Podcasts about nyetya

La valeur d'une identité numérique, les tendances émergentes en cybercriminalité et comment contourner une cage de Faraday

Recorded 2/16/18 - This week, Mitch learns about starting a show without Matt with no other plans to control Craig in place. The team discusses Olympic Destroyer and then takes on attribution in light of recent developments with Nyetya. We look at what attribution actually takes and the ease and commonality of planting false flags.

The crew takes on Apache OpenOffice vulns and when you need one CVE versus one hundred. We spend a lot of time discussing signal to noise ratio and Twitter canaries getting things wrong. Of course, we also discuss Bad Rabbit, its relationship to Nyetya, and why OpenOffice vulns are a worry, even to businesses that are run like hippie communes. As per usual, we mostly just make bad jokes.

We haven’t gone around the table and introduced ourselves in some time (about 50k downloads ago), so we take the time we usually complain about things at the top of the show to do that. We have seen a massive amount of “top-tier” threats in the last six months or so. While it might seem like comparing apples and oranges (hint: it is), the crew takes a stab at ranking these recent threats/attacks: CCleaner, Deloitte, Equifax, Nyetya, SEC, Shamoon2, WannaCry. Shockingly, all of us have a different ranking. What’s your list look like? Regarding response: Consistency matters, don’t be clever. We discuss some recent unbelievably boneheaded things we have seen in security response. More importantly, we discuss how you SHOULD respond to an incident. Remember: Complexity kills. Unfortunately, it doesn’t kill thought leaders

Struts - when to patch and when to patch with a vengeance. In light of the Equifax breach, we discuss how patching can make you live better days, Never look back and say, Could have been me. Naturally, that covo leads into the biggest story of the week around Pwning the Supply Chain - CCleaner, Python, and Nyetya style. Avast made some mistakes, but every tech company is susceptible to supply chain attacks. What can companies do to protect themselves and how can users adopt a stronger security posture in this area? We also talk Ex$ploit Economy - Valuing exploits by supply and demand. Zerodium has an extensive price list, what can we discern about the availability and difficulty of various exploits using basic economics?

Enregistré le 2017/08/23

Nyetya, NotPetya, PetrWrap, ExPetr, whatever you want to call it - although Nyetya is clearly the most clever name, not that Warren and I came up with it or anything - has wrecked havoc on the Ukraine and multinational companies doing business there. This episode takes a deep look at the threat, the vectors used, and how it worked. We also discuss how organizations can protect themselves from this and similar threats that we will likely see in the future. Feedback question: Send us links to the shorts Warren (@SecurityBeard) should wear the to Talos party at BlackHat. If we pick your submission, we will send you a Talos loot drop! Tweet us @TalosSecurity #Shorts4Warren or email beerswithtalos@cisco.com

As we pass the midpoint of 2017, we’ve had more than a few high-profile malware attacks. Two of the biggest have been WannaCry, the ransomware attack that went worldwide in May, and NotPetya, the destructive campaign that targeted Ukraine in June, but rapidly became a global menace, creating widespread fear and confusion, not to mention business disruptions. Observers are still settling on a final name for NotPetya, by the way. It’s being called Petya, Nyetya, and GoldenEye, but for this show we’re going to go with NotPetya. In this episode, we’re joined again by Allan Liska, Senior Solutions Architect at Recorded Future, and author of “Ransomware – Defending Against Digital Extortion.” He’ll share his insights on both attacks, and walk us through how his team grappled with the challenge of understanding and communicating the threat to industry. We’ll also talk about what these two attacks mean for the future — do they represent harbingers of the “big one” we all fear? Time to panic? Tune in and find out.

As we pass the midpoint of 2017, we've had more than a few high-profile malware attacks. Two of the biggest have been WannaCry, the ransomware attack that went worldwide in May, and NotPetya, the destructive campaign that targeted Ukraine in June, but rapidly became a global menace, creating widespread fear and confusion, not to mention business disruptions. Observers are still settling on a final name for NotPetya, by the way. It's being called Petya, Nyetya, and GoldenEye, but for this show we're going to go with NotPetya. In this episode, we're joined again by Allan Liska, Senior Solutions Architect at Recorded Future, and author of “Ransomware – Defending Against Digital Extortion.” He'll share his insights on both attacks, and walk us through how his team grappled with the challenge of understanding and communicating the threat to industry. We'll also talk about what these two attacks mean for the future — do they represent harbingers of the “big one” we all fear? Time to panic? Tune in and find out.

When a piece of unprecedented malicious software rampages through thousands of critical networks around the world, it tends to get our full attention. And this week's digital plague, known as Petya (or NotPetya or Nyetya) proved especially vicious. It paralyzed thousands of computers, including those of Ukrainian government agencies, transportation infrastructure, and companies, as well as international targets including Danish shipping firm Maersk and US pharmaceutical giant Merck.

In today's podcast, we hear that recovery from Petya/Nyetya/NotPetya proceeds—and it's not ransomware. Ukraine says Russia's responsible. US warnings of cyberattacks on nuclear power plants may have been premature. NATO members consider when to invoke Article 5 in cyberspace. Islamist inspiration and other political discontents continue to prompt content screening in Europe. Europe is also in punitive mood with respect to regulation. Kaspersky says it will show the US its source code if that's the cost of doing business. Markus Rauschecker from UMD CHHS describes a novel use of kidnapping insurance. And, hey, Lords and Commons: that's not really Windows support asking for your password.

In today's podcast we hear that Petya/Nyetya/NotPetya is almost certainly a wiper, and not ransomware after all. Ukraine blames Russia, but whoever did it had EternalBlue before the ShadowBrokers leaked it. WikiLeaks Vault7 disgorges OutlawCountry, a Linux attack tool. The ShadowBrokers raise their rates. Emily Wilson from Terbium Labs with research on fraud guides on the dark web. Guests are Drew Gidwani, Director of Analytics at ThreatConnect, and Andy Pendergast, VP of Product & Co-Founder at ThreatConnect, speaking about the findings of a recent SANS Survey on Security Optimization. Russia calls for international cooperation to stamp out cybercrime.