In the Security News for this week: ICS training bill, 5 myths, VoIP devices and ransomware, miracle exploits, UnRAR and Zimbra, guess what the most common weakness is, security at the device level is NOT simple, keys to the kingdom, and HP says Destructive firmware attacks pose a significant threat to businesses! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw746
NATO's response to Killnet's cyberattacks on Lithuania. Influence operations in the interest of national market share. SOHO routers are under attack. YTStealer is out and active in the wild. RansomHouse hits AMD. CISA releases six ICS security advisories. The most dangerous software weaknesses. Betsy Carmelite from Booz Allen Hamilton takes a look back at Biden's executive order on cyber. Our guest is Philippe Humeau of CrowdSec on taking a collaborative approach to security. And a guilty plea in the case of the NetWalker affiliate. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/124 Selected reading. Could the Russian cyber attack on Lithuania draw a military response from NATO? (Sky News) Pro-PRC DRAGONBRIDGE Influence Campaign Targets Rare Earths Mining Companies in Attempt to Thwart Rivalry to PRC Market Dominance (Mandiant) ZuoRAT Hijacks SOHO Routers to Silently Stalk Networks (Lumen) New YTStealer Malware Aims to Hijack Accounts of YouTube Content Creators (Hacker News) RansomHouse Extortion Group Claims AMD as Latest Victim (RestorePrivacy) RansomHouse gang claims to have some stolen AMD data (Register) CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency) 2022 CWE Top 25 Most Dangerous Software Weaknesses (CISA) Netwalker ransomware affiliate agrees to plead guilty to hacking charges (The Record by Recorded Future)
A daily look at the relevant information security news from overnight - 27 June, 2022Episode 253 - 27 June 2022BBVA 2FA Clone- https://thehackernews.com/2022/06/new-android-banking-trojan-revive.html ICS ShadowPad - https://www.bleepingcomputer.com/news/security/microsoft-exchange-bug-abused-to-hack-building-automation-systems/LockBit Bounty- https://www.pcmag.com/news/ransomware-gang-offers-bug-bounty-promises-payouts-up-to-1-millionRaccoon 2.0 - https://www.bleepingcomputer.com/news/security/raccoon-stealer-is-back-with-a-new-version-to-steal-your-passwords/OpenSSL Bad Memory - https://www.theregister.com/2022/06/27/openssl_304_memory_corruption_bug/?td=rt-3aHi, I'm Paul Torgersen. It's Tuesday June 28th, 2022, and I want to say a quick thank you as I have just passed 100 subscribers on YouTube. Which is great, but let's not stop there. If you find this valuable, please share with your networks and colleagues. Let's see if we can't add a zero or two to that number. And now, this is a look at the information security news from overnight. From TheHackerNews.comA new Android banking trojan called Revive has been discovered specifically targeting users of the Spanish financial services company BBVA. Phishing campaigns push a look alike website where victims download an app which impersonates the bank's two factor authentication app. Italian cybersecurity firm Cleafy first spotted the malware in mid June, and says it appears to be in its early stages of development. From BleepingComputer.com:A new Chinese-speaking threat actor is hacking into the building automation systems of several Asian organizations and loading the ShadowPad backdoor. The group focused on devices that have not yet patched the Microsoft Exchange vulnerability collectively known as ProxyLogon. According to Dutch research, there are about 46,000 such machines. Kaspersky believes the group is ultimately hunting for sensitive information. From PCMag.com:In what seems to be a first, the LockBit ransomware group has launched a bug bounty program. Evidently they have been successful enough to be able to afford to buy new zero-days. Their current rates run from $1,000 to $1 million, although the million bucks for is you can dox the LockBit leader. If this is compelling to any of you, keep in mind that the main targets for this group are healthcare and education, two of the most vulnerable populations out there. Do you really want to help somebody like that? From BleepingComputer.com:I mentioned last week that the Raccoon Stealer group had temporarily shuttered operations after one of their leaders was killed in the Russian invasion of Ukraine. Well, they're back in action with 2.0, a new and completely re-coded version of their malware offering elevated password-stealing functionality and upgraded operational capacity. Details in the article. And last today, from TheRegister.comOpenSSL 3.0.4 was released on June 21 to address a command-injection vulnerability that they hadn't quite completely patched earlier. Unfortunately, the new release contains a memory corruption which can be triggered trivially by an attacker. This targets the Intel Advanced Vector Extensions 512, or AVX512. The researcher said that if this bug can be exploited remotely, and they are not certain yet that it can, it could be more severe than Heartbleed, at least from a purely technical point of view. Details in the link. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
A daily look at the relevant information security news from overnight - 27 June, 2022Episode 253 - 27 June 2022Auto Supplier Attacked- https://www.bleepingcomputer.com/news/security/automotive-fabric-supplier-tb-kawashima-announces-cyberattack/ Iranian Factory Lucky Break - https://www.securityweek.com/cyberattack-forces-iran-steel-company-halt-productionOracle Miracle Fix- https://portswigger.net/daily-swig/oracle-patches-miracle-exploit-impacting-middleware-fusion-cloud-servicesMega Vuln - https://www.securityweek.com/top-cryptographers-flag-devastating-flaws-mega-cloud-storageCODESYS ICS Flaws - https://thehackernews.com/2022/06/critical-security-flaws-identified-in.htmlHi, I'm Paul Torgersen. It's Monday June 27th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.comTB Kawashima, part of the Toyota Group of companies, announced that one of its subsidiaries has been hit by a cyberattack. The company responded by turning off all systems and devices in the network and says that production has not been impacted, but their website was down. No confirmation from the company, but the LockBit ransomware group has claimed responsibility and started leaking data supposedly acquired in the attack. From SecurityWeek.com:Iranian state owned Khuzestan Steel Company, one of three in the country, had to stop work until further notice following a cyberattack. The company's CEO claimed they were able to thwart the attack and prevent structural damage to production lines. In a bit of a lucky break, it appears the attack at least partially failed because the factory happened to be non-operational at the time due to an electricity outage. From PortSwigger.net:Oracle has finally patched a remote code execution vulnerability impacting Oracle Fusion Middleware and other Oracle systems. The vulnerability, dubbed Miracle Exploit, carries a 9.8 severity and is said to be easily exploitable. The bug was found on accident while researchers were building a proof of concept for a different zero-day. Oracle was first notified of the flaw back in October of last year and has now issued a fix. Get your patch on kids. From SecurityWeek.com:Cryptographers at a Swiss university have found at least five exploitable security flaws in the privacy-themed MEGA cloud storage service that could lead to devastating attacks on the confidentiality and integrity of user data in the MEGA cloud. The company released an advisory and patches, but said the vulnerabilities would be exceedingly difficult to exploit, basically requiring Mega to become a bad actor against itself. And last today, from TheHackerNews.comCODESYS has released patches to address 11 security flaws in its ICS automation software, two of which were rated critical, that could result in information disclosure and denial-of-service. These vulnerabilities are considered simple to exploit, and impacted at least seven of their Programmable Logic Controller applications. More details in the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
Today's Soap Box guest is an industry legend – Metasploit creator HD Moore. He's here to tell us more about what's happening with his latest creation, Rumble Network Discovery. If you're not familiar with Rumble, well, you should be. It's a network scanner that you just set loose and it will go and find all the devices on your network. It has a freaky ability to see around corners, finding devices it can't even connect to directly because HD and his team have done some really crazy work on pulling device information out of obscure protocol queries and things like that. It takes a few minutes to set up a scan with Rumble, so it's infinitely easier than trying to do passive network discovery on the network or pull data from other solutions. But Rumble isn't just a network scanner anymore. They've been doing basic cloud asset inventory since the early days, but as you'll hear it's an area they've really been putting a lot of work into lately. Another big thing they've worked on is ICS and OT fingerprinting techniques that won't actually cause those devices to command things to explode, so that's nice.
In the Security News for this week: appliances with holes, gamification and its pitfalls, false rocket sirens, PHP strikes again, new laws we may actually agree with, hacking jacuzzis, Icefall and the state of ICS security, Adobe is blocking anti-virus, Mega is Mega insecure, Microcorruption CTF and DIY NSA playset! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw745
In the Security News for this week: appliances with holes, gamification and its pitfalls, false rocket sirens, PHP strikes again, new laws we may actually agree with, hacking jacuzzis, Icefall and the state of ICS security, Adobe is blocking anti-virus, Mega is Mega insecure, Microcorruption CTF and DIY NSA playset! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw745
Fancy Bear sighted in Ukrainian in-boxes. Why Russian cyberattacks against Ukraine have fallen short of expectations. ToddyCat APT is active in European and Asian networks. ICEFALL ICS vulnerabilities described. CISA issues ICS vulnerability advisories. Europol makes nine collars. Andrea Little Limbago from Interos on The global state of data protection and sharing. Rick Howard speaks with Michelangelo Sidagni from NopSec on the Future of Vulnerability Management. We are shocked, shocked, to hear of corruption in the FSB For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/119 Selected reading. Ukrainian cybersecurity officials disclose two new hacking campaigns (CyberScoop) Ukraine Warns of New Malware Campaign Tied to Russian Hackers (Bloomberg Law) Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware (BleepingComputer) Opinion How Russia's vaunted cyber capabilities were frustrated in Ukraine (Washington Post) New Toddycat APT Targets MS Exchange Servers in Europe and Asia (Infosecurity Magazine) Microsoft Exchange servers hacked by new ToddyCat APT gang (BleepingComputer) OT:ICEFALL: 56 Vulnerabilities Caused by Insecure-by-Design Practices in OT (Forescout) From Basecamp to Icefall: Secure by Design OT Makes Little Headway (SecurityWeek) Dozens of vulnerabilities threaten major OT device makers (Cybersecurity Dive) CISA releases 6 Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency) Phishing gang behind several million euros worth of losses busted in Belgium and the Netherlands (Europol) Подполковника УФСБ по Самарской области арестовали за кражу криптовалюты у хакера (TASS)
The Israel-Palestine conflict is not just being fought in the streets of Hebron or Gaza; it is also being fought in the classrooms of America. Leading this struggle for the Israeli side is a group called the Institute for Curriculum Services (ICS). Jerusalem-based journalist Jessica Buxbaum has been investigating the ICS and scrutinizing their role in shifting the public debate in the U.S. Jessica joins Lowkey to discuss her recent MintPress News investigation, “Institute for Curriculum Services: How an Israel Lobby Group Infiltrated US Education.In recent years, progressive activism has forced the United States to begin to deal with the reality of its racist part. These anti-racist movements have attempted to correct what they see as a whitewashing of racist violence from history textbooks. The ICS has attempted to position itself in this post-Black Lives Matter milieu, claiming that their organization exists to give a more accurate picture of Jewish history in textbooks and clear up lingering misconceptions and stereotypes. “But really,” Buxbaum told Lowkey today, “they are just a front for the Israeli lobby.”Jessica Buxbaum is an investigative journalist specializing in Middle Eastern politics and current affairs. Aside from MintPress News, her work can also be found in Middle East Eye, The New Arab, and Gulf News.Buxbaum sent Freedom of Information requests to the education boards of all 50 states and found that the ICS was involved in a pressure campaign to monitor and change the wording and framing of school textbooks across the country in order to present a one-sided, pro-Israel narrative to children.Examples included requests to delete all references to “Palestine,” “Palestinian territories,” or the “West Bank”; removing information about Palestinian culture and heritage; and even demands to amend maps, so that areas such as East Jerusalem and the Golan Heights appear not as illegally annexed but as territorially part of Israel.“A lot of it is about erasing Palestine, anything that references the natives of Palestine, Palestinians as an indigenous people, that Palestinians have inhabited the land for thousands of years. All those things, they want to have deleted,” Buxbaum told Lowkey.Another key prong in the ICS attack on the truth is to present Palestinian leadership as violent and the Israeli state as a noble, peace-loving democracy. The word “settlers,” the ICS requested, should be replaced by “communities.” “Wall” with “security fence,” “militant” with “terrorist,” and so on. References to Israel capturing the West Bank in 1967 should be removed and depictions of Palestinian President Yasser Arafat should include that he “direct[ed] countless terrorist attacks against Israelis.” It should also, the ICS suggests, be made clear that Israel is the “only democracy in the Middle East.”The ICS has hosted dozens of training seminars with thousands of schoolteachers across the United States, presenting the issue in a framework conducive to the outlook of the Israeli government. The organization has also recommended that American students be discouraged from finding their own sources of information on the internet, and instead be instructed to use resources from the Anti-Defamation League or the Jewish Virtual Library.However, attempts to propagandize children with a pro-Israeli government narrative are not limited to the United States. Lowkey also shares his research into how a similar phenomenon is happening in the United Kingdom.Support the show
This week's Pipeliners Podcast episode features host Russel Treat walking through how each individual pipeliner should think about pipeline cyber security as it relates to supporting their operation. The conversation centers on three key areas of threats, understanding, and mitigation. - Access the show notes and full episode transcript at PipelinePodcastNetwork.com.
A daily look at the relevant information security news from overnight - 20 June, 2022Episode 248 - 20 June 2022Bank Breach Flagged- https://www.bleepingcomputer.com/news/security/flagstar-bank-discloses-data-breach-impacting-15-million-customers/ BRATA Bulks Up - https://www.zdnet.com/article/this-phone-wiping-android-banking-trojan-is-getting-nastier/No End of Life Support- https://cybersecuritynews.com/cisco-says-zero-day-flaws/ICS Vulns - https://www.securityweek.com/automationdirect-patches-vulnerabilities-plc-hmi-productsOnline Extension Tracking - https://www.bleepingcomputer.com/news/security/google-chrome-extensions-can-be-fingerprinted-to-track-you-online/Hi, I'm Paul Torgersen. It's Monday June 20th, 2022, a day to recognize Juneteenth, and this is a look at the information security news from overnight. From BleepingComputer.comFlagstar Bank is notifying 1.5 million customers of a data breach where hackers accessed personal data including full names and social security numbers. The breach actually took place back in December, but the bank did not realize this until the beginning of June. No word of why the breach remained hidden for so long, or what other information was compromised. If you are one of the 1.5 million, you are the lucky recipient of 2 years of free credit monitoring. From ZDNet.com:With the nasty Android banking trojan known as BRATA, which is Brazilian Remote Access Tool, Android, used to be you only had to worry about it wiping your smartphone with a factory reset to cover its tracks. Recently it has added new features to improve its ability at phishing online-banking credentials and intercepting SMS two-factor authentication codes. See all the details from the Cleafy research in the article. From CyberSecurityNews.com:We talked last week about the 9.8 severity flaw in Cisco routers, for which the company has released an update. However, if Cisco has previously noted that your router was reaching end of life, they will NOT be releasing a patch nor a workaround for this vulnerability. These include the Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers. Time to upgrade kids. From SecutiyWeek.com:AutomationDirect has patched several high-severity vulnerabilities in some of its programmable logic controller (PLC) and human-machine interface (HMI) products. Exploitation of these ICS vulnerabilities could allow an attacker to make unauthorized changes to the targeted devices. See details from the Dragos report in the article. And last today, from BleepingComputer.comA researcher has found a way to use your installed Google Chrome extensions to generate a fingerprint of your device that can be used to track you online. He built a website to create fingerprints, or tracking hashes, based on various characteristics of a device, including GPU performance, installed Windows applications, screen resolution, hardware configuration, and even the installed fonts. See all the creepy details in the article. That's all for me today from Chicago. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.
Jon reports live from the floor of Cisco Live U.S. this week. He interviewed several Talos speakers about their talks at Cisco Live and some of the major takeaways from conversations with users and customers this week.
Hosted by Engelbert Hanzal (Gynaecologist)With guests Barbara Bodner-Adler (Obstetrician & Gynaecologist) and Christopher Henry Fry (Physiologist).Hear about our Scientific Committee guests' top sessions at ICS 2022 Vienna Get ready for ICS 2022 Vienna! Subscribe for updates at www.ics.org/2022
There have been several unfortunate mass-casualty incidents recently as the result of an active shooter. Although the public's attention is usually focused on the police response, these events ask a lot of a fire-medical incident commander as well. If your department's training schedule doesn't include MCI-specific training, you could find yourself in trouble when you arrive at a real-world MCI and learn the hard way the importance of coordination of resources. Even small details like not blocking-in paramedic units that need to transport become big problems when no one's planned for them. Here to discuss what ICs need to know about mass casualty incidents is Vince Bettinazzi. He's a battalion chief with the Myrtle Beach, South Carolina Fire Department. He's been there since 2007. Vince is a member of the department's Ocean Rescue Team and he's certified USLA lifeguard. He also co-hosts the "Beyond the Stretch" podcast.
Hosted by Shannon Wallace (Urogynaecologist)With guests Dean Elterman (Urologist) and Anthony Kanai (Pharmacologist)Hear about our Education Committee's top sessions at ICS 2022 Vienna Get ready for ICS 2022 Vienna! Subscribe for updates at www.ics.org/2022
Podcast: Control System Cyber Security Association International: (CS)²AIEpisode: 42: How Skills Outside of the CyberSecurity Space Lay the Groundwork for a Great CyberSecurity Career with Art ConklinPub date: 2022-06-14Derek Harp is happy to have Art Conklin, another legendary ICS control systems cybersecurity figure joining him on the show today! Art is an experienced Information Systems Security professional. He has a background in software development, systems science, and information security. He is qualified with CISSP, GICSP, GRID, GCIP, GCFA, GCIA, GCDA, CSSLP, CRISC, and Security+.His specialties include information systems security management, network, and systems security, intrusion detection and intrusion detection monitoring, penetration testing, Incident Response, security policy and procedures, risk/threat assessments, Security training/awareness, user interface design and evaluation, FISMA, Secure code design/software engineering, cyber-physical systems security, and security metrics.Art is a hacker at heart. Art was born in St. Louis, Missouri, in 1960. He has been a professor at the University of Houston for many years! He is also a well-known speaker, military veteran, technologist, author, sailor, rocket scientist, father, husband, and grandfather. In this episode of the (CS)²AI Podcast, he talks about his formative years, a life-changing Navy experience, taking advantage of learning situations outside of college, the application of knowledge, the benefits of getting an MBA, and the benefits of on the job training,If you want to get into the cybersecurity space, you will not want to miss this episode - even if you have qualifications in a different area. Show highlights:There is a different level of thinking that gets taught and applied today. (5:49)After doing courses at different universities and then starting med school, Art realized it was not where he wanted to go because it was science, not tech, and it was very theory-driven. (8:10)Art wanted a career where he could do stuff, so he was advised to get an MBA from Harvard or join the military to learn how to lead men, manage a budget, and learn the difference between those things. Harvard was out of reach, so he joined the Navy. (9:07)Art talks about the unique military experience that changed his perspective and made him who he is today. (11:05)The cyber-world can benefit from people with no college degree who have problem-solving abilities, communication skills, and the ability to lead. (15:08)Learning is about more than just knowledge because knowledge needs to be applied. (18:38)Art wanted to leave the Navy to join IBM, but the Admiral did not want him to leave and offered him the opportunity to go to Navy Post Graduate School with no payback. So Art spent three years studying space system engineering, got a Ph.D. equivalent, and flew on a spacecraft. (20:40)In some respects, transitioning out of the military is not easy, from a job perspective. (24:01)Art explains why he did another degree after getting his doctorate. (27:44)Art talks about the qualities of his various mentors and the importance of having connections with people with aspects that will broaden you and make you smarter. (29:14)What he has done and is currently doing at the University of Houston. (32:32)If you want to work in cybersecurity and you have a breadth of knowledge and experience, you are likely to succeed in the space. (39:16)If you want to learn more about OT, many resources are available. Use and apply them. You can also email Art for local resources at firstname.lastname@example.org. Most people are willing to share their knowledge and become mentors, so reach out to those you look up to. (44:42)How to invest in yourself. (46:20)Links:(CS)²AIArt Conklin on LinkedInThe University of Houston (Search for cybersecurity)The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Hosted by Laurence Stewart (Urologist)With guests Kathleen Hunter (Nurse) and Adrian Wagg (Geriatrician) Hear about our Scientific Committee guests' top sessions at ICS 2022 Vienna Get ready for ICS 2022 Vienna! Subscribe for updates at www.ics.org/2022
Hosted by Elise De (Urologist)With guest Paula Igualada Martinez (Physiotherapist) Hear about our Education Committee's top sessions at ICS 2022 Vienna Get ready for ICS 2022 Vienna! Subscribe for updates at www.ics.org/2022
As ever, here at Ockham, we are fortunate to have been able to have taken some time out from business as usual to put our feet up and properly digest, review, and summarise the recent Fuller report publication on integrated Primary Care (and what this might look like in the context of the wider Integrated Care world). As with everything, our conclusions are our own and having spoken to our allies over at THC Primary Care, it's clear that the report can be interpreted in many different ways, depending on who you are, where you sit, what your remit is and how prepared you may (or may not) be feeling ahead of the upcoming transition. In this week's episode, Ben and THC Primary Care founder and MD, and PCN Management expert Tara Humphrey discuss their key takeaways from the stocktake and what they both feel general practice should be doing right now to ready themselves for integrated primary care, and ICSs beyond. Introduction (9 secs) Setting the scene…. our differing perspectives (19 secs) Tara and Ben's initial thoughts (29 secs) What's missing? (45 secs) Ben's concerns (1 min 17 secs) What would Ben liked to have seen within the report? (2 mins 54 secs) Shaping the debate (4 mins 46 secs) A threat to the PCN model as we know it? (5 mins 52 secs) Tara's views and getting the most out of a larger network infrastructure (8 mins 3 secs) Readying general practice, as it stands (9 mins 21 secs) Acknowledgement of existing constraints and what this means going into an ICS environment (9 mins 58 secs) Do the recommendations within the report pose a risk to the PCN management structure? (11 mins 6 secs) General Practice influence at an ICS level (12 mins 44 secs) The importance of a united primary care voice (14 mins 27 secs) Time pressures and maintaining influence as a GP leader (15 mins 15 secs) What should we be doing right now in preparation? (16 mins 55 secs) Tara's predictions ahead of the transition (17 mins 47 secs) Recommendations from Ben (18 mins 53 secs) Tara advises (19 mins 53 secs) Navigation of bureaucracy versus responsive decision-making (20 mins 43 secs) We need you! (21 mins 45 secs) Next steps for integrating primary care: Fuller stocktake report (final report) is available here. There is still plenty to discuss where the report is concerned and absolutely no way to cover it all this 22-minute podcast instalment. We are keen to hear views and even better, feature representatives from across general practice on the podcast to discuss the transition into the integrated care, what this feels like from your part of the world and your own take on the Fuller Report. So if you (or your team) are interested in taking part, please contact Ben at email@example.com or get in touch via Twitter.
On this episode of the podcast, I cover budesonide (Pulmicort) pharmacology. Our sponsor (Pyrls.com/rlp) for this episode is providing a FREE PDF of their inhaled corticosteroid categorizations chart (i.e. low/medium/high dose ICS) when you sign up for a free account! The onset of action of inhaled budesonide is several hours up to a few days. Patient education is critical to ensure that patients stick with its use. Budesonide does have a nebulized formulation that is often used in pediatrics and geriatrics. There aren't a ton of critical drug interactions, but you should think about medications that inhibit CYP3A4 and may have additive immunosuppressive effects.
Ukraine offers an update on the cyber phases of Russia's hybrid war. Atlassian patches a Confluence critical vulnerability. CISA releases ICS advisory on voting systems. A "State-aligned" phishing campaign tried to exploit Follina. Is Electronic warfare a blunt instrument in the ether? Verizon's Chris Novak stops by with thoughts on making the most of your trip to the RSA conference. Our guest is Tom Garrison from Intel with a look at hardware security. And a Russia-aligned group says they're not just hacktivists; they're "Cyber Spetsnaz." For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/108 Selected reading. Remarks by Victor Zhorov, deputy head of SSSCIP. (SSSCIP) US military hackers conducting offensive operations in support of Ukraine, says head of Cyber Command (Sky News) Russian ministry website appears hacked; RIA reports users data protected (Reuters) Confluence Security Advisory 2022-06-02 (Atlassian) Atlassian Releases New Versions of Confluence Server and Data Center to Address CVE-2022-26134 (CISA) Patch released for exploited Atlassian zero-day vulnerability (The Record by Recorded Future) CISA Releases Security Advisory on Dominion Voting Systems Democracy Suite ImageCast X (CISA) State-Backed Hackers Exploit Microsoft 'Follina' Bug to Target Entities in Europe and U.S (The Hacker News) Deadly secret: Electronic warfare shapes Russia-Ukraine war (AP NEWS) Exclusive: Pro-Russia group ‘Cyber Spetsnaz' is attacking government agencies (Security Affairs)
Anton Fedorenko is the mastermind behind Infopathy which offers two biohacking devices that I've been using for some time now to enhance my brainpower, mood, concentration, immunity, sleep, and even exercise.Last year I published a biohacker review entitled Downloadable medicine is NO longer science fiction… and it made the dogmatic “skeptics” of the internet very angry.Now, I can understand the skeptics because non-pharmaceutical, downloadable medicine is a pretty fantastic proposition. IF it's real it's the most disruptive medicinal technology of this century.In this interview, we discuss the mind-blowing phenomena of water memory and Anton explains how infoceuticals (ICs) actually work.2:22 Skeptical?4:10 History, theory & mechanism17:57 Why ICs don't have side effects22:00 The nose is a spectrometer25:32 Scientific evidence30:28 Placebo effect and ICs40:55 Anecdotal evidence from the Infopathy community47:00 Anton's go-to ICs53:03 ICs vs EMFs59:59 Anton's cognitive enhancement biohacks1:05:12 What to expect from ICs1:08:22 How to get the optimal effect from the ICs1:15:13 The new EMF-shielded water bottle1:17:00 Which ICs are free to the publicRead
We are in full countdown to ICS mode here on the podcast and in recognition of the existing issues of workload, pressures, and targets - and of the upcoming challenges General Practice is facing as we transition into the new, larger scale networks, we felt it was about time we welcomed back Dr Rachel Morris, GP, executive trainer, coach and all-round leadership and resilience expert. This week's podcast offers a wealth of practical advice and insight into how and why we should be saying no, how to stick to your guns (and not fall victim to external pressures and pushback), why a long-term approach will always win out and how to stop, take stock and adopt a more strategic forward view during this period of high stress, unpredictability and unprecedented levels of patient demand. Introduction (9 secs) Why has the importance of saying “no” become so relevant recently? (19 secs) Working out what and where your boundaries are (2 mins 6 secs) Engagement and decision making when setting boundaries (2 mins 41 secs) Should we benchmark the PCN DES? (3 mins 12 secs) A case in point: Investment and Impact Fund (3 mins 50 secs) Identifying our top priorities? (4 mins 27 secs) What is achievable and what's not? Managing system pressures (5 mins 42 secs) Practical measures for dealing with pushback (7 mins 11 secs) Pressures of conformity in the new world? (8 mins 53 secs) The importance of taking a long-term approach (10 mins 59 secs) Moving from firefighting to forward view (11 mins 54 secs) Applying the same principles for the Additional Roles Reimbursement Scheme (12 mins 56 secs) When ARRS strategies fail and why (14 mins 6 secs) “I'm choosing to…..so that…..” (15 mins 12 secs) Maintaining a strong narrative (15 mins 34 secs) Do the same strategies work from an individual perspective? (16 mins 9 secs) The concept of ‘air cover' and truly having each other's backs (17 mins 45 secs) Why proactive engagement matters (19 mins 1 secs) ….and ensuring there is accountability (20 mins 13 secs) Finding out more / access to resources (21 mins 32 secs) You can access the free mini video series on helping your team to set boundaries, say “no” powerfully and prioritise time and energy here Rachel's incredibly popular ‘You are not a frog' podcast can be found here
This week, on the podcast, we talk about area command and its implementation with Jim Elliot, COO at Teichman Group. Not normally focused on during regular ICS training, Jim defines what area command is, how it is staffed, and how it functions to manage multiple command posts during a crisis.
Join Gandhi as he analyses the Fuller Stocktake actions for ICS, NHS England, Dept of Health and Social Care, and Primary Care. Fuller Stocktake: https://www.england.nhs.uk/publication/next-steps-for-integrating-primary-care-fuller-stocktake-report/Check out our content:Subscribe Youtube: https://www.youtube.com/channel/UC3vaxQcvaxJ0xH6080x4AswSubscribe Podblast: https://link.chtbl.com/gynVSFk8Courses and conference recordings : https://egplearning.podia.com/
Podcast: Aperture: A Claroty PodcastEpisode: Idaho National Lab on the INL Control Environment Laboratory Resource (CELR)Pub date: 2022-06-02Tim Huddleston of Idaho National Laboratory joins the Aperture podcast to discuss the INL Control Environment Laboratory Resource (CELR). CELR is a simulated critical infrastructure environment where users may test their incident response capabilities against real-life attack scenarios. Users may also use the environment to conduct malware and vulnerability analysis of ICS and SCADA devices, and also test product capabilities against simulated cyber-physical attacks. Learn more about CELR here. The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Podcast: Unsolicited Response Podcast (LS 30 · TOP 5% what is this?)Episode: May - ICS Security Month In The ReviewPub date: 2022-06-01This is a solosode with Dale covering the two top stories from the month plus a win, fail and prediction. Links Schneider Electric SAAS on Azure for DERMS Emerson ZEDI for water press release. Dept of Transportion document on proposed fine for Colonial Pipeline. ICS version of Backdoors & Breaches card deck. The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Operational technology supporting Industrial Control Systems challenges traditional operations management teams. To support modernization efforts, operators need visibility into their OT and ICS environments. Having this visibility helps them create upgrade paths of supporting hardware and software. More importantly this data helps them determine when devices have vulnerabilities that increase their environment risk posture and provides a path toward mitigation. This session, presented by Bill Musson, Advisory Solution Consultant, ServiceNow, provides an understanding of OT & ICS environments and how the ServiceNow platform in conjunction with our operational technology capabilities provides solutions which enable customers to operate efficiently and proactively manage their environments. See omnystudio.com/listener for privacy information.
Podcast: Control System Cyber Security Association International: (CS)²AIEpisode: 40: ICS Village and Why You Should Attend DefCon with Bryson Bort and Tom VanNormanPub date: 2022-05-31Today, we got a special episode to highlight a really neat initiative that's been in the works for awhile. My guests are Bryson Bort and Tom VanNorman.Bryson is the Founder of SCYTHE, a start-up building a next generation attack emulation platform, and GRIMM, a cybersecurity consultancy, and Co-Founder of the ICS Village, a non-profit advancing awareness of industrial control system security. He is a Senior Fellow with the Atlantic Council's Cyber Statecraft Initiative, the National Security Institute, and an Advisor to the Army Cyber Institute. As a U.S. Army Officer, he served as a Battle Captain and Brigade Engineering Officer in support of Operation Iraqi Freedom before leaving the Army as a Captain. He was recognized as one of the Top 50 in Cyber in 2020 by Business Insider.Tom leads the CyPhy Product group at GRIMM, where his primary focus is securing Industrial Control Systems and the networking of such systems. Tom brings an unparalleled level of operational knowledge and experience, as he has been working in the Operational Technology (OT) field for almost three decades. He also has considerable knowledge in constructing Cyber Physical testing environments for OT systems.Tom co-founded the ICS Village, a non-profit organization focused on Control System security and awareness. He is also retired from the Air National Guard, where he worked in Cyber Warfare Operations.ICS Village is holding Def Con 29, a 100% virtual event that takes place Aug 6th-8th. There are sessions and workshops covering all aspects of ICS. Show Highlights:How ICS Village was startedThe original 2 events - RSA and DefConGRIMM and their involvement in ICS VillageWhy no one was thinking about Industrial control systems before ICS VillageThe artwork that started it allAll of the events that ICS Village has throughout the yearHow the pandemic changed DefCon and the other ICS Village eventsThe birth of Hack the Plant PodcastCapture the Flag and what we can learn from itHighlights of DefCon Table Talks and other sessionsLinks:CS2AI.orgICS VillageDefCon Event happening Aug 6-8The podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Tim Huddleston of Idaho National Laboratory joins the Aperture podcast to discuss the INL Control Environment Laboratory Resource (CELR). CELR is a simulated critical infrastructure environment where users may test their incident response capabilities against real-life attack scenarios. Users may also use the environment to conduct malware and vulnerability analysis of ICS and SCADA devices, and also test product capabilities against simulated cyber-physical attacks. Learn more about CELR here.
This is a solosode with Dale covering the two top stories from the month plus a win, fail and prediction. Links Schneider Electric SAAS on Azure for DERMS Emerson ZEDI for water press release. Dept of Transportion document on proposed fine for Colonial Pipeline. ICS version of Backdoors & Breaches card deck.
Podcast: Unsolicited Response Podcast (LS 30 · TOP 5% what is this?)Episode: Interview With Dave LewisPub date: 2022-05-25This is the audio from my interview with Dave Lewis, a Global Advisory CISO at Cisco, on the S4x22 Main Stage. Dave has experience securing both IT and OT (he worked for electric utilities in Canada). Even more interesting is he talks every week with a wide variety of CISO's. It's a wide ranging discussion that hits a lot of different areas on how to work and communicate best with CISO's and executive management on ICS security and cyber risk.The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Join Andy and Gandhi as they review the seismic Fuller Stocktake report for primary care.The Fuller Stocktake report: https://www.england.nhs.uk/wp-content...The Fuller Stocktake website: https://fullerstocktake.crowdicity.com/CORE20PLUS5: https://www.england.nhs.uk/about/equa...00:00 The Fuller Stocktake01:30 What is the Fuller Stocktake?02:48 How the Fuller Stocktake took place03:26 The Fuller Stocktake Report04:20 Current Primary care07:40 Who should be actioning this report?09:10 The experience of GP access10:23 Aligning leadership in Primary Care13:10 Neighbourhoods of care15:00 ICS sign up and accountability!17:49 For PCN clinical directors!20:00 Top-down approach to primary care?28:53 Outreach as part of care31:15 Is General Practice an anchor organisation?33:19 GP Access in the Stocktake35:50 Frequent attenders in General Practice38:55 The future of 111?40:45 Personalised care41:15 What matters to me, not Check out our content:Subscribe Youtube: https://www.youtube.com/channel/UC3vaxQcvaxJ0xH6080x4AswSubscribe Podblast: https://link.chtbl.com/gynVSFk8Courses and conference recordings : https://egplearning.podia.com/
A daily look at the relevant information security news from overnight.Episode 234 - 27 May 2022Buggy Android apps- https://www.bleepingcomputer.com/news/security/microsoft-finds-severe-bugs-in-android-apps-from-large-mobile-providers/Guzzle cookies crumble - https://portswigger.net/daily-swig/patch-released-for-cross-domain-cookie-leakage-flaw-in-guzzleRansome besets Somerset - https://www.cnn.com/2022/05/26/politics/new-jersey-somerset-county-ransomware-attack/index.htmlBlackCat slashes Austria - https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-asks-5-million-to-unlock-austrian-state/Crital OAS flaws- https://threatpost.com/critical-flaws-in-popular-ics-platform-can-trigger-rce/179750/New Windows update not Trend-y - https://www.bleepingcomputer.com/news/security/windows-11-kb5014019-breaks-trend-micro-ransomware-protection/Hi, I'm Paul Torgersen. It's Friday May 27th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.com:Microsoft security researchers have found high severity vulnerabilities in a framework owned by MCE Systems that is used by Android apps. The vulnerabilities expose users to command injection and privilege escalation attacks. The apps have millions of downloads on Google's Play Store and come pre-installed as system applications on devices bought from operators including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile. Patches have been issued. From PortSwigger.net:Guzzle, the popular HTTP client for PHP applications, has addressed a high severity vulnerability leading to cross-domain cookie leakage. The flaw resides in Guzzle's cookie middleware, which is fortunately disabled by default, so most library consumers will not be affected. Drupel is one of the applications that use the third-party library and has released updates to address the issue. From CNN.com:A ransomware attack has forced officials in Somerset County New Jersey to switch off their computers and set up temporary Gmail accounts so the public can communicate with key agencies like health, emergency and sheriff's departments. The county says the attack has only affected email and IT systems and that phone lines and emergency service systems are all working properly. No word on the threat actor or specific malware involved. From BleepingComputer.com:The Austrian state of Carinthia has been hit by the BlackCat ransomware gang, who demanded $5 million to unlock their encrypted computer systems. Evidently thousands of workstations have been locked by the attack. The government says there is no evidence that BlackCat actually managed to exfiltrate any data, and that the plan is to restore the machines from backups. From ThreatPost.com:Multiple flaws have been found in Open Automation Software, a popular platform used by industrial control systems. The two critical and five high severity vulnerabilities could allow unauthorized device access, remote code execution, or denial of service that could ultimately threaten the stability of critical infrastructure. The flaws affect OAS Platform version 16.00.0112. See the full Cisco Talos report in the article. And last today, from BleepingComputer.comWindows previewed its upcoming cumulative update, which unfortunately has some compatibility issues with some of Trend Micro's security products, including the ransomware protection feature. The issue affects the User Mode Hooking component used by several Trend Micro endpoint solutions. The company is working on a fix to address this issue before the updates are pushed to all Windows customers as part of their June Patch Tuesday. That's all for me this week . Have a great holiday weekend. Take a moment to remember those that gave their last full measure to secure the freedoms of the rest of us. And until next time, be safe out there.
Pro-Russian DDoS attacks. Sanctions and their effect on ransomware. BlackCat wants $5 million from Carinthia. A fraudster pressures Verizon. Spain will tighten judicial review of intelligence services. Johannes Ullrich looks at VSTO Office Files. Our guests are Cecilia Marinier and Niloo Howe with a preview of the RSAC Innovation Sandbox. CISA releases ICS advisories and with its partners issue guidelines for evaluating 5G implementation. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/103 Selected reading. Hacktivists Expanding DDoS Attacks as Part of International Cyber Warfare Strategy (Imperva) Cyberattacks against UK CNI increase amidst Russia-Ukraine war (Intelligent CIO Europe) A cyberwar is already happening in Ukraine, Microsoft analysts say (NPR.org) NSA: Sanctions on Russia Having a Positive Effect on Ransomware Attacks, Attempts Down Due to Difficulty Collecting Ransom Payments (CPO Magazine) BlackCat/ALPHV ransomware asks $5 million to unlock Austrian state (BleepingComputer) Hacker Steals Database of Hundreds of Verizon Employees (Vice) Drupal Releases Security Updates (CISA) Keysight N6854A Geolocation server and N6841A RF Sensor software (CISA) Horner Automation Cscape Csfont (CISA) Spain vows legal reforms in wake of spying allegations (MSN) Spain's PM vows to reform intelligence services following phone hacking scandal (The Record by Recorded Future) Spain set to strengthen oversight of secret services after NSO spying scandal (Times of Israel) CISA and DoD Release 5G Security Evaluation Process Investigation Study (CISA)
This is the audio from my interview with Dave Lewis, a Global Advisory CISO at Cisco, on the S4x22 Main Stage. Dave has experience securing both IT and OT (he worked for electric utilities in Canada). Even more interesting is he talks every week with a wide variety of CISO's. It's a wide ranging discussion that hits a lot of different areas on how to work and communicate best with CISO's and executive management on ICS security and cyber risk.
Mit sehr großem Interesse ist der Vorverkauf der 9-Euro-Tickets gestartet. Welche Erwartungen die Bundesregierung mit den Sondertickets verbindet. An diesem Montag hat auch bei der Deutschen Bahn der Verkauf der 9-Euro-Monatstickets begonnen. Bereits nach ein paar Stunden waren mehr als 200 000 Tickets verkauft. Ab 1. Juni kann man mit den Sondertickets im Juni, Juli und August für neun Euro mit der Bahn und im Öffentlichen Personen-Nahverkehr fahren. Ausgenommen ist der Fernverkehr, also etwa ICEs oder ICs. Die Bahn erwartet bis zu 30 Millionen Teilnehmer. Angesichts der Inflation werden die Bürger damit entlastet, sagt SZ-Verkehrsexperte Markus Balser. Zudem sollen viele "langfristig stärker auf den Nahverkehr umsteigen". Das aber sei längst noch nicht ausgemacht. Schließlich würden ab September wieder die weitaus teureren Tarife gültig. Auch müsse der ÖPNV auf dem Land viel attraktiver werden, "sonst wird da niemand das Auto stehen lassen", meint Balser. Dabei habe sich die Bundesregierung zum Ziel gesetzt, den Nahverkehr bis 2030 zu verdoppeln. In Wien gebe mit einem 365-Euro-Ticket positive Erfahrungen, wie die Attraktivität des ÖPNV erhöht werden kann. Es brauche aber insgesamt neue Ideen für den Nahverkehr. Dazu gehöre sicherlich "mehr Geld", "neue Ideen" sowie "durchaus auch mal den Mut, solche solche Ideen umzusetzen". Die wichtigsten Texte zum 9-Euro-Ticket finden Sie hier: https://www.sueddeutsche.de/politik/9-euro-ticket-fragen-und-antworten-1.5588599 https://www.sueddeutsche.de/politik/bundesrat-neun-euro-ticket-1.5589039 https://www.sueddeutsche.de/meinung/neun-euro-ticket-nahverkehr-bundesregierung-energiepreise-1.5579115 Weitere Nachrichten: Ukraine-Krieg, Corona-Schnelltests: Betrugsverdacht in Milliardenhöhe. Moderation, Redaktion: Lars Langenau Redaktion: Tami Holderried Produktion: Justin Patchett Zusätzliches Audiomaterial über dpa
The past year has been filled with incredible changes in the cyber security landscape from ICS, Mobile, Cloud, and increased threats from Ransomware. This discussion will focus on crucial and quick discussions surrounding the cyber landscape that has changed quickly and forced organizations to consider revamping many of their policies and preparations. Join us for a humorous, and insightful journey back over the past year filled with examples for practitioners, organizations, and those just starting in cyber security. Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw741
Russian information operations surrounding the invasion of Ukraine. VMware patches vulnerabilities. F5 BIG-IP vulnerabilities undergoing active exploitation. Texas Department of Insurance clarifies facts surrounding its data incident. Robert M. Lee from Dragos is heading to Davos to talk ICS. Rick Howard speaks with author Chase Cunningham on his book "Cyber Warfare –Truth, Tactics and Strategies”. Robo-calling the Kremlin. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/96 Selected reading. Information Operations Surrounding the Russian Invasion of Ukraine (Mandiant) CISA Issues Emergency Directive and Releases Advisory Related to VMware Vulnerabilities (CISA) Emergency Directive 22-03 (CISA) Threat Actors Chaining Unpatched VMware Vulnerabilities for Full System Control (CISA) Threat Actors Exploiting F5 BIG IP CVE-2022-1388 (CISA) CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388. (The CyberWire) Additional facts: TDI data security event (Texas Department of Insurance) This Hacktivist Site Lets You Prank Call Russian Officials (Wired)
In episode 31 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Karen Sorady, VP for Multi-State Information Sharing and Analysis Center (MS-ISAC) Member Engagement at the Center for Internet Security (CIS). Their discussion focuses on industrial control system (ICS) security, some of the threats they're susceptible to, and what goes into making a good operational technology (OT) security program. Looking back over the past 20 years, the security community has learned some valuable lessons on the information technology (IT) side of things. But we won't be able to apply those lessons to OT and ICS without communication and collaboration. This isn't just about fostering conversations between OT and IT teams. It's also a call to action for organizations to work with public-private partnerships and communities like the MS-ISAC so that they don't have to go it alone.
Zach Tudor of INL and Megan Samford of Schneider Electric join Dale Peterson on stage to close out S4x22. They discuss: What the ICS security community isn't talking about that we need to pay more attention to. OT cyber workforce issues. What should we draw from the OT malware that came out in early 2022 and the response? The SBOM market. And more
1 on 1s are the single most important tool managers have to be great leaders. You can use these meetings to help you bring out the best in your team, fix problems, get buy in, and so much more. That's why, as we wrap up Season 1, we're bringing you all the best advice on 1 on 1s from our many amazing guests. Listen in to learn what the most important things are for you to remember for your 1 on 1s, and get a preview of some episodes you may want to go back and listen to. Lessons and links from today's episode: A big THANK YOU to our many amazing guests. In today's episode we heard from: Mark C Crowley, from Episode 2,“Why You Should Lead from the Heart(and how to start)” Wes Kao, from Episode 4,“Managing Up: Advice for Mangers & ICs to master their most important relationship at work” Mike Pretlove, from Episode 7,“Building an Unconventional Career as a Leader” Fabian Carmago, from Episode 8,“8 Essential Things You Must Consider When Becoming a Manager” Jeremy Brown, from Episode 15,“How to Rapidly Grow from Team Lead to Executive.” Krzysztof Rakowski, from Episode 16,“How to Become a Better Manager in Just 15 Minutes a Week” Valentina Thörner, from Episode 17,“The Harsh Truths of Leading Remotely(and what to do about it)” Click the titles of any of the episodes to listen into them and see the show notes for that episode. Show Notes And a few links for you to learn more based on their advice: Mark C Crowley's book “Lead from the Heart” can be found here as well as his interview on our blog here.Learn why open door policies fail here. Talking about the personal life of your team can be scary. It's beneficial, but you're not their therapist. Learn how to handle when the meetings get too personal here. Wes Kao has a fantastic tweetstorm on managing up you can check out here. Learn more about managing up well here, and ask these questions of your boss to master managing up. Getting buy in is important to as Wes discusses, which you can learn how to get buy in here. Mike Pretlove reminds us that building rapport and empathy for your team is hugely important. Learn over 80 ways you can connect with anyone. Giving feedback is great to do in your 1 on 1s. Learn a battle tested, proven way to give feedback to your team members and the podcast episode on it here. You can also read about how Mike had the lowest turnover and highest engagement in his company by using Lighthouse software. Fabian Carmago mentions our post on the evolution of your 1 on 1s over time, which you can read here.Being a good coach is a key part of being a great manager. Krzysztof Rakowski told us about how managers must always be learning and growing. A growth mindset is key for every manager. Valentina Thörner told us 1 on 1s are a, “one hill I will die on” because they're so important in remote environments.Ask these questions to help support your remote team members. Here's Dr. Katerina Bohle Carbonell's talk on analyzing communication patterns here. Jeremy Brown reminded us about the importance of using your 1 on 1s to coach and praise your team.Praise your team regularly. Learn 21 ways to bring more praise and positivity to your team here. A giant THANK YOU to Jeremy, Valentina, Mark, Fabian, Wes, Mike, Krzysztof and our many other guests for sharing their advice, insights, and hard earned perspectives. As you can see, even though we covered dozens of different topics in this first season, 1 on 1s keep coming up. They really are the centerpiece of great management. Which is also why we built Lighthouse to help you make these meetings awesome. From helpful prep and structure to suggested questions for dozens of different topics, we help you be a better leader and expand the value of your 1 on 1s every day. Sign up for a free trial here. And thank you for listening to this season! We've appreciated every bit of feedback and praise we've heard from you all on the season. As a closing ask, two things of you: If there's a burning management problem you have that you hope we'll do a future episode on how to handle, please email us at firstname.lastname@example.org or reply to one of our podcast emails to let us know. Please share the podcast with a fellow manager you think would benefit. The more people we help, the more we're encouraged to continue the show for many future seasons.
There's a big difference between a travel agency employee and an affiliated independent contractor (IC). Even before the pandemic, an increasing number of travel advisors were choosing to affiliate as ICs, but the pandemic has spurred even more agents to make the leap. In this episode of Trade Secrets, get into the topic of switching from an employee to an IC in depth with Amanda Klimak, president and co-owner of Largay Travel, along with co-hosts Emma Weissmann and Jamie Biesiada. This episode is sponsored by Windstar Cruises. In this episode: 1:13 - Meet our guest, Amanda Klimak, president and co-owner of Largay Travel in Waterbury, Conn. 2:00 - Starting with the basics, what's the difference between a travel agency employee and an IC? 2:56 - What was it like when Largay transitioned its employees to IC status? 6:30 - Health insurance is a big factor for someone considering making the jump to IC; what are some of the options available? 7:47 - Amanda's advice to agencies transitioning employees to ICs 12:23 - An IRS red flag to watch out for 15:22 - Some ICs use their own business name, and others use their host affiliation - many use both. Why? 17:02 - Don't rush the leap! Do your due diligence 17:33 - Before the pandemic, agencies with employees and ICs were very common. Is the pendulum swinging more toward the pure host? 21:00 - It's not easy to find talent today. Where are Largay's coming from? 23:06 - Travel advisor Tara shares some of her top tips about switching to an IC 25:53 - Amanda adds her top tips 27:20 - Travel advisor Katy asks about host agency commission splits 29:31 - Amanda talks about vetting hosts and their commission splits (spoiler: don't just look at the split!) Further resources: Largay Travel Website Please Go Away 800-322-9481 HostAgencyReviews.com FindaHostTravelAgency.com Legal Briefs: Making staff ICs could prove costly Legal Briefs: A host can impose some rules on independent contractors Need advice? Call our hotline and leave a message: 201-902-2098 Email us: email@example.com Theme song: Sock Hop by Kevin MacLeod Link: https://incompetech.filmmusic.io/song/4387-sock-hop License: https://filmmusic.io/standard-license See omnystudio.com/listener for privacy information. See omnystudio.com/listener for privacy information.
Ukraine holds its first war crimes trial. Are there war crimes in cyberspace? Iranian cyberespionage (and a possible APT side-hustle). Roblox seems to have been used to introduce a backdoor. CISA issues ICS advisories. Darkweb C2C trader sentenced. The last conspirator in the strange case of the eBay newsletter takes a guilty plea. Carole Theriault looks at Google's new approach to cookies in Europe. Our guest is Mary Writz of ForgeRock on the growing importance of mobile device authentication security. And CIA gets a CISO. For links to all of today's stories check out our CyberWire daily news briefing: httpshttps://thecyberwire.com/newsletters/daily-briefing/11/93 Selected reading. Ukraine to put first Russian soldier on trial for war crimes | DW | 12.05.2022 (Deutsche Welle) Russian soldier on trial in first Ukraine war-crimes case (AP NEWS) First Russian soldier goes on trial in Ukraine for war crimes (the Guardian) The Case for War Crimes Charges Against Russia's Sandworm Hackers (Wired) Iranian hackers exposed in a highly targeted espionage campaign (BleepingComputer) Iranian APT Cobalt Mirage launching ransomware attacks (SearchSecurity) Iranian Hackers Leveraging BitLocker and DiskCryptor in Ransomware Attacks (The Hacker News) Iranian Cyberspy Group Launching Ransomware Attacks Against US (SecurityWeek) Please Confirm You Received Our APT | FortiGuard Labs (Fortinet Blog) Roblox Exploited with Trojans from Scripting Engine (Avanan) Ukrainian cybercriminal sentenced to 4 years in U.S. prison for credential theft scheme (CyberScoop) Ukrainian sentenced to 4 years for selling hacked passwords (The Record by Recorded Future) Ex-eBay exec charged with harassing newsletter publishers pleads guilty (Reuters) CIA selects new CISO with deep private sector experience (The Record by Recorded Future)
Mind Over Magic vs The Piff Pod trivia battle courtesy of Mikey Neumann at ScoopFest 2022 on April 30th from The Orleans casino in Las Vegas, NV Thank you for having us ICS! Links: Buy tickets to Mat's Show in Vegas! Book Dittelman for your event! *** Visit us and write us an email at: mindovermagicpod.com Follow us on the socials: linktr.ee/MindOverMagicPod
An upswing in malware deployed against targets in Eastern Europe. Cozy Bear is typosquatting. CuckooBees swarm around intellectual property. Tracking the DPRK's hackers. Quiet persistence in corporate networks. CISA issues an ICS advisory. Caleb Barlow on backup communications for your business during this period of "shields up." Duncan Jones from Cambridge Quantum sits down with Dave to discuss the NIST algorithm finalist Rainbow vulnerability. And, hey, officer, honest, it was just a Squirtle…. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/86 Selected reading. Update on cyber activity in Eastern Europe (Google) Multiple government hacking groups stay busy targeting Ukraine and the region, Google researchers say (CyberScoop) Google: Nation-state phishing campaigns expanding to target Eastern Europe orgs (The Record by Recorded Future) SolarWinds hackers set up phony media outlets to trick targets (CyberScoop) SOLARDEFLECTION C2 Infrastructure Used by NOBELIUM in Company Brand Misuse (Recorded Future) Experts discover a Chinese-APT cyber espionage operation targeting US organizations (VentureBeat) Operation CuckooBees: Cybereason Uncovers Massive Chinese Intellectual Property Theft Operation (Cybereason Nocturnus) Operation CuckooBees: Deep-Dive into Stealthy Winnti Techniques (Cybereason) Chinese hackers cast wide net for trade secrets in US, Europe and Asia, researchers say (CNN) Researchers tie ransomware families to North Korean cyber-army (The Record by Recorded Future) The Hermit Kingdom's Ransomware Play (Trellix) New espionage group is targeting corporate M&A (TechCrunch) Cyberespionage Group Targeting M&A, Corporate Transactions Personnel (SecurityWeek) UNC3524: Eye Spy on Your Email (Mandiant) Yokogawa CENTUM and ProSafe-RS (CISA) Cops ignored call to nearby robbery, preferring to hunt Pokémon (Graham Cluley)
Chip shortages aren’t anything new but the lack of ICs is hampering the ability to make chips as the manufacture of the machinery used in chip fabrication is delayed due to the lack of chips. Spotify is making its official appearance in Roblox with Spotify Island. Nica Montford highlights Kunle Olukotun and his key roleContinue reading "It Takes Chips to Make Chips – DTNS 4267"
Chip shortages aren’t anything new but the lack of ICs is hampering the ability to make chips as the manufacture of the machinery used in chip fabrication is delayed due to the lack of chips. Spotify is making its official appearance in Roblox with Spotify Island. Nica Montford highlights Kunle Olukotun and his key role in advancing multithreaded and parallel processing chip architecture. And Amazon will now be supporting EPUB. But what is EPUB and what makes it important? Starring Tom Merritt, Sarah Lane, Nica Montford, Roger Chang, Amos, Joe MP3 Download Using a Screen Reader? Click here Multiple versions (ogg, video etc.) from Archive.org Follow us on Twitter Instgram YouTube and Twitch Please SUBSCRIBE HERE. Subscribe through Apple Podcasts. A special thanks to all our supporters–without you, none of this would be possible. If you are willing to support the show or to give as little as 10 cents a day on Patreon, Thank you! Become a Patron! Big thanks to Dan Lueders for the headlines music and Martin Bell for the opening theme! Big thanks to Mustafa A. from thepolarcat.com for the logo! Thanks to our mods Jack_Shid and KAPT_Kipper on the subreddit Send to email to firstname.lastname@example.org Show Notes To read the show notes in a separate page click here!
Russian and Ukrainian operators exchange cyberattacks. Wiper malware: contained, but a potentially resurgent threat. #OpRussia update. DDoS in Romania. Flash loan caper hits a DeFi platform. Coca-Cola investigates Stormous breach claims. CISA issues two new ICS advisories. Caleb Barlow on cleaning up the digital exhaust of your home. Our guests are Freddy Dezeure and George Webster on reporting cyber risk to boards. A Declaration for the Future of the Internet. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/83 Selected reading. Russian missiles bombard Kyiv during UN chief's visit (The Telegraph) Zelenskiy urges ‘strong response' after Russia strikes Kyiv during UN Ukraine visit (the Guardian) Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector (Security Affairs) Ongoing DDoS attacks from compromised sites hit Ukraine (Security Affairs) Ukraine's Digital Battle With Russia Isn't Going as Expected (Wired) CISA and FBI Update Advisory on Destructive Malware Targeting Organizations in Ukraine (CISA) Government and researchers keep US attention on Russia's cyber activity in Ukraine (The Record by Recorded Future) CISA Adds New Russian Malware to Cyber Advisory (Nextgov) An Overview of the Increasing Wiper Malware Threat (Fortinet Blog) Cyber Attacks Hit Romanian Government Websites (Balkan Insight) More than $13 million stolen from DeFi platform Deus Finance (The Record by Recorded Future) Coca-Cola Investigates Hacking Claim (Wall Street Journal) Coca-Cola investigating data breach claims by Stormous group (Computing) Has 'clown show' hacking gang Stormous really breached Coca-Cola? (Tech Monitor) Delta Electronics DIAEnergie (CISA) Johnson Controls Metasys (CISA) 1 A Declaration for the Future of the Internet (The White House) FACT SHEET: United States and 60 Global Partners Launch Declaration for the Future of the Internet (The White House) US joins 55 nations to set rules for internet, with eye on China and Russia (South China Morning Post) China, India, Russia missing from future of internet pledge by US, EU, and 33 others (ZDNet) US, partners launch plan for 'future' of internet, as China, Russia use 'dangerous' malign practices (Fox News) U.S. joins 55 nations to set new global rules for the internet (Reuters)
A look at Russian malware used against Ukrainian targets. Actual and potential targets harden themselves against Russia cyberattacks. Sanctions and the criminal underworld. Conti's fortunes. A credential stealer resurfaces in corporate networks. BlackCat ransomware warning. Tomer Bar from SafeBreach discusses MuddyWaters. Dr. Christopher Emdin previews his new book STEM, STEAM, Make, Dream. CISA releases three more ICS security advisories. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/78 Selected reading. Russia outlines when Ukraine war will end (Newsweek) Russia racing against clock to win Ukraine war before May 9 'Victory Day' (Newsweek) A deeper look at the malware being used on Ukrainian targets (The Record by Recorded Future) Ukraine ramps up cyber defences to slow surge in attacks (The Straits Times) Five Eyes Alert Warns of Heightened Risk of Russian Cyber Attacks (Bloomberg) Preparing for Energy Industry Cyberattacks (Wall Street Journal) US sets dangerous precedents in cyberspace (Global Times) Russia's War in Ukraine Has Complicated the Means Through Which Cybercriminals Launder Funds. Here's How They're Adapting (Flashpoint) U.S. Treasury Designates Facilitators of Russian Sanctions Evasion (U.S. Department of the Treasury) Russia says nyet, sanctions Mark Zuckerberg, LinkedIn's Roslansky, VP Harris and other US leaders (TechCrunch) Russia's War in Ukraine Has Complicated the Means Through Which Cybercriminals Launder Funds. Here's How They're Adapting (Flashpoint) GOLD ULRICK continues Conti operations despite public disclosures (Secureworks) Costa Rica's Alvarado says cyberattacks seek to destabilize country as government transitions (Reuters) Hackers Spearphish Corporate Hiring Managers with Poisoned Resumes, Infecting Them with the More_Eggs Malware, Warns eSentire (eSentire) BlackCat/ALPHV Ransomware Indicators of Compromise (IC3) FBI: BlackCat ransomware breached at least 60 entities worldwide (BleepingComputer) Delta Electronics ASDA-Soft (CISA) Johnson Controls Metasys SCT Pro (CISA) Hitachi Energy MicroSCADA Pro/X SYS600 (CISA)