Podcasts about known exploited vulnerabilities catalog

  • 14PODCASTS
  • 42EPISODES
  • 37mAVG DURATION
  • ?INFREQUENT EPISODES
  • Oct 24, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about known exploited vulnerabilities catalog

Latest podcast episodes about known exploited vulnerabilities catalog

The CyberWire
A giant FortiJump for cybercriminals.

The CyberWire

Play Episode Listen Later Oct 24, 2024 38:08


Fortinet confirms a recently rumored zero-day. Officials investigate how restricted chips ended up in products from Huawei. The White House unveils a coordinated AI strategy for national security. Researchers jailbreak LLMs with Deceptive Delight. A new ransomware group exploits vulnerable device drivers. Sensitive documents from a UN trust fund are leaked online. Penn State pays over a millions dollars to settle allegations of inadequate security in government contracts. CISA adds a SharePoint vulnerability to its Known Exploited Vulnerabilities Catalog. A Microsoft report warns of growing election disinformation. On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience.  China is shocked - shocked! - that its space program has drawn the attention of foreign spies.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our industry voices segment, Eric Herzog, CMO of Infinidat, discusses merging cybersecurity and cyber storage resilience.  Selected Reading Mandiant says new Fortinet flaw has been exploited since June (Bleeping Computer) TSMC Cuts Off Client After Discovering Chips Sent to Huawei (Bloomberg) White House unveils plan for US government to keep its edge on AI development (The Record) FACT SHEET: Biden-Harris Administration Outlines Coordinated Approach to Harness Power of AI for U.S. National Security (The White House) New LLM jailbreak method with 65% success rate developed by researchers (SC Media) Embargo Ransomware Disables Security Defenses (GovInfo Security) Misconfigured UN Database Exposes 228GB of Gender Violence Victims' Data (Hackread) Penn State Settles for $1.25M Over Failure to Comply With DoD, NASA Cybersecurity Requirements (SecurityWeek) CISA Warns Active Exploitation of Microsoft SharePoint Vulnerability (Cyber Security News) As Election Looms, Disinformation ‘Has Never Been Worse' (The New York Times)  Microsoft Warns Foreign Disinformation Is Hitting the US Election From All Directions (WIRED) China's space programme targeted by ‘audacity' of foreign agents, anti-spy agency warns (South China Morning Post)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Stealth, command, exfiltrate: The three-headed cyber dragon of Crimson Palace.

The CyberWire

Play Episode Listen Later Sep 10, 2024 30:46


Crimson Palace targets Asian organizations on behalf of the PRC. Europe's AI Convention has lofty goals and legal loopholes. The NoName ransomware gang may be working as a RansomHub affiliate. Wisconsin Physicians Service Insurance Corporation, SLIM CD, and Acadian Ambulance Service each suffer significant data breaches. CISA adds three vulnerabilities to its Known Exploited Vulnerabilities Catalog. Researchers from Ben-Gurion University in Israel develop new techniques to exfiltrate data from air-gapped computers. In our latest Threat Vector segment, David Moulton, Director of Thought Leadership at Unit 42, sits down with Ryan Barger, Director of Offensive Security Services, to explore how AI is revolutionizing offensive security. Sextortion scammers have gone to the dogs.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Threat Vector Segment In this segment of Threat Vector, David Moulton, Director of Thought Leadership at Unit 42, sits down with Ryan Barger, Director of Offensive Security Services, to explore how AI is revolutionizing offensive security. Ryan delves into the practical applications of AI in tasks such as OSINT analysis, payload development, and evading endpoint detection systems. To listen to their full conversation, check out the episode here. You can catch new episodes of Threat Vector every Thursday on the N2K CyberWire network.  Selected Reading Chinese Tag Team APTs Keep Stealing Asian Gov't Secrets (Dark Reading) The AI Convention: Lofty Goals, Legal Loopholes, and National Security Caveats (SecurityWeek) NoName ransomware gang deploying RansomHub malware in recent attacks (Bleeping Computer) Wisconsin Insurer Discloses Data Breach Impacting 950,000 Individuals (SecurityWeek) Payment Gateway SLIM CD Data Breach: 1.7 Million Users Impacted (HACKREAD) Acadian Ambulance service is reporting data breach, exposing almost 3 Million people (Beyond Machines) CISA Warns of Three Vulnerabilities That Are Actively Exploited in the Wild (Cyber Security News) Researchers Detail Attacks on Air-Gapped Computers to Steal Data (Cyber Security News) Sextortion scams now use your "cheating" spouse's name as a lure (Bleeping Computer)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Storm⚡️Watch by GreyNoise Intelligence
Supply Chain Storms Firmware Flurries and Big Tech Trouble In Little China

Storm⚡️Watch by GreyNoise Intelligence

Play Episode Listen Later Mar 26, 2024 58:55


Forecast = Expect a whirlwind of patches with a strong chance of phishing fronts moving in. In this episode of Storm⚡️Watch, we're exploring a plethora of cybersecurity topics that are as turbulent as the weather itself. First is a lively discussion with Nate Warfield from Eclypsium, where we dive into the intricacies of supply chain and firmware safety. Eclypsium's research is pivotal in highlighting critical areas listeners should be aware of, especially concerning supply chain vulnerabilities and firmware-level threats. We're also taking a deep dive into their approach to analyzing CISA's KEV data to understand the dangers lurking within. This week's Cyberside Chat is equally stormy as we pull out the popcorn and preview the Big (Tech) Trouble In Little China, discussing the recent sanctions on APT31 hackers, and the implications of China's newly expanded "Work Secrets" Law. We're also touching upon China's attacks on British MPs and the ongoing U.S. vs. TikTok saga and its broader cybersecurity implications. Tool Time features a look at VulnCheck KEV & Community Extended KEV + NVD APIs, providing listeners with valuable resources for vulnerability management. And in a segment of Shameless Self-Promotion, we're highlighting GreyNoise's innovative approach to the future of honeypots. Our Tag Roundup offers insights into recent tags, active campaigns, and a sneak peek at IP Intention Analysis, ensuring you're up-to-date with the latest cybersecurity trends. The KEV Roundup discusses the latest entries in CISA's Known Exploited Vulnerabilities Catalog, a crucial resource for cybersecurity professionals. Closing the episode, we ponder the possibilities of other dimensions, asking our guests and listeners what they hope to see on the other side. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

Storm⚡️Watch by GreyNoise Intelligence
AI Crime Warnings & The National Vulnerability Database (NVD) Slowdown

Storm⚡️Watch by GreyNoise Intelligence

Play Episode Listen Later Mar 19, 2024 60:27


In this episode of Storm⚡️Watch we're bracing for a tempest of cybersecurity insights. The Cyberside Chat segment takes a deep dive into the Department of Justice's recent announcement regarding AI in crimes, signaling harsher sentences akin to weapon-enhanced offenses. We explore the implications of AI's double-edged sword in criminal justice, the DOJ's Justice AI initiative, and the broader Artificial Intelligence Strategy. We also discuss federal actions to regulate AI, including the Algorithmic Accountability Act of 2022, and the Executive Order on Promoting the Use of Trustworthy Artificial Intelligence in the Federal Government. A study on AI-modified content in peer reviews at AI conferences is examined, highlighting the challenges of distinguishing AI-generated text from human-written content. In the Cyber Spotlight, we shine a light on the National Vulnerability Database (NVD) and its recent slowdown in updates. We discuss the implications for vulnerability management and the cybersecurity community's response, including NIST's efforts to form a consortium to address these issues. Tool Time introduces the Sunlight Certificate Transparency Log, a project aimed at enhancing the scalability and reliability of Certificate Transparency logs. We delve into the new tile-based architecture and its benefits for various stakeholders, including Certificate Authorities, CT monitors and auditors, web browsers, and security researchers. We also engage in some Shameless Self-Promotion, highlighting key insights from the 2024 State of Threat Hunting Report by Censys and tracking the aftermath of Atlassian's Confluence CVE-2023-22527 with GreyNoise. Our Tag Roundup covers recent tags and active campaigns, providing a snapshot of the current threat landscape. Finally, we wrap up the episode with our KEV Roundup, discussing the latest entries in CISA's Known Exploited Vulnerabilities Catalog, and close with a fun question about our dream fictional vehicles. Forecast = Expect a downpour of DDoS with a chance of ransomware gusts, and keep an umbrella handy for data breach drizzles. Episode Slides >> Storm Watch Homepage >> Learn more about GreyNoise >>  

Storm⚡️Watch by GreyNoise Intelligence

Welcome to the latest episode of Storm Watch by GreyNoise Intelligence, hosted by Emily Austin, Kimber Duke, Glenn Thorpe, and boB Rudis. In this episode, we're excited to share some good news about the takedown of the IPStorm Botnet, a significant victory in the fight against cybercrime. The Russian and Moldovan national behind the illegal botnet proxy service has pleaded guilty, marking a significant step forward in international cybersecurity efforts. In breaking news, we discuss the recent SEC complaint filed by AlphV against MeridianLink for not disclosing a breach to the SEC. The breach was linked to Confluence, and we delve into the details of this incident and its implications. We also focus on the CrushFTP RCE. In our regular programming segment, we discuss how Clorox is cleaning house after a cyberattack, with the company's cyber chief leaving as recovery efforts continue. We also talk about Rackspace's hefty $11M ransomware recovery bill, which was linked to an OWASSRF vulnerability. Toyota also makes headlines with a breach confirmed after the Medusa ransomware group threatened to leak data, an incident tied to the CitrixBleed vulnerability. We also discuss the upcoming IRISSCON cybersecurity conference, where Russian cybersecurity experts are expected to present. We reflect on the 20th anniversary of Patch Tuesday, a monthly event that has become a staple in the cybersecurity world. We also give a nod to the upcoming CAMLIS conference, which we'll cover in more detail next week. In our tool time segment, we introduce MaxCVE, a useful tool for cybersecurity professionals, and discuss the importance of container vulnerability scanning awareness.  In our self-promotion segment, we share some of the latest updates and discoveries from Censys and GreyNoise, including the introduction of Censys Search Teams, the discovery of NTC Vulkan infrastructure, and how to get a leg up on initial access ransomware with CISA KEV and GreyNoise tags. We also showcase UX and feature improvements in Sift. Finally, we discuss the latest trends in GreyNoise tags and the importance of the Known Exploited Vulnerabilities Catalog from CISA. We also cover CISA's new initiative to expand scalable cybersecurity services to protect broader critical infrastructure and their recently released Health Sector Guidance Document.  Episode Slides >> Join our Community Slack >> Learn more about GreyNoise >>  

The CyberWire
Update on Chinese cyberespionage incident. ICS vulnerabilities. USB attacks. New KEVs. Updates from Russia's hybrid war, as hacktivists swap DDoS attacks and observers draw lessons learned.

The CyberWire

Play Episode Listen Later Jul 14, 2023 30:52


Developments in the case of China's cyberespionage against government Exchange users. Industrial controller vulnerabilities pose a risk to critical infrastructure. USB attacks have risen three-fold in the first half of 2023. CISA adds two vulnerabilities to its Known Exploited Vulnerabilities Catalog. Ghostwriter's continued activity focuses on Poland and Ukraine. Hacktivist auxiliaries swap DDoS attacks. Awais Rashid from University of Bristol shares insights on threat modeling. Our guest is Chris Cochran from Huntress on the challenges small and medium sized businesses face with cyber security. And lessons learned from cyber warfare in Russia's war. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/133 Selected reading. UK says it's working with Microsoft to understand impact of Chinese email hack (Reuters)  What we know (and don't know) about the government email breach (Washington Post) Yet Another MS CVE: Don't Get Caught In The Storm! (Cynet) China Hacking Was Undetectable for Some Who Had Less Expensive Microsoft Services (Wall Street Journal) Security flaws in Honeywell devices could be used to disrupt critical industries (TechCrunch) APT Exploit Targeting Rockwell Automation Flaws Threatens Critical Infrastructure (SecurityWeek) Rockwell Automation ControlLogix Bugs Expose Industrial Systems to Remote Attacks (The Hacker News)  USB drive malware attacks spiking again in first half of 2023 (BleepingComputer) CISA Adds Two Known Vulnerabilities to Catalog (Cybersecurity and Infrastructure Security Agency CISA) Malicious campaigns target government, military and civilian entities in Ukraine, Poland (Cisco Talos Blog) Belarus-linked hacks on Ukraine, Poland began at least a year ago, report says (Record) Crowdsourced Cyber Warfare: Russia and Ukraine Launch Fresh DDoS Offensives (CEPA). Cyber Operations during the Russo-Ukrainian War (CSIS)

Cyber Briefing
Cyber-Briefing-2023-03-31

Cyber Briefing

Play Episode Listen Later Mar 31, 2023 0:57


windows cyber 500k briefing cacti new target concertgoers known exploited vulnerabilities catalog
The CyberWire
Vulnerabilities newly exploited in the wild. A new cyberespionage campaign. Trends in the C2C marketplace. Hacktivists, other auxiliaries, and the laws of armed conflict.

The CyberWire

Play Episode Listen Later Feb 22, 2023 29:45


CISA adds three entries to its Known Exploited Vulnerabilities Catalog. "Hydrochasma" is a new cyberespionage threat actor. IBM claims the biggest effect of cyberattacks in 2022 was extortion. Social network hijacking in the C2C market. A credential theft campaign against data centers. LockBit claims an attack on a water utility in Portugal. Tim Starks from the Washington Post describes calls to focus on harmonizing cyber regulations. Our guest is Luke Vander Linden, host of the RH-ISAC Podcast. Disrupting Mr. Putin's speech, online, and what the hybrid war suggests about the future of cyber auxiliaries. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/35 Selected reading. CISA Adds Three Known Exploited Vulnerabilities to Catalog (CISA) Hydrochasma: Previously Unknown Group Targets Medical and Shipping Organizations in Asia (Symantec) IBM Security X-Force Threat Intelligence Index 2023 (IBM) S1deload Stealer – Exploring the Economics of Social Network Account Hijacking (Bitdefender Labs)  Cyber Attacks on Data Center Organizations (Resecurity) Hackers Scored Data Center Logins for Some of the World's Biggest Companies (Bloomberg) LockBit gang takes credit for attack on water utility in Portugal (The Record from Recorded Future News)  Ukraine Suffered More Data-Wiping Malware Last Year Than Anywhere, Ever (WIRED)  Ukrainian hackers claim disruption of Russian TV websites during Putin speech (The Record from Recorded Future News)  Ukraine's volunteer cyber army could be model for other nations: experts (Newsweek)  Ukraine's largest charity wants to raise $1.3 million for ‘cyber offensive' (The Record from Recorded Future News)

The CyberWire
Known Exploited Vulnerabilities. Fool's gold. Hacktivists come in both dissident and loyal varieties. Naming and shaming the shameless.

The CyberWire

Play Episode Listen Later Feb 13, 2023 25:55


CISA adds to its Known Exploited Vulnerabilities Catalog. Cl0p claims responsibility for GoAnywhere exploitation. Victims mine for gold; attackers use pig butchering tactics. Hacktivists disrupt Iranian television during Revolution Day observances. Killnet claims a DDoS attack against NATO earthquake relief efforts. CyberWire UK Correspondent Carole Theriault asks what can we learn from the recent Roomba privacy snafu? Rick Howard looks at first principles we considered along the way. And can you name and shame the shameless? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/29 Selected reading. CISA Adds Three Known Exploited Vulnerabilities to Catalog (CISA)  GoAnywhere MFT Zero-Day Exploitation Linked to Ransomware Attacks (SecurityWeek)  Clop ransomware claims it breached 130 orgs using GoAnywhere zero-day (BleepingComputer)  Fool's Gold: dissecting a fake gold market pig-butchering scam (Sophos) Iranian State TV Hacked During President's Speech on Revolution Day (HackRead)  Russian hackers disrupt Turkey-Syria earthquake relief (The Telegraph) Hacking marketplace emerges from Killnet partnership, seeks pro-Russia donations (SC Media) Russian Government evaluates the immunity to hackers acting in the interests of Russia (Security Affairs) Russia's Ransomware Gangs Are Being Named and Shamed (WIRED)

The CyberWire
An update on the Hive ransomware takedown. More DDoS from Killnet. Advisories from CISA, and an addition to the Known Exploited Vulnerabilties Catalog.

The CyberWire

Play Episode Listen Later Jan 27, 2023 26:50


An update on the takedown of the Hive ransomware gang, plus insights from CrowdStrike's Adam Meyers. If you say you're going to unleash the Leopards, expect a noisy call from Killnet. Our guest is ExtraHop CISO Jeff Costlow talking about nation-state attackers in light of ongoing Russian military operations. CISA has released eight ICS advisories, and the agency has also added an entry to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/18 Selected reading. Cybercriminals stung as HIVE infrastructure shut down (Europol) U.S. Department of Justice Disrupts Hive Ransomware Variant (U.S. Department of Justice) Director Christopher Wray's Remarks at Press Conference Announcing the Disruption of the Hive Ransomware Group (Federal Bureau of Investigation) Taking down the Hive ransomware gang. (CyberWire) US hacks back against Hive ransomware crew (BBC News) Cyberattacks Target Websites of German Airports, Admin (SecurityWeek)  Delta Electronics CNCSoft ScreenEditor (CISA)  Econolite EOS (CISA)  Snap One Wattbox WB-300-IP-3 (CISA)  Sierra Wireless AirLink Router with ALEOS Software (CISA). Mitsubishi Electric MELFA SD/SQ series and F-series Robot Controllers (CISA)  Rockwell Automation products using GoAhead Web Server (CISA) Landis+Gyr E850 (CISA)  Mitsubishi Electric MELSEC iQ-F, iQ-R Series (CISA)  CISA Has Added One Known Exploited Vulnerability to Catalog (CISA)

The CyberWire
Disentangling cybercrime from cyberespionage. A threat to the IoT supply chain. What do you do with the hacktivists when they stop being hacktivists? A retired FBI Special Agent is indicted.

The CyberWire

Play Episode Listen Later Jan 24, 2023 29:47


DragonSpark conducts "opportunistic" cyberattacks in East Asia. ProxyNotShell and OWASSRF exploit chains target Microsoft Exchange servers. The IoT supply chain is threatened by exploitation of Realtek Jungle SDK vulnerability. CISA adds an entry to its Known Exploited Vulnerabilities Catalog. A Cisco study finds organizations see positive returns from investment in privacy. What's the hacktivist's postwar future? Joe Carrigan tracks a romance scam targeting seniors. Our guest is Pete Lund of OPSWAT to discuss the security of removable media devices. And a retired G-Man is indicted on multiple charges. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/15 Selected reading. DragonSpark | Attacks Evade Detection with SparkRAT and Golang Source Code Interpretation (SentinelOne) Technical Advisory: Proxy*Hell Exploit Chains in the Wild  (Bitdefender) Realtek SDK Vulnerability Attacks Highlight IoT Supply Chain Threats (Unit 42) CISA Adds One Known Exploited Vulnerability to Catalog (CISA)   2023 Data Privacy Benchmark Study (Cicso) Hacktivism Is a Risky Career Path (WIRED) Retired FBI Executive Charged With Concealing $225,000 In Cash Received From An Outside Source (Department of Justice, U.S. Attorney's Office, District of Columbia)  Former Special Agent In Charge Of The New York FBI Counterintelligence Division Charged With Violating U.S. Sanctions On Russia (Department of Justice, U.S. Attorney's Office, Southern District of New York) Former Senior F.B.I. Official in New York Charged With Aiding Oligarch (New York Times)

Security Masterminds
Why a Data-Driven cybersecurity Defense Will Protect Your Organization With Special Guest, Roger Grimes

Security Masterminds

Play Episode Listen Later Jan 20, 2023 43:35 Transcription Available


Loved this episode? Please leave us a review and rating on your favorite podcast platform!After leaving the CPA industry and becoming a computer trainer, Roger worked his way into the cybersecurity industry, Roger Grimes, a data-driven evangelist, is determined to protect organizations from malicious social engineering attacks, but finds that even his advanced tools are no match for the crafty hackers."Organizations need to defend their infrastructure by identifying their critical data to recognize and respond to threats. Utilizing a data driven defense allows you to detect and respond to threats more quickly and accurately than traditional methods." -Roger GrimesRoger Grimes is a cybersecurity expert and data driven defense evangelist for KnowBe4. He has held a variety of roles throughout his career, and his focus is on fixing the internet and protecting organizations from social engineering attacks.In this episode, you will learn the following:1. How did Roger Grimes go from being a CPA to becoming a cybersecurity expert?2. What was it like to work with John McAfee?3. How did Roger Grimes successfully bluff his way into the cybersecurity industry?About Roger Grimes, CPA, CISSPLinkedIn: https://www.linkedin.com/in/rogeragrimes/eMail: rogerg@knowbe4.comTwitter: https://twitter.com/rogeragrimesShow Notes / Links:Cuckoo's Egg book - https://www.amazon.com/dp/B0083DJXCM?ref_=cm_sw_r_cp_ud_dp_FK52CJS8J6DAJ6JMZJTFData Killers, John McAfee - https://www.amazon.com/dp/031202889X?ref_=cm_sw_r_cp_ud_dp_7N07KYGNG9GGSKMW5Q07FidoNet - https://www.fidonet.org/index.htmlPeter Norton's Guide to the IBM PC - https://www.amazon.com/dp/0136619010?ref_=cm_sw_r_cp_ud_dp_FJ7E13ENVAFXZWR139YDCISA's Known Exploited Vulnerabilities Catalog - https://www.cisa.gov/known-exploited-vulnerabilities-catalogConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/ShowNotes created with Capsho (www.capsho.com)

The CyberWire
Notes on patches. Dark Pink industrial cyberespionage campaign in Asia. Kinsing cryptojacking. Hacktivist DDoS against Iran. Healthcare cyber risk management. Pokémon NFTs.

The CyberWire

Play Episode Listen Later Jan 11, 2023 31:44


Patch Tuesday. CISA releases two ICS Advisories and makes some additions to its Known Exploited Vulnerabilities Catalog. Dark Pink APT is active against Asian targets. Kinsing cryptojacking targets Kubernetes instances. Ukrainian hacktivists conduct DDoS against Iranian sites. Risk exposure and a hospital's experience with ransomware. The Health3PT initiative seeks to manage 3rd-party risk. Tim Starks from the Washington Post's Cyber 202 on cyber rising to the level of war crime. Our guest is Connie Stack, CEO of Next DLP, on the path to leadership within cyber for women. And phishing with Pokémon NFTs. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/7 Selected reading. The Daily 202 (Latest Cybersecurity 202) Microsoft Releases January 2023 Security Updates (CISA) > Adobe Releases Security Updates for Multiple Products (CISA)  Black Box KVM (CISA) Delta Electronics InfraSuite Device Master (CISA) Known Exploited Vulnerabilities Catalog (CISA) Dark Pink (Group-IB) New Dark Pink APT group targets govt and military with custom malware (BleepingComputer) Kinsing cryptojacking. (CyberWire) Ukraine at D+321: "Difficult in places." (CyberWire) Iranian websites impacted by pro-Ukraine DDoS attacks (SC Media)  Ransomware attack against SickKids said to be unusual. (CyberWire) Health3PT seeks a uniform approach to healthcare supply chain issues. (CyberWire) Breaking the glass ceiling: My journey to close the leadership gap. (CyberWire, Creating Connections) Pokémon NFTs used as malware vectors. (CyberWire)

The CyberWire
DPRK cyber ops. Poland warns of Russian cyber activity. Twitter's data incident. A crypto trading exchange is rifled. Ransomware shuts down the Port of Lisbon. Small business opportunities.

The CyberWire

Play Episode Listen Later Jan 3, 2023 28:32


Recent DPRK cyber operations: spying and theft. Twitter's data incident. 3Commas breached. Poland warns of increased Russian offensive cyber activity. Port of Lisbon hit by ransomware. DHS announces SBIR topics. New additions to the Known Exploited Vulnerabilities Catalog. Ben Yelin on the legal conundrum of AI generated code. Our guest is Tanya Janca from She Hacks Purple with insights on API security. And, news flash! LockBit says they have a conscience. (Yeah, right.) For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/1 Selected reading. Recent DPRK cyber operations: spying and theft. (CyberWire) Twitter targeted in extortion hack. (CyberWire) 3Commas' API compromised. (CyberWire) Russian cyberattacks (Special Services)  LockBit activity over the holidays. (CyberWire) CISA Adds Two Known Exploited Vulnerabilities to Catalog (CISA)  DHS Small Business Innovation Research (SBIR) Program FY23 Solicitation (SAM.gov) The SBIR and STTR Programs. (SBIR/STTR)

Cyber Morning Call
Cyber Morning Call - #213 - 07/12/2022

Cyber Morning Call

Play Episode Listen Later Dec 7, 2022 5:42


[Referências do Episódio] - Mustang Panda Uses the Russian-Ukrainian War to Attack Europe and Asia Pacific Targets - https://blogs.blackberry.com/en/2022/12/mustang-panda-uses-the-russian-ukrainian-war-to-attack-europe-and-asia-pacific-targets - KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/known-exploited-vulnerabilities-catalog#top - Cyber-Espionage in the Middle East: Investigating a New BackdoorDiplomacy Threat Actor Campaign - https://www.bitdefender.com/files/News/CaseStudies/study/426/Bitdefender-PR-Whitepaper-BackdoorDiplomacy-creat6507-en-EN.pdf - DEV-0139 launches targeted attacks against the cryptocurrency industry - https://www.microsoft.com/en-us/security/blog/2022/12/06/dev-0139-launches-targeted-attacks-against-the-cryptocurrency-industry/ - Android Security Bulletin—December 2022 - https://source.android.com/docs/security/bulletin/2022-12-01?hl=en&utm_source=pocket_reader [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

The CyberWire
Cyberespionage, privateering, hacktivism and influence operations, in Ukraine, Russia, the Middle East, and elsewhere. Criminals need quality control, too. A new entry in CISA's KEV Catalog.

The CyberWire

Play Episode Listen Later Dec 6, 2022 33:45


A Chinese cyberespionage campaign is believed to be active in the Middle East. Poor quality control turns ransomware into a wiper, and a typo crashes a cryptojacker. A large DDoS attack is reported to have hit a Russian state-owned bank. Privateers compromise Western infrastructure to stage cyberattacks. Cyber operations against national morale. A look at the Vice Society. Ben Yelin on the growing concerns over TicTok. Ann Johnson from Afternoon Cyber Tea speaks with Charles Blauner about the evolution of the CISO role. And CISA has added an entry to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/232 Selected reading. BackdoorDiplomacy Wields New Tools in Fresh Middle East Campaign (Bitdefender Labs)  The Story of a Ransomware Turning into an Accidental Wiper | FortiGuard Labs (Fortinet Blog)  Syntax errors are the doom of us all, including botnet authors (Ars Technica)  Russia's No. 2 bank VTB suffers largest DDoS in history (Computing)  Russia compromises major UK and US organisations to attack Ukraine (Lupovis)  Russia's online attacks target Ukrainians' feelings (POLITICO)  Vice Society: Profiling a Persistent Threat to the Education Sector (Unit 42) CISA Adds One Known Exploited Vulnerability to Catalog (CISA)

Cyber Morning Call
Cyber Morning Call - #209 - 30/11/2022

Cyber Morning Call

Play Episode Listen Later Nov 30, 2022 4:58


[Referências do Episódio] - MIT Technology Review - The Cyber Defense Index 2022/23 - https://mittrinsights.s3.amazonaws.com/CDIreport.pdf - KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/known-exploited-vulnerabilities-catalog - ATTACKER USES A POPULAR TIKTOK CHALLENGE TO LURE USERS INTO INSTALLING MALICIOUS PACKAGE - https://checkmarx.com/blog/attacker-uses-a-popular-tiktok-challenge-to-lure-users-into-installing-malicious-package/ - Hackers Exploit RCE Vulnerability in Windows Internet Key Exchange - https://cyware.com/news/hackers-exploit-rce-vulnerability-in-windows-internet-key-exchange-ce908a01/?web_view=true - Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs - https://www.hackread.com/authentication-bypass-flaw-fortinet-products/ [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

cyber epis apresenta refer ficha morning call known exploited vulnerabilities catalog
The CyberWire
A look back at midterm cybersecurity. Communications security lessons learned in Ukraine. Known Exploited Vulnerabilities and Patch Tuesday. Off-boarding deserves some attention.

The CyberWire

Play Episode Listen Later Nov 9, 2022 27:10


US midterm elections proceed without cyber disruption. Communications security lessons learned. CISA publishes new entries to its Known Exploited Vulnerabilities Catalog. Patch Tuesday notes. Carole Theriault examines cross border money laundering. The FBI's Bryan Vorndran offers guidance on how companies should think about their exposure in china. And a recent study finds reasons to be concerned about off-boarding. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/216 Selected reading. Taking a look at election security on US midterm Election Day. (CyberWire) Communications Security: Lessons Learned From Ukraine (BlackBerry) CISA Adds Seven Known Exploited Vulnerabilities to Catalog (CISA) Microsoft November 2022 Patch Tuesday (SANS Institute)  November Patch Tuesday Updates | 2022 (Syxsense Inc)  Microsoft Fixes Six Actively Exploited Flaws (Decipher)  Microsoft fixes ProxyNotShell Exchange zero-days exploited in attacks (BleepingComputer) Microsoft Scrambles to Thwart New Zero-Day Attacks (SecurityWeek)  Infrastructure access and security. (CyberWire)

The CyberWire
US Department of Justice unseals three indictments in PRC spying cases. CERT-UA warns of Cuba ransomware phishing. Varonis discovers Windows vulnerabilities. CISA expands KEV Catalog.

The CyberWire

Play Episode Listen Later Oct 25, 2022 26:19


US Department of Justice unseals three indictments in PRC spying cases. CERT-UA warns of Cuba ransomware group phishing campaign. Varonis discovers two Windows vulnerabilities. Mr Security Answer Person John Pescatore on security through obscurity. Ben Yelin on the DOJ's spying cases against China. CISA expands its Known Exploited Vulnerabilities Catalog with six new entries. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/205 Selected reading. Two Arrested and 13 Charged in Three Separate Cases for Alleged Participation in Malign Schemes in the United States on Behalf of the Government of the People's Republic of China (US Department of Justice) U.S. Justice Department Fires Warning Shot at Chinese Spies (Foreign Policy) Chinese spies charged with trying to thwart Huawei investigation (Quartz) DOJ Charges 13 Over Chinese Interference In US Affairs (Law360)  U.S. Says Chinese Tried to Obstruct Huawei Prosecution (Wall Street Journal) U.S. charges Chinese nationals with schemes to steal info, punish critics and recruit spies (CBS News) Cuba ransomware affiliate targets Ukrainian govt agencies (BleepingComputer) Unattributed RomCom Threat Actor Spoofing Popular Apps Now Hits Ukrainian Militaries (BlackBerry) The Logging Dead: Two Event Log Vulnerabilities Haunting Windows (Varonis)  CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA)

Cyber Morning Call
Cyber Morning Call - #172 - 03/10/2022

Cyber Morning Call

Play Episode Listen Later Oct 3, 2022 4:45


[Referências do Episódio] - CrowdStrike Falcon Platform Identifies Supply Chain Attack via a Trojanized Comm100 Chat Installer - https://www.crowdstrike.com/blog/new-supply-chain-attack-leverages-comm100-chat-installer/ - Customer Guidance for Reported Zero-day Vulnerabilities in Microsoft Exchange Server - https://msrc-blog.microsoft.com/2022/09/29/customer-guidance-for-reported-zero-day-vulnerabilities-in-microsoft-exchange-server/ - Analyzing attacks using the Exchange vulnerabilities CVE-2022-41040 and CVE-2022-41082 - https://www.microsoft.com/security/blog/2022/09/30/analyzing-attacks-using-the-exchange-vulnerabilities-cve-2022-41040-and-cve-2022-41082/ - Amazon‑themed campaigns of Lazarus in the Netherlands and Belgium - https://www.welivesecurity.com/2022/09/30/amazon-themed-campaigns-lazarus-netherlands-belgium/ - KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/known-exploited-vulnerabilities-catalog [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

The CyberWire
A Black Basta update. Okta talks Scatter Swine. Nobelium's MagicWeb. Wartime stress in the cyber underworld. LastPass security incident. CISA adds to its Known Exploited Vulnerabilities Catalog.

The CyberWire

Play Episode Listen Later Aug 26, 2022 27:29


Palo Alto describes the Black Basta ransomware-as-a-service operation. Okta on Scatter Swine, the threat actor that compromised Twilio. Microsoft describes Nobelium's new approach to establishing persistence. Russia's war against Ukraine has induced stresses in the cyber underworld. LastPass discloses a security incident. Josh Ray from Accenture on cyber crime and the cost-of-living crisis. Our own Dave Bittner sits down with Chris Handman from TerraTrue to discuss how he works to transform legal teams into advocates and collaborators that can ensure privacy is baked in every step of the way. And CISA adds ten entries to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/165 Selected reading. Threat Assessment: Black Basta Ransomware (Palo Alto Networks Unit 42) MagicWeb: NOBELIUM's post-compromise trick to authenticate as anyone (Microsoft Threat Intelligence Center) Microsoft Uncovers New Post-Compromise Malware Used by Nobelium Hackers (The Hacker News) Microsoft: Russian hackers gain powerful 'MagicWeb' authentication bypass (ZDNET) Detecting Scatter Swine: Insights into a relentless phishing campaign (Okta Security) Twilio hackers hit over 130 orgs in massive Okta phishing attack (BleepingComputer) Twilio says breach also compromised Authy two-factor app users (TechCrunch) How the war in Ukraine is reshaping the dark web (New Statesman) Notice of Recent Security Incident (The LastPass Blog) LastPass Says Source Code Stolen in Data Breach (SecurityWeek) LastPass developer systems hacked to steal source code (BleepingComputer)

Cyber Morning Call
Cyber Morning Call - #145 - 23/08/2022

Cyber Morning Call

Play Episode Listen Later Aug 23, 2022 6:24


[Referências do Episódio] - A Tale of PivNoxy and Chinoxy Puppeteer - https://www.fortinet.com/blog/threat-research/pivnoxy-and-chinoxy-puppeteer-analysis - Escanor Malware Delivered In Weaponized Microsoft Office Documents - https://resecurity.com/blog/article/escanor-malware-delivered-in-weaponized-microsoft-office-documents - Known Exploited Vulnerabilities Catalog - https://www.cisa.gov/known-exploited-vulnerabilities-catalog - Doctor Web identifies attack on WhatsApp and WhatsApp Business messengers installed on counterfeit Android devices - https://news.drweb.com/show/?i=14542&lng=en - GAIROSCOPE: Injecting Data from Air-Gapped Computers to Nearby Gyroscopes - https://arxiv.org/abs/2208.09764 - Vídeo demonstrando o GAIROSCOPE - https://www.youtube.com/watch?v=5sUQ0jG01dw&t=12s [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

The CyberWire
Notes on the hybrid war. Criminal gang hits travel and hospitality sectors. Additions to CISA's Known Exploited Vulnerabilities Catalog. CISA issues five ICS security advisories.

The CyberWire

Play Episode Listen Later Aug 19, 2022 31:03


Killnet claims a DDoS campaign against Estonia. The head of GCHQ calls Russian cyber operations a failure. US Cyber Command concludes its "hunt forward" mission in cooperation with Croatia. A criminal gang targets the travel and hospitality sectors. Thomas Pace of NetRise shares insights on firmware vulnerabilities. Daniel Floyd from BlackCloak on Quantifying the Business Need for Digital Executive Protection. CISA issues five ICS security advisories. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/157 Selected reading. Estonia says it repelled major cyber attack after removing Soviet monuments (Reuters) There's a chance regular people didn't even notice: expert on Russian cyber attack (TVP World)  Estonia says it repelled a major cyberattack claimed by Russian hackers. (New York Times) The head of GCHQ says Vladimir Putin is losing the information war in Ukraine (The Economist) Cyber Command deployed 'hunt forward' defenders to Croatia to help secure systems (The Record by Recorded Future) U.S. Cyber Command completes defensive cyber mission in Croatia (CyberScoop) You Can't Audit Me: APT29 Continues Targeting Microsoft 365 (Mandiant) Reservations Requested: TA558 Targets Hospitality and Travel (Proofpoint) Cybercrime Group TA558 Ramps Up Email Attacks Against Hotels (Decipher) CISA Adds Seven Known Exploited Vulnerabilities to Catalog (CISA)  Siemens Linux-based Products (Update G) (CISA) Siemens Industrial Products LLDP (Update B) (CISA) Siemens OpenSSL Affected Industrial Products (CISA) Mitsubishi Electric MELSEC Q and L Series (CISA) Mitsubishi Electric GT SoftGOT2000 (CISA)

The Virtual CISO Moment
VCM Quick Strike for Monday, August 8, 2022

The Virtual CISO Moment

Play Episode Listen Later Aug 8, 2022 12:41


Critical flaws in Emergency Alert System and in some Cisco SOHO routers, new IoT threat, CISA adds Zimbra vulnerability to its Known Exploited Vulnerabilities Catalog, and what you need to do to land a six-figure cybersecurity job. https://www.threatshub.org/blog/warning-critical-flaws-found-in-us-emergency-alert-system/ https://www.theregister.com/2022/08/05/cisco_smb_routers_critical_flaws/ https://thehackernews.com/2022/08/new-iot-rapperbot-malware-targeting.html https://thehackernews.com/2022/08/cisa-adds-zimbra-email-vulnerability-to.html https://fortune.com/education/business/articles/2022/07/27/what-you-need-to-land-a-six-figure-cybersecurity-job/ https://youtube.com/playlist?list=PLZkMMBCZshiO0gu44pAZUM__fpHOrvTcv --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app --- Send in a voice message: https://anchor.fm/virtual-ciso-moment/message Support this podcast: https://anchor.fm/virtual-ciso-moment/support

strike iot cisa emergency alert system zimbra known exploited vulnerabilities catalog cisco soho
Cyber Morning Call
Cyber Morning Call - #129 - 01/08/2022

Cyber Morning Call

Play Episode Listen Later Aug 1, 2022 4:14


[Referências do Episódio] - [CVE-2022-36123] Publish CVE-2022-36123 - https://github.com/sickcodes/security/blob/master/advisories/SICK-2022-128.md - KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/known-exploited-vulnerabilities-catalog - Countdown Timer: Ransomware Themed Phishing Attack - https://cofense.com/blog/countdown-timer-ransomware-themed-phishing-attack - Examining New DawDropper Banking Dropper and DaaS on the Dark Web - https://www.trendmicro.com/en_us/research/22/g/examining-new-dawdropper-banking-dropper-and-daas-on-the-dark-we.html - Brisbane teenager built spyware used by domestic violence perpetrators across world, police allege - https://www.theguardian.com/australia-news/2022/jul/30/brisbane-teenager-built-spyware-used-by-domestic-violence-perpetrators-across-world-police-allege [Ficha técnica] Apresentação: Carlos Cabral Roteiro: Carlos Cabral e Daniel Venzi Edição de áudio: Paulo Arruzzo Narração de encerramento: Bianca Garcia Projeto gráfico: Julian Prieto

Paul's Security Weekly
PSW #742 - John Pescatore

Paul's Security Weekly

Play Episode Listen Later Jul 7, 2022 175:10


Kicking off the show, John Pescatore joins for an interview & will go through his mostly random career choices that led to a long and fun career in information/cybersecurity - and how that ties into today's demand to secure the increase complex supply web of chains. Finally, this week in the Security News: Chaining Zoom bugs is possible to hack users in a chat by sending them a message, Microsoft vulnerabilities down for 2021, CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog, Using NMAP to Assess Hosts in Load Balanced Clusters, Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover, & more! Segment Resources: SANS Cyberstart initiative - https://www.cyberstartamerica.org Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Show Notes: https://securityweekly.com/psw742

microsoft kicking cisa pescatore known exploited vulnerabilities catalog ai hunter
Paul's Security Weekly (Podcast-Only)
PSW #742 - John Pescatore

Paul's Security Weekly (Podcast-Only)

Play Episode Listen Later Jul 7, 2022 175:10


Kicking off the show, John Pescatore joins for an interview & will go through his mostly random career choices that led to a long and fun career in information/cybersecurity - and how that ties into today's demand to secure the increase complex supply web of chains. Finally, this week in the Security News: Chaining Zoom bugs is possible to hack users in a chat by sending them a message, Microsoft vulnerabilities down for 2021, CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog, Using NMAP to Assess Hosts in Load Balanced Clusters, Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover, & more! Segment Resources: SANS Cyberstart initiative - https://www.cyberstartamerica.org Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Show Notes: https://securityweekly.com/psw742

microsoft kicking cisa pescatore known exploited vulnerabilities catalog ai hunter
Paul's Security Weekly TV
Prank Calls, Lazarus APT, WordPress Critical Vulns, CISA Adds 41 Flaws, & Zoom Bugs - PSW #742

Paul's Security Weekly TV

Play Episode Listen Later Jul 6, 2022 104:02


This week in the Security News: Chaining Zoom bugs is possible to hack users in a chat by sending them a message, Microsoft vulnerabilities down for 2021, CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog, Using NMAP to Assess Hosts in Load Balanced Clusters, Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw742

Paul's Security Weekly (Video-Only)
Prank Calls, Lazarus APT, WordPress Critical Vulns, CISA Adds 41 Flaws, & Zoom Bugs - PSW #742

Paul's Security Weekly (Video-Only)

Play Episode Listen Later Jul 6, 2022 104:02


This week in the Security News: Chaining Zoom bugs is possible to hack users in a chat by sending them a message, Microsoft vulnerabilities down for 2021, CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog, Using NMAP to Assess Hosts in Load Balanced Clusters, Critical Vulnerability in Premium WordPress Themes Allows for Site Takeover, & more!   Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw742

The CyberWire
DDoS threat to Lithuania continues. Hacktivists hit Iranian steel mill. Bumblebee loader takes C2C markteshare. CISA adds Known Exploited Vulnerabilities. Music piracy. Where do spies go?

The CyberWire

Play Episode Listen Later Jun 28, 2022 29:12


Distributed denial-of-service attacks against Lithuania. Dark Crystal RAT described. Iranian steel mill suspends production due to cyberattack. Bumblebee rising. CISA adds to its Known Exploited Vulnerabilities Catalog. Music pirate sites brought down by US and Brazilian authorities. Joe Carrigan looks at Apple's private access tokens. Mister Security Answer Person John Pescatore drops some sboms. And where do Russian intelligence officers go after they've been PNGed? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/123 Selected reading. Lithuania targeted by massive Russian cyberattack over transit blockade (Newsweek) Russia's Killnet hacker group says it attacked Lithuania (Reuters) Killnet, Kaliningrad, and Lithuania's Transport Standoff With Russia (Flashpoint) Ukraine Targeted by Dark Crystal RAT (DCRat) | FortiGuard Labs (Fortinet Blog) Cyberattack Forces Iran Steel Company to Halt Production (SecurityWeek) Iran's steel industry halted by cyberattack (Jerusalem Post) Bumblebee: New Loader Rapidly Assuming Central Position in Cyber-crime Ecosystem (Broadcom Software Blogs) CISA Adds Eight Known Exploited Vulnerabilities to Catalog (CISA)  US, Brazil seize 272 websites used to illegally download music (BleepingComputer)  Swiss intel service: Watch out for redeployed Russian spies (AP News)

The CyberWire
Cyber war: a continuing threat, a blurry line between combatants and noncombatants. Chinese cyberespionage and its “plumbing.” CISA adds Known Exploited Vulnerabilities. News from Jersey.

The CyberWire

Play Episode Listen Later Jun 8, 2022 30:25


US officials continue to rate the threat of Russian cyberattack as high. Civilians in cyber war. Broadcast interference and propaganda. A Joint CISA/FBI warning of Chinese cyberespionage. What gets a vulnerability into the Known Exploited Vulnerabilities Catalog? Andrea Little Limbago from Interos and Mike Sentonas from Crowdstrike join us with previews of their RSA conference presentations. And, finally, some Jersey-based cyber campaigns (that's the Bailiwick, not the Garden State). For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/110 Selected reading. Russian Cyber Threat Remains High, U.S. Officials Say (Wall Street Journal) Shields Up: The New Normal (CyberScoop) Russian Government, Cybercriminal Cooperation a 'Force Multiplier' (Decipher)  Opinion The U.S.-Russia conflict is heating up — in cyberspace (Washington Post)  Smartphones Blur the Line Between Civilian and Combatant (Wired) Russian Cyberattack Hits Wales-Ukraine Football Broadcast (Gov Info Security)  People's Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices (CISA) US agencies detail the digital ‘plumbing' used by Chinese state-sponsored hackers (The Record by Recorded Future)  CISA Provides Criteria and Process for Updates to the KEV Catalog (CISA) Reducing the Significant Risk of Known Exploited Vulnerabilities (CISA) Jersey computers used in international cyber-attacks (Jersey Evening Post)

The CyberWire
Managing messaging in a hybrid war.Anti-Tehran hacktivism and Tehran-sponsored cyber ops. Rebranding as sanctions evasion. A threat to firmware. CISA warns of Confluence exploits.

The CyberWire

Play Episode Listen Later Jun 3, 2022 27:29


Moscow wants attention to be paid to its messengers. Western support for Ukraine in cyberspace. US remains on alert for Russian cyberattacks. Iran: anti-government hacktivism and Tehran-sponsored cyber ops. Rebranding as sanctions evasion. A gangland threat to firmware. Johannes Ullrich from SANS on security of browsers caching passwords. Dave Bittner sits down with Perry Carpenter to discuss his new book, "The Security Culture Playbook: An Executive Guide To Reducing Risk and Developing Your Human Defense Layer,''co-author was Kai Roer.. And CISA adds an Atlassian issue to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/107 Selected reading. Russia summons heads of U.S. media outlets, warns of 'stringent measures' (Reuters) US confirms military hackers have conducted cyber operations in support of Ukraine (CNN)  Advancing security across Central and Eastern Europe (Google)  US Justice Department Braces for More Russian Cyberattacks (VOA) Russia, backed by ransomware gangs, actively targeting US, FBI director says (Cybersecurity Dive)  Exiled Iran Group Claims Tehran Hacking Attack (SecurityWeek) Exposing POLONIUM activity and infrastructure targeting Israeli organizations (Microsoft Security)  To HADES and Back: UNC2165 Shifts to LOCKBIT to Evade Sanctions (Mandiant) Russia-Linked Ransomware Groups Are Changing Tactics to Dodge Crackdowns (Wall Street Journal)  Conti Targets Critical Firmware (Eclypsium) Atlassian: Unpatched critical Confluence flaw under attack (Register)  CISA Adds One Known Exploited Vulnerability (CVE-2022-26134) to Catalog (CISA)

The CyberWire
"Pantsdown" firmware vulnerability. ChromeLoader warning. Conti update. Ransomware at SpiceJet. CISA's Known Exploited Vulnerabilities Catalog expands. Kyiv honors Google. Reformed ID thief.

The CyberWire

Play Episode Listen Later May 26, 2022 25:49


"Pantsdown" in QCT Baseboard Management Controllers. A warning on ChromeLoader. Conti updates. Ransomware's effect on SpiceJet. CISA's Known Exploited Vulnerabilities Catalog expands, again. Kyiv honors Google. Josh Ray from Accenture reminds us it's military appreciation month. Our guest is Melissa Bischoping of Tanium with lessons learned from the American Dental Association ransomware attack. And a poacher turned gamekeeper? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/102 Selected reading. Critical 'Pantsdown' BMC Vulnerability Affects QCT Servers Used in Data Centers (The Hacker News) ChromeLoader: a pushy malvertiser (Red Canary)  Conti leaks data stolen during January attack on Oregon county (The Record by Recorded Future)  Is the Conti Ransomware Gang Stronger Apart Then Together? (OODA Loop)  SpiceJet: Passengers stranded as India airline hit by ransomware attack (BBC News)  SpiceJet's woes continue as ransomware attack delays flights (The Loadstar) . SpiceJet's brush with ransomware is a timely reminder to protect yourself against this cyber menace (cnbctv18.com CISA Adds 34 Known Exploited Vulnerabilities to Catalog (CISA)  Mykhailo Fedorov presented the first "Peace prize" to Google (Digital Gov)   Notorious Vietnamese hacker turns government cyber agent (France 24)

The CyberWire
Dateline Moscow, Kyiv, and Minsk: Hacktivisim and privateering. Log4j vulnerabilities more widespread than initially thought. US Cyber Command deploys "hunt forward" team to Lithuania.

The CyberWire

Play Episode Listen Later May 5, 2022 23:55


Hacktivisim and privateering in Moscow, Kyiv, and Minsk. Log4j vulnerabilities are more widespread than initially thought. US Cyber Command deployed a "hunt forward" team to Lithuania. CISA adds five vulnerabilities to its Known Exploited Vulnerabilities Catalog. Jen Miller-Osborn from Palo Alto Networks discusses the findings from the Center for Digital Government's survey on Getting Ahead of Ransomware. Grayson Milbourne of Webroot/OpenText discusses OpenText's 2022 BrightCloud Threat Report. And Anonymous leaks emails allegedly belonging to the Nauru Police Force. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/87 Selected reading. Russian ally Belarus launches military quick-response drills (Washington Post) Putin's Ukraine War: Desperate Belarus dictator strikes back (Atlantic Council) Russian ransomware group claims attack on Bulgarian refugee agency (CyberScoop) Russia and Ukraine Conflict Q&A | Cybersixgill (Cybersixgill) Threat Advisory: New Log4j Exploit Demonstrates a Hidden Blind Spot in the Global Digital Supply Chain (Cequence) Anonymous Leak 82GB of Police Emails Against Australia's Offshore Detention (HackRead)

The CyberWire
Updates on Russia's hybrid war. Pegasus spyware in the service of espionage. CISA issues alerts and vulnerability warnings. C2C markets. Extradition for Assange? A guilty plea in a US cyberstalking case.

The CyberWire

Play Episode Listen Later Apr 20, 2022 26:03


A Shuckworm update. Pegasus spyware found in UK government officials' phones. CISA issues six ICS security alerts and adds three entries to its Known Exploited Vulnerabilities Catalog. Gangs succeed when criminals run them like a business. Julian Assange moves closer to extradition to the US. Tim Eades from Cyber Mentor Fund on cyber valuations. Our guest is Wes Mullins from deepwatch discussing adversary simulations. And a guilty plea in a high-profile cyberstalking case. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/76 Selected reading. Shuckworm: Espionage Group Continues Intense Campaign Against Ukraine UK Government Reportedly Infected With NSO Group Spyware ‘CatalanGate' Spyware Infections Tied to NSO Group Pegasus Spyware and Citizen Surveillance: What You Need to Know Julian Assange extradition order issued by London court, moving WikiLeaks founder closer to US transfer . Former eBay executive to plead guilty to cyberstalking campaign targeting couple

The CyberWire
Notes on the cyber aspects of the ongoing hybrid war. DDoS in the Marshall Islands. Lapsus$ Group post mortems. US FCC sanctions Kaspersky. CISA adds Known Exploited Vulnerabilities to its Catalog.

The CyberWire

Play Episode Listen Later Mar 28, 2022 24:58


Preparing for the spread of cyberattacks. A look at Cyber operations in the hybrid war. C3 and electronic warfare. The Republic of the Marshall Islands suffers rolling DDoS attacks. Okta gives a detailed account of its experience with the Lapsus$ Group. Lapsus$ under the law enforcement microscope. The FCC sanctions Kaspersky. Malek Ben Salem from Accenture on getting full potential from deception systems. Our guest is Greg Scasny of Blueshift Cybersecurity with remote workforce security concerns. And CISA adds to its Known Exploited Vulnerabilities Catalog. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/59 Selected reading. ‘Preparation, not panic': Top US cyber official asks Americans to look out for Russian hacking efforts CNN Russia hacked Ukrainian satellite communications, officials believe BBC News Chinese cyberattacks on NATO countries increase 116% since Russia's invasion of Ukraine: study Fox Business Why hasn't Russia used its 'full scope' of electronic warfare?Breaking Defense Russian troops' tendency to talk on unsecured lines is proving costly Washington Post Marshall Islands telecom service hit by cyber attack RNZ Okta: "We made a mistake" delaying the Lapsus$ hack disclosure BleepingComputer Who is LAPSUS$, the Big, Bad Cybercrime Gang Hacking Tech's Biggest Companies? Gizmodo FCC puts Kaspersky on security threat list, says it poses “unacceptable risk“ Ars Technica U.S. FCC adds Russia's Kaspersky, China telecom firms to national security threat list Reuters CISA Adds 66 Known Exploited Vulnerabilities to Catalog CISA

Security In Five Podcast
Episode 1142 - The Known Exploited Vulnerabilities Catalog What Is It

Security In Five Podcast

Play Episode Listen Later Jan 24, 2022 8:34


The Cybersecurity and Infrastructure Security Agency is a recently new agency focused on the security of the nation's infrastructure. A new resource, the Known Exploited Vulnerability Catalog is updated with vulnerabilities that are seen to be actively exploited by hackers. This episode goes into the details. Source - https://www.cisa.gov/known-exploited-vulnerabilities-catalog Be aware, be safe. Get ExpressVPN, Secure Your Privacy And Support The Show Become A Patron! Patreon Page *** Support the podcast with a cup of coffee *** - Ko-Fi Security In Five —————— Where you can find Security In Five —————— Security In Five Reddit Channel r/SecurityInFive Binary Blogger Website Security In Five Website Security In Five Podcast Page - Podcast RSS Twitter @securityinfive iTunes, YouTube, TuneIn, iHeartRadio,

The Gate 15 Podcast Channel
The Cybersecurity Evangelist: Ep 15 - Happy New Cyber Habits 2022!

The Gate 15 Podcast Channel

Play Episode Listen Later Jan 11, 2022 29:58


This first TCE episode of 2022 (and first video - on Spotify) includes a few gentle and some not-so-gentle reminders on cybersecurity best practices and practices for better cyber hygiene. I start with a few cybersecurity controls for businesses to buckle down on this year, including identifying assets, vetting vulnerabilities, and pursuing more potent password policies. Then, I actually persist on the password point with some pontification about our predilection for problematic passwords and propose pointers for a more polished password posture. While there's probably nothing new in this episode, I hope it serves as a gentle nudge to promote better cyber hygiene habits – not just resolutions for 2022, but positive habits to develop for all-time toward a more cyber secure you! I also evangelize for a new CISA resource - the Known Exploited Vulnerabilities Catalog. Other resource mentioned in this episode: https://www.consumer.ftc.gov/articles/password-checklist

spotify habits cybersecurity evangelist happy new cisa tce cybersecurity evangelist known exploited vulnerabilities catalog
Cyber Security Headlines
November 19, 2021

Cyber Security Headlines

Play Episode Listen Later Nov 19, 2021 7:42


PerSwaysion phishing campaign still ongoing, and pervasive FBI: FatPipe VPN zero-day exploited by APT for 6 months RedCurl corporate espionage hackers resume attacks with updated tools Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive “Known Exploited Vulnerabilities Catalog” recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.  

apt cisa ciso series known exploited vulnerabilities catalog
Cyber Security Headlines
Week in Review – Nov 8-12, 2021

Cyber Security Headlines

Play Episode Listen Later Nov 12, 2021 21:52


Link to Blog Post This week's Cyber Security Headlines - Week in Review, Nov 8-12, is hosted by Rich Stroffolino with our guest, John Overbaugh, CISO, Alpine Software Group Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive “Known Exploited Vulnerabilities Catalog” recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. All links and the video of this episode can be found on CISO Series.com      

ciso cisa ciso series known exploited vulnerabilities catalog rich stroffolino
Cyber Security Headlines
November 12, 2021

Cyber Security Headlines

Play Episode Listen Later Nov 12, 2021 9:02


EU pharmaceutical giants run old, vulnerable apps and fail to use encryption in login forms Gmail accounts are used in 91% of all baiting email attacks Microsoft warns of uptick in HTML smuggling Thanks to our episode sponsor, Vulcan Cyber The fact that CISA felt the need to release the massive “Known Exploited Vulnerabilities Catalog” recently says everything we need to know about the state of our collective cyber debt. Attend the Vulcan Cyber virtual summit on December 9th and learn how your peers are working to take on cyber risk and mitigate known vulnerabilities at scale. Go to vulcan.io and click the button at the top of the screen to register for the event. For the stories behind the headlines, head to CISOseries.com.

european union microsoft gmail html cisa ciso series known exploited vulnerabilities catalog
The 443 - Security Simplified

On this week's episode of the podcast, we cover a newly discovered method for hiding malicious source code in plain sight, CISA's new Known Exploited Vulnerabilities Catalog, and action from the US Department of Commerce on the Pegasus spyware manufacturer NSO Group.

commerce us department pegasus trojan cisa nso group known exploited vulnerabilities catalog