Podcasts about morphisec

This week, we are joined by Michael Gorelik, Chief Technology Officer from Morphisec, discussing their work on "New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms." A new threat dubbed Noodlophile Stealer is exploiting the popularity of AI-powered content tools by posing as fake AI video generation platforms, luring users into uploading media in exchange for malware-laced downloads. Distributed through convincing Facebook groups and viral campaigns, the malware steals browser credentials, cryptocurrency wallets, and can deploy a remote access trojan like XWorm. The campaign uses a layered, obfuscated delivery chain disguised as legitimate video editing software, making it both deceptive and difficult to detect. The research can be found here: ⁠⁠New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Michael Gorelik, Chief Technology Officer from Morphisec, discussing their work on "New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms." A new threat dubbed Noodlophile Stealer is exploiting the popularity of AI-powered content tools by posing as fake AI video generation platforms, luring users into uploading media in exchange for malware-laced downloads. Distributed through convincing Facebook groups and viral campaigns, the malware steals browser credentials, cryptocurrency wallets, and can deploy a remote access trojan like XWorm. The campaign uses a layered, obfuscated delivery chain disguised as legitimate video editing software, making it both deceptive and difficult to detect. The research can be found here: ⁠⁠New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Learn more about your ad choices. Visit megaphone.fm/adchoices

According to Morphisec, industry research estimates 60 percent of ransomware attacks bypass traditional detection tools, leaving businesses vulnerable. In this episode, host Paul John Spaulding is joined by Steve Morgan, Founder of Cybersecurity Ventures and Editor-in-Chief at Cybercrime Magazine, to discuss. The Cybercrime Magazine Update airs weekly and covers the latest news, interviews, podcasts, reports, videos, and special productions from Cybercrime Magazine, published by Cybersecurity Ventures. For more on cybersecurity, visit us at https://cybersecurityventures.com

C'est une menace qui se fait discrète… trop discrète. Détecté en mars dernier par les chercheurs de Morphisec, ResolverRAT fait partie de ces malwares capables d'accéder à distance à une machine infectée, d'en extraire des fichiers ou d'exécuter des commandes. Un fonctionnement classique pour un RAT, un Remote Access Trojan. Mais ce qui le rend redoutable, c'est sa manière de passer sous les radars. ResolverRAT ne s'installe pas vraiment. Il s'exécute uniquement en mémoire, sans jamais écrire de fichier sur le disque dur, ni modifier de programme existant. Résultat : les antivirus classiques et même les systèmes EDR (Endpoint Detection and Response), pourtant plus évolués, peinent à le repérer.Le vecteur d'infection reste le bon vieux phishing, avec une recrudescence dans le secteur de la santé. Les victimes reçoivent un e-mail contenant une archive. À l'intérieur : un programme tiers légitime, hpreader.exe, signé et valide – déjà utilisé dans d'autres campagnes malveillantes – et une bibliothèque corrompue. À l'exécution, le programme charge cette DLL malicieuse sans poser de question. Et l'infection débute. Le code s'exécute alors directement dans la mémoire vive, en détournant un mécanisme du framework .NET pour y injecter ses propres modules. Une architecture complexe : composants chiffrés, chaînes masquées, présence furtive dans le registre Windows, et surtout, une capacité à communiquer via des connexions chiffrées sans dépendre des certificats de la machine. Les données extraites sont morcelées en blocs de 16 Ko, évitant ainsi toute alerte liée à une consommation anormale de bande passante.Morphisec a observé des variantes du malware dans de nombreuses langues : italien, hindi, tchèque, turc, portugais, indonésien… Les indices laissent penser à une opération internationale, avec une infrastructure rappelant d'autres familles bien connues comme Rhadamanthys ou Lumma. Mais ici, il s'agirait d'une souche inédite, construite sur mesure pour l'invisibilité. Face à une menace aussi furtive, les outils classiques sont dépassés. La meilleure défense reste la prévention. Ne cliquez pas sur des fichiers inattendus. Méfiez-vous des messages urgents. Vérifiez systématiquement l'identité de l'expéditeur. Même en 2025, ces réflexes restent vos meilleurs alliés contre des menaces de plus en plus sophistiquées. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

In this episode of The BlueHat Podcast, Nic and Wendy are joined by seasoned security researcher, and CTO of Morphisec, Michael Gorelik. Michael discusses his approach to security research, which often begins by exploring PoCs released by other researcher groups and continues through to the release and validation of – sometimes multiple rounds of – fixes. Michael also provides an overview of this BlueHat 2024 presentation from last October and discusses his upcoming participation in the Zero Day Quest Onsite Hacking Challenge.      In This Episode You Will Learn:     How Michael Gorelik transitioned from security researcher to company founder  Deeper motivations driving ethical hackers like Michael Gorelik beyond money  The importance of identifying incomplete security patches before attackers do    Some Questions We Ask:    What are you looking forward to with Zero Day Quest?  Did you have a moral dilemma about hacking when you were younger?  What was your experience like at Deutsche Telekom Laboratories?      Resources:       View Michael Gorelik on LinkedIn    View Wendy Zenone on LinkedIn    View Nic Fillingham on LinkedIn      Related Microsoft Podcasts:       Microsoft Threat Intelligence Podcast    Afternoon Cyber Tea with Ann Johnson    Uncovering Hidden Risks          Discover and follow other Microsoft podcasts at microsoft.com/podcasts    The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network. 

Are you struggling to convert your Proof of Value (POV) to sales? Do your POV periods often extend beyond reasonable timelines? How can you involve multiple evaluators while keeping the process efficient and engaging?In this episode of Cybersecurity Go-To-Market Podcast, Alexei Rubinstein joins Andrew Monaghan to tackle these challenges head-on.

We love to glamorize the adversary-chasing, midnight-oil-burning cybersecurity lifestyle. I'll admit, even I do it sometimes. But the reality of malware research—the intense mental fortitude, the relentless strategic thinking—is often far less romantic and far more essential than we give it credit for. Malware researchers aren't just fighting sophisticated adversaries. They're engaged in a high-stakes, invisible chess game where each move reveals a little more of a hidden enemy. The most significant challenge, however, isn't the malware itself. It's likely the disconnect between the critical work of these researchers and the perception—and support—they receive from leadership. That gap isn't just unfortunate; it's a vulnerability that leaves companies exposed in ways many don't even realize. Despite its impact, malware research remains one of the most misunderstood and demanding roles in cybersecurity. In this episode, Dani Woolf, host of Audience 1st Podcast spoke with Michael Gorelik, CTO of Morphisec, and his insights offered a rare glimpse into a job that's less about reacting to the latest threats and more about building a proactive defense—a foundation that keeps companies several steps ahead. From firefighting immediate threats to pioneering innovative defense strategies, Michael's work underscores the essential, often-overlooked nature of malware research. He emphasizes the critical need for passion and motivation among malware researchers, details the daily responsibilities of malware analysts and incident responders, and explores the ethical challenges faced in the field.  Michael also outlines how Morphisec innovates in the ransomware protection space by leveraging Moving Target Defense and proactive visibility, as well as his philosophy on breaking routines to manage stress and maintain team morale.  The episode also highlights the importance of effective communication between different organizational levels and offers advice to both researchers and executives for enhancing mutual understanding and appreciation.

In today's episode, we delve into how AI-enhanced software Meliorator was used to spread Russian disinformation on X (formerly Twitter), as detailed by the US Justice Department (DoJ). We also discuss the ViperSoftX malware disguising as eBooks on torrents, uncovered by Trellix security researchers, and examine how the new EstateRansomware group exploited a Veeam Backup Software vulnerability to launch attacks. Lastly, we cover Check Point and Morphisec's findings on zero-day vulnerabilities CVE-2024-38112 and CVE-2024-38021, and the urgency of applying Microsoft's recent patches. Video Episode: https://youtu.be/ZeL8oo0HRBY Original URLs: https://www.helpnetsecurity.com/2024/07/10/russian-disinformation-x/ https://thehackernews.com/2024/07/vipersoftx-malware-disguises-as-ebooks.html https://thehackernews.com/2024/07/new-ransomware-group-exploiting-veeam.html https://www.helpnetsecurity.com/2024/07/10/cve-2024-38112-cve-2024-38021/ Sign up for digestible cyber news delivered to your inbox: news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Russian disinformation, AI-enhanced software, Meliorator, social media bot farms, US Justice Department, domain seizure, digital army, fake personas, propaganda, ViperSoftX, malware, eBooks, torrent sites, Common Language Runtime, AutoIt, PowerShell commands, EstateRansomware, Veeam Backup & Replication, FortiGate firewall, vulnerability, ransomware attack, Check Point Research, Windows, CVE-2024-38112, Microsoft, patch, remote code execution, deceptive .url files, cyber threats. Search Phrases: Russian disinformation bot farms AI-enhanced software in social media How Meliorator spreads fake news Protect against ViperSoftX malware Ransomware exploiting Veeam vulnerability FortiGate firewall security flaw Latest cyber threats Check Point Research CVE-2024-38112 vulnerability details Microsoft's latest security patch Prevent remote code execution attacks

Matthew talks with Webster and Ron about “getting grandma to not click on bad things,” how to keep networks secure, and how to avoid a “spear-phishing” attack (as opposed to a just plain “phishing”). Matthew has been in the cybersecurity world for 24 years and he and Morphisec know how to make it EXTREMELY difficult to mount a successful cyber attack. Matthew encompasses a rare combination of qualifications in information security, networking, security research, forensics and incident management. 

Matthew talks with Webster and Ron about “getting grandma to not click on bad things,” how to keep networks secure, and how to avoid a “spear-phishing” attack (as opposed to a just plain “phishing”). Matthew has been in the cybersecurity world for 24 years and he and Morphisec know how to make it EXTREMELY difficult to mount a successful cyber attack. Matthew encompasses a rare combination of qualifications in information security, networking, security research, forensics and incident management. 

In der Nachmittagsfolge sprechen wir heute mit Daniella Moll, Country Manager DACH von Sencrop, über die Finanzierungsrunde in Höhe von 18 Millionen US-Dollar. Sencrop hat mit 20.000 Wetterstationen das nach eigenen Angaben größte vernetzte agrarmeteorologische Datennetzwerk in Europa aufgebaut. Mit einer datengesteuerten Präzisions-Applikation ermöglicht das AgrarTech Startup mehr als 20.000 Landwirten eine pflanzenbezogene Sicht auf die ultralokalen Wetterbedingungen, Krankheits- und Schädlingsrisiken und ihren Bewässerungsbedarf. Sencrop versetzt Landwirte dadurch in die Lage, bessere pflanzenbauliche Entscheidungen zu treffen und so ihre Anbaurisiken zu verringern. Zu den deutschen Kunden des landwirtschaftlichen Tech-Startups zählen wichtige landwirtschaftliche Beratungsinstitutionen der Offizial- und Landberatungen, wie beispielsweise der Bio-Kartoffelverband Oberbayern, Beratungsring Ackerbau Rheinhessen/Pfalz, der Beratungsring Westküste in Schleswig-Holstein, die Universität Bonn und der Bio Innovation Park sowie führende Landmaschinenhandelsunternehmen wie NewTec, Landtechnik Steigra, das Technik Center Alpen (TCA) und mehrere Bewässerungsunternehmen. Sencrop wurde 2016 von Michael Bruniaux und Martin Ducroquet in Lille gegründet. Das französische Startup hat nun in einer Series-B-Finanzierungsrunde 18 Millionen US-Dollar eingesammelt. Der israelische Risikokapitalgeber JVP, der seit 1993 in über 150 Unternehmen investiert hat, darunter Inshur, Control Up, Earnix, Quali, Pyramid, Analytics, Morphisec, Centrical, Anyclip, Leadspace, Nanit, Teridion, 1touch.io, Agrint, Dealhub, Innovopro, Ionir, Opora, SecBI, Upsolver, Vicarius, Valid Network oder Wishi, übernimmt bei der Finanzierung den Lead. Insgesamt hat der VC aus Israel 1,6 Milliarden US-Dollar für die Portfoliounternehmen aufgebracht und 12 Börsengänge begleitet. IT Food, Stellar Impact, IRD Management, BPIfrance, Demeter IM und NCI Waterstart haben sich ebenfalls an der Serie B beteiligt. Mit dem frischen Kapital möchte Sencrop seine Mikroklimatechnologie in Nordamerika und auf den übrigen Weltmärkten einführen.

In deze aflevering gaat Raacha Naoum met Allan van Leeuwen (teamlead Atos Digital Security NL Security Operations Center) en Joris Roef (Presales security consultant bij Atos Digital Security NL) in gesprek over de actualiteit en wat hen hierin bezighoudt.Inhoud SecurityTalks podcast aflevering 4:Uitslag poll: Ransomware, betalen of niet?De SecurityTalks Live talkshow op 21 aprilhttps://securitytalks.motiv.nlNFT's wat zijn dat nou eigenlijk en wat is het securityrisico?Onderzoeksrapport van MORPHISEC:https://blog.morphisec.com/nft-buyers-beware-journey-of-a-crypto-scammer-how-to-stop-themhttps://web3isgoinggreat.comOKTA HackInformatie rondom hack:https://techcrunch.com/2022/03/22/okta-january-hack-breach/https://www.okta.com/blog/2022/03/oktas-investigation-of-the-january-2022-compromise/https://twitter.com/billdemirkapi/status/1506107157124722690?s=27https://twitter.com/BillDemirkapi/status/1506109961876692996Arrestaties vermoedelijke Lapsus$-leden:https://techcrunch.com/2022/03/24/london-police-lapsus-arrests/Poll: Moet je openbaar gaan op het moment dat je gehacked bent?https://form.typeform.com/to/ZQm1vWeELuistertip: BBC Podcast: The Lazarus Heisthttps://www.bbc.co.uk/programmes/w13xtvg9Fun tip: Netflix gaming:https://about.netflix.com/en/news/let-the-games-begin-a-new-way-to-experience-entertainment-on-mobileLees- & kijktip: The Wheel of Timehttps://en.wikipedia.org/wiki/The_Wheel_of_Timehttps://wot.fandom.com/wiki/A_beginning

Ron Reinfeld, CFO @ Moprphisec- Prior to joining Morphisec, Ron served as Chief Financial Officer at IntSights (acquired by Rapid7)  where he oversaw global finance, legal,HR and planning operations. Ron brings over 15 years of financial leadership experience at SaaS companies. He was VP of Finance & Operations at Zooz (acquired by PayU), and has held various financial and operations roles at Cloudshare, Clarizen and Ernst & Young, where he specialized in technology IPOs and M&A. In addition, Ron has held multiple advisory roles at early stage tech startups.

Guy is a Partner at DTCP in the Growth Equity team in Silicon Valley. Guy led DTCP's investments in Replay Technologies (acquired by Intel), FireGlass (acquired by Symantec), and Dynamic Yield (acquired by McDonald's). He also led DTCP's investments in SafeBreach, Morphisec, AppsFlyer, and PerimeterX and represents it as board member/observer.

This week in the Enterprise News: Latent AI, Optiv Security Launches Next-Gen Managed XDR, An Intriguing Update to Mandiant Advantage, ReversingLabs raises $56M to combat software supply chain, Morphisec Announces New Incident Response Services, & more!   Show Notes: https://securityweekly.com/esw238 Visit https://www.securityweekly.com/esw for all the latest episodes!

This week in the Enterprise News: Latent AI, Optiv Security Launches Next-Gen Managed XDR, An Intriguing Update to Mandiant Advantage, ReversingLabs raises $56M to combat software supply chain, Morphisec Announces New Incident Response Services, & more!   Show Notes: https://securityweekly.com/esw238 Visit https://www.securityweekly.com/esw for all the latest episodes! 

Ronen Yehoshua, co-founder and CEO of Morphisec, has over 20 year of technology management and venture capital experience. Prior to Morphisec, Ronen was a partner at Cedar Fund, an international venture capital firm with over $325M under management. In this strategic, hands-on role, he led investments and resided on the boards of several companies in seed and growth stage. Before that, Ronen held key leadership positions in managing, investing, and collaborating with start-up companies and cutting-edge innovations in software and telecom, such as business and technology consultant to the Hutchison Whampoa group, Investment Director at Partner FutureCom, Director of Business Development and Project Manager at ECI Telecom.

This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw222

This week in the Enterprise News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw222

Prior to COVID-19, digital transformation projects were at a pace of their own - slow and experimental. For the fourth installment of SALT Talks: Pandemic Venture Investment Series, presented in partnership with OurCrowd, Ron Moritz, serial cybersecurity entrepreneur and sector expert, will quiz top CEOs from startups Morphisec, ITsMine and ThetaRay on how they are dealing with the unprecedented rush to move enterprise applications from the traditional data center to the cloud, managing rapid cybersecurity innovation successfully and the resulting challenges and opportunities. Featuring Ronen Yehoshua, Chief Executive Officer of Morphisec, Mark Gazit, Chief Executive Officer of ThetaRay, and Kfir Kimhi, Chief Executive Officer of ITsMine. ————————————————————————— To learn more about this episode, including podcast transcripts and show notes, visit *salt.org/talks* ( http://salt.org/talks ) Moderated by Anthony Scaramucci.

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User Adoption in Enterprise Security is Low! In the Enterprise Security News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud and more!   Show Notes: https://securityweekly.com/esw222 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, In the first segment, Zack Moody from AVX Corporation join us for an interview on the Rise of Insider Threat post Covid-19! Next up, Juliet Okafor joins for an interview on Why User Adoption in Enterprise Security is Low! In the Enterprise Security News: Funding announcements from Clearsense, Morphisec, Feedzai, Jumio, Ketch, Living Security, Productiv and Socure. ServiceNow acquires Intellibot, Accenture acquires Cygni, Astadia acquires Anubex, AutoRABIT acquires CodeScan, Kroll Acquires Redscan. GRIMM launches a Private Vulnerability Disclosure program, AttackIQ automates the validation of AI and ML, CircleCI offers CI/CD for ARM in the cloud, Elastic Observability updates, Gigamon and FireEye collaborate on integration of Gigamon Hawk, McAfee unveils MVision cloud, Red Hat OpenShift Service Available on AWS, Sysdig Adds Unified Threat Detection Across Containers and Cloud and more!   Show Notes: https://securityweekly.com/esw222 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

We interview Brett Wahlin, the VP of Security & Trust at Respond Software, Andrew Homer, the VP of Business Development at Morphisec, and Mat Gangwer, the Director of Managed Threat Response at Sophos. Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interview Brett Wahlin, the VP of Security & Trust at Respond Software, Andrew Homer, the VP of Business Development at Morphisec, and Mat Gangwer, the Director of Managed Threat Response at Sophos. Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!

This week, Paul and Matt Alderman talk Enterprise News, to discuss 5 tips on how testers can collaborate with software developers, Imperva discloses a data breach affecting some firewall users, VMware unveils security enhancements in Virtual Cloud Network Offering, and how Veristor and Synack partner to apply Ethical Hackers and AI Technology! In our second segment, we air three pre-recorded interviews from BlackHat 2019 with Chris Kennedy from AttackIQ, Balaji Prasad of BlueHexagon, and Mike Weber of Coalfire! In our final segment, we air three more pre-recorded interviews from BlackHat 2019 with Brett Wahlin of Respond Software, Andrew Homer of Morphisec, and Mat Gangwer from Sophos!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Paul and Matt Alderman talk Enterprise News, to discuss 5 tips on how testers can collaborate with software developers, Imperva discloses a data breach affecting some firewall users, VMware unveils security enhancements in Virtual Cloud Network Offering, and how Veristor and Synack partner to apply Ethical Hackers and AI Technology! In our second segment, we air three pre-recorded interviews from BlackHat 2019 with Chris Kennedy from AttackIQ, Balaji Prasad of BlueHexagon, and Mike Weber of Coalfire! In our final segment, we air three more pre-recorded interviews from BlackHat 2019 with Brett Wahlin of Respond Software, Andrew Homer of Morphisec, and Mat Gangwer from Sophos!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode151 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

All links and images for this episode can be found on CISO Series (https://cisoseries.com/defense-in-depth-cybersecurity-hiring/) Everyone needs more security talent, but what kind of talent, how specialized, and what kind of pressure is hiring requirements putting on security professionals? Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX). Our guest for this episode is one our favorite InfoSec gadflies, Greg van der Gaast. Thanks to this week’s podcast sponsor, Morphisec Detection-based security technologies are by definition reactive, responding to threats after they’ve hit. Morphisec takes an offensive strategy to advanced attacks, dismantling the attack pathways to prevent an attack from ever landing. No detection, no hunting, no clean-up. Watch the on-demand webinar to see how it works. More at www.morphisec.com. On this episode of Defense in Depth, you'll learn: Specialization also veers towards simplifying as Greg said, "A lot of middle of the road positions are being narrowed and dumbed down in a push towards commoditization." Is the collection of so many tools pushing us to more specialization? Have we created our own hiring problem? There are needs for specialists and generalists in cybersecurity. The issue is where do you find the balance from the creation of your toolset to your hiring? Too many open positions for security analysts which isn't a defined role. Sometimes there's an inherent laziness in hiring managers just wanting "a security person" and not understanding their environment as to what they really need. Greg notes that "you can often tell how broken an infosec organisation is just by looking at the job roles they're looking to fill and the job descriptions." If you're developing a tech stack and then looking for people to manage it, that is the reverse way you should be building a security program. Students are eager to learn, but degrees are useless when companies are hiring for specific tools.

In September, security researchers at Cisco Talos and Morphisec made a worst nightmare-type disclosure: the ubiquitous computer cleanup tool CCleaner had been compromised by hackers for more than a month. The software updates users were downloading from CCleaner owner Avast—a security company itself—had been tainted with a malware backdoor.

This week, Michael is joined by Matt Alderman to interview Will Lin, Principal and Founding Investor at Trident Capital Security! In the Security News, Apptio raised $4.6M in Equity, Morphisec raised $12M in Series B, & Dover Microsystems raised $6M "Seed" Round! Last but not least, part two of our second feature interview with Sean D'Souza, author of The Brain Audit! All that and more, on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode75   Visit https://www.securityweekly.com/bsw for all the latest episodes!

This week, Michael is joined by Matt Alderman to interview Will Lin, Principal and Founding Investor at Trident Capital Security! In the Security News, Apptio raised $4.6M in Equity, Morphisec raised $12M in Series B, & Dover Microsystems raised $6M "Seed" Round! Last but not least, part two of our second feature interview with Sean D'Souza, author of The Brain Audit! All that and more, on this episode of Business Security Weekly! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode75   Visit https://www.securityweekly.com/bsw for all the latest episodes!

This week, Apptio raised $4.6M in Equity, Vectra raised $36M in Series D, Morphisec raised $12M in Series B, and more Business Security news! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode75 Visit http://securityweekly.com/category/ssw for all the latest episodes!

This week, Apptio raised $4.6M in Equity, Vectra raised $36M in Series D, Morphisec raised $12M in Series B, and more Business Security news! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode75 Visit http://securityweekly.com/category/ssw for all the latest episodes!