POPULARITY
Podcast: Nexus: A Claroty Podcast (LS 32 · TOP 5% what is this?)Episode: Megan Stifel on the Impact of the Ransomware Task ForcePub date: 2025-05-28Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationMegan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.The podcast and artwork embedded on this page are from Claroty, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology, joins the Nexus Podcast to discuss the four years of progress and challenges experienced by the Ransomware Task Force. The RTF was created days before the Colonial Pipeline ransomware incident and in a landmark report, laid out 48 recommendations to the industry that included a framework for critical infrastructure organizations that could help deter and disrupt the operations of ransomware gangs. Stifel covers the growth of the task force and which the of the 48 recommendations have been tackled and which remain. Listen and subscribe to the Nexus Podcast on your favorite platform.
In this episode of The Resilience Rundown, host Thomas Bryant sits down with Taylor Grossman, Deputy Director for Digital Security at the Institute for Security and Technology. Taylor discusses the significant challenges and evolving landscape of ransomware threats, emphasizing their transformation into a national security concern. Discover the origins and achievements of the Ransomware Task Force, initiated in response to the spike in ransomware attacks during the pandemic, targeting critical sectors like healthcare and education. Taylor shares the comprehensive approach of the Task Force, detailing their 48 strategic recommendations aimed at deterring and disrupting ransomware activities, preparing and responding to incidents, and the crucial role of international cooperation in combating these threats.
In this week's Source Code podcast, we go over findings from a newly released Ransomware Task Force report and give an update on the types of data accessed in the Change Healthcare ransomware attack.
On this episode Jen Ellis, co-chair of the Ransomware Task Force, talks about ways of fighting one of the biggest cyber threats to IT departments
Today, we discuss the recent Chirp Systems smart lock vulnerability, Delinea's rapid response to a critical API flaw, and the ongoing debate over ransomware payment policies. Explore the implications of these security breaches and the strategies to enhance digital safety without compromising on the details. Keywords: Cybersecurity, Chirp Systems, Delinea, Ransomware Payment Ban, Smart Locks, API Vulnerability, U.S. Cybersecurity & Infrastructure Security Agency Sources: Chirp Systems Smart Lock Issue: krebsonsecurity.com/2024/04/crickets-from-chirp-systems-in-smart-lock-key-leak Delinea Secret Server SOAP API Vulnerability: helpnetsecurity.com/2024/04/15/delinea-secret-server-vulnerability Ransomware Payment Ban Debate: cybersecuritydive.com/news/ransom-payment-ban-pushback/713206 Feel free to let me know if there are any tweaks you'd like to make! Follow us on Instagram: https://www.instagram.com/the_daily_decrypt/ Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags for the Episode: Cybersecurity, Chirp Systems, Delinea, Ransomware, Smart Lock Security, API Vulnerability, Digital Safety, Cyber Attack, Security Breach, Tech News Search Phrases: Chirp Systems smart lock security issues Delinea SOAP API vulnerability fix Ransomware payment policy debate Cybersecurity latest news Smart lock vulnerabilities and solutions How to secure digital locks from hackers API security breaches and responses Impact of ransomware payment bans Expert analysis on Chirp Systems breach Preventing unauthorized access in smart devices Transcript: Apr16 Welcome back to the Daily Decrypt. Chirp system's smart locks are compromised With hard coded credentials, potentially unlocking 50, 000 U. S. homes remotely, warns the U. S. Cybersecurity Infrastructure Security Agency, highlighting severe oversight in digital security protocols. What can be done to secure these smart locks and prevent unauthorized remote access? Delinea acted swiftly to patch a critical vulnerability in their secret server SOAP API, which could have allowed attackers to gain administrative access and seize sensitive data. And finally, ransomware victims in the US shelled out 1. 5 billion between May 2022 and June of 2023 amidst heated debates over the effectiveness of ransomware payment bans, as highlighted by the Institute for Security and Technology. What strategies are cybersecurity experts recommending to reduce ransom payments without implementing a ban? In a recent warning issued by the U. S. Cybersecurity and Infrastructure Security Agency, or CISA, an estimated 50, 000 smart locks across the country are vulnerable to breaches due to hard coded credentials that allow remote access. These locks, developed by Chirp Systems, have been criticized for storing sensitive access information within their source code, making them susceptible to unauthorized entries with a CVSS severity rating of 9. 1 out of 10. Despite these concerns, Chirp Systems has yet to respond or collaborate with CISA to address these vulnerabilities. The issue first came to light when Matt Brown, a senior systems development engineer at Amazon Web Services, detected the flaw. Brown, while installing the Chirp app to his Access His Apartment, opted to scrutinize the app's security. He discovered that the app stored passwords and private keystrings in a decodable format, leaving residence doors wide open to potential hackers. In response to his findings, Brown approached his leasing office, which provided him with a 50 NFC key fob as a workaround. However, Brown pointed out that the FOB still transmitted the credentials in plain text, vulnerable to cloning via NFC enabled devices. The parent company of Chirp Systems, RealPage, Inc., is currently facing legal challenges including a massive lawsuit supported by the U. S. Department of Justice and multiple state attorneys general. The suits accuse RealPage of using its software to artificially inflate rents through collusion with landlords, employing algorithms that limit negotiation and push maximum possible rents on tenants. In a swift response to a security breach, Delinea, a leading provider of privileged access management solutions, recently addressed a critical vulnerability in their secret server SOAP API. The company first became aware of the issue late last week and took immediate action by blocking SOAP endpoints for its cloud customers. This precaution was necessary to mitigate any potential unauthorized access. while the cloud service was patched on the same day. By Saturday, Delenia confirmed their awareness of the vulnerability and assured that their engineering and security teams had conducted thorough investigations, revealing no evidence of compromised customer data or attempts to exploit the flaw. By Sunday, the company had released an update for Secret Server on premises, version 11. 7. 000001. Effectively fixing the vulnerability and announcing forthcoming patches for earlier versions upon completion of testing. Moreover, Delinea has provided a guide for customers using on premise versions to help determine if their systems were compromised. This includes instructions to generate custom reports to trace potentially unauthorized access, particularly from unfamiliar IP addresses which could indicate malicious activity. Kevin Beaumont, a security researcher, noted that the temporary unavailability of Delinia's secret server cloud last Friday stemmed from a published blog post by security engineer Johnny Yu, who discovered the vulnerability. Yu's post, which included a proof of concept for creating a golden token allowing admin access, was crucial in prompting the company's rapid response. Delinia has also established a continuous monitoring process updates on their service status to ensure ongoing security for their users. They urge all users to review any unusual audit records and verify the authenticity of the secret server mobile application access as part of their comprehensive security measures. In a report issued this past Wednesday, the Institute for Security and Technology's Ransomware Task Force has decided against the need for a ransomware payment ban. The report highlights several reasons, including concerns that a ban might discourage victims from reporting ransom payments, potentially pushing these transactions underground, and the complexity of any Exempting critical infrastructure. Instead of implementing a ban, the task force recommends focusing on 16 milestones they believe will effectively reduce ransom payments. And there's a quote from the RTF co chairs from an email that says, while a ban may be an easier policy lift than activities designing to drive preparedness, it will almost certainly create the wrong kind of impact. They noted a decline in organizations making payments, suggesting that current strategies may already be making an impact. Despite the resistance to a payment ban, the task force revealed that more than half of their proposed measures are already in progress or completed. These include significant policy changes like the requirement for publicly traded companies to report substantial cyber incidents, and the upcoming rule from CISA mandating that US critical infrastructure entities quickly report cyber attacks and ransom payments. The discussion on how best to tackle ransomware continues to evolve. While the Biden administration previously steered clear of a complete ban on ransomware payments, there are renewed calls for reconsidering this policy. Brett Callow, a threat analyst at Emsisoft, is an outspoken supporter of a ban, suggesting that even if attackers may not be aware of state level bans, a national policy might have a significant deterrent effect. The Ransomware Task Force, by figures like Kemba Walden, the former acting National Cyber Director, advocates for bolstering existing efforts rather than imposing new bans, indicating a strategic commitment to enhance cybersecurity resilience amidst ongoing debates. That's all I got for you today. Thanks for tuning in to this quick, news focused episode. Be sure to tune in later this week for a discussion on HackspaceCon, which just took place last weekend in Florida at Kennedy Space Center. Still working on editing that episode, but dogespan and I discussed our key takeaways and we wanted to share them with you. So stick around for that.
Megan Stifel, chief strategy officer for the Institute for Security and Technology and executive director of the Ransomware Task Force, talks about the multitude of efforts being made in tackling the ransomware threat landscape.
Kimsuki has a new reconnaissance tool. The Biden administration shares plans for AI. Reports on the ransomware taskforce report. KillNet recommits to turning a profit. Deepen Desai from Zscaler has the latest stats on Phishing. Our guest is Karen Worstell from VMware with a conversation about inclusivity. And the former CSO at Uber is sentenced. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/87 Selected reading. Kimsuky Evolves Reconnaissance Capabilities in New Global Campaign (SentinelOne) Ransomware Task Force Gaining Ground - May 2023 Progress Report (Ransomware Task Force) Influential task force takes stock of progress against ransomware (Washington Post) For Money and Attention: Killnet Apparently Reorganizes Again (Flashpoint) Killnet Ostracizes Leader of Anonymous Russia, Adding New Chapter to Pro-Kremlin Hacktivist Drama (Flashpoint) Former Uber CSO Joe Sullivan Avoids Prison Time Over Data Breach Cover-Up (Security Week) Former Uber security chief Sullivan avoids prison in data breach case (Washington Post)
Three things to know today The FTC's focus on those who play fast and loose with data An update on the Ransomware Task Force AND A big reason for the tightness of the labor market that's going unmentioned Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/
Trojanized Windows 10 installers are deployed against Ukraine. Alleged booters have been collared, and their sites disabled. A progress report on US anti-ransomware efforts. Suspicion in a cyberattack against India turns toward China. Bryan Vorndran from the FBI's Cyber Division talks about deep fakes. Our guest is Lisa Plaggemier from the National Cybersecurity Alliance (NCA) on the launch of their Historically Black Colleges and Universities Career Program. And hybrid war and fissures in the underworld. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/239 Selected reading. Trojanized Windows 10 Operating System Installers Targeted Ukrainian Government (Mandiant) Federal Prosecutors in Los Angeles and Alaska Charge 6 Defendants with Operating Websites that Offered Computer Attack Services (US Department of Justice) Global crackdown against DDoS services shuts down most popular platforms | Europol (Europol) Readout of Second Joint Ransomware Task Force Meeting (Cybersecurity and Infrastructure Security Agency) US finds its ‘center of gravity' in the fight against ransomware (The Record by Recorded Future) AIIMS cyber attack may have originated in China, Hong Kong (The Times of India) AIIMS Delhi Servers Were Hacked By Chinese, Damage Contained: Sources (NDTV.com) Russia-Ukraine war reaches dark side of the internet (Al Jazeera)
In episode 41 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Valecia Stocchetti, Sr. Cybersecurity Engineer of the CIS Critical Security Controls (CIS Controls); Megan Stifel, Chief Strategy Officer for the Institute for Security and Technology; and Davis Hake, Co-Founder and Vice President of Policy at Resilience Insurance. Together, they discuss their collaboration as members of the Ransomware Task Force to create the "Blueprint for Ransomware Defense." After situating this effort within the evolving ransomware landscape, they explain how organizations can best use the Blueprint as an internal and external resource to minimize their ransomware risk. They also offer insight into how the Blueprint stands apart from other anti-ransomware guides that are currently available.ResourcesFollow Megan on LinkedInFollow Davis on LinkedInRegister for the webinar: Foundational Safeguards: Building Your Cybersecurity FoundationA Blueprint for Ransomware Defense Using the CIS ControlsCybersecurity at Scale: Piercing the Fog of MoreCIS Software Supply Chain Security GuideCIS Community Defense Model 2.0
A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu. You can find the newsletter version of this podcast here. Show notes Risky Biz News: US Ransomware Task Force to go after ransomware top dogs
How can insurers and insureds partner up to combat cyber risk?And how can cyber claims teams create holistic solutions?Our guest today is Michael Phillips, Chief Claims Officer at Resilience at the time of the interview (now Cyber Practice Leader, USA at CFC). He chats with Anthony about his experience in the cyber insurance market.You'll learn:1. The need for partnership with insurers and insureds to combat cyber risk2. Michael's work on the ransomware task force3. Why simply buying the right tool is not the holistic solution to cybersecurity issues4. Is the cyber insurance tech marketplace sustainable or will its capabilities be absorbed into traditional insurers 5. What gaps do cyber claims teams need to close to be able to deliver real value About Michael:Michael Phillips was Chief Claims Officer at Resilience at the time of the interview. Now he is Cyber Practice Leader, USA at CFC, the specialist insurance provider, pioneer in emerging risk and market leader in cyber. Michael also serves as Co-Chair of the Ransomware Task Force convened by the Institute for Security & Technology. An experienced lawyer and underwriter focused on cyber risk, Michael's tech and legal writing has been published by The New Yorker, BuzzFeed, and Bloomberg.__________About Resilience:Resilience is a cyber insurance provider that combines insurance and security solutions for firms in the middle market. The company offers organizations the tools, guidance, and solutions to insure and secure their data. It offers cyber insurance policies with a high level of personal service, market-leading coverage, and bespoke security solutions. The cyber insurance policies are available exclusively through their limited distribution network. Website: http://www.resilienceinsurance.com/ Industry: Cyber Security, Risk Management, TelecommunicationsCompany size: over 100Headquarters: San Francisco, California, United StatesFounded: 2016__________About the host Anthony:Anthony is passionate about cyber insurance. He is the CEO of Asceris, where they enable their clients to respond to cyber incidents quickly and effectively. Anthony is originally from the US, but now lives in Europe with his wife and two children. Get in touch with Anthony on LinkedIn: https://www.linkedin.com/in/anthonyhess/ or email: ahess@asceris.com__________This podcast is produced by our friends at SAWOO
Megan Stifel, the chief strategy officer at the Institute for Security and Technology and co-chair of the Ransomware Task Force, talks about how cyber policy has evolved over time and the Ransomware Task Force's new Blueprint for Ransomware Defense for small and medium-sized businesses.
Two things to know today An update from the Ransomware Task Force AND Apple's implementation of self-service repair is quite something Want to get the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/
Cryptocurrency has become the favored tender for ransomware groups. Because of the intricacies of blockchain technology, it is often difficult for law enforcement to trace criminals who demand cryptocurrency payments. But is there a way to regulate cryptocurrency in a way that provides fewer hiding places for criminals—but doesn't disrupt the market? We speak with Megan Stifel, Policy Officer at the Global Cyber Alliance, who as part of the Ransomware Task Force, issued the recommendation to closely regulate cryptocurrency—but still preserve the market.
We speak with Michael Daniel, President & CEO, Cyber Threat Alliance, a nonprofit that coordinates information sharing between leading cybersecurity companies, including Cisco, McAfee, Palo Alto Networks, Symantec, Verizon and more. Prior to joining the CTA in February 2017, Michael served from June 2012 to January 2017 as Special Assistant to President Obama and Cybersecurity Coordinator on the National Security Council Staff. In this role, Michael led the development of national cybersecurity strategy and policy, and ensured that the US government effectively partnered with the private sector, non-governmental organizations, and other nations. Michael provides the outcomes from the Institute for Security and Technology (IST) Ransomware Task Force (RTF). Conducted in partnership with a broad coalition of experts in industry, government, law enforcement, civil society, and international organizations, the RTF released a comprehensive framework to combat ransomware. We also hear Michael's outlook for the industry and the CTA in 2022, as well as his thoughts on Australia's Ransomware Plan. Recorded 18 November 2021 - MySec.TV version available https://mysecuritymarketplace.com/av-media/cyber-threat-alliance-president-ceo-speaks-on-the-ransomware-task-force/ We last spoke to Michael in Sydney in 2017 - here is that interview https://australiancybersecuritymagazine.com.au/episode-9-cyber-threat-alliance-cta-president-michael-daniel-in-sydney-aisacon17/
Interview linksFollow Michael on Twitter @CyAlliancePrezLearn more about the Cyber Threat AllianceCheck out the Ransomware Task Force, which Michael co-chairsRead Jen's position piece on hack backRapid Rundown linksRead the full text of the Cyber Incident Reporting ActRefresh your memory on the SolarWinds data breachSee who's on the House Homeland Security Committee
Twitch is breached. A newly discovered Iranian threat group is described. A Chinese cyberespionage campaign in India proceeds by phishing. SafeMoon alt-coin is trendy phishbait in criminal circles. As the US prepares to convene an anti-ransomware conference, Russian gangs show no signs of slacking off. Betsy Carmelite from BAH on AI/ ML in cyber defensive operations. Our guest is Adam Flatley of Redacted with recommendations from the Ransomware Task Force. And observations on what counts as compromising material. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/193
With the recent attacks on the Colonial Pipeline and JBS Food, ransomware has become a serious national security issue. Join Dominique Shelton Leipzig and David Biderman in a discussion with Philip Reiner about the critical importance of establishing basic internet security standards. Phillip believes that our neglect in this area has been inexplicable if not inexcusable, and describes how his Institute for Security and Technology was asked to support the Ransomware Task Force to address the critical need for improving basic cybersecurity standards. Philip Reiner is the chief executive officer of the Institute for Security and Technology. His decades of experience in technology and international security include a position as President Obama's Senior Director for South Asia on the National Security Council staff. While serving in the Office of the Under Secretary of Defense for Policy in the Pentagon, he received the Office of the Secretary of Defense Medal for Exceptional Civilian Service.https://securityandtechnology.org/
Craig Newmark Philanthropies recently donated $450,000 to the Institute for Security and Technology to help continue their work started by the Ransomware Task Force, which is a public-private collaboration that the Institute launched earlier this year. In this episode, Craig Newmark, founder of Craigslist and Craig Newmark Philanthropies, joins host Hillarie McClure to discuss this initiative, as well as how his philanthropy is supporting the International Women's Media Foundation and the Coalition Against Online Violence. For more on Craig Newmark Philanthropies, visit https://craignewmarkphilanthropies.org/ • For more on cybersecurity, visit us at https://cybersecurityventures.com/
Wayne Resnick fills in for Bill Handel. The White House has announced a Ransomware Task Force. It's possible that Artificial Intelligence will be grading your tests in the near future. Wayne on the News Late Edition with Jennifer Jones Lee.
The White House announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware returns with a new VNC Module to spy on its victims, and some of the absolute funniest quotes about cyber security & tech in 2021! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702
The White House announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware returns with a new VNC Module to spy on its victims, and some of the absolute funniest quotes about cyber security & tech in 2021! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://securityweekly.com/psw702
This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack Rhysider, Podcaster and Host of the Darknet Diaries Podcast, to discuss the The Journey from a Network Security Engineer to a Podcast Host! In the Security News, the White House Announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware Returns with a new VNC Module to Spy on its Victims, and some of the absolute funniest quotes about cyber security & tech in 2021! Show Notes: https://securityweekly.com/psw702 Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ Visit https://securityweekly.com/eclypsium to learn more about them! https://darknetdiaries.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
This week, we kick off the show with an interview featuring Scott Scheferman, Principal Strategist at Eclypsium, to talk about The BIOS Disconnect and vulnerabilities affecting the BIOSConnect feature within the Dell Client BIOS! Next up, we welcome Jack Rhysider, Podcaster and Host of the Darknet Diaries Podcast, to discuss the The Journey from a Network Security Engineer to a Podcast Host! In the Security News, the White House Announces a Ransomware Task Force, how much money Microsoft has paid out to security researchers last year, Amazon rolls out encryption for Ring doorbells, how a backdoor in popular KiwiSDR product gave root to a project developer for years, Trickbot Malware Returns with a new VNC Module to Spy on its Victims, and some of the absolute funniest quotes about cyber security & tech in 2021! Show Notes: https://securityweekly.com/psw702 Segment Resources: https://eclypsium.com/2021/06/24/biosdisconnect/ Visit https://securityweekly.com/eclypsium to learn more about them! https://darknetdiaries.com/ Visit https://www.securityweekly.com/psw for all the latest episodes! Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly
It's fair to say that the explosive growth in ransomware attacks over the past year or so, combined with the big-game-hunting approach from ransomware operators, has set the cyber insurance industry back on its heels. As the direct and indirect costs of cyber attacks have increased, insurance providers have taken a renewed approach to cyber, and the role they play in helping set standards for detection, resilience and incident response. Michael Phillips is Chief Claims Officer of the cyber insurance firm Resilience. He also serves as Co-Chair of the Ransomware Task Force convened by the Institute for Security & Technology. He joins us with insider insights on how specialists in the cyber insurance world are adapting to a rapidly evolving landscape.
Recorded Future - Inside Threat Intelligence for Cyber Security
It's fair to say that the explosive growth in ransomware attacks over the past year or so, combined with the big-game-hunting approach from ransomware operators, has set the cyber insurance industry back on its heels. As the direct and indirect costs of cyber attacks have increased, insurance providers have taken a renewed approach to cyber, and the role they play in helping set standards for detection, resilience and incident response. Michael Phillips is Chief Claims Officer of the cyber insurance firm Resilience. He also serves as Co-Chair of the Ransomware Task Force convened by the Institute for Security & Technology. He joins us with insider insights on how specialists in the cyber insurance world are adapting to a rapidly evolving landscape.
Ransomware is a big problem that's getting bigger. Learn about a new set of recommendations released by the Institute for Security + Technology's Ransomware Task Force for dealing with the growing threat of ransomware with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. AND: Will all attorneys please join us online for a free, one-hour CLE on June 23, 2021 at 12 pm Pacific where Kip and Jake will teach you how to answer client questions about ransomware? Sign up here: b.link/cle
We don't get far into my interview with the authors of a widely publicized Ransomware Task Force report, before I object that most of its recommendations are “boring” procedural steps that don't directly address the ransomware scourge. That prompts a vigorous dialogue with Philip Reiner, the Executive Director of the Institute for Security and Technology (IST), the report's sponsoring organization, from Megan Stifel, of the Global Cyber Alliance, and Chris Painter, of The Global Forum on Cyber Expertise Foundation. And we, in fact, find several new and not at all boring recommendations among the nearly 50 put forward in the report. In the news roundup, Dmitri Alperovitch has an answer to my question, “Is Putin getting a handle on U.S. social media?” Not just Putin, but every other large authoritarian government is finding ways to bring Google, Twitter and Facebook to heel. In Russia's case, the method is first a token fine, then a gradual throttling of service delivery that makes domestic competitors look better in comparison to the Silicon Valley brand. Mark MacCarthy handicaps the Epic v. Apple lawsuit. The judge is clearly determined to give both sides reason to fear that the case won't go well. And our best guess is that Epic might get some form of relief but not the kind of outcome they hoped for. Dmitri and I marvel at the speed and consensus around regulatory approaches to the Colonial Pipeline ransomware event. It's highly likely that the attack will spur legislation mandating reports of cyber incidents (and without any liability protection) as well as aggressive security regulation from the agency with jurisdiction—TSA. I offer a cynical Washington perspective on why TSA has acted so decisively. Mark and I dig into the signing and immediate court filing against Florida's social media regulation attacking common content moderation issues. Florida will face an uphill fight, but neither of us is persuaded by the tech press's claim that the law will be “laughed out of court.” There is a serious case to be made for almost everything in the law, with the exception of the preposterous (and probably severable) exemption for owners of Florida theme parks. Dmitri revs up the DeHyping Machine for reports that the Russians responded to Biden administration sanctions by delivering another cyberpunch in the form of hijacked USAID emails. It turns out that the attack was garden variety cyberespionage, that the compromise didn't involve access to USAID networks, that it was launched before sanctions, and that it didn't get very far. Jordan Schneider explains the impact of U.S. government policy on the cellular-equipment industry, and the appeal of Open RAN as a way of end-running the current incumbents. U.S. industrial policy could be transformed by the shape-shifting Endless Frontier Act. Jordan and Dmitri explain how. I ask whether we're seeing a deep convergence on industrial policy on both sides of the Pacific, now that President Xi has given a speech on tech policy that could have been delivered by half a dozen Republican or Democratic senators. Finally, Dmitri reviews the bidding in cryptocurrency regulation both at the White House White House and in London. In short hits, we cover: The European Court of Human Rights decision squeezing but not quite killing GCHQ's mass data interception programs and cooperation with the U.S. I offer a possible explanation for the court's caution. A court filing strongly suggesting that the Biden administration will not be abandoning a controversial Trump administration rule that requires visa applicants to register their social media handles with the U.S. government. I speculate on why. A WhatsApp decision not to threaten its users to get them to accept the company's new privacy terms. Instead, I suspect, WhatsApp will annoy them into submission. And, finally, a festival of EU competition law Brussels attacks on Silicon Valley, from Germany and France. And More!
In today's episode we will discuss recommendations put forward by a task force setup to combat the surge of ransomware attacks. - us-cert.cisa.gov: Eviction Guidance for Networks Affected by the SolarWinds and Active Directory/M365 Compromisewww.bleepingcomputer.com: Insurer AXA hit by ransomware after dropping support for ransom payments- www.securityweek.com: AXA Confirms Ransomware Attack Impacted Operations in Asia- arstechnica.com: Pipeline attacker DarkSide suddenly goes dark—here's what we know- www.gov.uk: New plans to boost cyber resilience of UK's critical supply chainsBe sure to subscribe!If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
The Institute for Security and Technology recently published a report titled, “Combating Ransomware: A Comprehensive Framework for Action, Key Recommendations from the Ransomware Task Force.” In their words, the report, “details a comprehensive strategic framework for tackling the dramatically increasing and evolving threat of ransomware, a widespread form of cybercrime that in just a few years has become a serious national security threat and a public health and safety concern.” Joining us to discuss the report is Philip Reiner, Chief Executive Officer at The Institute for Security and Technology.
Recorded Future - Inside Threat Intelligence for Cyber Security
The Institute for Security and Technology recently published a report titled, “Combating Ransomware: A Comprehensive Framework for Action, Key Recommendations from the Ransomware Task Force.” In their words, the report, “details a comprehensive strategic framework for tackling the dramatically increasing and evolving threat of ransomware, a widespread form of cybercrime that in just a few years has become a serious national security threat and a public health and safety concern.” Joining us to discuss the report is Philip Reiner, Chief Executive Officer at The Institute for Security and Technology.
In this episode we discuss one heck of an 'own-goal' that leads to a rather embarrassing situation for an unlucky student. And could we actually see the beginning of the end for Ransomware? We cover the newly formed Ransomware Task Force and how effective we think their approach may be.Episode Notes:The NCSC early warning service: https://www.earlywarning.service.ncsc.gov.uk/The NCSC mitigating malware paper: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
Picture of the Week. REvil hacks Apple supplier Quanta Computer. World-famous Scripps Health taken down. The Big Emotet Botnet Takedown. Emotet's 4,324,770 eMail addresses. Have I Been Pwned domain-wide notifications. QNAP. Gravity NNTP Newsreader updated to v3.0.11.0 Just a bit more about Dan Kaminsky. Closing the Loop. The Ransomware Task Force. We invite you to read our show notes at https://www.grc.com/sn/SN-817-Notes.pdf Hosts: Steve Gibson and Leo Laporte Download or subscribe to this show at https://twit.tv/shows/security-now. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit You can submit a question to Security Now! at the GRC Feedback Page. For 16kbps versions, transcripts, and notes (including fixes), visit Steve's site: grc.com, also the home of the best disk maintenance and recovery utility ever written Spinrite 6. Sponsors: itpro.tv/securitynow promo code SN30 vee.am/securitynow audible.com/securitynow or text securitynow to 500-500
A task force has been enlisted with a list of recommendations for the Biden Administration to help fight a spike in ransomware attacks. For more, KCBS Radio news anchor, Margie Shafer, spoke with Bloomberg News Reporter, Kartikay Mehrotra. See omnystudio.com/listener for privacy information.
Two ransomware incidents in the last week highlight just how bad the issue has gotten—and a new Ransomware Task Force is taking aim at the problem. Vishaal 'V8' Hariprasad joins to talk about the state of the cyberinsurance industry.
Traficomin opas tietomurtojen havaitsemiseenhttps://www.kyberturvallisuuskeskus.fi/fi/julkaisut/opas-tietomurtojen-havaitsemiseenFireEyen julkaisema tekninen kuvaus SUNBURST-takaovestahttps://www.fireeye.com/blog/threat-research/2020/12/sunburst-additional-technical-details.htmlBloombergin uutinen SolarWindsin tietoturvatilanteestahttps://www.bloomberg.com/news/articles/2020-12-21/solarwinds-adviser-warned-of-lax-security-years-before-hackSolarWindsin johtohahmot möivät osakkeita juuri ennen tietoturvapoikkeaman julkaisuahttps://www.washingtonpost.com/technology/2020/12/15/solarwinds-russia-breach-stock-trades/Pfizerin koronarokote takaisinmallinnettuhttps://berthub.eu/articles/posts/reverse-engineering-source-code-of-the-biontech-pfizer-vaccine/Let's Encrypt ja Android-ongelmathttps://arstechnica.com/gadgets/2020/12/lets-encrypt-comes-up-with-workaround-for-abandonware-android-devices/Microsoftin ja McAfeen perustama "Ransomware Task Force"https://www.zdnet.com/article/microsoft-and-mcafee-headline-newly-formed-ransomware-task-force/Center for Internet Security:n ohjeet kiristyshaittaohjelmatapauksissahttps://www.cisecurity.org/white-papers/security-primer-ransomware/Cyberpunk 2077 kiristyshaittaohjelma Androidillehttps://www.kaspersky.com/blog/cyberpunk-2077-ransomware/38196/