Podcasts about enveil

On this bonus episode of Top in Tech, Conan D'Arcy is joined by Ellison Anne Williams, CEO of Enveil, and Harry Palmer, Associate Director at Global Counsel, to discuss the report 'Breaking barriers: how data sharing can transform the fight against economic crime'. They explore the challenges and recommendations for improving data sharing practices to combat economic crime, emphasizing the role of privacy enhancing technologies (PETs) in facilitating secure data collaboration between public and private sectors. Ellison-Anne and Harry also explore the current landscape of economic crime in the UK and the potential for innovative solutions to enhance data sharing efforts.Read the report here Hosted on Acast. See acast.com/privacy for more information.

As artificial intelligence continues to shape industries and society, the need for robust AI governance has never been more critical. At the forefront of this governance are privacy-enhancing technologies (PETs), which play a key role in ensuring that AI systems operate in a way that respects and protects individuals' data. The European Union's AI Act, one of the most ambitious regulatory frameworks for AI, sets clear standards for transparency, accountability, and risk management. Understanding the implications of this legislation is crucial for businesses looking to innovate responsibly while avoiding potential legal and ethical pitfalls. Countries around the world are taking varied approaches to AI governance, with some prioritising privacy and ethical considerations while others focus on fostering technological innovation. This diversity presents challenges and opportunities for organisations striving to implement AI responsibly. In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Dr Ellison Anne Williams CEO and founder of Enveil, about the need for model-centric security and the potential of PETs to mitigate risks associated with sensitive data in AI applications.Key Takeaways: Privacy-enhancing technologies are crucial for data protection.The EU AI Act sets a precedent for global AI regulation.Organisations must start with the problems they aim to solve.Data sensitivity must be considered in AI model training.Privacy-enhancing technologies can facilitate cross-border data sharing.AI is a neutral tool that requires responsible governance.The implementation of privacy technologies is still evolving.Global standards for AI governance are necessary for ethical use.Chapters: 00:00 - Introduction to AI Governance and Privacy01:07 - Understanding AI Governance03:51 - Privacy Enhancing Technologies Explained08:28 - The Role of the EU AI Act12:42 - Implementing Privacy Enhancing Technologies17:20 - Harmonizing AI Governance with Privacy Technologies

This episode was first broadcast 4 August 2023.As the economy has become increasingly dependent on data, companies have sought to make more profit from mining user actions such as through loyalty schemes or social media interactions.But individual rights also have to be respected, and businesses have to follow strict data protection procedures.Privacy-enhancing technologies (PETs) are one method for companies to securely search through data to derive value – for example, a bank could search through customer data to expose fraudulent activity without putting the personal information of all the customers involved at risk.This episode, Rory and Jane are joined by Ellison Anne Williams, CEO and founder of privacy-enhancing technology company Enveil, to discuss the dos and don'ts of data use, and how organizations can make use of PETs for enhanced data mining.For more information, read the show notes here.

Today I am chatting with Ellison Anne, To talk about her career thus far, and her plans. Ellison Anne has a Ph.D. in math, The NSA, Johns Hopkins, and Enveil are part of her path.

Every technology has a maturation cycle; today we see Artificial Intelligence transitioning from being a parlor trick to being considered for serious applications. The federal government wants secure and reliable solutions to solve problems in the military and healthcare. Our guest today is Dr. Ellison Anne Williams, she has a PhD in mathematics and is the founder of Enveil. She provides an overview of AI security by suggesting it is only as good as the data over which you train and use it. AI is exposed to large data sets and models are encoded with the data with which they were trained. This process can leave the model vulnerable and open to attack, she describes one attack called a “model inversion.” This is a machine learning technique that examines a model's output and infers personal information about its data subject. Dr. Ellison suggests a group of technologies called “Privacy Enhancing Technology.” During the interview, she gives an overview of how it can securely and privately train a model to produce richer insights. PET allows leaders to secure the use of a wider range of data sources. You can use homomorphic encryption to safely train your model over sensitive data. This interview is an overview of a technology that can allow federal agencies that must deal with sensitive information to be able to leverage the speed and insights that AI can provide.  Want to leverage you next podcast appearance?  Take the quiz. https://content.leadquizzes.com/lp/fk1JL_FgeQ Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

What is Homomorphic Encryption? Can it be leveraged in the context of cross-vertical challenges? Dr. Ellison Anne Williams is the Founder and CEO of Enveil, the pioneering data security startup protecting Data in Use. She has more than a decade of experience spearheading avant-garde efforts in the areas of large scale analytics, information security and privacy, computer network exploitation, and network modeling at the National Security Agency and the Johns Hopkins University Applied Physics Laboratory. In addition to her leadership experience, she is accomplished in the fields of distributed computing and algorithms, cryptographic applications, graph theory, combinatorics, machine learning, and data mining and holds a Ph.D. in Mathematics (Algebraic Combinatorics), a M.S. in Mathematics (Set Theoretic Topology), and a M.S. in Computer Science (Machine Learning).   References: Dr. Ellison Anne Williams (full profile), Enveil Enveil Drives Data Value Across Silos with Enhanced Encrypted Search Offering ICO Guidance on Privacy Enhancing Technologies Matthias Eigenmann: Confidential Computing, contractual relationships, and legal bases for Data Clean Rooms (Masters of Privacy) Damien Desfontaines: Differential Privacy in Data Clean Rooms (Masters of Privacy)  

As the economy has become increasingly dependent on data, companies have sought to make more profit from mining user actions such as through loyalty schemes or social media interactions. But individual rights also have to be respected, and businesses have to follow strict data protection procedures.Privacy-enhancing technologies (PETs) are one method for companies to securely search through data to derive value – for example, a bank could search through customer data to expose fraudulent activity without putting the personal information of all the customers involved at risk.This episode, Rory and Jane are joined by Ellison Anne Williams, CEO and founder of privacy-enhancing technology company Enveil, to discuss the dos and don'ts of data use, and how organizations can make use of PETs for enhanced data mining.For more information, read the show notes here.

Ellison Anne Williams, CEO & Founder, Enveil Privacy-enhancing technologies for secure data search protect data while it's being used or processed. The development of privacy-enhancing technologies is a hot topic for financial services. The UN estimates that up to $2 trillion of cross-border money laundering occurs each year. Greater information sharing and collaborative analytics among financial organisations could transform the detection of this activity in a secure manner without compromising jurisdictional requirements. Robin Amlôt of IBS Intelligence speaks to Ellison Anne Williams, CEO and Founder of Enveil about the potential for secure data usage.

Data is more valuable than ever – which means, more than ever, it needs to be protected. From the rise of open banking, which enables people to share their financial data to access more choice and better experiences, to the growing desire of companies across industries to harness data to make smarter decisions and create new revenue streams, data security is key. In the latest episode of “What's Next In,” Mastercard's podcast that informally explores technology, innovation and ideas, host Vicki Hyman discusses the evolution of privacy-enhancing technologies with Bob Schukai, Mastercard's executive vice president for Technology Development, Global Open Banking, and Ellison Anne Williams, the founder and CEO of Enveil, the cybersecurity startup that uses homomorphic encryption to secure data while it's being used to allow companies to innovate while protecting and respecting individual privacy. “Privacy-enhancing technologies enable a decentralized form of data usage, collaboration and monetization to be possible,” Williams says. “These technologies leave the data at the point of origination and enable usage of that data in a secure and private way without having to move or replicate it.” Mastercard's privacy by design principles ensure that privacy safeguards are built into the design and creation of everything the company does, Schukai says. “We believe that your personal information is just that, it's personal and we try to take great care to ensure it stays that way.” To hear more from Schukai and Anne, click play and enjoy!

Privacy enhancing technologies, or PETs, can be used for a multitude of reasons; whether it's being used to decrease the crime rates of countries, for social good or even for the use of your business, PETs have proved time and time again to be effective. PETs are broad, and when using one within your business, the focus really should be on providing a safe network for your customers, clients and consumers. One way in which PETs can be used for this is by blocking third party website traffic analysis, thus preventing your customers from being monitored. This is not only something that needs to be paid attention to by people within the tech industry, but really for any B2B or B2C business. Customer data is often readily available, and when permission has not been given by the customer, legal implications await.  In this EM360 podcast, we speak to Ellison Anne Williams, Founder and CEO at Enveil. Ellison Anne covers the many different ways in which PETs can be used for social good, how to implement them, the necessity of PETs in areas such as the health industry and the future of data protecting tech.

This week's episode of The Intersection features a conversation between Steve Bowsher and Dr. Ellison Anne Williams, CEO and Founder of Enveil. Tune in to hear their discussion on the challenges and opportunities in transitioning from a career with the federal government to starting a company from scratch.

This week on The Encrypted Economy my guest is Ellison Anne Williams, the founder and CEO of Enveil, a Privacy Enhancing Technologies (PET) start-up. She founded the company in 2016 after spending 12 years at the NSAstudying the technologies that allow Enveil to encrypt data while in use. Ellison Anne has created cutting edge use cases for homomorphic encryption and other PETs which listeners of The Encrypted Economy will be very familiar with. As a result of this innovation, Enveil has been recognized by organizations like the World Economic Forum and Cybersecurity Ventures.  Don't miss this episode of The Encrypted Economy as we continue our journey into PETs and keep an eye on Enveil as they continue to turn imagination into reality. Topics Covered Ellison Anne's Background Privacy Enhancing Technologies (PETs) as a Family The Journey of Homomorphic Encryption Where Homomorphic Encryption Works and Where it Doesn't Enveil's Unique Product Design PETs in DeFi & National Cybersecurity Securing Data in Use for Financial Services Enveil's Umbrella Use Cases – Data Monetization The Components of the PET Family (HE, SMPC, & TEE) Homomorphic Encryption in Real Time Where will PETs be in Five Years? Resource List Ellison Anne's LinkedIn Business Insider: 50  Cybersecurity Leaders Cybersecurity Ventures Hot 150 Cybersecurity Companies Enveil's Website  Ellison Anne's Forbes Post on Homomorphic Encryption The Power of Privacy Enhancing Technologies (PETs) My Article on Homomorphic Encryption Enveil'sZeroReveal Products Trusted Execution Environments Our Episode with Brett Hemenway Falk on SMPC Our Episode with Kurt Rohloff on Homomorphic Encryption World Economic Forum – Technology Pioneers 2020 Ellison Anne's 2017 RSAC Pitch Enveil on Twitter - @Enveil_Inc  

What do you know about cryptography? For decades, researchers and data scientists in the federal government and commercial enterprises have invested millions to crack the code on homomorphic encryption—that is, how to keep data secure while it's in use. Our guest on the podcast today spent the first part of her career at the National Security Agency as one of those scientists, and she's the one who cracked the code. In 2016, Dr. Ellison Anne Williams left the NSA to found Enveil, the first commercial company to provide security for data in use. Also known as the “Holy Grail” of cryptography, Enveil's homomorphic encryption platform is a technical breakthrough and represents a fundamental leap forward from traditional privacy and security technologies. Though Ellison Anne spent her early career "collecting degrees" in math and machine learning before joining the Johns Hopkins Applied Physics Lab and eventually the NSA, she recounts how for much of her time in government she felt like a fish on a bicycle--an entrepreneur working in a massive government bureaucracy. Ellison Anne recounts her entrepreneurial beginnings running a cake business in high school, and talks about a career in government that was undergirded by a desire to work on entrepreneurial endeavors. Since founding Enveil, Ellison Anne discovered that what she learned about working the gears in a government bureaucracy helped her prepare for navigating enterprise sales cycles. She shares her advice for founders and gives us a look at what the market for privacy and data security will look like in 5-10 years time. You can check out their groundbreaking work at enveil.com and you can follow them @enveil_inc.

This week on Privacy Please Podcast Gabriel Gumbs and I have the pleasure of speaking with Ellison Anne Williams the very intelligent, hardworking #CEO, #Founder at Enveil - A data security company protecting data in use.We talk about her start before getting into #datasecurity, the many degrees she worked hard for, how she started Enveil, the powerful message behind the proudest moment in her personal life, #dataprivacy, #datainmotion, #encryption, and much more!Stick around for the private segment at the end where Gabe and I cut loose with Ellison Anne and dig into her darkest unknowns for some laughs and inspiration!-Cam

Dr Ellison Anne Williams, CEO and Founder, Enveil (Washington D.C. USA,on the securing of data in use, the data security triad, the "holy grail" of cryptography - homomorphic encryption, how it works, its use for securely sharing data for the detection and prevention of financial crime, the potential for cross-jurisdictional information sharing while still protecting personal information, sweeping the 2019 AML Techsprint co-hosted by the UK and USA regulators and dispelling the dreaded "black box" concern of regulators around how AML/CFT RegTech works.

Passwords are the traditional authentication methods for computers and networks. But passwords can be stolen. Biometric authentication seems the perfect solution for that problem. Our guest today is Craig Williams, director of Talos outreach at Cisco. He'll be discussing and providing insights into their report which shows that fingerprints are good enough to protect the average person's privacy if they lose their phone. However, a person that is likely to be targeted by a well-funded and motivated actor should not use fingerprint authentication. The research can be found here: Fingerprint cloning: Myth or reality? The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Successful containment of the Coronavirus pandemic rests on the ability to quickly and reliably identify those who have been in close proximity to a contagious individual. Mayank Varia from Boston University describes how his team suggests an approach based on using short-range communication mechanisms, like Bluetooth, that are available in all modern cell phones. The research can be found here: Anonymous Collocation Discovery: Harnessing Privacy to Tame the Coronavirus The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Our guest today is Ellison Anne Williams, the CEO of Enveil. And she is an expert in the privacy technology known as homomorphic encryption.

By day, he is Dton, an upstanding Nigerian citizen. He believes in professionalism, hard work and excellence. He’s a leader, a content creator, an entrepreneur and an innovator; an accomplished business administrator; a renaissance man who is adored by his colleagues. But by night, he is Bill Henry, Cybercriminal Entrepreneur. We sat down with a researcher at CheckPoint for the inside scoop into this fascinating, brazen individual.  The research can be found here: The Inside Scoop on a Six-Figure Nigerian Fraud Campaign The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

2020 is shaping up to be a rough year. Ransomware attacks will continue to grow as cybercriminals get more sophisticated in their methods and expand their reach. Allan Liska, Senior Analyst at Recorded Future, shares their findings and predictions in a new report.  The research can be found here: 5 Ransomware Trends to Watch in 2020 The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Eclypsium has issued a study that suggests the prevalence of “unsigned firmware in WiFi adapters, USB hubs, trackpads, and cameras used in computers from Lenovo, Dell, HP and other major manufacturers.” Here to discuss their findings is Rick Altherr, a Principle Engineer at Eclypsium. The research can be found here: Perilous Peripherals: The Hidden Dangers Inside Windows and LINUX Computers.  The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Cloud computing is now at the center of nearly every business strategy. But, as with the rapid adoption of any new technology, growing pains persist. The key findings in these reports shed light on security missteps that are actually in practice by organizations across the globe. Joining us in this special Research Saturday are Palo Alto Network's Matthew Chiodi and Ryan Olson. They discuss their findings in two different threat reports.  The research can be found here: Cloud Threat Report IoT Threat Report The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

As websites and apps more widely adopt TLS (Transport Layer Security) and communicate over HTTPS connections, unencrypted traffic may draw even more attention, since it’s easier for analysts and security tools to identify malicious communication patterns in those plain HTTP sessions. Malware authors know this, and they’ve made it a priority to adopt TLS and thereby obfuscate the contents of malicious communication. Joining us on this week's Research Saturday is Chester Wisniewski from SophosLabs discussing their research on the subject.  The research can be found here: Nearly a quarter of malware now communicates using TLS The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Why do some developers and development teams write more secure code than others? Software is written by people, either alone or in teams. Ultimately secure code development depends on the actions and decisions taken by the people who develop the code. Understanding the human factors that influence the introduction of software vulnerabilities, and acting on that knowledge, is a definitive way to shift security to the left.  On this Research Saturday, our conversation with Anita D’Amico from CodeDX on which developers and teams are more likely to write vulnerable software. The research can be found here: Which Developers and Teams Are More Likely to Write Vulnerable Software? The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Today's Research Saturday features our conversation with Robert Heaton, a software engineer with Stripe who penned a blog post about his disappointing discovery involving his Wacom tablet tracking his applications. The post struck a nerve and has since been widely distributed. The research can be found here:  Wacom drawing tablets track the name of every application that you open The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

SafeBreach Labs discovered a new vulnerability in the Realtek HD Audio Driver Package, which is deployed on PCs containing Realtek sound cards.  On this week's Research Saturday, our conversation with Itzik Kotler, who is Co-Founder and CTO at SafeBreach.  The research can be found here:  Realtek HD Audio Driver Package - DLL Preloading and Potential Abuses The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

BGN Technologies, the technology transfer company of Ben-Gurion University (BGU) of the Negev, Israel, is introducing the first all-optical “stealth” encryption technology that will be significantly more secure and private for highly-sensitive cloud computing and data center network transmission. Joining us in this special Research Saturday is BGN's Dan Sadot who helped pioneer this technology.  The Research can be found here: Ben-Gurion University Researchers Introduce the First All-Optical, Stealth Data Encryption Technology The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

The Chameleon attack technique is a new type of OSN-based trickery where malicious posts and profiles change the way they are displayed to OSN users to conceal themselves before the attack or avoid detection. Joining us to discuss their findings in a new report entitled "The Chameleon Attack: Manipulating Content Display in Online Social Media" is Ben-Gurion University's Rami Puzis.  The research can be found here: The Chameleon Attack: Manipulating Content Display in Online Social Media Demonstration video of a Chameleon Attack The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Operation Wocao (我操, “Wǒ cāo”, is a Chinese curse word) is the name that Fox-IT uses to describe the hacking activities of a Chinese based hacking group. We are joined by Fox-IT's Maarten van Dantzig who shares his insights into their new report entitled "Operation Wocao: Shining a light on one of China’s hidden hacking groups". The Research can be found here: Operation Wocao: Shining a light on one of China’s hidden hacking groups The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Podcast: The CyberWireEpisode: Know Thine Enemy - Identifying North American Cyber Threats - Research SaturdayPub date: 2020-01-25The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.The podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused capabilities, the risk of a disruptive or destructive attack on the electric sector significantly increases. Selena Larson from Dragos joins us to discuss their new report North American Electric Cyber Threat Perspective. The report can be found here: North American Electric Cyber Threat Perspective The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Some of our favorite and most trusted IoT devices help make us feel secure in our homes. From garage door openers to the locks on our front doors, we trust these devices to recognize and alert us when people are entering our home. It should come as no surprise that these too are subject to attack.  Steve Povolny is head of advanced research at McAfee; we discuss a pair of research projects they recently published involving popular IoT devices.  The research can be found here: McAfee Advanced Threat Research demo McLear NFC Ring McAfee Advanced Threat Research Demo Chamberlain MyQ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Multiple e-commerce and financial organizations around the world are targeted by cybercriminals attempting to bypass or disable their security mechanisms, in some cases by using tools that imitate the activities of legitimate users. Linken Sphere, an anti-detection browser, is one of the most popular tools of this kind at the moment. Staffan Truvé is the CTO and Co-Founder of Recorded Future, he joins us to discuss their new report on the browser.  The research can be found here: Profiling the Linken Sphere Anti-Detection Browser The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Unit 42 (the Palo Alto Networks threat intelligence team) released new research on a Jira vulnerability that’s leaking data of technology, industrial and media organizations in the public cloud. The vulnerability (a Server Side Request Forgery -- SSRF) is the same type that led to the Capital One data breach in July 2019. Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks, and she joins us to share their findings. The research can be found here: https://unit42.paloaltonetworks.com/server-side-request-forgery-exposes-data-of-technology-industrial-and-media-organizations/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Dan Woods is VP of the intelligence center and Shape Security. He shares insights on two noteworthy attacks tools, Genesis and Magecart. Before joining Shape Security Dan served as assistant chief agent of special investigations at the Arizona attorney general's office, where he investigated complex fraud. Prior to that, he spent 20 years with federal law enforcement agencies and intelligence organizations, including the CIA and FBI, where he specialized in information operations and cybercrime. The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at BlackBerry Cylance have been tracking ordinary WAV audio files being used to carry hidden malicious data used by threat actors.  Eric Milam is VP of threat research and intelligence at BlackBerry Cylance, and he joins us to share their findings. The research can be found here: https://threatvector.cylance.com/en_us/home/malicious-payloads-hiding-beneath-the-wav.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

Researchers at Palo Alto Networks' Unit 42 recently published research outlining attacks on home and small-business routers, taking advantage of known vulnerabilities to make the routers parts of botnets, ultimately used to attack gaming servers. Jen Miller-Osborn is the Deputy Director of Threat Intelligence for Unit 42 at Palo Alto Networks. She joins us to share their findings. The research can be found here: https://unit42.paloaltonetworks.com/home-small-office-wireless-routers-exploited-to-attack-gaming-servers/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

Researchers at Anomali have been tracking China-based threat group, Mustang Panda, believing them to be responsible for attacks making clever use of Windows shortcut files.  Parthiban is a researcher at Anomali, and he joins us to share their findings. The research is here: https://www.anomali.com/blog/china-based-apt-mustang-panda-targets-minority-groups-public-and-private-sector-organizations The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.  

Researchers at McAfee's Advanced Threat Research Team have been analyzing Sodinokibi ransomware as a service, also known as REvil. John Fokker is head of cyber investigations for McAfee Advanced Threat Research, and he joins us to share their findings. The research is here: https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/mcafee-atr-analyzes-sodinokibi-aka-revil-ransomware-as-a-service-what-the-code-tells-us/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers from Palo Alto Networks' Unit 42 have been tracking a Chinese cyber espionage group they've named PKPLUG. The group mainly targets victims in the Southeast Asia region. Ryan Olson is VP of threat intelligence at Palo Alto Networks, and he joins us to share their findings. The original research is here: https://unit42.paloaltonetworks.com/pkplug_chinese_cyber_espionage_group_attacking_asia/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Until recently, usability was often an afterthought when developing security tools. These days there's growing realization that usability is a fundamental part of security. Lorrie Cranor is director of the CyLab Usable Privacy and Security lab (CUPS) at Carnegie Mellon University. She shares the work she's been doing with her colleagues and students to improve security through usability. The research can be found here: https://www.cylab.cmu.edu/news/2019/07/29-usability-history.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at Juniper Networks have been tracking a trojan they call Masad Stealer, which uses the Telegram instant messaging platform for part it its command and control infrastructure. (Telegram wasn't hacked; it's the innocent conduit.) Mounir Hahad is head of Juniper Threat Labs at Juniper Networks and he joins us to share their findings The original research is here: https://forums.juniper.net/t5/Threat-Research/Masad-Stealer-Exfiltrating-using-Telegram/ba-p/468559 The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at Independent Security Evaluators (ISE) recently published a report titled SOHOpelessly Broken 2.0, Security Vulnerabilities in Network Accessible Services. This publication continues and expands previous work they did examining small office/home office (SOHO) routers, network-attached storage devices (NAS), and IP cameras.  Shaun Mirani is a security analyst at ISE, and he joins us to share their findings.  The original research is here: https://www.ise.io/whitepaper/sohopelessly-broken-2/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Michael Gillespie is a programmer at Emsisoft, as well as a host of the popular ID Ransomware web site that helps victims identify what strain of ransomware they may have been infected with, and what decryptors may be available. He's written many decryptors himself, most recently for the Syrk strain of ransomware.  Links to the research and Michael's work: https://blog.emsisoft.com/en/33885/emsisoft-releases-a-free-decryptor-for-the-syrk-ransomware/ https://id-ransomware.malwarehunterteam.com/ https://www.youtube.com/user/Demonslay335 The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at FireEye recently released a report detailing the activities of APT41, a Chinese cyber threat group notable for the range of tools they use, their origins in the world of video gaming, and their willingness to shift from seemingly state-sponsored activity to hacking for personal gain.  Nalani Fraser and Fred Plan contributed to the report, and they join us to share their findings. The original research is here: https://www.fireeye.com/blog/threat-research/2019/08/apt41-dual-espionage-and-cyber-crime-operation.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at Prevalion have been tracking a malware campaign making use of antiquated file formats and social engineering to target specific groups.  Danny Adamitis and Elizabeth Wharton are coauthors of the report, and they join us to share their findings. The research can be found here: https://blog.prevailion.com/2019/09/autumn-aperture-report.html The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Many users of inexpensive internet routers use guest network functionality to help secure their home networks. Researchers at Ben Gurion University have discovered methods for defeating these security measures. Dr. Yossi Oren joins us to share their findings. The original research is here: https://www.usenix.org/system/files/woot19-paper_ovadia.pdf The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

A team of researchers have published a report titled, "KNOB Attack. Key Negotiation of Bluetooth Attack: Breaking Bluetooth Security." The report outlines vulnerabilities in the Bluetooth standard, along with mitigations to prevent them.  Daniele Antonioli is from Singapore University of Technology and Design, and is one of the researchers studying KNOB. He joins us to share their findings. The research can be found here: https://knobattack.com The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

Researchers at McAfee's Advanced Threat Research Team recently published the results of their investigation into a popular VOIP system, where they discovered a well-know, decade-old vulnerability in open source software used on the platform.  Steve Povolny serves as the Head of Advanced Threat Research at McAfee, and he joins us to share their findings. The original research can be found here: https://securingtomorrow.mcafee.com/other-blogs/mcafee-labs/avaya-deskphone-decade-old-vulnerability-found-in-phones-firmware/ The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.

The Emotet malware came on the scene in 2014 as a banking trojan and has since evolved in sophistication and shifted its business model. Researchers at Bromium have taken a detailed look at Emotet, and malware analyst Alex Holland joins us to share their findings. The research can be found here: https://www.google.com/url?q=https://www.bromium.com/resource/emotet-a-technical-analysis-of-the-destructive-polymorphic-malware The CyberWire's Research Saturday is presented by Juniper Networks. Thanks to our sponsor Enveil, closing the last gap in data security.