these days, just of too many years doing that, as, “I really need to look at that bill. How much are we spending, again?” And I honestly, usually not that much because believe it or not, when you focus on cloud economics for a living, you pay attention to your credit card bills, but it is always interesting to see who reaches out and who doesn't. That's been a strange approach, and there is no one right answer for all of this.If every free tier account user of any given cloud provider wound up getting constant emails from their account managers, it's how desperate are you to grow revenue, and what are you about to do to pricing? At some level of becomes… unhelpful.Andy: I can see that. I've had, personally, situations where I'm a trial user of something, and all of a sudden I get emails—you know, using personal email addresses, no Akamai involvement—all of a sudden, I'm getting emails. And I'm like, “Really? Did I make the priority list for you to call me and leave me a voicemail, and then email me?” I don't know how that's possible.So, from a personal perspective, totally see that. You know, from an account development perspective, you know, kind of with the Akamai hat on, it's challenging, right? You know, folks are out there trying to figure out where business is going to come from. And I think if you're able to get an indicator that somebody, you know, maybe you're going to call that person at enterprisedomain.com to try to figure out, you know, hey, is this real and is this you with a side project or is this you with a proof of concept for something that could be more fruitful? And, you know, Corey, they're probably just calling you because you're you.Corey: One of the things that I was surprised by where I saw the exact same thing. I started getting a series of emails from my account manager for Google Workspaces. Okay, and then I really did a spit-take when I realized this was on my personal address. Okay… so I read this carefully because what the hell is happening? Oh, they're raising prices and it's a campaign. Great.Now, my one-user vanity domain is going to go from $6 a month to $8 a month or whatever. Cool, I don't care. This is not someone actively trying to reach out as a human being. It's an outreach campaign. Cool, fair. But that's the problem, on some level, for super-tiny customers. It's a, what is it, is it a shakedown? What are they about to yell at me for?Andy: No, I got the same thing. My Google Workspace personal account, which is, like, two people, right? Like, and I got an email and then I think, like, a voicemail. And I'm like, I read the email and I'm like—you know, it's going—again, it's like, it was like six something and now it's, like, eight something a month. So, it's like, “Okay. You're all right.”Corey: Just go—that's what you have a credit card for. Go ahead and charge it. It's fine. Now, yeah, counterpoint if you're a large company, and yeah, we're just going to be raising prices by 20% across the board for everyone, and you look at this and like, that's a phone number. Yeah, I kind of want some special outreach and conversations there. But it's odd.Andy: It's interesting. Yeah. They're great.Corey: Last question before we call this an episode. In 22 years, how have you seen the market change from your perspective? Most people do not work in the industry from one company's perspective for as long as you have. That gives you a somewhat privileged position to see, from a point of relative stability, what the industry has done.Andy: So—Corey: What have you noticed?Andy: —and I'm going to give you an answer, which is about, like, the sales cycle, which is it used to be about meetings and about everybody coming together and used to have to occasionally wear a suit. And there would be, you know, meetings where you would need to get a CEO or CFO to personally see a presentation and decide something and say, “Okay, we're going with X or Y. We're going to make a decision.” And today, those decisions are, pretty far and wide, made much, much further down in the organization. They're made by developers, team leads, project managers, program managers.So, the way people engage with customers today is so different. First of all, like, most meetings are still virtual. I mean, like, yeah, we have physical meetings and we get together for things, but like, so much more is done virtually, which is cool because we built the internet so we wouldn't have to go anywhere, so it's nice that we got that landed. It's unfortunate that we had to do with Covid to get there, but ultimately, I think that purchasing decisions and technology decisions are distributed so much more deeply into the organization than they were. It used to be a, like, C-level thing. We're now seeing that stuff happened much further down in the organization.We see that inside Akamai and we see it with our customers as well. It's been, honestly, refreshing because you tend to be able to engage with technical folks when you're talking about technical products. And you know, the business folks are still there and they're helping to guide the discussions and all that, but it's a much better time, I think, to be a technical person now than it probably was 20 years ago.Corey: I would say that being a technical person has gotten easier in a bunch of ways; it's gotten harder in a bunch of ways. I would say that it has transformed. I was very opposed to the idea that oh, as a sysadmin, why should I learn to write code? And in retrospect, it was because I wasn't sure I could do it and it felt like the rising tide was going to drown me. And in hindsight, yeah, it was the right direction for the industry to go in.But I'm also sensitive to folks who don't want to, midway through their career, pick up an entirely new skill set in order to remain relevant. I think that it is a lot easier to do some things. Back when Akamai started, it took an intimate knowledge of GCC compiler flags, in most cases, to host a website. Now, it is checking a box on a web page and you're done. Things have gotten easier.The abstractions continue to slip below the waterline, so the things we have to care about getting more and more meaningful to the business. We're nowhere near our final form yet, but I'm very excited about how accessible this industry is to folks that previously would not have been, while also disheartened by just how much there is to know. Otherwise, “Oh yeah, that entire aspect of the way that this core thing that runs my business, yeah, that's basically magic and we just hope the magic doesn't stop working, or we make a sacrifice to the proper God, which is usually a giant trillion-dollar company.” And the sacrifice is, of course, engineering time combined with money.Andy: You know, technology is all about abstraction layers, right? And I think—that's my view, right—and we've been spending the last several decades, not, ‘we' Akamai; ‘we' the technology industry—on, you know, coming up with some pretty solid abstraction layers. And you're right, like, the, you know, GCC j6—you know, -j6—you know, kind of compiler tags not that important anymore, we could go back in time and talk about inetd, the first serverless. But other than that, you know, as we get to the present day, I think what's really interesting is you can contribute technically without being a super coding nerd. There's all kinds of different technical approaches today and technical disciplines that aren't just about development.Development is super important, but you know, frankly, the sysadmin skill set is more valuable today if you look at what SREs have become and how important they are to the industry. I mean, you know, those are some of the most critical folks in the entire piping here. So, don't feel bad for starting out as a sysadmin. I think that's my closing comment back to you.Corey: I think that's probably a good place to leave it. I really want to thank you for being so generous with your time.Andy: Anytime.Corey: If people want to learn more about how you see the world, where can they find you?Andy: Yeah, I mean, I guess you could check me out on LinkedIn. Happy to shoot me something there and happy to catch up. I'm pretty much read-only on social, so I don't pontificate a lot on Twitter, but—Corey: Such a good decision.Andy: Feel free to shoot me something on LinkedIn if you want to get in touch or chat about Akamai.Corey: Excellent. And of course, our thanks goes well, to the fine folks at Macrometa who have promoted this episode. It is always appreciated when people wind up supporting this ridiculous nonsense that I do. My guest has been Andy Champagne SVP at the CTO office over at Akamai. I'm Cloud Economist Corey Quinn, and this is Screaming in the Cloud. If you've enjoyed this podcast, please leave a five-star review on your podcast platform of choice, whereas if you've hated this podcast, please leave a five-star review on your podcast platform of choice along with an insulting comment that will not post successfully because your podcast provider of choice wound up skimping out on a provider who did not care enough about a persistent global data layer.Corey: If your AWS bill keeps rising and your blood pressure is doing the same, then you need The Duckbill Group. We help companies fix their AWS bill by making it smaller and less horrifying. The Duckbill Group works for you, not AWS. We tailor recommendations to your business and we get to the point. Visit duckbillgroup.com to get started.Announcer: This has been a HumblePod production. Stay humble.
Hey Identifier, #oathkeepers #terrorist #government https://www.militarytimes.com/news/your-military/2022/09/07/military-personnel-among-names-in-leaked-oath-keepers-membership-list/ The names of hundreds of current and former military personnel, elected officials and police were included in a leaked membership list belonging to the far-right extremist group known as the Oath Keepers, according to a report by the Anti-Defamation League. The ADL examined roughly 38,000 names from the leaked database, which was first published in September 2021 by the non-profit whistleblower Distributed Denial of Secrets. In total, 117 troops currently serving in the military, 11 serving in the reserves and another 31 military contractors and affiliated civilians were identified in the report. Leave us a Voice Mail or Support https://anchor.fm/the-identity-booth/message https://anchor.fm/the-identity-booth/support Sub to the channel here https://www.twitch.tv/theidentitybooth Donate https://streamlabs.com/projecteto/tip The Goal: Try to Identify with you as you try to identify with me. Find Heero here: https://linktr.ee/the_identity_Booth outro Hey Baby (Produced By Melv) Take Care --- Send in a voice message: https://anchor.fm/the-identity-booth/message Support this podcast: https://anchor.fm/the-identity-booth/support
The Accountability Coach: Business Acceleration|Productivity
There is an entire industry dedicated to fighting cyberattacks and making sure other companies have solid cybersecurity systems in place. Cyberattacks have become increasingly common, and typically involve some sort of breach of information systems to steal sensitive data or deny users' access to their data. Many attacks have a financial motive, so it's crucial to protect your company against the possibility of a breach. It only takes one attack to bring down a network and do serious damage to your business, but if you take the necessary steps to protect your systems, you have a much better chance of thwarting any hackers' attempts. There are several different types of cybersecurity threats, and it's important to know what they are so you can understand how to fight them. 1. Malware Malware, or malicious software, is an umbrella term for all sorts of programs designed to hack, disrupt, or damage a device. Malware breaches the security of your device and can steal data or control your device. It works by tricking users into clicking something they shouldn't click, which then downloads malicious code into their system. Types of malware can include viruses, trojans, spyware, bots, bugs, and ransomware. You can prevent malware by using tools that detect a breach early, such as software that scans your network, and removes any malware it detects. Never click on a link you aren't exactly sure where it came from. Even emails that may seem okay and legit, are not. Malwarebytes offers a free and an affordable paid version to help with possible malware issues on your computer. Check it out by going to https://www.malwarebytes.com/. I personally use this software on my computer and on my phone. 2. Ransomware Ransomware is exactly what it sounds like—your data is taken hostage until you pay a ransom to get it back. It can be considered a type of malware, and is spread throughout your network through various ways, such as phishing emails that have malicious code attached, or drive-by downloading, which is when a user visits a site that's infected with malware and unknowingly downloads it to their device. Once ransomware has infected a device, it encrypts the user or company's data so they can't access any of their files. It spreads quickly across the database and servers, and the attacker holds a private key needed to decrypt the files until the ransom is paid. There may be some situation in which the attacker refuses to release the private key, so it's important to back up your data regularly, along with implementing other tips to increase your cybersecurity. 3. Phishing Phishing is when cybercriminals pose as legitimate companies and send users emails, phone calls, or text messages to get sensitive information out of them. A common example of phishing is a password reset email, where the attacker pretends that your account is under a security threat and asks you to reset your password. When you click the link provided in their email, it goes to a website that isn't legitimate, and your new password gets saved. They can then change it on their end and use the information to log into your account. Other types of phishing emails to be suspicious of include notifications of winning a prize, urgent requests, or emails from people you don't know with attachments you don't recognize. 4. Man-in-the-Middle Attacks Using free public Wi-Fi is a good way to leave yourself vulnerable to a man-in-the-middle (MITM) attack. Generally speaking, a MITM attack is when the attacker positions themselves between the user and platform the user is trying to visit, and essentially intercepts and hijacks that connection. When the victim gets on the free Wi-Fi network, it allows the attacker to have full visibility and access into their online activities. The best thing to do if you can't get onto a secure Wi-Fi network in public is to use your phone as a temporary hotspot. 5. DoS and DDoS A Denial-of-Service (DoS) attack works by shutting down web servers and essentially denying users access to it. It does this by flooding a server with traffic until it crashes, rendering it unavailable and unusable. Some signs of a DoS attack include slower network performance or a loss of connectivity to your site. A DoS attack uses a single system to launch the attack. A Distributed-Denial-of-Service (DDoS) attack, on the other hand, uses multiple systems to attack a single system. Running tests regularly on your internal systems can help expose any vulnerabilities, so you can protect against future DoS or DDoS attacks. Implementing things like anti-virus software, firewalls, VPNs, employee training and cybersecurity solutions can help protect your company against cybersecurity threats such as malware, ransomware, phishing, MITM, DoS, DDoS and more. By understanding what dangers these different threats pose, you can be proactive about preparing your systems to recognize and remove the threats as soon as they're detected. For more help with growing your business and accelerating your results, reach out to me today and schedule your complimentary consultation. Want more business success tips and resources? Subscribe to my blog by going to www.acountabilitycoach.com/blog. Aim for what you want each and every day! Anne Bachrach The Accountability Coach™ The Results Accelerator™ Go to https://www.accountabilitycoach.com to check out for yourself how I, as your Accountability Coach™, can help you get and stay focused on you highest payoff activities that put you in the highest probability position to achieve your professional and personal goals, so you can enjoy the kind of business and life you truly want and deserve. Get your daily Accountability Minute shot of a single, simple, doable idea, so you can start your day off on the "right foot". You can find The Accountability Minute on https://www.accountabilitycoach.com/my-podcast/ as well as on most podcast platforms and in most English-speaking countries. Take advantage of all the complimentary business tips and tools by joining the Free Silver Membership on https://www.accountabilitycoach.com/coaching-store/inner-circle-store/. If you are getting value from any of Podcasts, please take a minute to leave me a short rating and review. I would really appreciate it, and love to hear from you. To help you stay focused and on track to achieving your goals, check out these other high-value resources. Subscribe to my high-value business success tips and resources Blog https://www.accountabilitycoach.com/blog/) - Subscribe to my YouTube channel with business success principles (https://www.youtube.com/annebachrach) - Connect with me on Facebook (https://www.facebook.com/TheAccountabilityCoach) - Connect with me on Linked-in (https://www.linkedin.com/in/annebachrach) - Connect with me on Pinterest (https://pinterest.com/resultsrule/) - Connect with me on Instagram (https://www.instagram.com/annebachrach/) As an experienced accountability coach and author of 5 books, I help business professionals make more money, work less, and enjoy even better work life balance. Check out my proven business accelerator resources by going to https://www.accountabilitycoach.com/coaching-store/. Author of Excuses Don't Count; Results Rule, Live Life with No Regrets, No Excuses, and the Work Life Balance Emergency Kit, The Roadmap To Success with Stephen Covey and Ken Blanchard, and more.
There is an entire industry dedicated to fighting cyberattacks and making sure other companies have solid cybersecurity systems in place. Cyberattacks have become increasingly common, and typically involve some sort of breach of information systems to steal sensitive data or deny users' access to their data. Many attacks have a financial motive, so it's crucial to protect your company against the possibility of a breach. It only takes one attack to bring down a network and do serious damage to your business, but if you take the necessary steps to protect your systems, you have a much better chance of thwarting any hackers' attempts. There are several different types of cybersecurity threats, and it's important to know what they are so you can understand how to fight them. 1. Malware Malware, or malicious software, is an umbrella term for all sorts of programs designed to hack, disrupt, or damage a device. Malware breaches the security of your device and can steal data or control your device. It works by tricking users into clicking something they shouldn't click, which then downloads malicious code into their system. Types of malware can include viruses, trojans, spyware, bots, bugs, and ransomware. You can prevent malware by using tools that detect a breach early, such as software that scans your network, and removes any malware it detects. Never click on a link you aren't exactly sure where it came from. Even emails that may seem okay and legit, are not. Malwarebytes offers a free and an affordable paid version to help with possible malware issues on your computer. Check it out by going to https://www.malwarebytes.com/. I personally use this software on my computer and on my phone. 2. Ransomware Ransomware is exactly what it sounds like—your data is taken hostage until you pay a ransom to get it back. It can be considered a type of malware, and is spread throughout your network through various ways, such as phishing emails that have malicious code attached, or drive-by downloading, which is when a user visits a site that's infected with malware and unknowingly downloads it to their device. Once ransomware has infected a device, it encrypts the user or company's data so they can't access any of their files. It spreads quickly across the database and servers, and the attacker holds a private key needed to decrypt the files until the ransom is paid. There may be some situation in which the attacker refuses to release the private key, so it's important to back up your data regularly, along with implementing other tips to increase your cybersecurity. 3. Phishing Phishing is when cybercriminals pose as legitimate companies and send users emails, phone calls, or text messages to get sensitive information out of them. A common example of phishing is a password reset email, where the attacker pretends that your account is under a security threat and asks you to reset your password. When you click the link provided in their email, it goes to a website that isn't legitimate, and your new password gets saved. They can then change it on their end and use the information to log into your account. Other types of phishing emails to be suspicious of include notifications of winning a prize, urgent requests, or emails from people you don't know with attachments you don't recognize. 4. Man-in-the-Middle Attacks Using free public Wi-Fi is a good way to leave yourself vulnerable to a man-in-the-middle (MITM) attack. Generally speaking, a MITM attack is when the attacker positions themselves between the user and platform the user is trying to visit, and essentially intercepts and hijacks that connection. When the victim gets on the free Wi-Fi network, it allows the attacker to have full visibility and access into their online activities. The best thing to do if you can't get onto a secure Wi-Fi network in public is to use your phone as a temporary hotspot. 5. DoS and DDoS A Denial-of-Service (DoS) attack works by shutting down web servers and essentially denying users access to it. It does this by flooding a server with traffic until it crashes, rendering it unavailable and unusable. Some signs of a DoS attack include slower network performance or a loss of connectivity to your site. A DoS attack uses a single system to launch the attack. A Distributed-Denial-of-Service (DDoS) attack, on the other hand, uses multiple systems to attack a single system. Running tests regularly on your internal systems can help expose any vulnerabilities, so you can protect against future DoS or DDoS attacks. Implementing things like anti-virus software, firewalls, VPNs, employee training and cybersecurity solutions can help protect your company against cybersecurity threats such as malware, ransomware, phishing, MITM, DoS, DDoS and more. By understanding what dangers these different threats pose, you can be proactive about preparing your systems to recognize and remove the threats as soon as they're detected. For more help with growing your business and accelerating your results, reach out to me today and schedule your complimentary consultation. Want more business success tips and resources? Subscribe to my blog by going to www.acountabilitycoach.com/blog. Aim for what you want each and every day! Anne Bachrach The Accountability Coach™ The Results Accelerator™ Go to https://www.accountabilitycoach.com to check out for yourself how I, as your Accountability Coach™, can help you get and stay focused on you highest payoff activities that put you in the highest probability position to achieve your professional and personal goals, so you can enjoy the kind of business and life you truly want and deserve. Get your daily Accountability Minute shot of a single, simple, doable idea, so you can start your day off on the "right foot". You can find The Accountability Minute on https://www.accountabilitycoach.com/my-podcast/ as well as on most podcast platforms and in most English-speaking countries. Take advantage of all the complimentary business tips and tools by joining the Free Silver Membership on https://www.accountabilitycoach.com/coaching-store/inner-circle-store/. If you are getting value from any of Podcasts, please take a minute to leave me a short rating and review. I would really appreciate it, and love to hear from you. To help you stay focused and on track to achieving your goals, check out these other high-value resources. Subscribe to my high-value business success tips and resources Blog https://www.accountabilitycoach.com/blog/) - Subscribe to my YouTube channel with business success principles (https://www.youtube.com/annebachrach) - Connect with me on Facebook (https://www.facebook.com/TheAccountabilityCoach) - Connect with me on Linked-in (https://www.linkedin.com/in/annebachrach) - Connect with me on Pinterest (https://pinterest.com/resultsrule/) - Connect with me on Instagram (https://www.instagram.com/annebachrach/) As an experienced accountability coach and author of 5 books, I help business professionals make more money, work less, and enjoy even better work life balance. Check out my proven business accelerator resources by going to https://www.accountabilitycoach.com/coaching-store/. Author of Excuses Don't Count; Results Rule, Live Life with No Regrets, No Excuses, and the Work Life Balance Emergency Kit, The Roadmap To Success with Stephen Covey and Ken Blanchard, and more.
Episode Sponsor: Mothman 1966 In this week's Drabblecast story, the only scenes that aren't sex scenes are crime scenes. We bring you an original Drabblecast story by Tim Pratt about a dark future of vigilante justice sex toys, called “The Distributed Denial of Sexytime.” Also, Norm and guest Executice Producer Bart Epstein treat us to […]
Google announced that back in June they detected and blocked the largest Distributed Denial of Service (DDoS) attack on record. This episode breaks it down and explains how threat groups can pull these off. Be aware, be safe. Support the show and get access to behind the scenes content as a patron - https://www.patreon.com/SecurityInFive *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five Mighty Mackenzie - https://www.facebook.com/mightymackie Where you can find Security In Five - https://linktr.ee/binaryblogger Email - bblogger@protonmail.com
Roger Grimes is an industry expert and the Data Driven Defense Evangelist for KnowBe4. In this episode, Roger and host Hillarie McClure discuss how Akamai Technologies has allegedly stopped the largest DDoS (Distributed Denial of Service) attack of all time, as well as why and how the volume of DDoS attacks is rising, and more. KnowBe4 is the world's first and largest New-school security awareness training and simulated phishing provider that helps you manage the ongoing problem of social engineering. To learn more about our sponsor, KnowBe4, visit https://knowbe4.com
Tanya Janca joins Scott Hanselman to discuss the various security features within Azure that are cloud native and what that means for security professionals. Discussing the benefits of DDoS protection (and what DDoS is) will help you understand its value and when it's needed. We also discuss the added value of Azure Defender features such as JIT, FIM, and Application Adaptive Controls in preventing ransomware. Chapters 00:00 - Introduction 00:20 - Distributed Denial of Service (DDoS) attacks 03:00 - DDoS Protection in Azure 05:55 - Microsoft Defender for Cloud 06:42 - Microsoft Defender for Cloud | Workload protections 10:53 - We Hack Purple Community 11:42 - Wrap-up Recommended resources Azure DDoS Protection Standard overview What is Microsoft Defender for Cloud? We Hack Purple Community Top 5 security items to consider before pushing to production Connect Scott Hanselman | Twitter: @SHanselman Tanya Janca | Twitter: @SheHacksPurple We Hack Purple Academy & Community! | Twitter: @WeHackPurple Azure Friday | Twitter: @AzureFriday
Tanya Janca joins Scott Hanselman to discuss the various security features within Azure that are cloud native and what that means for security professionals. Discussing the benefits of DDoS protection (and what DDoS is) will help you understand its value and when it's needed. We also discuss the added value of Azure Defender features such as JIT, FIM, and Application Adaptive Controls in preventing ransomware. Chapters 00:00 - Introduction 00:20 - Distributed Denial of Service (DDoS) attacks 03:00 - DDoS Protection in Azure 05:55 - Microsoft Defender for Cloud 06:42 - Microsoft Defender for Cloud | Workload protections 10:53 - We Hack Purple Community 11:42 - Wrap-up Recommended resources Azure DDoS Protection Standard overview What is Microsoft Defender for Cloud? We Hack Purple Community Top 5 security items to consider before pushing to production Connect Scott Hanselman | Twitter: @SHanselman Tanya Janca | Twitter: @SheHacksPurple We Hack Purple Academy & Community! | Twitter: @WeHackPurple Azure Friday | Twitter: @AzureFriday
Meta platforms change hate speech policy, Anonymous helping to spread information to Russian citizens, Emma Best from Distributed Denial of Secrets joins the panel to discuss the leak of Russian government censorship data.
Show Notes The Problem The K–12 Cybersecurity Resource Center, tracked 408 cybersecurity incidents that hit K–12 institutions over the past year, an 18 percent increase from 2019 and an average of two cyberattacks per school day aimed at the nation's education system. The most widespread cyber incidents were ransomware attacks, in which a hacker infiltrates a network and hold it for ransom, along with data breaches of student and staff personal data that included everything from bullying reports to Social Security numbers. Class invasions were also a significant trend, with these incidents involving a malicious actor gaining access to an online video conferencing system and disrupting it, often with inappropriate images or words. This trend was seen particularly at the beginning of the pandemic, and was used to interrupt classes on video conferencing platform Zoom in so many situations that the term “Zoombombing” was coined. News Items Passage of $1 Billion Department of Homeland Security cybersecurity grant program While the grants will technically be administered by the Federal Emergency Management Agency, which has long been DHS's main grant-making unit, the Infrastructure Investment and Jobs Act calls on CISA to serve in an advisory capacity — work that Wales said has already started. The infrastructure law requires each state to develop a comprehensive cybersecurity plan to qualify for the grants, and about 80% of the total funds will eventually make their way to local jurisdictions. Wales told Clarke that leaves CISA with several questions to answer before the money begins flowing, which is expected in 2022. Goal is development of “common baseline” – That's likely to include some cybersecurity steps that are commonly described as fundamental — multi-factor authentication, limiting the number of privileged user accounts on a government network, patching vulnerabilities as soon as they're identified and running regular risk assessments. But those are sometimes unaffordable for the small, local governments that stand to benefit from the new grant program. Signature of K–12 Cybersecurity Act requires the Cybersecurity and Infrastructure Security Agency (CISA) to create cybersecurity recommendations and tools for schools to use to defend themselves against hackers after conducting a study on the cybersecurity risks facing K–12 institutions. What Should Schools Be Doing Now? Educate themselves about the grant process and information needed Educate teachers, students, and parents about the importance of cybersecurity Cultivate a culture of cybersecurity For K–12 IT Departments Check CISA Web site regularly Review lists of potential threats [from Ikon Business Group] Advanced Persistent Threat Attack [APT]: a network attack in which an unauthorized person gains access to a network and stays there undetected for a long period. Brute-force Cracking: a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies. Credential Reuse: Once attackers have a collection of usernames and passwords from a breached website or service (easily acquired on any number of black market websites on the internet), they know that if they use these same credentials on other websites there's a chance they'll be able to log in. Distributed Denial of Services [DDoS]: an attempt to make an online service unavailable by overwhelming it with traffic from multiple sources. Drive-by Download: a program that is automatically downloaded to your computer without your consent or even your knowledge. Malware: refers to various forms of harmful software, such as viruses and ransomware. Once malware is in your computer, it can wreak all sorts of havoc, from taking control of your machine, to monitoring your actions and keystrokes, to silently sending all sorts of confidential data from your computer or network to the attacker's home base. Network-probe: a probe is an attempt to gain access to a computer and its files through a known or probable weak point in the computer system. Phishing: When internet fraudsters impersonate a business to trick you into giving out your personal information. Phishing Attacks are the primary vector for malware attacks and are usually comprised of a malicious e-mail attachment or an e-mail with an embedded, malicious link. Ransomware: a type of malicious software designed to block access to a computer system until a sum of money is paid. Session Hijacking and Man-in-the-Middle Attacks: The session between your computer and the remote web server is given a unique session ID, which should stay private between the two parties; however, an attacker can hijack the session by capturing the session ID and posing as the computer making a request, allowing them to log in as an unsuspecting user and gain access to unauthorized information on the web server. SQL Injection Attack: uses malicious code to get a server to divulge information it normally wouldn't. This is especially problematic if the server stores private customer information from the website, such as credit card numbers, usernames and passwords (credentials), or other personally identifiable information, which are tempting and lucrative targets for an attacker. 7 Steps for Better Cybersecurity [from Ikon Business Group] Get buy in from top administration – A good cybersecurity plan requires line items in the budget for people, hardware, and software – which means getting the principal, CIO, Operations Manager, and any other top-level decision makers on board. Perform live simulations and training exercises with students and staff – The best training today is one in which users undergo a simulated attack specific to their job or role. Follow up any training by testing how well the lesson was learned. Send out occasional phony phishing emails to check how many employees still fail to recognize the threat. Conduct evaluations – Don't be afraid to perform evaluations of both employees and systems to find out how vulnerable your organization is to attack. Present users with a realistic type of cyber-attack and include a follow-up meeting for end users and IT personnel to discuss the results of the campaign and how to avoid scams in the future. Communicate – Don't opt for scare tactics. The goal is to build a culture of cyber awareness. Start small with a few videos or infographics to kick things off. Don't waste time sending out long memos that will only get ignored. Keep it fun, keep it short. Create a formal plan – IT teams should develop a formal, documented plan for cybersecurity training that is reviewed and updated often with the latest information on attack vectors and other risks. Stress the importance of security at school and at home – Tech leaders should help employees understand the importance of cyber hygiene not just in the workplace, but also at home, Pollard said. “Teach users about privacy, security, and how the lessons learned at work can apply at home and in their personal lives to give them a ‘what's in it for me' they can apply all the time, not just at work,” he added. Reward users – Reward users that find malicious emails, and share stories about how users helped thwart security issues. IT leaders should also empathize with people who make mistakes. Include posters, contests and other reminders to drive home an easy-to-understand message that security is everyone's personal responsibility. Resources Cybersecurity and Infrastructure Security Agency “https://www.cisa.gov/” A Guide to Cybersecurity for K–12 Schools “https://www.ikonbusinessgroup.com/a-guide-to-cybersecurity-for-k–12-schools/” - #2021–11–22 Schumer: LI school districts should get ready to apply for funding to fight off cyberattacks “https://www.newsday.com/long-island/education/cyberattacks-school-districts-infrastructure-bill–1.50430756” - #2021–11–17 Cyber grants are a ‘game changer,' CISA leader tells Congress “https://statescoop.com/cyber-grants-game-changer-cisa-leader-tells-congress/” - #2021–11–16 K–12 School Districts Failing at Cloud Security “https://www.infosecurity-magazine.com/news/k12-school-districts-failing-at/” - #2021–10–31 FBI: K–12 schools a leading target for ransomware attacks. Are local districts secure? “https://www.desertsun.com/story/news/education/2021/10/31/ransomware-attacks-concern-school-districts/8543466002/” - #2021–10–22 The K–12 Cybersecurity Act Becomes Law “https://edtechmagazine.com/k12/article/2021/10/k–12-cybersecurity-act-becomes-law” - #2021–10–08 Biden signs bill to strengthen K–12 school cybersecurity “https://thehill.com/policy/cybersecurity/575957-biden-signs-bill-into-law-to-strengthen-k–12-school-cybersecurity?rl=1” - #2021–09–09 K–12 Cybersecurity Standards Released, Along with Free District Self-Assessment Tool “https://thejournal.com/articles/2021/09/09/k12-cybersecurity-standards-released-along-with-free-district-self-assessment-tool.aspx” - #2021–03–10 New research finds ‘record-breaking' number of K–12 cyber incidents in 2020 “https://thehill.com/policy/cybersecurity/542518-new-research-finds-record-breaking-number-of-k–12-cyber-incidents-in ” - #2021 The State of K–12 Cybersecurity: 2020 Year in Review “https://k12cybersecure.com/wp-content/uploads/2021/03/StateofK12Cybersecurity–2020.pdf”