POPULARITY
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap' to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinetrsac to learn more about them! Unpacking the latest annual report from Fortinet's FortiGuard Labs. We're talking with Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet's FortiGuard Labs, to get a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The report reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders. Read the full report at https://securityweekly.com/fortinetrsac. This segment is sponsored by Cobalt. Visit https://securityweekly.com/cobaltrsac to learn more about them! In this interview, Gunter Ollmann, Chief Technology Officer at Cobalt, unpacks the findings from the State of Pentesting Report 2025, spotlighting both measurable security progress and the rising challenges introduced by generative AI (genAI). While the report shows that organizations are resolving vulnerabilities faster than ever, genAI systems stand out as a growing security blind spot: only 21% of serious genAI vulnerabilities identified during penetration testing are fixed, compared to over 75% for API flaws and 68% for cloud vulnerabilities. Nearly 32% of genAI-related findings were classified as high risk — more than double the average across other systems. And although 98% of organizations are adopting genAI-powered features, only 66% are running regular security assessments on those systems. Segment Resources: https://www.cobalt.io/blog/key-takeaways-state-of-pentesting-report-2025 https://resource.cobalt.io/state-of-pentesting-2025?gl=1*zwbjgz*gclaw*R0NMLjE3MzcwNTU5ODMuQ2owS0NRaUEtYUs4QmhDREFSSXNBTF8tSDltRlB0X2FmSVhnQnBzSjYxOHlRZ1dhcmRMQ0lHalo3eVgxcTh1cHVnWFVwV0todHFPSDFZZ2FBb0hNRUFMd193Y0I.*gcl_au*MTc4MjQwMTAwNC4xNzQ0NjM0MTgz Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-395
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap' to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinetrsac to learn more about them! Unpacking the latest annual report from Fortinet's FortiGuard Labs. We're talking with Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet's FortiGuard Labs, to get a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The report reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders. Read the full report at https://securityweekly.com/fortinetrsac. This segment is sponsored by Cobalt. Visit https://securityweekly.com/cobaltrsac to learn more about them! In this interview, Gunter Ollmann, Chief Technology Officer at Cobalt, unpacks the findings from the State of Pentesting Report 2025, spotlighting both measurable security progress and the rising challenges introduced by generative AI (genAI). While the report shows that organizations are resolving vulnerabilities faster than ever, genAI systems stand out as a growing security blind spot: only 21% of serious genAI vulnerabilities identified during penetration testing are fixed, compared to over 75% for API flaws and 68% for cloud vulnerabilities. Nearly 32% of genAI-related findings were classified as high risk — more than double the average across other systems. And although 98% of organizations are adopting genAI-powered features, only 66% are running regular security assessments on those systems. Segment Resources: https://www.cobalt.io/blog/key-takeaways-state-of-pentesting-report-2025 https://resource.cobalt.io/state-of-pentesting-2025?gl=1*zwbjgz*gclaw*R0NMLjE3MzcwNTU5ODMuQ2owS0NRaUEtYUs4QmhDREFSSXNBTF8tSDltRlB0X2FmSVhnQnBzSjYxOHlRZ1dhcmRMQ0lHalo3eVgxcTh1cHVnWFVwV0todHFPSDFZZ2FBb0hNRUFMd193Y0I.*gcl_au*MTc4MjQwMTAwNC4xNzQ0NjM0MTgz Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-395
In the leadership and communications section, How CISOs can talk cybersecurity so it makes sense to executives, Firms to spend more on GenAI than security in 2025, Europe leads shift from cyber security ‘headcount gap' to skills-based hiring, and more! Next, pre-recorded interviews from RSAC Conference 2025, including: This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinetrsac to learn more about them! Unpacking the latest annual report from Fortinet's FortiGuard Labs. We're talking with Derek Manky, Chief Security Strategist and Global VP Threat Intelligence, Fortinet's FortiGuard Labs, to get a snapshot of the active threat landscape and trends from 2024, including a comprehensive analysis across all tactics used in cyberattacks, as outlined in the MITRE ATT&CK framework. The report reveals that threat actors are increasingly harnessing automation, commoditized tools, and AI to systematically erode the traditional advantages held by defenders. Read the full report at https://securityweekly.com/fortinetrsac. This segment is sponsored by Cobalt. Visit https://securityweekly.com/cobaltrsac to learn more about them! In this interview, Gunter Ollmann, Chief Technology Officer at Cobalt, unpacks the findings from the State of Pentesting Report 2025, spotlighting both measurable security progress and the rising challenges introduced by generative AI (genAI). While the report shows that organizations are resolving vulnerabilities faster than ever, genAI systems stand out as a growing security blind spot: only 21% of serious genAI vulnerabilities identified during penetration testing are fixed, compared to over 75% for API flaws and 68% for cloud vulnerabilities. Nearly 32% of genAI-related findings were classified as high risk — more than double the average across other systems. And although 98% of organizations are adopting genAI-powered features, only 66% are running regular security assessments on those systems. Segment Resources: https://www.cobalt.io/blog/key-takeaways-state-of-pentesting-report-2025 https://resource.cobalt.io/state-of-pentesting-2025?gl=1*zwbjgz*gclaw*R0NMLjE3MzcwNTU5ODMuQ2owS0NRaUEtYUs4QmhDREFSSXNBTF8tSDltRlB0X2FmSVhnQnBzSjYxOHlRZ1dhcmRMQ0lHalo3eVgxcTh1cHVnWFVwV0todHFPSDFZZ2FBb0hNRUFMd193Y0I.*gcl_au*MTc4MjQwMTAwNC4xNzQ0NjM0MTgz Show Notes: https://securityweekly.com/bsw-395
Discover how AI is transforming the battlefield of cybersecurity with Glenn Maiden, Director of Threat Intelligence at Fortiguard Labs, ANZ, as our guide. Whether you're eager to understand how these technologies are enhancing both attack and defense mechanisms or curious about the ways AI is lightening the load for overwhelmed security analysts, this episode promises valuable insights. We delve into the profound impact of AI on cybersecurity strategies, tackling the dual-edged sword of sophisticated threats and innovative defense tools. From the lingering echoes of the SolarWinds attack to the pressing need for secure supply chains and critical infrastructure, Glenn sheds light on the complexities and solutions shaping the current landscape.Cybersecurity isn't just a necessity; it's a formidable competitive advantage in today's corporate world. Reflecting on the journey from a perceived roadblock to a strategic asset, we emphasize the importance of fostering a robust cyber culture. Leadership and companies must continuously adapt to protect their assets. With the looming advent of quantum computing, we face new challenges to our encryption methods. As we explore this future threat, the call for proactive measures is loud and clear. Tune in to understand why re-engineering security frameworks is not just recommended but essential to safeguard sensitive information in the quantum era.
Discover the fascinating world of cybersecurity with our special guest, Glenn Maiden, Director of Threat Intelligence at FortiGuard Labs, ANZ. From his beginnings in the mid-90s with the Department of Defence to his pivotal roles at the Australian Signals Directorate and the Australian Tax Office, Glenn offers a wealth of knowledge and insights as he discusses the evolution from traditional information security to modern cyber intelligence. He also sheds light on how his team at FortiGuard Labs collaborates on a global scale to protect customers from emerging threats.Today's digital landscape is riddled with complex cyber threats, and we unravel this intricate web with an engaging discussion on hyper-connectivity and its vulnerabilities. The conversation exposes the sophisticated tactics of cybercriminals, from nation-state actors to organised crime, and explores how anonymity and jurisdictional complexities provide them with strategic advantages. Yet, amidst this challenging terrain, there is optimism as advancements in cybersecurity measures are bolstering resilience, particularly in regions like Australia, where substantial investments are being made to combat emerging threats.As we navigate the volatile global environment, the conversation shifts towards protecting critical infrastructure and the proactive measures being championed by government initiatives like Australia's SOCI Act. We consider the alarming prospect of cyber-attacks as a precursor to conflict and discuss strategies to mitigate such risks, including the integration of AI and the importance of multi-factor authentication and smart access controls. The episode rounds out with an exploration of the convergence of cyber threats and misinformation, highlighting the role of cyber gangs and nation-state activities in election interference and the increasing threat of cyber-enabled misinformation, especially among the younger, more connected generations. Tune in for a compelling discussion that offers valuable insights into the future of digital safety.
Send us a Text Message.In this podcast, we discuss with Derek Manky, chief security strategist and VP of global threat intelligence at Fortinet about the recent FortiGuard Labs report “Dark Web Shows Cybercriminals Ready for Olympics. Are You?”, which examines the threat actors, methodologies, and tactics being used to target attendees, viewers, businesses, and agencies of the upcoming games. Derek highlighted the heightened risk for this event compared to previous games, emphasizing the importance of preparedness and vigilance. He also touched on the importance of shoring up network resilience, using machine learning and artificial intelligence, creating preparedness playbooks, and conducting training and education to combat these evolving threats. The conversation also explored the blurred lines between cyber and physical security, emphasizing the need for a cyber-physical security operating system to address these complex threats.Some of the findings were:Surge in darknet activity targeting France since 2H 2023.The sale of stolen credentials and compromised VPN connections to enable unauthorized access to private networks. Ads for phishing kits and exploit tools customized for the Paris Olympics. The sale of French databases that contain PII on French citizensHacktivist activity spiking, specificallyby pro-Russian groups.Phishing kits and infostealers abound, and there are a significant number of typosquatting domains registered around the Olympics.
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like: What is the latest big shift in strategy and focus for ransomware groups? I keep hearing that attackers are getting faster and faster - how much time to defenders actually have these days (to patch a critical vuln, for example)? What are the latest attack techniques being used? Which are used less, or never used? There's not a dull moment in this conversation - I hope you enjoy listening to or watching it as much as I did making it! Segment Resources: Fortiguard Labs 2H 2023 FortiGuard Labs Threat Report Show Notes: https://securityweekly.com/vault-esw-9
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like: What is the latest big shift in strategy and focus for ransomware groups? I keep hearing that attackers are getting faster and faster - how much time to defenders actually have these days (to patch a critical vuln, for example)? What are the latest attack techniques being used? Which are used less, or never used? There's not a dull moment in this conversation - I hope you enjoy listening to or watching it as much as I did making it! Segment Resources: Fortiguard Labs 2H 2023 FortiGuard Labs Threat Report Show Notes: https://securityweekly.com/vault-esw-9
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like: What is the latest big shift in strategy and focus for ransomware groups? I keep hearing that attackers are getting faster and faster - how much time to defenders actually have these days (to patch a critical vuln, for example)? What are the latest attack techniques being used? Which are used less, or never used? There's not a dull moment in this conversation - I hope you enjoy listening to or watching it as much as I did making it! Segment Resources: Fortiguard Labs 2H 2023 FortiGuard Labs Threat Report Show Notes: https://securityweekly.com/vault-esw-9
As a special treat for this week's vault episode, we set up a conversation with Derek Manky to discuss Fortinet's FortiGuard Labs Threat Report. This is a bi-annual report put out by FortiGuard Labs, and in my opinion, it just keeps getting better and better. The report is chock full of actionable information and insights. It answered all my questions about the current state of threats and attacks, like: What is the latest big shift in strategy and focus for ransomware groups? I keep hearing that attackers are getting faster and faster - how much time to defenders actually have these days (to patch a critical vuln, for example)? What are the latest attack techniques being used? Which are used less, or never used? There's not a dull moment in this conversation - I hope you enjoy listening to or watching it as much as I did making it! Segment Resources: Fortiguard Labs 2H 2023 FortiGuard Labs Threat Report Show Notes: https://securityweekly.com/vault-esw-9
Today, we discuss the deceptive world of the "Financial Hardship Department Scam," where unsuspecting Americans are tricked into revealing personal data with the false promise of government aid. Explore the intricacies of this scam and how to protect yourself from becoming a victim. This episode also sheds light on the alarming strategies of Russian Sandworm hackers and global brute-force attacks targeting VPN and SSH services, revealing a complex cybersecurity landscape. Original URLs: Financial Hardship Department Scam: https://cyberguy.com/privacy/the-unsubscribe-email-scam-is-targeting-americans/, https://malwaretips.com/blogs/financial-hardship-department-email-scam-explained/ Russian Sandworm Hackers: https://www.bleepingcomputer.com/news/security/russian-sandworm-hackers-pose-as-hacktivists-in-water-utility-breaches/ Cisco Warning on Brute-Force Attacks: https://thehackernews.com/2024/04/cisco-warns-of-global-surge-in-brute.html Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags for the Episode: Financial Hardship Department Scam, cybersecurity, Russian Sandworm hackers, brute-force attacks, VPN, SSH, email scams, government subsidies scam, cyber threats, cyber protection, Mandiant, Cisco Search Phrases: How to protect against Financial Hardship Department Scam What is the Financial Hardship Department Scam Russian Sandworm hackers in US utilities Cisco alert on brute-force attacks Cybersecurity threats in 2024 Email scams involving government aid Preventing cyber attacks on VPN and SSH How Russian hackers disguise as hacktivists Identifying and preventing email scams Latest cybersecurity reports from Cisco and Mandiant Transcript Apr18 Americans are being targeted by a sophisticated scam from the Financial Hardship Department, which promises government subsidies and stimulus checks as a facade to steal personal information and money. Stick around cause we're gonna give them a call. Russian sandworm hackers, disguised as hacktivist groups, have infiltrated water utilities in the United States and Europe, executing sophisticated cyberattacks that manipulate public narratives in favor of Russia according to recent findings by Mandiant. And finally, Cisco has issued an alert on a sharp rise in global brute force attacks targeting VPN and SSH services, revealing a sophisticated threat landscape that exploits Tor exit nodes and various anonymizing proxies since March 18th of 2024. What steps can organizations take to protect their networks from these global brute force attacks? So in recent news, a concerning scam from the Financial Hardship Department is targeting Americans across the country. This was actually brought to my attention from my mother. She reported something suspicious to her IT department, which is me. She received an email with the subject that was her full name, and inside the email was a very compelling argument. That she was entitled to some sort of student loan forgiveness plan, and the money is available right away. And this specific scam isn't necessarily breaking news, but this type of scam, this category of scam, is very effective and very prevalent. And this is because of a thing called OSINT, or Open Source Intelligence, where people can use information they find online about you in order to get you to do things. So, if someone wrote you an email And they knew exactly how much student debt you had, and they knew your full name, and they knew you ran to school. You might be more enticed to give them a call, respond to the email, or even click a link. If you're interested in seeing this email and walking through all of the key indicators that this is not a legit email, and it is in fact a scam, I'm going to be posting a reel a little bit later today on our Instagram that we'll have the email and we're going to go through each one of the indicators that this is a scam so that you can help protect yourself against this scam. But just a high level, the email came from someone at hotmail. com. Nobody with any clout is going to email you from a personal email address. Step one. All right. Number two, there's a sense of urgency. It says that you have a case open, but for only one more day. So give us a call back at this number. And just for fun, I went ahead and gave this number a call using my google voice number and was ready to record it and talk to them and see what they were gonna try to get out of me and maybe give them some fake information. The email was received yesterday and since then the number has been decommissioned. Calling the scammer. Bummer. There are also some weird formatting issues with this email. And then at the bottom, it says you opted into advertising services, provides an address, and then it provides a URL to unsubscribe. This specific email is formatted so poorly that the URL doesn't even become clickable. But they're trying to get you on two directions here. They're trying to get you to call and give up your information. And they're trying to get you to click this unsubscribe link. Now that kind of gets your wheels turning, doesn't it? Most emails have unsubscribe links, and most of them are from emails you might not even recognize. You just want to get them out of your inbox. Now trust me, I am all for inbox sanitization and organization, but clicking unsubscribe links as a habit is a bad one. Clicking any links in an email is a bad habit. And yes, unsubscribe is URL that could take you wherever you want. And usually, when you're about to click it, you're kind of in a hurry, you're not really checking, you're not thinking about it. So attackers know this, and they're going to send you something you really don't want, and they're going to provide a link to unsubscribe. Probably don't click it. Instead, send it to spam. Send it to junk. Train your inbox to send that somewhere else where you don't have to worry about it. Even if the unsubscribe link isn't malicious, it can serve a different purpose. It can let attackers or scammers know that that email address is active. And might actually ramp up the amount of spam, scam emails, or newsletters you may get because people are interested in buying your email address if they know it's an active email address. So now you've just confirmed it, they might go sell it to some other people. It might actually increase the amount of spam you get. There is a service called unroll. me that can help consolidate and manage email subscriptions efficiently. It allows you to view all your subscriptions in one place and makes it easy to unsubscribe from them. Another thing you can do is use alias emails. So if you're an iPhone user, The iPhone will often prompt you to mask your email address. It's a good idea because you can delete that email address at any time. If you start getting spam from it, you can also use tools like fast mail or start mail, and just generate a new email address that forwards to your normal email address. This will also help protect you and your privacy online because they're not just mapping one email address to your identity. Now they have to map tons and tons to keep track of you. So it'll help reduce trackers on Google. It'll help reduce. The efficacy of certain attacks when your password is breached on the dark web. So for more tips and tricks, and for a further analysis on these scam emails, be Instagram later today. Cybersecurity firm Mandiant has exposed how the notorious Sandworm hacking group linked to Russian military intelligence, has camouflaged its cyberattacks by masquerading as hacktivist groups. The Russian ensemble, known by aliases such as Black Energy, Seashell Blizzard, and Voodoo Bear, has been active since 2009, and their operations are accredited to Unit 74455 of Russian's GRU. Mandian's latest findings suggest that Sandworm operates under several online personas to launch data leaks and disrupt operations. Notably, three hacktivist branded telegram channels named Zaxnet Team, Cyber Army of Russia Reborn, and SolSopec, that's Russian, have been instrumental in disseminating pro Russian narratives and misleading the audience about the origin of the cyberattacks. These personas act independently, yet share a common goal of aligning their activities with Russian interests. So, before we move on, just a quick note on hacktivism. There are a few main motivators for attackers when placing an attack. Money, power, fame. And activism is a pretty popular one. So to help give an idea of what a hacktivist organization would be like, it's maybe a pro Ukraine organization that's working to spread the truth about what's going on in a foreign war, and so they might be trying to actually hack the Russian government to help Ukraine, or something like that. Their motivation is not money, so they're not out there trying to get credentials to their bank accounts and stuff like that. They're trying to work towards their organization's mission, which is to spread the truth about foreign wars in favor of a certain country. So these Russian attackers that are responsible for many attacks on U. S. critical infrastructure, especially water utilities, are gaining footholds by pretending to be a hacktivist group. Maybe they're pro Russia, maybe they're pro Ukraine. They're doing what they can to try to sway public opinion in Russia's favor, which involves all sorts of propaganda that I'm not even aware of. But Mandiant's report extends beyond the facade of hacktivism. They have traced back multiple cyber incidents to Sandworm, including attacks on water utilities in the U. S. and Poland, and hydroelectric facilities in France. The authenticity of these intrusion remains under investigation, but confirmation of related malfunctions by U. S. utility officials lends proof. Furthermore, Sandworm's influence operations are designed to bolster Russian wartime objectives by seeding misinformation and creating an illusion of widespread support for the war. The sophistication of these tactics illustrates a strategic shift from direct sabotage in Ukraine, where they targeted critical infrastructure like state networks and the power grid, to a more nuanced cyber espionage and intrusion. influence operations. Mandiant also highlights APT44's activities over the past year including targeting NATO countries electoral systems and engaging in intelligence collection to aid Russian military efforts. The threat posed by APT44 is severe, with ongoing operations focused on Ukraine and an elevated risk of interference in upcoming national elections and significant political events worldwide. So this election season, especially in the United States, is going to be absolutely crazy. The simplicity of access that these foreign, quote, hacktivists or propaganda pushers have over the United States is huge. It's palpable. They can just create TikToks about something you're interested in, which is Ukraine and the things that are happening in this foreign war, and you share it, and the more it gets shared, the more validity it accumulates in people's eyes. And this rapid consumption of social media has almost completely forgotten about citing sources or doing any sort of further research into what you just saw on a 60 second video clip. So I encourage you personally to, I mean, first of all, don't spend too much time on social media. If you get, if you catch yourself doom scrolling, try to get off and go on a walk. And second of all, think about everything you watch as if it were a lie. How could this video be lying to you right now? How could this video be stretching the truth? You know, are these videos actually shot where they are? Are they in front of a green screen? What sources do these people have? to claim what they're saying. Is what they're saying promoting a specific narrative? Maybe for Russia, maybe for Ukraine. And if so, that increases the likelihood that what they're saying is stretched or slightly untrue. So just as we have to look at every email with a lot of scrutiny, make sure we don't click any bad links, we also have to look at everything we consume because our brains are very vulnerable to what we see. And the internet right now is just pushing what we already believe, further enforcing our misbeliefs. There's been a notable spike in brute force attacks globally, as reported by Cisco. Specifically targeting devices such as VPNs, or virtual private networks, web application authentication interfaces, and SSH services. Cisco Talos experts pinpointed that these attacks have been originating from Tor exit nodes and various anonymizing tunnels and proxies since at least March 18th of 2024. The implication of these attacks are serious, potentially leading to unauthorized network access, account lockouts, or even denial of service conditions. A range of devices have come under siege, including popular VPN solutions like Cisco Secure Firewall VPN, Checkpoint, Fortinet, SonicWall, along with RD web services and brands such as Mikrotik, Draytek, and Ubiquiti. Stomp's foot on Ubiquiti. Cisco Talos has identified that the brute forcing attempts not only utilize generic credentials, but Also valid usernames tied to specific organizations, indicating a methodical approach to this cybersecurity threat. The attack traffic, as analyzed, predominantly flows through known proxy services such as TOR, VPNgate, IPDEA proxy, BigMama proxy, SpaceProxies, NexusProxy, ProxyRack, etc. And details on the IP addresses and the credentials used in these attacks have been compiled and made accessible for the concerned parties to bolster their defenses. So check out the show notes if you want more IOCs of this, so that you can maybe set up some signature detections or behavior detections, etc. In parallel to these brute force incidents, Cisco has raised alarms about password spray attacks, etc. targeting remote access VPN services as well. This trend was highlighted alongside a recent disclosure from Fortinet FortiGuard labs reporting the exploitation of a patched vulnerability in TP Link Archer AX21 routers by DDoS botnet malware facilities. Which brings us back to our SoHo days, right? If you're running one of these routers, make sure it's patched. Make sure your home router is up to date. You don't want to be getting DDoS'd by a botnet. Or you don't want to be part of the botnet that does the de tossing, excuse me. Security researchers, Cara Lin and Vincent Lee from FortiGuard Labs underscore the continuous threat posed by botnets, which exploit IOT vulnerabilities relentlessly. They strongly advise users to remain vigilant against DDoS botnets and to apply patches promptly. Cisco has provided several recommendations to mitigate the risks associated with these type of cyberattacks. These include enabling logging, okay, securing default remote access VPN profiles, and blocking connection attempts from identified malicious sources. Specific guidance involves implementing interface level ACLs using the shun command and configuring control plane ACLs to further fortify network defenses against unauthorized access attempts. Moreover, Cisco suggests considering additional hardening implementations for RAVPN, such as adopting certificate based authentication to enhance the security posture against these ongoing cyber threats. So I will definitely be taking a. Much deeper look at these IOCs for my own personal network, because yeah, this can apply to enterprises and this can apply to tech enthusiasts who set up VPNs to access their own home network. So let's, uh, not to point any fingers at myself, but that's definitely something I want to avoid being compromised. So if you're hearing this, IOCs in the show notes and let's stay ahead of this. And that's all we got for you today. Tomorrow, we're going to be releasing just a discussion episode about the key takeaways from HackspaceCon, which occurred last weekend. The two co hosts from this podcast were lucky enough to be able to attend and boy, were we inspired. So if you're interested in hacking satellites or what kind of vulnerabilities satellites have. Or other things that I never considered from a non space background. Be sure to check that episode out tomorrow.
Fraud, stock-price manipulation, damage to reputation and the brand, sextortion scams that sabotage employee morale, misinformation and disinformation. These are five deepfake scams that Forrester VP and principal analyst, Jeff Pollard warns organisations have to take seriously now before these become weaponised against enterprises.Joining us on PodChats for FutureCISO is Jonas Walker, Director of Threat Intelligence, Fortiguard Labs at Fortinet to help us prepare our systems and processes for the eventual arrival of Deepfake. 1. In corporate security lingo, what is a deepfake?2. Is it easy to create a deepfake version of someone?3. We understand deepfakes to scam individuals and Financial Institutions as well, are there any new deepfake scams one should be vigilant about?4. Is it foreseeable that someone can authorize the use of his or her deepfake persona for use in various purposes to make campaign calls and to record messages, authorizing someone's signature and having it reproduced?5. What kind of education, in your opinion, can help the digital and non-digital savvy citizens in spotting deepfake scams, given the sophistication level?6. You mentioned that police. Will regulations to clamp down Deepfake apps be the only way to go to go in the future? 7. What's in store for enterprises in 2024?
Tune in to the latest #FortiGuardLabs Outbreak Alert as Watch as #Fortinet's Jonas Walker explains the Agent Tesla Malware Outbreak detailing the Microsoft Office vulnerabilities for exploitation, Spyware used to steal credentials and Telemetries showing active detection and prevention by the FortiGuard services. Learn more in the full Outbreak Alert: https://www.fortiguard.com/outbreak-alert/agent-tesla-malware-attack?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr More about FortiGuard Labs: https://www.fortinet.com/fortiguard/labs?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr Read the latest in threat research: https://www.fortinet.com/blog/threat-research?utm_source=social&utm_medium=youtube-org&utm_campaign=sprinklr
Según el Informe Global de Amenazas de FortiGuard Labs para el año pasado, Latinoamérica fue el principal blanco de los hackers. México, Brasil, Colombia y Perú fueron los mayoritariamente los objetivos de los 360.000 millones de intentos de ciberataques que se dieron en la región el año pasado. Para el experto Camilo García, una solución es una mayor concienciación a nivel ciudadano, ya que son ellos las principales víctimas de estos ataques. Latinoamérica es la principal región del mundo blanco de ciberataques, indica el Informe Global de Amenazas de FortiGuard Labs para 2022.Fueron 360.000 millones de intentos de hackeo. La amenaza más recurrente es el ransomware, o pedido de rescate de datos que han sido capturado por los hackers. Los países más atacados fueron México, Brasil, Colombia y Perú. Aunque el hackeo más espectacular ocurrió en abril de 2022 en Costa Rica, interrumpiendo los servicios gubernamentales y obligando al presidente a declarar una emergencia nacional.¿Qué falta en la región para proteger mejor a la ciudadanía de estos criminales anónimos? Camilo García es editor del sitio MuchoHacker.lol y se dedica desde hace años a esta problemática."Debería empezar a construirse una conciencia de lo digital desde los ciudadanos, desde las personas comunes y corrientes. No desde los Gobiernos, no desde las diferentes ideas políticas, sino de la persona que puede recibir en su Whatsapp un mensaje electrónico que busque el robo. Es ahí donde existe una mayor vulneración", explicó a RFI. Compartir la información para combatir los ataquesPara el editor, también debe haber cambios en la gestión del problema en el sector público: "Como por ejemplo en Australia. Tienen un track, que es una página web pagada por el Gobierno, donde hacen público el tipo de ataques que se tiene". "Si estamos ante un ataque a través de mensajes de texto donde te quieren robar claves, esa información no puede estar al alcance de 3 o 4 investigadores cibernéticos o personas de inteligencia. Esa información debe ser pública, transparente. Si se detecta, todo el mundo debe tener acceso", concluye.Además, uno de los problemas que enfrenta Latinoamérica es que es una de las regiones que más tarda en poner parches a sus programas después de ser objeto de un ciberataque.
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. Cisco Talos has discovered a threat actor conducting several campaigns against government entities, military organizations, and civilian users in Ukraine and Poland.FortiGuard Labs investigation the researchers came across several Malicious Office documents designed to exploit known vulnerabilities.Cybersecurity vendor Sophos is being impersonated by a new ransomware-as-a-service called SophosEncrypt.CheckMarx is reporting the first known targeted OSS supply chain attacks against the banking sector.The LimaCharlie SecOps Cloud Platform provides organizations with comprehensive enterprise protection that brings together critical cybersecurity capabilities and eliminates integration challenges and security gaps for more effective protection against today's threats.Watch the SecOps Cloud Platform panel discussions here: Introducing the SecOps Cloud PlatformThe Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
This episode was recorded on 7/18/2023 Welcome to the Take Five Podcast from Fortinet where we provide five cybersecurity tips and best practices for today's technology leaders. This podcast series taps into the experience of our Fortinet Field CISO team and the work being done with and through our ecosystem of partners, customers, and industry experts. In this episode, Bob Turner, Fortinet's Field CISO for education, is joined by Renee Tarun, Fortinet's Deputy CISO, to explore the current role of artificial intelligence (AI) and machine learning (ML) in cloud security. The conversation covers several key points, such as the potential risks linked to implementing AI and ML approaches, the impact on an organization's cybersecurity strategy, and how organizations can utilize FortiGuard Labs to remain up-to-date on the latest AI/ML-related threats and trends. For more information about cloud security, visit our website, www.fortinet.com/cloudsecurity?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr Read key findings from the 2023 Global Ransomware Report, brought to you by Fortinet: https://www.fortinet.com/blog/industry-trends/ransomware-protection-survey-for-organizational-prevention?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr
FortiGuard Labs recently released the latest Global Threat Landscape Report from the second half of 2022. Listen in as Aamir Lakhani, Jonas Walker, and Arturo Torres, FortiGuard Threat Intelligence Strategists, examine the key takeaways, including the continued distribution of destructive wiper malware, the increasing threat of ransomware, and how threat actors are recycling and upgrading old tactics. Learn more about the Global Threat Landscape Report: https://www.fortinet.com/blog/ciso-collective/threat-report-2h-2022-ciso-insights?utm_source=social&utm_medium=soundcloud-org&utm_campaign=sprinklr
Acompáñanos en este podcast, donde hablamos sobre las ciber amenazas que estamos enfrentando en 2023 y cómo estar preparados. Únete a la conversación con Arturo Torres, estratega de FortiGuard Labs para América Latina y el Caribe.
Fortinet's FortiGuard Labs recently released its predictions for 2023, highlighting the trend of advanced persistent cybercrime enabling a new wave of destructive attacks at scale, fuelled by cybercrime as a service. In this episode of the 7 Layers, Derek Manky, chief security strategist and VP of global threat intelligence at FortiGuard Labs, sat down with SDxCentral editor Nancy Liu to discuss security trends. Manky and the team at the labs have seen cyberattacks become more destructive in nature this year, as well as the emergence of reconnaissance-as-a-service. Ransom-as-a-service in particular involves more destructive attacks, “so it's becoming more bold,” he said, adding that “reconnaissance-as-a-service … we have not really seen this yet, but it's something I expect to see in 2023.” The labs also saw cybercrime converging with advanced persistent threat methods in 2022. Manky explained that advanced persistent cybercrime combines advanced persistent threat (APT), which has traditionally been used by nation-states to target critical infrastructure, with cybercrime that is financially motivated. “We're seeing a PTS of nation-state groups now teaming up with cybercriminal groups,” Manky said. “So In the private sector, I see them now worried about APT they were not before because APT groups teaming up with cybercrime groups, those destructive targeted threats are now hitting the private sector. It's the same thing on the public sector side. They typically have only been worried about APT, but now they are also expanding their focus to cybercrime because it's shared infrastructure and those groups are working together and the attacks are becoming highly targeted.” “So in the private sector, I see them now worried about APT that they weren't before because APT groups are teaming up with cybercriminal groups, these destructive targeted threats are now hitting the private sector. It's the same on the public sector side. They used to just worry about APT, but now they're widening their focus to cybercrime because it's a shared infrastructure and these groups are working together and the attacks are becoming very targeted”. Advanced persistent cybercrime “is our single biggest threat to expect in 2023 and beyond,” he added. To mitigate these threats, Manky is encouraging organizations to use solutions and principles such as artificial intelligence, security-as-a-service, secure access service edge (SASE), zero trust, and zero-trust networks access (ZTNA). “Cybercriminals are using artificial intelligence, so we need to on the defensive side do that to cybersecurity teams, so leveraging automation, orchestration, AI power, and security operations is a big effective measure that can go a long way without having to hire headcount and increase your opex,” he said. Learn more about your ad choices. Visit megaphone.fm/adchoices
フォーティネットジャパン合同会社は11月29日、FortiGuard Labsのグローバル脅威インテリジェンス / 調査研究チームによる今後12ヶ月とそれ以降のサイバー脅威情勢に関する予測を発表した。
Ante los nuevos e innovadores métodos de ataque de la ciberdelincuencia y con el avance tecnológico constante, nos vamos preguntando qué nos depara el futuro y es por eso que Fortinet , mediante una serie de estudios realizados por FortiGuard Labs, ha logrado brindarnos las predicciones de cómo podrían evolucionar los ciberataques para el 2023 y más allá.
Acompaña a nuestros expertos Jaime Chanagá, Field CISO de Fortinet América Latina y el Caribe; y Arturo Torres, estratega de FortiGuard Labs para América Latina y el Caribe en esta edición de #FortiGuardLIVE en español, en donde hablamos sobre los ciberataques actuales y las amenazas que estaremos enfrentando en 2022.
This was recorded live on 8/22/2022. Join #FortiGuardLabs' Derek Manky and Douglas Santos for another edition of FortiGuardLIVE as they walk through key takeaways of our recent global threat landscape report including #ransomware, #wipermalware, vulnerability trends and more!
This episode was recorded live on 06/28/22 Tune in as Joe Robertson and Ricardo Ferreira, from the Fortinet Office of the CISO, talk with Jonas Walker, Security Strategist at FortiGuard Labs, about threat intelligence in light of the European Union Digital Operational Resilience Act regulation. Listen in to learn more about how DORA encourages financial organizations to share threat intelligence, how you can use it to protect your organization, and how Fortinet can help. Learn More: https://www.fortinet.com/blog/industry-trends/financial-institutions-navigate-digital-operational-resilience-act
By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques. FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries' goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware's methods for attack entirely in some situations. In the Leadership and Communications section: Cybersecurity is IT's Job, not the Board's, Right?, Why Some CISOs Fail, How JetBlue creates a culture of security, and more! Show Notes: https://securityweekly.com/bsw258 Visit https://securityweekly.com/fortinet to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This episode was recorded live on 04/13/2022 In this episode of the Threat Intelligence Podcast Jonas Walker and Gergely Revay from FortiGuard Labs discuss recent developments with threat actor activities including Pandora, and how these threat actors are operating across the ransomware landscape.
By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques. FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries' goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware's methods for attack entirely in some situations. In the Leadership and Communications section: Cybersecurity is IT's Job, not the Board's, Right?, Why Some CISOs Fail, How JetBlue creates a culture of security, and more! Show Notes: https://securityweekly.com/bsw258 Visit https://securityweekly.com/fortinet to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques. FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries' goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware's methods for attack entirely in some situations. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw258
By and large, individual malware strains come and go, but to stop attacks more quickly, organizations need to gain a deeper understanding of attack techniques. By analyzing the attack goals of attackers, organizations can better align their defenses to adapt to quickly changing attack techniques. FortiGuard Labs analyzed the functionality of detected malware by detonating the malware samples collected throughout the year. The result was a list of the individual tactics, techniques, and procedures the malware would have accomplished had the attack payloads been executed. The intelligence we gathered indicates that stopping an adversary earlier is critical. Understanding adversaries' goals is crucial to defending against the flood of changing techniques they may use. By focusing on a few identified techniques, an organization could shut down a malware's methods for attack entirely in some situations. This segment is sponsored by Fortinet. Visit https://securityweekly.com/fortinet to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw258
This episode was recorded live on 03/29/2022 In this episode of the Threat Intelligence Podcast Jonas Walker and Aamir Lakhani from FortiGuard Labs discuss recent developments with threat actors, including Conti and Lapsus$, their malicious strategies, and how to protect against potential cyberthreats.
Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.
Chief Security Strategist and VP of Global Threat Intelligence at FortiGuard Labs, Derek Manky, shares his story from programmer to cybersecurity and how it all came together. Derek started his career teaching programming because he had such a passion for it. When he joined Fortinet, Derek said putting where it "really started putting the rubber to the road and connecting my previous experience with programming and debugging and knowledge of operating systems and all that with real-world applications." Derek advises that it doesn't need to be complicated getting into the cybersecurity field and that there are many avenues to enter the field. He hopes to have made a real dent, or "hopefully a crater" in cyber crime when he ends his career. We thank Derek for sharing his story with us.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products. The post Tech Bytes: How Fortinet’s FortiGuard Labs Turns Billions Of Security Events Into Intelligence (Sponsored) appeared first on Packet Pushers.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products. The post Tech Bytes: How Fortinet’s FortiGuard Labs Turns Billions Of Security Events Into Intelligence (Sponsored) appeared first on Packet Pushers.
Today's Tech Bytes podcast explores threat intelligence with sponsor Fortinet and its FortiGuard Labs. FortiGuard Labs analyzes billions of global security events daily and distills them into actionable information for network and security teams. Fortinet also uses those events to inform security updates to its products. The post Tech Bytes: How Fortinet’s FortiGuard Labs Turns Billions Of Security Events Into Intelligence (Sponsored) appeared first on Packet Pushers.
This episode was recorded live on 09/30/2021 In this episode of the Threat Intelligence Podcast Jonas Walker and Aamir Lakhani from FortiGuard Labs discuss current happenings in cyberspace, The Global Threat Landscape Report and the massive increase in ransomware.
De acuerdo con los datos de FortiGuard Labs, el laboratorio de análisis e inteligencia de amenazas de la compañía en América Latina, hubo incremento de más de 91 mil millones de intentos constantes de ciberataques en la primera mitad del 2021.
This episode was recorded live on 07/13/2021 In this episode of the Threat Intelligence Podcast Jonas Walker and Aamir Lakhani from FortiGuard Labs talking about the timing of recent cyber attacks, the recent Kaseya attack, and evolving techniques of hacker groups. Learn more: https://twitter.com/FortiGuardLabs/status/1415008631733489673
Cyber threat intelligence is a hot topic in security right now. Over the past year, we have seen wide-spread geopolitical destabilisation, COVID-19, the rise of the remote workforce and most recently, significant ransomware attacks against critical infrastructure. Broadly, threat intelligence is about sharing information between industry, academia and government so Australians can work together to defend their networks from attack and start to form a collective defence.In episode twelve of ‘OzCyber Unlocked', AustCyber's CEO Michelle Price speaks to Glenn Maiden (Director of Threat Intelligence at Fortiguard Labs Australia and New Zealand, Fortinet), Brett Williams (Lead Solutions Architect Asia Pacific & Japan at Flashpoint), Andrew Slater (Director of AUSHIELD at Cybermerc) and Dave O'Loan (Head of Cyber Relations at Australia's Academic and Research Network) to discuss threat intelligence, collaboration and how industry is building a collective defence against cyber attacks.This month, our ‘cyber spotlight' features Michael Gianarakis from Assetnote. Combining advanced asset discovery with continuous, high-signal security monitoring, Assetnote's Attack Surface Management platform gives complete, continuous visibility into your evolving attack surface.For more information about the organisations featured, visit:Fortiguard Labs: www.fortiguard.comFlashpoint: www.flashpoint-intel.comCybermerc: www.cybermerc.comAustralia's Academic and Research Network: www.aarnet.edu.auAssetnote: www.assetnote.io
This episode was recorded live on: 06/07/2021 In this episode of the Threat Intelligence Podcast we have Jonas Walker and Glenn Maiden from FortiGuard Labs talking about recent cyber attacks, going to the dark side, and how we're in the golden age of ransomware.
This episode was recorded live on 04/27/2021 Jonas and Aamir from FortiGuard Labs discuss Bitcoin and cryptocurrency scams happening across Twitter and YouTube and how you can spot the red flags to avoid them.
Ep. 8 - Come saranno i cyberattacchi nel 2021 | EXCLUSIVE NETWORKS / FORTINETDopo una serie di interviste a doppia voce, oggi torniamo sul classico one-to-one insieme a Cesare Radaelli, senior director channel account di Fortinet per Italia e Malta, per parlare di cyberattacchi.Con lui proviamo a scrutare nel futuro ormai prossimo: il 2021. Ora, se c'è una cosa che il 2020 ci ha insegnato è proprio la fallibilità delle previsioni. Se provassimo a tornare indietro di un anno esatto, a dicembre del 2019, nessuno avrebbe potuto prevedere quello che di lì a poche settimane il mondo intero si sarebbe trovato a vivere. Però, nel nostro caso, le previsioni non sono generali e, soprattutto, si basano su informazioni che arrivano dal team di ricerca global threat intelligence dei FortiGuard Labs, e riguardano il panorama delle cyber minacce del 2021. Tra quei dati possiamo estrarre alcune keyword che ci permettono di capire la fisionomia degli attacchi futuri. Due in particolare sono strategiche: intelligent edge, OT edge, e da queste partiamo con Cesare per capire cosa attenderci dall'anno che verrà sulla cybersecurity. Buon ascolto! LE VOCI DI QUESTO EPISODIOCesare Radaelli - Senior Director Channel Account di FortinetIgor - Responsabile editoriale Radio IT
De acuerdo a los reportes de los laboratorios de inteligencia de amenazas de Fortinet, FortiGuard Labs, América Latina sufrió más de 20 billones de intentos de ciberataques entre enero y septiembre de 2020.