POPULARITY
In the leadership and communications section, Why Every CISO Should Be Gunning For A Seat At The Board Table, The Innovation We Need is Strategic, Not Technical , The Best Leaders Ask the Right Questions, and more! This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Fortra is successfully reducing the unauthorized use of Cobalt Strike among cybercriminals through partnerships with Microsoft, Operation MORPHEUS, and the Pall Mall Process, among others. Since 2023 specifically, Fortra's collaborations have resulted in an 80% drop in Cobalt Strike misuse in the wild. Additionally, the time between detecting cracked copies and mitigation has been reduced to less than one week in the United States and less than two weeks worldwide. Segment Resources: https://www.cobaltstrike.com/blog/update-stopping-cybercriminals-from-abusing-cobalt-strike This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelbluersac to learn more about them! Uncover how organizations are building business confidence through cyber resilience, how alignment of cybersecurity and business goals impacts business, how collaboration creates a proactive culture, and how emerging attacks are evolving. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-396
In the leadership and communications section, Why Every CISO Should Be Gunning For A Seat At The Board Table, The Innovation We Need is Strategic, Not Technical , The Best Leaders Ask the Right Questions, and more! This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Fortra is successfully reducing the unauthorized use of Cobalt Strike among cybercriminals through partnerships with Microsoft, Operation MORPHEUS, and the Pall Mall Process, among others. Since 2023 specifically, Fortra's collaborations have resulted in an 80% drop in Cobalt Strike misuse in the wild. Additionally, the time between detecting cracked copies and mitigation has been reduced to less than one week in the United States and less than two weeks worldwide. Segment Resources: https://www.cobaltstrike.com/blog/update-stopping-cybercriminals-from-abusing-cobalt-strike This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelbluersac to learn more about them! Uncover how organizations are building business confidence through cyber resilience, how alignment of cybersecurity and business goals impacts business, how collaboration creates a proactive culture, and how emerging attacks are evolving. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-396
In the leadership and communications section, Why Every CISO Should Be Gunning For A Seat At The Board Table, The Innovation We Need is Strategic, Not Technical , The Best Leaders Ask the Right Questions, and more! This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Fortra is successfully reducing the unauthorized use of Cobalt Strike among cybercriminals through partnerships with Microsoft, Operation MORPHEUS, and the Pall Mall Process, among others. Since 2023 specifically, Fortra's collaborations have resulted in an 80% drop in Cobalt Strike misuse in the wild. Additionally, the time between detecting cracked copies and mitigation has been reduced to less than one week in the United States and less than two weeks worldwide. Segment Resources: https://www.cobaltstrike.com/blog/update-stopping-cybercriminals-from-abusing-cobalt-strike This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelbluersac to learn more about them! Uncover how organizations are building business confidence through cyber resilience, how alignment of cybersecurity and business goals impacts business, how collaboration creates a proactive culture, and how emerging attacks are evolving. Show Notes: https://securityweekly.com/bsw-396
In this edition of the Snake Oilers podcast, three sponsors come along to pitch their products: LimaCharlie: A public cloud for SecOps Honeywell Cyber Insights: An OT security/discovery solution Fortra's CobaltStrike and Outflank: Security tooling for red teamers This episode is also available on Youtube. Show notes
In this episode, Rick Mischka, Cybersecurity Engineer at AVANT, sits down with Rob Pollard, Managing Director of Managed Security Services at Fortra, and Matt Sayler, Senior Product Manager at Fortra. Together, they discuss how artificial intelligence is transforming the compliance sector. Compliance isn't just about checking a box—it's an ongoing challenge, especially with new regulations emerging every year. Rick, Rob, and Matt explore the game-changing benefits AI can bring to an organization's compliance efforts by helping businesses cut costs, reduce risks, and navigate new complexities with ease.
We talk a lot about the growing complexity of hacking groups and how their tools and tactics continue to evolve. One such evolution is the ongoing specialization that runs rampant throughout the black hat community – especially when it comes to ransomware. The rise of initial access brokers, affiliate programs, spoofing domain creators, dark web communities, and more are fueling ransomware-as-a-service groups and posing new cybersecurity challenges. And while numerous reports detail the rise in ransomware attacks and the escalating amounts being paid in seeking a reprieve from denial of service, data extortion, and supply chain hacks, one recent finding really stood out. In their annual State of Ransomware Report, Blackfog stated that manufacturing had the highest number of undisclosed ransomware attacks, when compared to all other industries. So, as tough as we know the ransomware challenge is – it's actually a bit worse than we acknowledge because of the growing number of attacks that go unreported. Fortunately, we have an army of highly skilled individuals working to combat these threats. And that includes our guest for today's episode - Fortra's senior manager of domain and dark web monitoring solutions, Nick Oram. Watch/listen as we discuss:The surge of new ransomware tactics and groups, like RansomHub.The origins and continued growth of Initial Access Brokers (IABs) within the ransomware community.How affiliate programs are helping both RaaS and IAB groups increase their rate of successful attacks.Why dark web monitoring might be more important than ever for manufacturers.The ongoing "we adapt", "they adapt" dynamic.How to better educate the workforce and shift from a "As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.Promoguy Talk PillsAgency in Amsterdam dives into topics like Tech, AI, digital marketing, and more drama...Listen on: Apple Podcasts Spotify Everyday AI: Your daily guide to grown with Generative AICan't keep up with AI? We've got you. Everyday AI helps you keep up and get ahead.Listen on: Apple Podcasts SpotifyTo catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society. In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware. Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers. [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe! Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024) Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla! RIMS Events, Education, and Services: RIMS Risk Maturity Model® Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts. Have a question or suggestion? Email: Content@rims.org. Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn. About our guest: Tod Eberle, Shadowserver Foundation Production and engineering provided by Podfly.
Our guest is BRANT CRYDER, President of Saint Laurent America, and longtime executive in the fashion and retail industry. Brant is also a renowned DJ having performed and entertained around the world. He is the co-founder of the Legends Bible Study in Manhattan, a notable gathering of cultural influencers in the city. We discuss his faith story, Legends and what are the 5 keys of being a legendrary leader, the power of wisdom and how to pursue it, taking your faith to work, building a great family, and more. Make sure to visit http://h3leadership.com to access the list and all the show notes. Thanks again to our partners for this episode: UNITUS – (FOOTWEAR and APPAREL) Unitus is a faith-focused footwear and apparel company started by NBA player, Jonathan Isaac. Visit http://weareunitus.com. Unitus exists to help followers of Jesus honor God in their everyday life. The most recent shoe drop is the Fortra - a lifestyle running shoe featuring 1 Samuel 2:30 on the back. Choose your favorite shoes, workout gear or leisure wear. Check them out at http://weareunitus.com. And CONVOY OF HOPE - Please donate to the Hurricane Helene relief effort and ongoing work at http://convoyofhope.org/donate. Convoy is my trusted partner for delivering food and relief by responding to disasters in the US and all around the world. Right now, Convoy of Hope is still responding to devastation in Florida, Georgia, North Carolina and TN because of Hurricane Helene and Milton. Providing basic needs like food, hygiene supplies, medical supplies, blankets, bedding, diapers, clothing and more. All through partnering with local Churches. Join me and please support their incredible work as you support orgs end of year. To donate visit http://convoyofhope.org/donate.
While we are on our winter publishing break, please enjoy an episode of our N2K CyberWire network show, The Microsoft Threat Intelligence Podcast by Microsoft Threat Intelligence. See you in 2025! On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse. In this episode you'll learn: The impact on detection engineers due to the crackdown on cracked Cobalt Strike Extensive automation used to detect and dismantle large-scale threats How the team used the DMCA creatively to combat cybercrime Some questions we ask: Do you encounter any pushback when issuing DMCA notifications? How do you plan to proceed following the success of this operation? Can you explain the legal mechanisms behind this take-down? Resources: View Jason Lyons on LinkedIn View Bob Erdman on LinkedIn View Richard Boscovich on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network. Learn more about your ad choices. Visit megaphone.fm/adchoices
Winston Churchill famously stated that, “Those who fail to learn from history are doomed to repeat it.” His concerns about applying lessons learned to post WWII foreign policy initiatives rings just as true in the current cybersecurity climate. So, in an effort to ensure we repeat as few of 2024's mistakes in 2025, we're going to take a look at some of the industrial sector's biggest exploits, and offer solutions and strategies in our ever-raging combat with the Black Hats. Watch/listen as we cover:A unique supply chain hack that came up during our conversation with Theo Zafirakos, a Cyber Risk and Information Security Expert at Fortra.The fall of 2024 brought security compromises to the front door of a number of prominent industrial enterprises, including Halliburton.In early August millions were impacted when National Public Data, a major data broker that performs background checks, reported that 2.9 billion personal records from over a million individuals in the U.S., the U.K. and Canada were accessed.Ford Motor Company was also a target, with a data breach that saw hacking groups steal 44,000 records containing personal and product information.Anna Wells, executive editor of Manufacturing.net and Manufacturing Business Technology, brought us coverage of a hack that has crippled a global beverage maker.We close out with a story from early this year describing how some of the basic tools found throughout a manufacturing plant can become pathways for the innovative hacker.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com. To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
Our guest is JONATHAN ISAAC, professional NBA basketball player with the Orlando Magic. Jonathan is also the founder of UNITUS, a footwear, faishion and lifestyle company. We discuss his NBA career, the why behind UNITUS, navigating his faith in the NBA, how to have influence anywhere, and more. Make sure to visit http://h3leadership.com to access the list and all the show notes. Thanks again to our partners for this episode: UNITUS – (FOOTWEAR and APPAREL) Unitus is a faith-focused footwear and apparel company started by NBA player, Jonathan Isaac. Visit http://weareunitus.com. Unitus exists to help followers of Jesus honor God in their everyday life. The most recent shoe drop is the Fortra - a lifestyle running shoe featuring 1 Samuel 2:30 on the back. Choose your favorite shoes, workout gear or leisure wear. Makes a great Christmas present for friends and family. Check them out at http://weareunitus.com. And CONVOY OF HOPE - Please donate to the Hurricane Helene relief effort and ongoing work at http://convoyofhope.org/donate. Convoy is my trusted partner for delivering food and relief by responding to disasters in the US and all around the world. Right now, Convoy of Hope is still responding to devastation in Florida, Georgia, North Carolina and TN because of Hurricane Helene and Milton. Providing basic needs like food, hygiene supplies, medical supplies, blankets, bedding, diapers, clothing and more. All through partnering with local Churches. Join me and please support their incredible work as you support orgs end of year. To donate visit http://convoyofhope.org/donate.
Our guest is MARK BATTERSON, lead pastor of National Community Church in DC, NYT best-selling author of 25 books, including his most recent A Million Little Miracles, and popular speaker. Mark is also the lead visionary of the Dream Collective, and of course helped start Ebenezer's Coffeehouse, one of the top coffee shops on Capital Hill. We discuss miracles, physics, leadership, pastoring in DC, the power of generational vision, and much more. Make sure to visit http://h3leadership.com to access the list and all the show notes. Thanks again to our partners for this episode: UNITUS – (FOOTWEAR and APPAREL) Unitus is a faith-focused footwear and apparel company started by NBA player, Jonathan Isaac. Visit http://weareunitus.com. Unitus exists to help followers of Jesus honor God in their everyday life. The most recent shoe drop is the Fortra - a lifestyle running shoe featuring 1 Samuel 2:30 on the back. Choose your favorite shoes, workout gear or leisure wear. Makes a great Christmas present for friends and family. Check them out at http://weareunitus.com. And CONVOY OF HOPE - Please donate to the Hurricane Helene relief effort and ongoing work at http://convoyofhope.org/donate. Convoy is my trusted partner for delivering food and relief by responding to disasters in the US and all around the world. Right now, Convoy of Hope is still responding to devastation in Florida, Georgia, North Carolina and TN because of Hurricane Helene and Milton. Providing basic needs like food, hygiene supplies, medical supplies, blankets, bedding, diapers, clothing and more. All through partnering with local Churches. Join me and please support their incredible work as you support orgs end of year. To donate visit http://convoyofhope.org/donate.
On this episode Brad shares the 15 Organizations he recommends for a Year End Donation. Many leaders are looking for worthwhile organizations at the end of the year to make a charitable gift towards. This list can be helpufl! Be generous and partner with them to make an impact. Plus check out the 10 kinds of people you need in your leadership circle. Make sure to visit http://h3leadership.com to access the list and all the show notes. Thanks again to our partners for this episode: UNITUS – (FOOTWEAR and APPAREL) Unitus is a faith-focused footwear and apparel company started by NBA player, Jonathan Isaac. Visit http://weareunitus.com. Unitus exists to help followers of Jesus honor God in their everyday life. The most recent shoe drop is the Fortra - a lifestyle running shoe featuring 1 Samuel 2:30 on the back. Choose your favorite shoes, workout gear or leisure wear. Makes a great Christmas present for friends and family. Check them out at http://weareunitus.com. And CONVOY OF HOPE - Please donate to the Hurricane Helene relief effort and ongoing work at http://convoyofhope.org/donate. Convoy is my trusted partner for delivering food and relief by responding to disasters in the US and all around the world. Right now, Convoy of Hope is responding to devastation in Florida, Georgia, North Carolina and TN because of Hurricane Helene and Milton. Providing basic needs like food, hygiene supplies, medical supplies, blankets, bedding, diapers, clothing and more. All through partnering with local Churches. Join me and please support their incredible work. To donate visit http://convoyofhope.org/donate.
All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Eduardo Ortiz, vp, global head of cybersecurity, Techtronic Industries. Joining us is Adam Fletcher, CSO, Blackstone. In this episode: Keeping our eyes on new risks The hiring disconnect Mental health in incident response Moving on from CrowdStrike Thanks to our podcast sponsors, Fortra, Quadrant Information Security, and Savvy Security! Fortra's Data Protection solutions protect sensitive data while keeping users productive. Our interlocking data loss prevention (DLP), data classification, and secure collaboration tools can be SaaS deployed or on-premises, and we offer managed services to extend your team and reduce risk. Visit www.fortra.com/solutions/data-security/data-protection for more information. Quadrant Security is bad news for bad dudes. Quadrant's XDR solution combines the best people, processes, and technology — managing your security so you can manage business operations. For a limited time, our analysts will provide your organization a free dark web report, detailing the data leaving you vulnerable. Learn more: quadrantsec.com/darkweb. Despite significant investments in SSO, MFA, IGA, and PAM, organizations still face significant challenges in securing identities, particularly with SaaS apps. Savvy Security augments these tools with full app and identity visibility to discover and remediate shadow and shared accounts, misconfigured authentication, and weak, reused, or compromised credentials. Visit savvy.security/ciso-series to learn more.
In this episode of The Tech Talks Daily Podcast, I speak with Michael Tyler from Fortra to uncover the details behind a phishing campaign that exploited USign's e-signature platform. Fortra recently discovered how cybercriminals leveraged USign's trusted domain to bypass email security gateways, highlighting the growing challenges related to the "living off trusted services" (LOTS) tactic used by attackers. This phishing campaign exposed vulnerabilities within platforms often regarded as safe by email filters, demonstrating how easily attackers can exploit trusted services. Cybercriminals disguised fake USign documents as HR notifications, tricking victims into entering passwords instead of signatures. By using USign's strong sender reputation, these malicious emails were able to bypass traditional email security measures, making them harder to detect. The attack even showed signs of being generated with AI language models, adding another layer of sophistication. We dive deeper into the LOTS tactic, where attackers take advantage of legitimate services—such as e-signature platforms, file hosting sites, and social media platforms—to execute their malicious activities. This strategy not only reduces the setup effort for attackers but also enables them to hide behind the reputation of trusted service providers, making it increasingly difficult for security systems to flag these threats. Michael discusses the broader implications for cybersecurity and the need for multi-layered defenses. Organizations must not only invest in user education to help employees recognize phishing attempts but also implement deeper email inspection and rapid response capabilities to quickly mitigate risks. For service providers like USign, enhancing security protocols, such as limiting bulk registrations and monitoring for abnormal activity, is crucial in preventing future exploitation. The conversation also explores how Fortra is working with organizations to bolster their defenses against such attacks. Michael shares practical recommendations, from improving detection of social engineering attempts to collaborating with trusted service providers to combat platform abuse. As the world of cybersecurity continues to evolve, this episode provides valuable insights into staying one step ahead of increasingly sophisticated phishing tactics.
Microsoft urges users to patch a critical TCP/IP remote code execution vulnerability. Texas sues GM over the privacy of location and driving data. Google says Iran's APT42 is responsible for recent phishing attacks targeting presidential campaigns. Doppelgänger struggles to sustain its operations. Sophos X-Ops examines the Mad Liberator extortion gang. Fortra researchers document a potential Blue Screen of Death vulnerability on Windows. China's Green Cicada Network creates over 5,000 AI-controlled inauthentic X(Twitter) accounts. Kim Dotcom is being extradited to the United States. Our guest is Rui Ribeiro, CEO at JScrambler, to discuss how the extensive use of first and third-party JavaScript is a blessing and a curse. Wireless shifting can really grind your gears. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guest Rui Ribeiro, JScrambler's CEO, joins us to discuss how the extensive use of first and third-party JavaScript is both a blessing and a curse. Selected Reading Zero-click Windows TCP/IP RCE impacts all systems with IPv6 enabled, patch now (Bleeping Computer) Texas sues General Motors over car data tracking (POLITICO) Google: Iranian Group APT42 Behind Trump, Biden Hack Attempts (Security Boulevard) Doppelgänger operation rushes to secure itself amid ongoing detections, German agency says (The Record) Palo Alto Networks Patches Unauthenticated Command Execution Flaw in Cortex XSOAR (SecurityWeek) A new extortion crew, Mad Liberator, emerges on the scene (The Register) Beware, Windows users. Newly-spotted CVE-2024-6768 vulnerability can cause blue screen (MSPoweruser) CyberCX Unmasks China-linked AI Disinformation Capability on X (Cyber CX) Kim Dotcom is being Megauploaded to the US for trial (The Verge) Want to Win a Bike Race? Hack Your Rival's Wireless Shifters (WIRED) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Send us a Text Message.When I was a kid, we always looked forward to my dad's work picnic. He was a tool and dye maker for a leading caster manufacturer that would rent out a local park, make a ton of food and put on various games and activities for the families. One of the highlights of this day was a softball game pitting the office versus the shop.The good-natured shots that were fired across the dugouts of this summer classic reminds me of the challenges we see in industrial cybersecurity when it comes to bringing OT and IT teams together. While great strides have been made and numerous lessons learned on why these groups need to sync up, the reality is that we still have a long way to go. Over the last couple of months we've had some interesting takes on how to realize this need, so let's revisit the following thoughts on the IT-OT working relationship from:Kris Lovejoy, Global Security and Resilience Leader at Kyndryl.John Cusimano, VP of OT Security at Armexa.Josh Williams, Strategic Account Manager at IriusRisk.Rod Locke, director of project management at Fortinet. Our guests have also weighed in on some of the more challenging dynamics of improving the IT-OT relationship. These have included:Brian Deken, Commercial Manager of Cybersecurity Services at Rockwell Automation.Riley Groves, an engineer from Auvesy-MDT.Theo Zafirakos, Cyber Risk and Information Security Expert at Fortra.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
On this week's episode of The Microsoft Threat Intelligence Podcast, we discuss the collaborative effort between Microsoft and Fortra to combat the illegal use of cracked Cobalt Strike software, which is commonly employed in ransomware attacks. To break down the situation, our host, Sherrod DeGrippo, is joined by Richard Boscovich, Assistant General Counsel at Microsoft, Jason Lyons, Principal Investigator with the DCU, and Bob Erdman, Associate VP Research and Development at Fortra. The discussion covers the creative use of DMCA notifications tailored by geographic region to combat cybercrime globally. The group express their optimism about applying these successful techniques to other areas, such as phishing kits, and highlight ongoing efforts to make Cobalt Strike harder to abuse. In this episode you'll learn: The impact on detection engineers due to the crackdown on cracked Cobalt Strike Extensive automation used to detect and dismantle large-scale threats How the team used the DMCA creatively to combat cybercrime Some questions we ask: Do you encounter any pushback when issuing DMCA notifications? How do you plan to proceed following the success of this operation? Can you explain the legal mechanisms behind this take-down? Resources: View Jason Lyons on LinkedIn View Bob Erdman on LinkedIn View Richard Boscovich on LinkedIn View Sherrod DeGrippo on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Get the latest threat intelligence insights and guidance at Microsoft Security Insider The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.
Send us a Text Message.According to IBM's Cost of a Data Breach Report, nearly 20 percent of the organizations surveyed stated that they have experienced a breach stemming from a compromise in their supply chain, or a vulnerability related to it. The average cost of these breaches was estimated at just under $4.5 million. Their data also found that attacks emanating from the supply chain had a longer lifecycle than average.The increased costs and complexities of addressing supply chain attacks is not a surprise when you consider that these intrusions not only impact the targeted company, but the logistics, distribution and retail elements that are dragged along on this difficult and painful ride. To help dive into the factors associated with supply chain attacks and other cybersecurity challenges, we welcome Theo Zafirakos, a Cyber Risk and Information Security Expert at Fortra to the show.Watch/listen as we discuss:The three primary soft spots from which supply chain hacks emanate - software, devices and people.Why people are the most neglected of the three, and how they can be trained to identify attacks.The expanded role AI is playing in email compromises that help fuel supply chain attacks.Why IT and OT need to become more aware of each other's requirements and risks.The important role cybersecurity plays in ensuring operational reliability.The growing need for ransomware response plans, and how a national supply chain hack helped reinforce this need for all enterprises, regardless of size or sector.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. And if you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.
In this episode of Infrastructure Matters, hosts Camberley Bates, Steve Dickens and Krista Macomber check out the impact of data and the actions in terms of sovereignty, management, security all in the scope of the AI craze. Key topics include: The latest on data sovereignty, including where data resides and its ownership, particularly in the context of regulatory frameworks like the Digital Operational Resiliency Act (DORA) in Europe. The meaning of Oracle's recent billion-dollar investment in Spain, and the importance of data center locations and the concentration risks. How has data management moved with the investment in AI, or has it? How AI has is transforming the call centers and job satisfaction, an example of the power of AI Quick review on Fortra, penetration testing and vulnerability validation and how being used to further protect enterprises.
Today, our guest is Nancy Wang, Senior Vice President, Product Operations at Hilton Grand Vacations (HGV), a market leader in the vacation ownership industry. Nancy spent the last decade of her career working at Alert Logic, a comprehensive cybersecurity portfolio now owned by Fortra, beginning as a lead system engineer. Nancy worked her way up to principal engineer before taking on product management responsibilities and, ultimately, becoming Vice President of Technical Product Management. In her tenure, Nancy led the Alert Logic MDR product's scale from 0 to 80 million MRR within two years. On today's episode, LogRocket's VP of Marketing, Jeff Wharton, talks to Nancy about how she leveraged her engineering background to excel in product roles, her strategic approach to building and leading a comprehensive product operations team at HGV, and the importance of planning, transformation, open-mindedness in acquisitions, and continual improvement. Links https://www.linkedin.com/in/nancy-wang-9a20a014/ Enabling a cultural mind shift, with Nancy Wang (https://blog.logrocket.com/product-management/leader-spotlight-nancy-wang/) What does LogRocket do? LogRocket combines frontend monitoring, product analytics, and session replay to help software teams deliver the ideal product experience. Try LogRocket for free today. (https://logrocket.com/signup/?pdr) Special Guest: Nancy Wang.
Sick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Conversation Overflow, Phishing, Josh Marpet, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-370
Sick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Conversation Overflow, Phishing, Josh Marpet, and more on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-370
Sick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Conversation Overflow, Phishing, Josh Marpet, and more on this Edition of the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-370
Sick Jokes, WEBGPU, Fortra, Azorult, Fujitsu, Conversation Overflow, Phishing, Josh Marpet, and more on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-370
Visa RB Cash AP Formula 1 Team, Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-357
Visa RB Cash AP Formula 1 Team, Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More News on the Security Weekly News. Show Notes: https://securityweekly.com/swn-357
Visa RB Cash AP Formula 1 Team, Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More News on the Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn-357
Visa RB Cash AP Formula 1 Team, Veolia, FeverWarn, SystemK, Fortra, GitLab, Ring, Trickbot, Aaran Leyland, and More News on the Security Weekly News. Show Notes: https://securityweekly.com/swn-357
Biden prepares executive order on foreign access to data. Britain's NCSC warns of a significant ransomware increase. Cisco Talos confirms ransomware surge. BuyGoods.com leaks PII and KYC data. Fortra faces scrutiny over slow disclosure. AI fights financial fraud. Intel471 highlights bulletproof hosting. NSO Group lobbies to revamp their image. Tussling in Missouri over election security. Integrating cyber education. Our guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking about a new partnership for a comprehensive Cyber Talent Study. And the moral panic of Furbies. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today's guests are N2K President Simone Petrella and WiCyS Executive Director Lynn Dohm talking with Dave Bittner about a new partnership for a comprehensive Cyber Talent Study to deepen the collective understanding of cybersecurity competencies within the industry. Selected Reading Biden Seeks to Stop Countries From Exploiting Americans' Data for Espionage (Bloomberg) British intelligence warns AI will cause surge in ransomware volume and impact (The Record) Significant increase in ransomware activity found in Talos IR engagements, while education remains one of the most-targeted sectors (Talos) Global Retailer BuyGoods.com Leaks 198GB of Internal and User PII, KYC data (HACKREAD) Fortra blasted over slow response to critical GoAnywhere file transfer bug (SC Media) Gen AI Expected to Bring Big Changes to Banking Sector (GovInfo Security) Why Bulletproof Hosting is Key to Cybercrime-as-a-Service (Infosecurity Magazine) Notorious Spyware Maker NSO Group Is Quietly Plotting a Comeback (WIRED) Missouri secretary of state accused of withholding cybersecurity reviews of election authorities (StateScoop) Cybersecurity education from childhood is a vital tool: 72% of children worldwide have experienced at least one type of cyber threat (Check Point) These Are the Notorious NSA Furby Documents Showing Spy Agency Freaking Out About Embedded AI in Children's Toy (404 Media) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
John Wilson, Senior Fellow, Threat Research at Fortra, joins to discuss email impersonation attacks which found that nearly 99% of these threats can be classified as business email compromise. Dave and Joe share some listener follow up from Terry, who writes in with some comments on episode 262 regarding cybersecurity jargon used. Joe's story comes from a listener this week, this individual writes in sharing the horror story he had to deal with when him and his wife ended up on a target list for scammers. Dave's story follows Elon Musk and Joanna Gaines, co-host of the HGTV show "Fixer Upper," and how they are selling a scam device that claims to lower your electricity bills. Our catch of the day comes from listener William, who writes in sharing an email he received from the"Tampa International Airport Police Department Florida," saying they want to release his fund with the service of DHL Courier Company. Links to the stories: Worst fake "power saver" plug yet Better Business Bureau Elon Musk Energy Saving Device: The Scam You Need to Know About Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.
This webinar in July covered email impersonation and BEC things for 2023. Hope you enjoy this webinar from Fortra.
DDoS activity during the Hamas-Israeli war. Insurance firm reports cyber incident. Recent arrests in cybercrime sweeps. Ukrainian hacktivist auxiliaries compromise customer data at Russia's Alfa Bank. How long does it take to read the fine print? Ann Johnson from Afternoon Cyber Tea talks with Noopur Davis from Comcast about building secure tech from the start. Antonio Sanchez of Fortra shares cybersecurity challenges for enterprises including why having too many tools creates too much complexity. And hey, Marianne–don't let the bedbugs bite. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/203 Selected reading. Cyber attacks in the Israel-Hamas war (The Cloudflare Blog) China's crackdown on cyber scams in Southeast Asia ensnares thousands but leaves the networks intact (AP News) 12 people arrested for bank malware scam, youngest being just 17 (The Independent Singapore News) Spain arrests 34 cybercriminals who stole data of 4 million people (BleepingComputer) Police Disrupt Ragnar Locker Ransomware Group (Infosecurity Magazine) Ragnar Locker Ransomware Boss Arrested in Paris (Dark Reading) E-Root marketplace credential-selling admin extradited to US (Register) Ukraine security services involved in hack of Russia's largest private bank (Record) NordVPN study: Privacy policy awareness (NordVPN) Russia spread bedbug panic in France, intelligence services suspect (The Telegraph) Learn more about your ad choices. Visit megaphone.fm/adchoices
In the Enterprise Security News, 1. Check Point buys Perimeter 81 to augment its cybersecurity 2. 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs 3. Hackers Rig Casino Card-Shuffling Machines for ‘Full Control' Cheating 4. ‘DoubleDrive' attack turns Microsoft OneDrive into ransomware 5. NYC bans TikTok on city-owned devices As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical industry like healthcare. In this segment, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, will provide a deep dive into the state of edge computing—specifically, how it is revolutionizing healthcare. She will discuss key findings from the “2023 AT&T Cybersecurity Insights™ Report: Focus on Healthcare” and provide insight into how to prepare for securing the healthcare edge ecosystem. This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecuritybh to learn more about them! With Active Directory (AD) exploited in 9 out of 10 cyberattacks, delaying AD modernization—especially after a merger or acquisition—can compound security risks. Security is the most compelling reason to migrate to a pristine AD forest or perform an AD forest or domain consolidation, but many organizations delay such projects due to the effort and planning they require. Security Weekly talks with Semperis CEO Mickey Bresman about the keys to a smooth and secure AD modernization strategy. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! Security organizations are increasingly adopting data lakes and cloud services as additions or alternatives to traditional SIEMs, but face challenges like scarcity of data engineering expertise and high data ingestion and cloud compute costs. To overcome these, a new security data stack is emerging, guided by models like SecDataOps and supported by solutions like Tenzir, purpose-built for security data use cases. In this segment, we will be talking about what is driving the heavy use of data in security operations, why that is stressing traditional security operations tools and processes, and what some early-adopter organizations are doing to meet these challenges. This segment is sponsored by Tenzir. Visit https://securityweekly.com/tenzirbh to learn more about them! The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical threat vector for hackers to exploit. Edgio's new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. An edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio's security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes. This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them! Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them! Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution. This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-328
In the Enterprise Security News, 1. Check Point buys Perimeter 81 to augment its cybersecurity 2. 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs 3. Hackers Rig Casino Card-Shuffling Machines for ‘Full Control' Cheating 4. ‘DoubleDrive' attack turns Microsoft OneDrive into ransomware 5. NYC bans TikTok on city-owned devices As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical industry like healthcare. In this segment, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, will provide a deep dive into the state of edge computing—specifically, how it is revolutionizing healthcare. She will discuss key findings from the “2023 AT&T Cybersecurity Insights™ Report: Focus on Healthcare” and provide insight into how to prepare for securing the healthcare edge ecosystem. With Active Directory (AD) exploited in 9 out of 10 cyberattacks, delaying AD modernization—especially after a merger or acquisition—can compound security risks. Security is the most compelling reason to migrate to a pristine AD forest or perform an AD forest or domain consolidation, but many organizations delay such projects due to the effort and planning they require. Security Weekly talks with Semperis CEO Mickey Bresman about the keys to a smooth and secure AD modernization strategy. Security organizations are increasingly adopting data lakes and cloud services as additions or alternatives to traditional SIEMs, but face challenges like scarcity of data engineering expertise and high data ingestion and cloud compute costs. To overcome these, a new security data stack is emerging, guided by models like SecDataOps and supported by solutions like Tenzir, purpose-built for security data use cases. In this segment, we will be talking about what is driving the heavy use of data in security operations, why that is stressing traditional security operations tools and processes, and what some early-adopter organizations are doing to meet these challenges. The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical threat vector for hackers to exploit. Edgio's new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. An edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio's security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes. Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited. Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution. This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecuritybh to learn more about them! This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! This segment is sponsored by Tenzir. Visit https://securityweekly.com/tenzirbh to learn more about them! This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them! This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them! This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-328
The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical threat vector for hackers to exploit. Edgio's new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. An edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio's security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes. This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them! Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them! Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution. This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-328
Shiv Narayanan interviews Mike Devine, CMO at Fortra. Mike and Shiv discuss how the Fortra marketing function has adapted and scaled to suit the company's changing needs and consistently drive growth. Learn how they integrated teams, built centres of expertise and maintained open communication with investors. Learn more about Fortra: https://www.fortra.com/ The information contained in this podcast is not intended to constitute, and should not be construed as, investment advice.
The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. With multiple teams creating their own API endpoints without shared visibility or governance, exposed APIs can become a critical threat vector for hackers to exploit. Edgio's new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. An edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio's security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes. This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them! Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them! Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution. This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-328
While malware and ransomware tend to dominate cybersecurity headlines, Fortra's research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. In this segment, we'll explore strategies for defending against email impersonation. Segment Resources: [Fortra Cybersecurity Learning Resources](https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000012210&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness) [2023 BEC Trends, Targets, and Changes in Techniques](https://static.fortra.com/agari/pdfs/report/fta-ag-2023-bec-trends-targets-changes-in-techniques-rp.pdf) This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Fareedah Shaheed, aka CyberFareedah, has dedicated herself to educating the public on online safety. Today, we'll talk about the challenges she has faced in building a training company from scratch, targeting both consumers, and private business. Her journey is interesting from multiple perspectives: as a business owner, an immigrant, becoming an influencer, and establishing herself as a cybersecurity thought leader - all within less than half a decade! This week in the Enterprise Security News: we discuss securing open source, Cyberinsurance, Hackerone Layoffs, and whether or not Sharks have noses! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-326
While malware and ransomware tend to dominate cybersecurity headlines, Fortra's research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. In this segment, we'll explore strategies for defending against email impersonation. Segment Resources: [Fortra Cybersecurity Learning Resources](https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000012210&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness) [2023 BEC Trends, Targets, and Changes in Techniques](https://static.fortra.com/agari/pdfs/report/fta-ag-2023-bec-trends-targets-changes-in-techniques-rp.pdf) This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Fareedah Shaheed, aka CyberFareedah, has dedicated herself to educating the public on online safety. Today, we'll talk about the challenges she has faced in building a training company from scratch, targeting both consumers, and private business. Her journey is interesting from multiple perspectives: as a business owner, an immigrant, becoming an influencer, and establishing herself as a cybersecurity thought leader - all within less than half a decade! This week in the Enterprise Security News: we discuss securing open source, Cyberinsurance, Hackerone Layoffs, and whether or not Sharks have noses! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-326
While malware and ransomware tend to dominate cybersecurity headlines, Fortra's research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. In this segment, we'll explore strategies for defending against email impersonation. Segment Resources: Fortra Cybersecurity Learning Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000012210&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness 2023 BEC Trends, Targets, and Changes in Techniques: https://static.fortra.com/agari/pdfs/report/fta-ag-2023-bec-trends-targets-changes-in-techniques-rp.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-326
While malware and ransomware tend to dominate cybersecurity headlines, Fortra's research shows that nearly 99% of email threats reaching corporate inboxes utilize impersonation rather than malware. Email impersonation is a key component of credential phishing, advance fee fraud, hybrid vishing, and business email compromise schemes. Because email impersonation scams rely on social engineering rather than technology, the barrier to entry for an aspiring cybercriminal is almost non-existent. In this segment, we'll explore strategies for defending against email impersonation. Segment Resources: Fortra Cybersecurity Learning Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000012210&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness 2023 BEC Trends, Targets, and Changes in Techniques: https://static.fortra.com/agari/pdfs/report/fta-ag-2023-bec-trends-targets-changes-in-techniques-rp.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-326
We speak with Anirudh Chand, Head of Solutions Engineering, APJ at Fortra. Anirudh has worked in cyber security for the last 20 years, with emphasis on compliance, integrity monitoring, privilege access and vulnerability management. For the past seven years, he has been leading solution engineers for different vendors, developing teams that add intrinsic value to the organisations. He currently heads a highly skilled team of cyber security professionals for Fortra across Asia Pacific and Japan. Founded in 1982, the company was previously known as Help/38, then HelpSystems, and in 2022 the company rebranded to Fortra. HelpSystems is known throughout the industry for its dedication to helping customers succeed by enhancing their approach to cybersecurity and automation. These days, advances in technology are often met with equally powerful cyberthreats that constantly adapt.Fortra is focused on creating a simpler, stronger, and more straightforward future for cybersecurity by offering a portfolio of integrated and scalable solutions.For further reading and inquiries visit https://mysecuritymarketplace.com/fortra#mysecuritytv #cybersecurity #fortra
In this episode, I explore the rapidly evolving landscape of cybersecurity with Antonio Sanchez, Principal Evangelist at Fortra. Formerly known as HelpSystems, Fortra carries forward a legacy of people-first support, now reinforced with a renewed focus on exceptional protection and peace of mind. Antonio opens our conversation with an overview of Fortra's evolution, discussing the shift from systems management to delivering robust cybersecurity solutions. In this candid discussion, Antonio underscores the dynamic nature of the cybersecurity industry and outlines Fortra's proactive approach to staying ahead of the curve. Through continuous investment in threat intelligence and a customer-centric feedback system, Fortra navigates the industry's shift towards an integrated platform world. We delve into some of Fortra's recent cybersecurity initiatives, including their collaboration with Microsoft in combating illegal infrastructures. Antonio offers valuable advice to businesses on stratifying and evolving their cybersecurity strategies over time, and shares success stories of how Fortra has enhanced organizations' security postures via penetration testing and integrated solutions. Rounding off our conversation, we take a lighter detour into Antonio's personal journey in cybersecurity, touching on the changing landscape of the field, the importance of automation, and the critical role of security in the C-suite. And as a fun anecdote, we learn about the seven Antonios in his family!
On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Fortinet 0day Groundhog Day CISA's new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week's show is brought to you by Red Canary. Chris Rothe is this week's sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds' of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous' traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans' Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn't close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT's package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive
On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Fortinet 0day Groundhog Day CISA's new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week's show is brought to you by Red Canary. Chris Rothe is this week's sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds' of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous' traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans' Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn't close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT's package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive
Netflix sees jump in subs as it begins to curb password sharing in US, says report; Another huge US medical data breach confirmed after Fortra mass-hack; Spotify is officially testing an offline mix
Welcome back to another episode of Vanguard Radio with host J. Richard Jones. In this episode, we speak with Theo Zafirakos, CISO Coach and Professional Services, Security Awareness Speaker for Fortra's Terranova Security. Theo is an experienced security leader and trusted advisor known for his expertise in security awareness strategy, governance, privacy, and cyber security. He collaborates with CISOs and security leaders globally, assisting them in identifying, evaluating, and managing security awareness risks. Prior to joining Terranova Security, Theo spent two decades at Canadian National Railway (CN) as the CISO, where he was responsible for the information security and governance strategy. He currently leads the Fortra's Terranova Security Professional Services team, which focuses on implementing and executing security awareness programs to achieve measurable results. Terranova Security is a valuable addition to Fortra's comprehensive cybersecurity portfolio, which aims to simplify the complex landscape with innovative solutions. Their risk-based campaigns and high-quality training content empower employees to understand critical practices like phishing and compliance. Customized options align with customer goals, strengthening long-term information security. Terranova fosters an inclusive workplace with equal gender representation and encourages diverse voices to drive innovative security awareness training. Today's conversation zeros in on the fact that a successful security awareness program should generate a security-aware organizational culture. In this episode: Why should your organization build a Security-Aware Culture? How to Spot a Security-Aware Cultural Shift in a Business? Why leaders need to understand employee cyber security awareness levels Why your organization should be concerned about Third-Party Risk Management And much more!
We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the enterprise security news, A slow week for funding, but, as always, a busy week for AI news! Databricks acquires Okera, CrowdStrike, Fortinet and other cybersecurity shares rise, Merck might finally see that $1.4 billion dollar NotPetya payout, Ex-Uber CISO Joe Sullivan won't go to jail, Google rolls out passkey support, Do Bartenders make good pen testers?, ICS using steganography to hide data, DEF CON will unleash hackers on Large Language Models, and Security's eternal prioritization problem! The browser is the most used application, but was never built with the needs of the enterprise in mind. The Enterprise Browser delivers a whole new level of visibility, security and governance. This conversation will explore the benefits of the Enterprise Browser and the gaps it is filling for enterprises around the world. This segment is sponsored by Island. Visit https://securityweekly.com/islandrsac to learn more about them! Resilience and the capacity for reinvention have never been more important. In a world evolving at the speed of tech and roiled by the pandemic, enterprises that have security innovation woven into their DNA enjoy a distinct advantage. Learn more. This segment is sponsored by Sumo Logic. Visit https://securityweekly.com/sumologicrsac to learn more about them! The increased prevalence of phishing kits sourced from black markets and chatbot AI tools like ChatGPT has seen attackers quickly develop more targeted phishing campaigns. This improved targeting has simplified the process of manipulating users into taking actions that compromise their security credentials, leaving them and their organizations vulnerable. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw317
We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! In the enterprise security news, A slow week for funding, but, as always, a busy week for AI news! Databricks acquires Okera, CrowdStrike, Fortinet and other cybersecurity shares rise, Merck might finally see that $1.4 billion dollar NotPetya payout, Ex-Uber CISO Joe Sullivan won't go to jail, Google rolls out passkey support, Do Bartenders make good pen testers?, ICS using steganography to hide data, DEF CON will unleash hackers on Large Language Models, and Security's eternal prioritization problem! The browser is the most used application, but was never built with the needs of the enterprise in mind. The Enterprise Browser delivers a whole new level of visibility, security and governance. This conversation will explore the benefits of the Enterprise Browser and the gaps it is filling for enterprises around the world. This segment is sponsored by Island. Visit https://securityweekly.com/islandrsac to learn more about them! Resilience and the capacity for reinvention have never been more important. In a world evolving at the speed of tech and roiled by the pandemic, enterprises that have security innovation woven into their DNA enjoy a distinct advantage. Learn more. This segment is sponsored by Sumo Logic. Visit https://securityweekly.com/sumologicrsac to learn more about them! The increased prevalence of phishing kits sourced from black markets and chatbot AI tools like ChatGPT has seen attackers quickly develop more targeted phishing campaigns. This improved targeting has simplified the process of manipulating users into taking actions that compromise their security credentials, leaving them and their organizations vulnerable. This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw317
We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw317
We are nearly half way through 2023, and we're seeing some new trends surface in the cyber landscape. These include generative artificial intelligence, which was everywhere at RSA Conference this year, as well as automation across security operations and the continued need for skilled expertise. Join Matt Alderman from CyberRisk Alliance and Antonio Sanchez, Principal Evangelist at Fortra, as they dive into 2023 cybersecurity trends and observations. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness https://www.fortra.com/products/bundles?code=cmp-0000011812&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=contsynd&utm_campaign=ft-brand-awareness This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw317
CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Today's security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It's time for the industry to help security teams achieve a better balance and reduce this operational burden. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011766&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=video&utm_campaign=ft-rsa-conference This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw304
CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Today's security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It's time for the industry to help security teams achieve a better balance and reduce this operational burden. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011766&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=video&utm_campaign=ft-rsa-conference This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw304
This week, it's time for Security Money. We recap Q1 2023 with the latest financial results, funding announcements, and layoffs. Don't miss this quarterly update. At the market close on April 28th 2023: - SW25 Index is 1,404.31, which is an increase of 40.43% (up from last Q) since inception. - NASDAQ Index is 12,226.58, which is an increase of 84.27% (up from last Q) during the same period. CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Today's security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It's time for the industry to help security teams achieve a better balance and reduce this operational burden. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011766&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=video&utm_campaign=ft-rsa-conference This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw304
This week, it's time for Security Money. We recap Q1 2023 with the latest financial results, funding announcements, and layoffs. Don't miss this quarterly update. At the market close on April 28th 2023: - SW25 Index is 1,404.31, which is an increase of 40.43% (up from last Q) since inception. - NASDAQ Index is 12,226.58, which is an increase of 84.27% (up from last Q) during the same period. CISOs face the complex challenge of protecting organizations against an expanding array of cybersecurity risks. While the role requires constant adaptation to protect against new threats, CISOs often bear the blame when defenses are breached. In this segment Kunal Anand, CTO & CISO, Imperva, discusses the evolution of the role and what aspiring professionals need to know if they want to hold the title. This segment is sponsored by Imperva. Visit https://securityweekly.com/impervarsac to learn more about them! Today's security products are evolving to meet the changing attack surface, each one targeting a specific set of risks. For organizations, this typically means that to increase security maturity, they need to implement a number of different solutions, and as the attack surface continues to expand, their tech stack quickly becomes difficult to manage. It's time for the industry to help security teams achieve a better balance and reduce this operational burden. Segment Resources: https://www.fortra.com/resources/cybersecurity-education?code=cmp-0000011766&ls=717710002&utm_source=cyberrisk-alliance&utm_medium=video&utm_campaign=ft-rsa-conference This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw304
This episode features a discussion on the supply chain attack that led to the 3CX supply chain attack, how organizations using Fortra's vulnerable GoAnywhere MFT platform might have stopped ransomware attacks, sensitive data found on used routers and more
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel.Emergency security updates issued by Apple: CVE-2023-28206 & CVE-2023-28205 .Check Point researchers have unveiled a new sophisticated and fast acting ransomware.eFile.com, an IRS-authorized e-file software service provider used by many for filing their tax returns, has been caught serving JavaScript malware.The CrowdStrike Falcon OverWatch team recently observed threat actors exploit WinRAR self-extracting archives.FBI, Europol and the Dutch Police have disrupted the infamous browser cookie market known as Genesis Market. Microsoft's Digital Crimes Unit along with a cybersecurity software company Fortra and Health Information Sharing and Analysis Center are taking technical and legal action to disrupt cracked, legacy copies of Cobalt Strike.And then we dive into OT security with Dave Cullen, Field CTO for OTORIO.As mentioned in the podcast, here is a link to the “So you want to be a SOC Analyst?” by Eric Capuano.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
Picture of the Week. Microsoft and Fortra go on the offensive. Can ChatGPT keep a secret? Apple updates their OS's. Wordpress under attack... again. Mozilla's Site Breach Monitor. Another ChatGPT investigation. Samsung handsets reaching EoL. Less access for loan apps. The right to be forgotten. SpinRite. A Dangerous Interpretation. Show Notes: https://www.grc.com/sn/SN-918-Notes.pdf Hosts: Steve Gibson and Jason Howell Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: joindeleteme.com/twittv meraki.cisco.com/twit kolide.com/securitynow
Thanks for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english.In today's digital world, businesses face an increasing number of cyber threats that can disrupt their operations and affect their bottom line. That's why it's more important than ever to have strong security measures in place to protect your organizationIn this episodee, we'll discuss how strong security measures can not only protect your business from cyber threats but also enable continuity and resilience.In addition, we will recap other trending security news including:- https://www.techtarget.com: Microsoft and Fortra get court order to disrupt Cobalt Strike- https://cloud7.news: WinRAR SFX archives can run PowerShell without being detected- https://partners.wsj.com: How does cybersecurity need to change to become a business enabler- https://blogs.cisco.com/Security: How cybersecurity is enabling not defeating business innovationBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.
This episode reports on an attempt to take down the IT infrastructure behind stolen versions of the Cobalt Strike tool, the emerging Styx criminal marketplace and more
Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measures are the only chance to get ahead of attackers and beat them to the punch. There is now a greater call for offensive solutions like penetration testing and red teaming to evaluate environments so security gaps can be identified and closed before a breach. Join us as we discuss how these solutions work both independently and together, as well as practical ways organizations can build or mature an offensive security strategy. Segment Resources: https://www.coresecurity.com/resources/videos/when-use-pen-testing-red-teaming-or-both?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/guides/complete-guide-layering-offensive-security?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/datasheets/offensive-security-advanced-bundle?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw306
Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measures are the only chance to get ahead of attackers and beat them to the punch. There is now a greater call for offensive solutions like penetration testing and red teaming to evaluate environments so security gaps can be identified and closed before a breach. Join us as we discuss how these solutions work both independently and together, as well as practical ways organizations can build or mature an offensive security strategy. Segment Resources: https://www.coresecurity.com/resources/videos/when-use-pen-testing-red-teaming-or-both?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/guides/complete-guide-layering-offensive-security?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/datasheets/offensive-security-advanced-bundle?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw306
Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measures are the only chance to get ahead of attackers and beat them to the punch. There is now a greater call for offensive solutions like penetration testing and red teaming to evaluate environments so security gaps can be identified and closed before a breach. Join us as we discuss how these solutions work both independently and together, as well as practical ways organizations can build or mature an offensive security strategy. Segment Resources: https://www.coresecurity.com/resources/videos/when-use-pen-testing-red-teaming-or-both?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/guides/complete-guide-layering-offensive-security?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/datasheets/offensive-security-advanced-bundle?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! The memoir of world-renowned hacker Cris Thomas “Space Rogue: How the Hackers Known as L0pht Changed the World” is available for pre-order now. The new book, to be released on February 16, 2023, will cover the influential hacking group L0pht Heavy Industries, the hacker underground of the 1990s, the L0pht's rise to prominence, their testimony in front of the US Senate, their claim of being able to “take down the Internet”, and how their legacy continues to shape the security of the online world today. Segment Resources: https://securityweekly.com/spacerogue http://www.spacerogue.net Inka talks about harnessing Behavioural Science (BS) to influence people's cyber security behaviours. Focusing on psychology theories (e.g. Behaviour change wheel) she explores some of our barriers (and motivations) to cybersecurity. What are our FMEs ('frequently made excuses') to taking protective action online and how organisations' could create a supportive security culture. Segment Resources: Lead researcher for RISCS / UK Home Office funded research project: Cyber Security Quirks: Personalised Interventions for Human Cyber Resilience https://www.riscs.org.uk/project/cyber-security-quirks-personalised-interventions-for-human-cyber-resilience/ Inka will be presenting this research at the Impact Conference on 2.3.2023 https://www.theimpactconference.com/ Lead researcher/author of the Annual Cybersecurity Attitudes and Behaviours Report (2021 and 2022) https://www.cybsafe.com/whitepapers/cybersecurity-attitudes-and-behaviors-report/ SebDB (most comprehensive cyber security behaviour database) https://www.cybsafe.com/research/security-behaviour-database/ Personality and digital footprints whitepapers: https://www.cybsafe.com/whitepapers/personality-and-digital-footprints/ How to measure security behaviour https://www.cybsafe.com/e-books/how-to-measure-behavior-long-read/ Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw306
Organizations today operate under the constant looming threat of cyber attacks. While reactive cybersecurity measures will help organizations respond to past and present threats, offensive measures are the only chance to get ahead of attackers and beat them to the punch. There is now a greater call for offensive solutions like penetration testing and red teaming to evaluate environments so security gaps can be identified and closed before a breach. Join us as we discuss how these solutions work both independently and together, as well as practical ways organizations can build or mature an offensive security strategy. Segment Resources: https://www.coresecurity.com/resources/videos/when-use-pen-testing-red-teaming-or-both?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/guides/complete-guide-layering-offensive-security?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly https://www.coresecurity.com/resources/datasheets/offensive-security-advanced-bundle?code=cmp-0000011540&ls=717710006&utm_source=hubspot&utm_medium=email&utm_campaign=cts-security-weekly This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! The memoir of world-renowned hacker Cris Thomas “Space Rogue: How the Hackers Known as L0pht Changed the World” is available for pre-order now. The new book, to be released on February 16, 2023, will cover the influential hacking group L0pht Heavy Industries, the hacker underground of the 1990s, the L0pht's rise to prominence, their testimony in front of the US Senate, their claim of being able to “take down the Internet”, and how their legacy continues to shape the security of the online world today. Segment Resources: https://securityweekly.com/spacerogue http://www.spacerogue.net Inka talks about harnessing Behavioural Science (BS) to influence people's cyber security behaviours. Focusing on psychology theories (e.g. Behaviour change wheel) she explores some of our barriers (and motivations) to cybersecurity. What are our FMEs ('frequently made excuses') to taking protective action online and how organisations' could create a supportive security culture. Segment Resources: Lead researcher for RISCS / UK Home Office funded research project: Cyber Security Quirks: Personalised Interventions for Human Cyber Resilience https://www.riscs.org.uk/project/cyber-security-quirks-personalised-interventions-for-human-cyber-resilience/ Inka will be presenting this research at the Impact Conference on 2.3.2023 https://www.theimpactconference.com/ Lead researcher/author of the Annual Cybersecurity Attitudes and Behaviours Report (2021 and 2022) https://www.cybsafe.com/whitepapers/cybersecurity-attitudes-and-behaviors-report/ SebDB (most comprehensive cyber security behaviour database) https://www.cybsafe.com/research/security-behaviour-database/ Personality and digital footprints whitepapers: https://www.cybsafe.com/whitepapers/personality-and-digital-footprints/ How to measure security behaviour https://www.cybsafe.com/e-books/how-to-measure-behavior-long-read/ Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw306
One sware word within the first hour and 15 minutes. A note has been placed in the audio for folks who need to be aware of it. Full notes below. Hello everyone. Welcome to program 131 of the Security box. I hope you'll enjoy what we have to offer you today. On this podcast, we have a rumor that indicates that we'll definitely have at least one moron of the podcast, maybe more. We'll also have the topic of the Q4 threat trends Report from Phishlabs as well as questions, comments and more. We hope you'll enjoy the program and thanks for listening! Here's a moron set for you There were two articles in which broke this, and it definitely fits our Moron of the podcast. This blog post from February 10th has links to each of the articles and initial thoughts. Also, I'm not too sure about this one, but we could probly fit this IRS update from February 10th as well as this blog post talking about an article by Andy Greenberg and a guy who thinks that he won't be caught as he apparently got a mixer going on and he's supposedly taken the right precautions. If you have anything in this category, feel free to mention it by sending us an email, an imessage, find me on Mastodon and even text or whats app me. Our topic Seems like QBot is back in the news as the top threat in this last quarters report from Phishlabs and Fortra. The article is titled QBot Campaigns Overwhelmingly Lead Reported Payloads in Q4 is the article we'll be taking from. It was posted to TSB's list last December, and of course, I do try and cover it. The threat may still be there, and with all of what we'll be talking about here, all of these threats have not gone away. Supporting our podcast and work If you'd like to support our efforts on what this podcast is doing, you can feel free to donate to the network, subscribing to the the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.
Chat-GPT fails, Ernie, Bard, Chinese Androids, Fortra, Sunlogin, Dingo Token, Google Ads, Jason Wood and More on this edition of Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn272
Chat-GPT fails, Ernie, Bard, Chinese Androids, Fortra, Sunlogin, Dingo Token, Google Ads, Jason Wood and More on this edition of Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn272
Chat-GPT fails, Ernie, Bard, Chinese Androids, Fortra, Sunlogin, Dingo Token, Google Ads, Jason Wood and More on this edition of Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/swn272
Chat-GPT fails, Ernie, Bard, Chinese Androids, Fortra, Sunlogin, Dingo Token, Google Ads, Jason Wood and More on this edition of Security Weekly News. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://securityweekly.com/swn272
Hackers actively exploiting zero-day in Fortra's GoAnywhere MFT Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack Fraudulent “CryptoRom” apps slip through Apple and Google App Store review process Thanks to today's episode sponsor, US, yes, CISO Series If you're looking to reach a committed audience of cybersecurity professionals every day, then consider advertising right here on Cyber Security Headlines, a show that consistently ranks in the top ten for tech news on Apple Podcasts in the U.S. That's pretty impressive for a show that's a niche within a niche. Cyber Security Headlines sponsorship includes continuous week-long brand awareness in newsletters, blog posts, and this very podcast. To learn more about pricing and audience, email us at info@cisoseries.com. For the stories behind the headlines, head to CISOseries.com.
Scott McCausland was an experienced software sales leader who decided to go out on his own in 2008 to build a new software business. His technical cofounder built the first version of their new software and Scott started selling it. MVP Systems Software was underway without any outside funding. They kept adding name-brand customers who used their JAMS workload automation and scheduling software in their IT departments for a variety of scheduling and automation tasks that saved time and money. It was an unsexy but mission-critical software for their users. Their software grew more powerful and useful and they steadily added sales, development, and support staff. The company grew to over $10 million in annual revenues with 70 employees in 4 global offices before being acquired in 2018 by Fortra (formerly Help Systems. Scott left Fortra in early 2020 and is now working on his next software company. In this episode, Scott explains: Why they sold their product aggressively, but grew the business steadily and managed cash conservatively How they generously compensated salespeople and employees rather than give incentive stock options Why they decided to sell the company rather than raise funding or keep growing organically What it was like to join their acquiring company and be part of a much bigger team How he helps tech founders understand the basics of selling and what is needed to create an initial sales machine Check out the details for this episode and find more Practical Founders Podcast episodes at practicalfounders.com.
Link to Blog Post This week's Cyber Security Headlines – Week in Review, December 12-16, is hosted by Rich Stroffolino with our guest, Jeremy Embalabala, CISO, HUB International Thanks to our show sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com All links and the video of this episode can be found on CISO Series.com
Hackers target Japanese politicians with new MirrorStealer malware Crooks use HTML smuggling to spread QBot malware via SVG files FBI charges 6, seizes domains linked to DDoS-for-hire service platforms Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, head to CISOseries.com.
EU gets closer to US-data sharing agreement Microsoft signed malicious drivers InfraGard data for sale on dark web Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com.
Twitter addresses claims of recent data leak Uber hit with another breach after attack on third-party vendor Police in China arrest gang who laundered $1.7 billion via crypto Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, visit CISOseries.com
India's foreign ministry leaks passport details Cloudflare Zero Trust suite available to at-risk groups Greece outlaws spyware Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com.
Pwn2Own Toronto 2022 nets almost $1M for 63 zero days Antivirus and EDR solutions tricked into acting as data wipers Iran-linked MuddyWater APT launches new campaign Thanks to this week's episode sponsor, Fortra The cybersecurity landscape is full of single-solution providers, making it easy for unexpected cyberthreats to sneak through the cracks. That's why Fortra is creating a stronger, simpler strategy for protection. One that increases your security maturity while decreasing the operational burden that comes with it. Fortra's integrated, scalable solutions help customers face their toughest challenges with confidence. Learn more at Fortra.com. For the stories behind the headlines, head to CISOseries.com.
In the leadership and communications section, Is Your Board Prepared for New Cybersecurity Regulations?, 32% of cybersecurity leaders considering quitting their jobs, 40 Jargon Words to Eliminate from Your Workplace Today, and more! Positive change is coming to cybersecurity. In this segment, Mike Devine (CMO) and John Grancarich (EVP of Strategy) at Fortra discuss the business of leading a cybersecurity company, the reasons behind our recent rebrand, and our plans for continuing as a people-first company that collaborates with our customers to combat the threat landscape with confidence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw285
Positive change is coming to cybersecurity. In this segment, Mike Devine (CMO) and John Grancarich (EVP of Strategy) at Fortra discuss the business of leading a cybersecurity company, the reasons behind our recent rebrand, and our plans for continuing as a people-first company that collaborates with our customers to combat the threat landscape with confidence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw285
In the leadership and communications section, Is Your Board Prepared for New Cybersecurity Regulations?, 32% of cybersecurity leaders considering quitting their jobs, 40 Jargon Words to Eliminate from Your Workplace Today, and more! Positive change is coming to cybersecurity. In this segment, Mike Devine (CMO) and John Grancarich (EVP of Strategy) at Fortra discuss the business of leading a cybersecurity company, the reasons behind our recent rebrand, and our plans for continuing as a people-first company that collaborates with our customers to combat the threat landscape with confidence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw285
Positive change is coming to cybersecurity. In this segment, Mike Devine (CMO) and John Grancarich (EVP of Strategy) at Fortra discuss the business of leading a cybersecurity company, the reasons behind our recent rebrand, and our plans for continuing as a people-first company that collaborates with our customers to combat the threat landscape with confidence. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw285
Positive change is coming to cybersecurity. In this segment, John Grancarich, EVP of Strategy at Fortra, explains what it means when we say we're tenacious in our pursuit of a stronger, simpler future for cybersecurity, and that our advanced threat research and intelligence informs everything we do. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Gartner recently reported that the RPA software market will reach $2.9 billion by the end of 2022, up 19.5% from 2021. But, despite Airlines adopting it to help with cancellations and retail for inventory management, we're not talking about the security risk this tech will cause. Alan Radford, Global IAM Strategist at One Identity discusses the truly devastating impact that can occur when an organization leaves its RPA program vulnerable and without any identity and access protection, why realizing that machines have identities too could save us from dangerous RPA breaches in the future, and steps companies can take to secure their RPA technology as more companies continue to implement it. Finally, in the enterprise security news, 12 funding announcements, 1Password acquires Passage, Layoffs continue with another round at Cybereason, FTC takes action against Drizly's CEO, everything you need to know about new US data privacy legislation, Cisco Meraki devices in Russia go POP! Young silicon valley workers are in for a shock, Ransomware trends, MFA trends, US officials say tech companies need to build secure products, All that and lots more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw295
Positive change is coming to cybersecurity. In this segment, John Grancarich, EVP of Strategy at Fortra, explains what it means when we say we're tenacious in our pursuit of a stronger, simpler future for cybersecurity, and that our advanced threat research and intelligence informs everything we do. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Gartner recently reported that the RPA software market will reach $2.9 billion by the end of 2022, up 19.5% from 2021. But, despite Airlines adopting it to help with cancellations and retail for inventory management, we're not talking about the security risk this tech will cause. Alan Radford, Global IAM Strategist at One Identity discusses the truly devastating impact that can occur when an organization leaves its RPA program vulnerable and without any identity and access protection, why realizing that machines have identities too could save us from dangerous RPA breaches in the future, and steps companies can take to secure their RPA technology as more companies continue to implement it. Finally, in the enterprise security news, 12 funding announcements, 1Password acquires Passage, Layoffs continue with another round at Cybereason, FTC takes action against Drizly's CEO, everything you need to know about new US data privacy legislation, Cisco Meraki devices in Russia go POP! Young silicon valley workers are in for a shock, Ransomware trends, MFA trends, US officials say tech companies need to build secure products, All that and lots more, on this episode of Enterprise Security Weekly! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw295
Positive change is coming to cybersecurity. In this segment, John Grancarich, EVP of Strategy at Fortra, explains what it means when we say we're tenacious in our pursuit of a stronger, simpler future for cybersecurity, and that our advanced threat research and intelligence informs everything we do. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw295
Positive change is coming to cybersecurity. In this segment, John Grancarich, EVP of Strategy at Fortra, explains what it means when we say we're tenacious in our pursuit of a stronger, simpler future for cybersecurity, and that our advanced threat research and intelligence informs everything we do. This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw295