Podcasts about red canary

Joe Tidy investigates what may be the cruelest and most disturbing cyber attack in history. A breach so invasive it blurred the line between digital crime and psychological torture. This story might make your skin crawl.Get more from Joe linktr.ee/joetidy.Get the book Ctrl + Alt + Chaos: How Teenage Hackers Hijack the Internet (https://amzn.to/3He7GNs).SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.This show is sponsored by Red Canary. Red Canary is a leading provider of Managed Detection and Response (MDR), helping nearly 1,000 organizations detect and stop threats before they cause harm. With a focus on accuracy across identities, endpoints, and cloud, we deliver trusted security operations and a world-class customer experience. Learn more at redcanary.com.

Our feature guest this week is CW Walker from SpyCloud, interviewed by Frank Victory. News from DIA, the Colorado EDC, Outside, Inc, Urban Sky, Cliexa, Affineon, Webroot, Virtual Armour, Ping Identity, Optiv, Red Canary and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver airport reveals new look, construction end date for Great Hall project Colorado eyes more than 1,500 jobs in state bids to lure companies to Jefferson, Mesa counties Outside expands its outdoors media empire with acquisition of booking software developer Denver company to hire dozens, expand headquarters after funding infusion Denver startup raises $2.8M to bring AI to doctors' offices Denver AI startup tackling physician burnout raises $5M Is your whole digital life protected? 4 ways to address common vulnerabilities Cybersecurity Challenges in the Age of Remote Work Manual vs. Automated Threat Hunting Methods: Finding the Right Approach Fraud Starts with Identity Crime, Not Financial Loss CopyObjection: Fending off ransomware in AWS Upcoming Events: Check out the full calendar Kirkpatrick Price - Winter Park Ski Event - 3/4-3/5 NCC - NICE Local Stakeholders Engagement Event - 3/7 2025 Rocky Mountain Collegiate Cyber Defense Competition (RMCCDC) - 3/7-8 Denver ISSA - March Chapter Meeting - 3/12 ISACA Denver - March Meeting (Online) - 3/20 ISSA Pikes Peak - Chapter Meeting - 3/26 SANS AI Cybersecurity Summit - 3/31-4/7 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Our feature guest this week is Rock Lambros, CEO and founder at Rock Cyber, interviewed by Frank Victory. News from Colorado School of Mines, Lufthansa, Boom Supersonic, Lumen Technologies, LucisPoint, Ping Identity, Optiv, NCC, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel The Coldest Place in the Known Universe Is at the Colorado School of Mines Lufthansa gives Denver first regular service on Airbus A380 - The Points Guy Denver-area company's experimental jet breaks sound barrier three times Lumen Technologies to auction 55-acre suburban campus, move employees to Denver Co-owners' fraud, snooping claims threaten IT firm in Cherry Creek 2025 Predictions for IAM Leaders AI Security and Governance: A Practical Path to Protection How to Protect Your Child's Data After a Breach - National Cybersecurity Center Tangerine Turkey mines cryptocurrency in global campaign | Red Canary Upcoming Events: Check out the full calendar Wild West Hackin' Fest @ Mile High 2025 - 2/4-7 ISSA Denver - Privacy SIG: Hey, Siri: What We Should Get Out of Apple's $95M Snooping Settlement - 2/5 ISSA Denver - Cybersecurity Insights from Denver's Top CISOs - 2/12 Let's Talk Software Security - Are Security Breaches Evidence of Systemic Failures? - 2/18 ISSA COS - Chapter Open House - 2/18 ISACA Denver - Joint meeting with IIA - 2/20 ISSA Denver - AI/ML SIG: AI Revolution Blueprint: Mastering the Art of Strategy and Governance from Ground Zero Workshop - 2/26 ISSA Pikes Peak - Chapter Meeting - 2/26 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Richard Staynings, Chief Security Strategist at Cylera is our feature interview this week, interviewed by Frank Victory. News from NWSL, Red Rocks, Spekit, Fluid Trucks, Lumen, Red Canary, Swimlane and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Just for Kicks: Denver Is Getting a National Women's Soccer League Team Colorado once again boasts the world's most-attended amphitheater Denver to Pueblo in 11 minutes? Hyperloop testing will begin soon in southern Colorado. Denver company acquires AI startup Fast-growing Denver company sells for $10 million in bankruptcy Colorado's new hands-free law, which bans cellphone use while driving, goes into effect Jan. 1 Colorado Department of Law Adopts Amendments to Colorado Privacy Act Rules US telco Lumen says its network is now clear of China's Salt Typhoon hackers | TechCrunch A defender's guide to identity attacks | Red Canary Swimlane Named to Inc.'s 2024 Best in Business List Job Openings: Alterra Mountain Co - IT Security Architect PatientNow - Cybersecurity Engineer NBC Universal - Director, Infrastructure Security Services Spectrum - Security Engineer III Scout Clean Energy - Senior Manager of Cybersecurity and Technology S&P Global - Business Information Security Officer - Enterprise Data Organization Bank of America - Cyber Security Product Manager - Third Party Cyber Assurance York Space Systems - Cyber Security Systems Engineer General Atomics - Space Cyber Security Architect NREL - Cybersecurity Engineer Upcoming Events: Check out the full calendar ISACA Denver - January Chapter Meeting (Online) - 1/9 Let's Talk Software Security - Is Software Security a CISO Priority?- 1/16 CSA Colorado - Building Security Automation That Works-- from Alert Overload to Streamlined Response - 1/21 ISSA Pikes Peak - Chapter Meeting - 1/22 ISACA Denver - SheLeadsTech Event - 1/24 Wild West Hackin' Fest @ Mile High 2025 - 2/4-7 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Click this link to get $5 off at book outlet and to connect with us on Goodreads https://linktr.ee/theliteraryclubpodcast . You can also connect with us at literaryclubpodcast@gmail.com and @literaryclubpodcastFae Games Series - Pawn, Knight and Queen by Karen LynchThe Red Canary by Rachel Scott McDanielA is for Alibi by Sue GraftonTalking as Fast as I Can: From Gilmore Girls to Gilmore Girls by Lauren GrahamA Rumored Fortune by Joanna Davidson PolitanoBreaking Free From Broke: The Ultimate Guide to More Money and Less Stress by George Kamel

Guest: Amine Besson, Tech Lead on Detection Engineering, Behemoth Cyberdefence Topics: What is your best advice on detection engineering to organizations who don't want to engineer anything in security?  What is the state of art when it comes to SOC ? Who is doing well? What on Earth is a fusion center?  Why classic “tiered SOCs” fall flat when dealing with modern threats? Let's focus on a correct definition of detection as code. Can you provide yours? Detection x response engineering - is there a thing called “response engineering”? Should there be? What are your lessons learned to fuse intel, detections, and hunting ops? What is this SIEMless yet SOARful detection architecture? What's next with OpenTIDE 2.0? Resources: Guide your SOC Leaders to More Engineering Wisdom for Detection (Part 9) and other parts linked there Hack.lu 2023: TIDeMEC : A Detection Engineering Platform Homegrown At The EC video OpenTIDE · GitLab  OpenTIDE 1.0 Release blog SpectreOps blog series ‘on detection' Does your SOC have  NOC DNA? presentation Kill SOC Toil, Do SOC Eng blog (tame version) The original ASO paper (2021, still epic!) Behind the Scenes with Red Canary's Detection Engineering Team The DFIR Report – Real Intrusions by Real Attackers, The Truth Behind the Intrusion Site Reliability Engineering (SRE) | Google Cloud  

Jacob Rubin, CSO at Curana Health is our feature interview this week, interviewed by Frank Victory. News from Buc-ee's, Dish Network, Maxar, Red Canary, Optiv and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Second Colorado Buc-ee's in the Works Colorado's Population Growth Is Years Behind Past Forecasts CommonSpirit Health to demolish former TTEC HQ and build 42-acre campus Dish Network-DirecTV deal collapses 10 Colorado businesses make Deloitte's 500 fastest-growing tech companies Space tech giant Maxar confirms hacker accessed employees' personal data From the dreamhouse to the SOC: Ken's guide to security District Attorneys Launch Investigation Into Secretary of State Office Voting System Passwords Leak 6 Tips for a Successful Security Vendor Consolidation Job Openings: Uplight - Vice President, Information Security Loxo - VP, Security and Privacy Bank of America - Business Information Security Officer (BISO) Engagement Senior Lead Fastly - Technology Compliance Lead Kroll - Associate Managing Director, Cyber Risk S&P Global - Head of Corporate Platforms Technology SOX & Controls Management The Trade Desk - Sr Data Privacy Director LaSalle Networks - Director of IT & Security Optiv - Cyber Security Architect Sumo Logic - Senior Security Compliance Analyst Rapid7 - Senior Security Solutions Engineer (SLED) Upcoming Events: This Week and Next: Check out the full calendar TechYeet Holiday Meetup Extravaganza - 12/10 Onspring - Denver GRC Summit - 12/11 COS ISSA - Members Only Holiday Party - 12/12 ISC2 Pikes Peak - December Meeting - 12/13 Denver ISACA + ISC2 - Joint Meeting - 12/19 Let's Talk Software Security - Is Your AppSec Strategy Increasing Cognitive Load of Developers? - 12/19 ISACA Denver - January Chapter Meeting (Online) - 1/9 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Dave Farrow, CISO at Red Canary is our feature interview this week. News from Ball Arena, RigStrips, DISH Network, Fluid Truck, Techstars, Red Canary, Ping Identity and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver rezones Ball Arena property for massive redevelopment Denver startup on 'Shark Tank' signs deal with Raising Cane CEO DirecTV buys Colorado-based Dish as satellite rivals hunker down against onslaught of streaming services Scheme by Fluid Truck defrauded investors of $11M, lawsuit says Techstars revives Boulder accelerator, with a twist Colorado accidentally put voting system passwords online, but officials say election is secure Hackers leak thousands of confidential files from Axis Health System Artificial authentication: Monitoring Azure OpenAI abuse Why Siloed IAM Is a Burden on IT Resources and Security National Cybersecurity Center Opens Registration for 2025 Cybersecurity Certification Courses Job Openings: CommonSpirit - Sys SVP Chief Information Security Officer Invenergy - Director, Cyber Security Programs Boston Consulting Group - Senior Consultant, Cybersecurity - Platinion H&R Block - Director, Security Engineering iTradeNetwork - Director of Information & Security BakerHostetler - Associate - Digital Risk Advisory and Cybersecurity Visa - Global Safety & Security Senior Manager-Engineer– Physical Security Technology Bank of America - Senior Information Security Officer Securitas Security Services - Cyber Security Awareness Analyst Plante Moran - Cybersecurity Compliance Sr. Consultant Upcoming Events: This Week and Next: Check out the full calendar ISSA COS - November Meeting - 11/12 ISC2 Pikes Peak - November Meeting - 11/13 Denver ISSA - Doing more with DSPM - 11/13 Let's Talk Software Security - Are Automated Testing Tools Truly Reducing Risks? - 11/13 WiCyS Colorado 2nd Annual CyberCon - 11/13 Not-So-Secret Secret Speakeasy Cyber Event - 11/14 ISSA COS - November Mini Seminar - 11/16 CSA Colorado - Modernizing big data to help secure your cloud - 11/19 Denver ISSA - Women in Security SIG: Back to Basics - 11/20 ISACA Denver - November Meeting (Online) - 11/21 ISSA and ISACA Annual Holiday Party - 12/4 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

CJ Cox, Chief Operating Officer at Black Hills Information Security is our feature interview this week, interviewed by Frank Victory. News from Sundance Film, Valhallan, Red Canary, Optiv and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Boulder selected as 1 of 3 finalists to host Sundance Film Festival in 2027 Colorado adds a single Michelin-starred restaurant Houston-based esports company opens metro-area training center, plans more Five Colorado small businesses rank among U.S. Chamber's top 100 How Arvada became Colorado's quantum hub The CrowdStrike outage: Detection and defense in depth | Red Canary A Technological Revolution: How AI is Increasing Efficiency in Cybersecurity Top Five Budget-Friendly OT Networking Improvements for Small Manufacturers UCCS Day of Service – Community Cyber Hygiene Open House - National Cybersecurity Center Job Openings: Invenergy - Director, Cyber Security Programs Twilio - Director, Cybersecurity Counsel S&P Global - Head of Security Architecture & Engineering Moody's - VP-Cybersecurity Engineer (Cyber Investigations Manager) The Trade Desk - Sr. Manager, Global Security & Resilience Bank of America - Cloud Security Controls Deployment Specialist – Global Information Security Protiviti - Privacy Management Senior Consultant ZOLL - Information Security Architect Red Canary - Senior Threat Hunter Xcel Energy - Senior Regulatory Security Consultant Upcoming Events: This Week and Next: Secure World Denver - 10/10 ISSA COS - October Meeting - 10/15 Let's Talk Software Security - Is Pursuing CHANGE Essential in AppSec? - 10/15 CSA Colorado - October Meeting: Addressing Material Risks - 10/15 ISACA Denver - October Chapter Meeting (Online only): Auditing with AI - Demos - 10/17 Webinar: Cisco SCOR: Building a Strong Cybersecurity Foundation - 10/17 ISSA COS - October Mini Seminar - 10/19 ISC2 Pikes Peak - October Meeting - 10/23 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Gadalia Montoya Weinberg O'Bryan, CEO and founder at Dapple Security is our feature interview this week, interviewed by our own Frank Victory. News from Southwest Airlines, Alterra Mountain Company, Vail Resorts, Botdoc, Crowdstrike, LogRhythm, Red Canary, Lares, Webroot and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Southwest breaks with 50-year tradition and will assign seats; profit falls at Southwest, American Denver-based ski giants to host Olympics events How the Colorado, New Mexico quantum industry plan to use its federal funding Colorado company strikes AI partnership for security at car dealerships Communications outages from CrowdStrike update cancel RTD trains, shut down Colorado DMVs, hinder first responders A Comparison of AI Regulatory Frameworks Merged Exabeam and LogRhythm cut jobs, face lawsuit Halting a hospital ransomware attack - Red Canary Enhancing Organizational Communication and Culture through Purple Team Testing 7 Tips on Keeping Your Data Private When Using AI - Webroot Blog Job Openings: Pax8 - GRC Analyst City & County of Denver - CISO Lumen - Vice President, Deputy Chief Security Officer CoBank - Director, Internal Controls and Operational Risk, IT Westerra Credit Union - Director of Information Security (Hybrid - must reside in CO Meta - Security Partner - Mergers & Acquisitions (M&A) Robinhood - Enterprise Risk Manager State of Colorado - Cyber Criminal Investigator IV Fastly - Senior Manager, Security Detection and Response Motion Recruitment - GRC Analyst The Trade Desk - Sr Staff Product Manager-Data Governance & Policy Applications - Trust & Safety Upcoming Events: This Week and Next: ISSA COS - August Meeting - 8/13 ISSA Denver - August Meeting, "Incident Response" - 8/14 Let's Talk Software Security - Vulnerability Remediation:Fixing Problems or Creating New Ones? - 8/14 ISSA COS - August Mini Seminar - 8/17 Colorado = Security & Colorado CSA Summer Picnic - 8/24 ISC2 Pikes Peak - August Meeting - 8/28 Denver ISSA - AI/ML Special Interest Group - 8/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Mary Writz, SVP of Product Management at Red Canary is our feature interview this week. News from Tattered Cover, Arrow Electronics, PhotoPacks.ai, Ping Identity, Lares, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Morrison's new cameras flag 9,000 speeders in less than two weeks - Canyon Courier Barnes & Noble CEO explains Tattered Cover bookstores deal New AI summit in Denver to focus on how to address affordability Colorado public companies notch big profits and big losses in DBJ rankings Denver startup uses AI to generate professional headshots How Colorado's tech leaders want the state's new AI law changed Denver lacks comprehensive approach to cybersecurity risks, city auditor says How Session Management Works and Why It's Important The Power of Modern-Day Purple Teaming: A Consultant's Perspective How to Ensure Your Data is Ready for an AI-Driven SOC  | LogRhythm Job Openings: Pax8 - IAM Architect Gates - Sr Cybersecurity Analyst Brownstein Hyatt Farber Schreck - CISO Affirm - Director of Product, Trust & Safety Bank of America - Senior Information Security Officer Meta - Security Partner - Mergers & Acquisitions HealthEdge - Director, Governance, Risk, and Compliance Presidio - Vice President, Cyber Security Practice DAT - Security Analyst 1 Ryder System - Application Security Engineer Upcoming Events: This Week and Next: ISSA COS - Cybersecurity First Friday - 7/12 ISSA COS - July meeting - Conversations that count - 7/16 CSA Colorado - Responding to the Quantum Computing Threat - 7/16 Denver ISSA - BBQ - 7/17 Denver OWASP - AI in the Age of Application Security - 7/17 ISSA COS - July Mini Seminar "Blackout Brainstorm" Tabletop around EMPs - 7/20 Let's Talk Software Security - What do the Developers Think of your Security Program? - 7/23 ISC2 Pikes Peak - July Meeting - 7/24 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

On this episode of The Cybersecurity Defenders Podcast, we speak with Gerard Johansen, Principal Security Solutions Specialist at Red Canary.Gerard is a seasoned expert in the field of cybersecurity. Gerard holds the prestigious Certified Information System Security Professional - or CISSP. His extensive career includes serving as a Special Deputy United States Marshal for the FBI's Connecticut Computer Crimes Task Force and working as a Certification and Accreditation Analyst for a federal inter-agency unit. Gerard has conducted numerous technical and non-technical vulnerability assessments for both financial and government organizations, demonstrating his deep expertise in digital forensics and incident response.With a wealth of experience in risk assessment, cyber threat intelligence, and penetration testing, Gerard is frequently sought after for his knowledge in corporate counterintelligence, threat emulation, and cloud security challenges. He has developed and maintained crucial industry relationships through ongoing professional development and is a trusted resource for information security seminars and training programs.

Guy Sereff, Partner at Michael Best is our feature interview this week. News from Arapahoe Community College, Guild, Katilyst, LogRhythm, Ping Identity, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver Named Number One on List of Best U.S. Cities for Foodies Colorado Legislature Passes First-in-Nation Artificial Intelligence Bill Denver-area community college first to join Space Force effort to teach aerospace workers How Colorado organizations are preparing to fill quantum positions Denver tech firm Guild grew rapidly, now it is shrinking rapidly Katilyst - Out of Stealth and Ready to be Your Security Champion LogRhythm and Exabeam Announce Intent to Merge, Harnessing Collective Innovation Strengths to Lead the Future of AI-Driven Security Operations What Is Liveness Detection? How It Helps Fraud Prevention What to consider when evaluating EDR Job Openings: Pax8 - IAM Architect Bank of America - Azure - Senior Cloud Security Engineer State of CO - Senior Security Administrator (Audit) CoBank - Director, Internal Controls and Operational Risk, IT Maxar - Senior Information Security Specialist Gates Corp - Cybersecurity & DLP Specialist Quizlet - Staff Cloud Security Engineer Flexential - Manager, Security Architecture Western Union - Information Security Engineer Upcoming Events: This Week and Next: RMISC - 6/11-13 BSides Boulder - 6/14 Let's Talk Software Security - Quality Tests, Security Outcomes: Are We There Yet? - 6/20 CSA Colorado - June Meeting, "Modern AI Threats and Challenges" - 6/25 ISC2 Pikes Peak - June Meeting - 6/26 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

This episode of CISO Tradecraft features a conversation between host G. Mark Hardy and Chris Rothe, co-founder of Red Canary, focusing on cloud security, managed detection and response (MDR) services, and the evolution of cybersecurity practices. They discuss the genesis of Red Canary, the significance of their company name, and the distinctions between Managed Security Service Providers (MSSPs) and MDRs. The conversation also covers the importance of cloud security, the challenges of securing serverless and containerized environments, and leveraging open-source projects like Atomic Red Team for cybersecurity. They conclude with insights on the cybersecurity labor market, the value of threat detection reports, and the future of cloud security. Red Canary: https://redcanary.com/ Chris Rothe: https://www.linkedin.com/in/crothe/ Transcripts: https://docs.google.com/document/d/1XN4Bp7Sa2geGCVaHuqMRmJckms4q7_L6  

Send us a Text Message.Notes from RedCanarys' annual threat report includingKey trends, top 10 threats, and the most prevalent adversary techniques. Support the Show.Google Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.

In this episode of the PowerShell Podcast, I'm joined by Ryan Lancial - Security Engineer at Red Canary. We talk about our shared history, his journey to security, what makes a good company culture, succeeding with no degree, the value of authenticity, and more! Guest Bio and links:  Ryan Lancial hates bios, used to Powershell and admin and now talks about security. PowerShell Podcast Home page: https://www.pdq.com/resources/the-powershell-podcast/ https://www.linkedin.com/in/ryanlancial/ PowerShell Pro Tips - https://www.youtube.com/watch?v=K95ovoMh170 https://discord.gg/pdq https://www.pdq.com/blog/what-are-rest-apis/ https://woshub.com/read-outlook-email-powershell/ https://blog.danskingdom.com/PowerShell-DevOps-Global-Summit-2024-reflections/  

Randall Frietzsche, CISO at Denver Health is our feature interview this week. News from the Brown Palace, Ibotta, Pax8, Red Canary, Optiv, zvelo and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Two new pizza shops opening in Denver, the “No. 1 city for pizza” The Brown Palace closing its marquee restaurant, Palace Arms, “until further notice” Colorado's startup community rallies behind Ibotta as Denver's popular consumer app has IPO Downtown Vitality Index: How Downtown Denver's comeback compares Has Boulder lost its luster? For those in the local tech community, the answer is not so simple. Fast-growing Denver tech company hires new CEO to replace founder Coloradans scammed out of $187.6M in 2023, new FBI report says Manage your SOC like a product The Rising Role of the BISO Escalating Deepfake Threats and Countermeasures Job Openings: Pax8 - Senior Cybersecurity Operations Engineer Pax8 - IAM Engineer Bank of America - Senior Information Security Officer Klaviyo - Senior Manager, Security Risk & Reviews Trimble - IT Risk & Control Manager Amazon Games - Senior Security Risk Specialist, GME (Games, Media, & Entertainment) Security Gogo Business Aviation - Senior Cybersecurity Analyst Juniper Square - GRC Security Specialist US Bank - IS Governance, Risk & Controls Specialist NREL - Chief Cybersecurity Engineer Synopsys - Sr. Staff Cyber Security Engineer Upcoming Events: This Week and Next: ISC2 Denver - Navigating the Cyber Landscape in Operational Technology (OT): Challenges, Threats, and Solutions - 5/8 ISSA Denver - The Real World : Hunting Cloud Security Threats - 5/8 (DTC and Downtown) Let's Talk Software Security - Security Champions: What Can Keep Them From Being Successful? - 5/14 Let's Talk Software Security - Security Champions: What Can Go Wrong? - 5/15 CSA Colorado - AWS hands-on Identity and Access Management Immersion workshop - 5/21 ISSA Denver - AI/ML Special Interest Group Inaugural Roundtable - 5/21 ISSA Denver - ISSA Denver Chapter and Gigamon Superfly Golf Event - 5/22 ISC2 Pikes Peak - May Meeting - 5/22 RMISC - 6/11-13 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.

In this episode of CyberWire-X, N2K CyberWire's Podcast host Dave Bittner is joined by Brian Davis, Principal Software Engineer, and Thomas Gardner, Senior Detection Engineer, both from Red Canary. They engage in a cloud architect vs. detection engineer discussion. Through the conversation, they illustrate how one person benefits the other's work and how they work together. Red Canary is our CyberWire-X episode sponsor.

News from Stanley Hotel, Boom Supersonic, Ibotta, Red Canary, Optiv, LogRhythm, Webroot and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel A new plan for the Stanley Hotel in Estes Park: Sell it to Colorado Boom Announces Successful Flight of XB-1 Demonstrator Aircraft Techstars Boulder kicks off ‘grand finale' with 5 local companies Colorado Inno Madness bracket down to last 4 companies Ibotta's expansion into enterprise should set it up for a successful IPO Best practices for securing Azure Active Directory Crafting a Successful Vulnerability Management Process Framework Key Components of a Robust Cloud Security Maturity Strategy Understanding Brute Force Attacks: The Persistent Threat in Cybersecurity Cyber Future Foundation and National Cybersecurity Center Announce the 9th Annual Cyber Future Summit in Colorado Springs, CO Job Openings: Cologix - Security Engineer II US Army Corps of Engineers - IT Specialist (Infosec/Network) City and County of Denver - Senior IT Security Analyst – Denver International Airport FirstBank Holding Company - IAM Systems Admin CableLabs - Principal IoT Security Architect US Bank - Information Security/Technology Risk Manager B of A - Information Security Identity and Access Management (IAM) Architect Prologis - Senior Analyst, IT Governance, Risk, and Compliance (GRC) Replicant - Staff Cloud Security Engineer Janus Henderson - Sr. IT Audit Manager Upcoming Events: This Week and Next: ISSA Denver - April Meeting (DTC and Downtown) - 4/10 ISSA Denver - Veterans SIG - 4/17 Denver OWASP - AppSec 2.0: Reimagine AppSec With Runtime Analysis - 4/17 ISACA Denver - Annual Meeting - 4/18 CSA Colorado - AWS token theft: Stolen identities and what to do about them - 4/18 Let's Talk Software Security - How can OffSec enhance your AppSec game? - 4/23 ISC2 Pikes Peak - April Meeting - 4/24 CO = Security - Security Leader Summit 1 - 4/26 ISACA Denver - Empowering Women in Tech: CISM Bootcamp by SheLeadsTech - 4/26-28 ISACA Denver - ISACA Technical Training: Alteryx Exploration (A Beginner Workshop) - 5/2 ISC2 Denver - Navigating the Cyber Landscape in Operational Technology (OT): Challenges, Threats, and Solutions - 5/8 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Brian Donohue of Red Canary joins Dennis Fisher to talk about some of the surprising findings from the company's new 2024 Threat Detection Report, including why identity based attacks continue to work so well and how attackers are approaching the shift to the cloud.

Doug Hudson is our feature interview this week. News from American Ninja Warrior, Vinyl Media Pressing, Ball Aerospace, Techstars, Colorado Public Defender's Office, Invictus Systems,Todyl, Red Canary, Ping Identity, zvelo and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel American Ninja Warrior Adventure Park opening in Denver Inside the River North Art District's new vinyl-record-making plant Ball Aerospace now called Space & Mission Systems, but company's base to remain Colorado Techstars moving HQ out of Colorado and ending its Boulder accelerator Colorado shows a highly educated population isn't a safeguard against falling victim to fraud Cyberattack shuts down Colorado public defender's office Virginia-based cybersecurity firm expands to Colorado, set to bring up to 130 jobs Denver cybersecurity startup raises $50M to double headcount, open new offices Introducing Red Canary's multicloud launch Is MFA Enough to Stop Adversary-in-the-Middle Attacks? Malicious AI: The Rise of Dark LLMs Job Openings: Pax8 - Sr Director of Security Operations Pax8 - Trust & Security Program Operations Bank of America - Senior Cyber Crime Specialist Bank of America - Information Security Mainframe Security Engineering Team Manager Colas - Information Security Manager NREL - Chief Cybersecurity Engineer CommonSpirit Health - Cybersecurity Sr Engineer Penetration Tester Pulte Mortgage - Manager of Information Security Operations Maxar - Cybersecurity Vulnerability Management Analyst Jefferson County - Cybersecurity Analyst II Upcoming Events: This Week and Next: ISSA Denver - March Chapter Meeting, "Better Together: Why Leaders Make Good Privacy Champions" by Mike Pedrick - 3/13 CSA Colorado - March Meeting: A Pentester's Guide to API Security - 3/19 ISSA Denver - Women in Security presents: An Evening with Gail Coury - 3/20 ISACA Denver - March Chapter Meeting: The Human Factors of Security, Compliance, and Risk Management - 3/21 ISC2 Pikes Peak - March Meeting - 3/27 ISSA COS - Cyber Focus Week - 3/27-29 Let's Talk Software Security - Application Security Posture Management: Rebrand or Revolution? 3/28 Red Canary Live - 4/6 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

This week's guest is Jack Klingbiel. Jack Klingbiel lives in Denver CO and is highly experienced at scaling GTM operations via Sales Development. He's built out BDR teams and GTM processes from scratch at three different companies. He set up foundations at AgentSync and scaled the business from $4m in ARR to $28m ARR, Red Canary from $10m in ARR to $80m ARR and is currently at Cortex.io with the same assignment. When not at work, find him at the gym, on the golf course or playing with his soon to-be "step-dog", Bille.  --- Support this podcast: https://podcasters.spotify.com/pod/show/uncharted1/support

Merlin Namuth is our feature interview this week, interviewed by Debbi Blyth. News from Kingdom Wealth Exchange, Lightship Energy, Foundry Group, Coalfire, Ping Identity, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado Pastor Accused Of Multimillion Dollar Crypto Scheme Everything you need to know about navigating DIA's new security Electric RV maker lands $34M as it prepares to open its Denver-area factory Boulder VC firm Foundry to shutter, not raise additional fund Colorado software Startups to Watch in 2024 Space ISAC and National Cybersecurity Center Announce Next Stage in Relationship Mastering AI Risks: Navigating the NIST AI RMF Core with Coalfire What is Device Trust? How it Works in 2024 Kubernetes security: Safeguarding your container kingdom BSides Boulder 2024: Call for Speakers Job Openings: Pax8 - VP of GRC 1Password - Director, Security Operations Inspirato - Director, Cybersecurity Operations Sage Hospitality Group - Information Security, Manager Newmont - Senior Operational Technology Cybersecurity Analyst U.S. Immigration and Customs Enforcement (ICE) - Information Technology Specialist (Information Security) Klaviyo - Senior Security Trust & Compliance Analyst - GRC Analyst Datadog - Business Continuity and Disaster Recovery Governance Analyst Salesforce - Security Governance, Risk & Compliance Lead/Manager - Security IEM BofA - Manual Ethical Hacker Upcoming Events: This Week and Next: ISACA Denver - Technical Training: Alteryx Exploration (A Beginner Workshop) - 2/9 ISSA Denver - February Meetings - 2/14 Let's Talk Software Security - Are We Defending Against the Biggest Threats to Software? - 2/14 ISACA Denver - February Joint Chapter Meeting with IIA - 2/15 CSA Colorado - CI/CD Workload Security with Orca - 2/20 ISSA Denver - Privacy SIG - 2/22 ISSA COS - Mini Seminar - 2/24 Colorado = Security Gives Back - Homeless Shelter Service - 2/25 ISSA COS - February Meeting, An Introduction to Zero Trust With Enterprise Linux - 2/27 ISC2 Pikes Peak - February Meeting - 2/28 ISSA COS - Mentoring Mixer and LogWars - 2/29 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Dr. Erik Huffman, Director of IT at BombBomb is our feature interview this week, interviewed by Frank Victory. Check our Erik's Ted Talk here. News from ACI Learning, VF Corp, Red Canary, Ping Identity, Optiv, Secure64 and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel DIA begins receiving new cars to upgrade passenger train from terminal Colorado and Illinois are officially quantum tech hubs. What does that mean? Denver cybersecurity company acquires Baltimore edtech firm VF Corp. hit by cyberattack limiting its ability to fulfill customer orders Red Canary's best of 2023 Ping Leadership Predicts the 2024 Global Identity Landscape One Year Later: Managing Security in the Age of ChatGPT Secure64 uses AI and Machine learning to stop data exfiltration via DNS tunnels Job Openings: Pax8 - Platform Security Engineer Checkr - VP, Corporate Engineering & Security Danone - Head of Cybersecurity Western Union - Director, Cyber Security Architecture Metro State - Cybersecurity (CSS) Affiliate Instructor Gensler - Security Administrator - Senior Medtronic - Senior Director- Cybersecurity Charles Schwab - Senior Specialist, Technology Risk Management Gusto - Privacy Program Director Epic - Security Engineer Upcoming Events: This Week and Next: ISSA Denver - Navigating Trust: AI's Impact on Media Integrity - 1/10 (DTC & downtown) Let's Talk Software Security - What Do Our AppSec Terms Even Mean? - 1/16 CSA Colorado - Unlock Your Future in Cybersecurity: A Roadmap to Success - 1/16 OWASP Denver - Threat Modeling the AI Pipeline - 1/17 ISACA Denver - January Meeting, "Managing Regulatory and Compliance Risks from AI Driven Digital Technologies" - 1/18 ISC2 Pikes Peak - January Meeting - 1/24 ISACA Denver - SheLeadsTech Uplift Lunch - 1/26 ASIS - Security Officer Appreciation Night - 2/8 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Guests: Malcolm Harkins, Chief Security & Trust Officer at Epiphany SystemsOn LinkedIn | https://www.linkedin.com/in/malcolmharkins/Robb Reck, Chief Trust and Security Officer at Red CanaryOn LinkedIn | https://www.linkedin.com/in/robbreck/Host: Matthew RosenquistOn ITSPmagazine  

Douglas Brush, Founder and Court Appointed Neutral of Accel Consulting is our feature interview this week, interviewed by Frank Victory. News from Xcel Energy, Guild Education, National Cybersecurity Center, Coalfire, Red Canary, Zvelo and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Colorado has the four most expensive housing markets in U.S. not on a coast Ten Reasons Why Denver Is a “Bastion of Geekdom” Colorado designated as official tech hub for quantum industry Aurora data center to become one of Xcel Energy's biggest customers, rivaling mines and steel mills Denver-area tech unicorn Guild just made a big investment in AI education National Cybersecurity Center Hosts Project Pisces Training And Onboarding - National Cybersecurity Center Maximizing the value of threat modeling Guardians of IoT: Strengthening the security of IoT-connected medical devices in the healthcare industry Validating detection for Gootloader with Atomic Red Team Cyber Insurance Tightens the Reins to Lower Risk Job Openings: Tiktok - Converged Security Technology Security Specialist Maximus - VP - Business Information Security Officer Tanium - Senior Cloud Cybersecurity Engineer, CCS Advanced Energy - Manager, IT Governance, Risk & Compliance Western Union - Cyber Security Governance Business Manager US Bank - Risk Framework Professional Datavant - Head of Information Security Governance Kroll - Vice President, Policy Writer, Cyber Risk Modivcare - Sr. IT Governance Analyst Meta - Security Partner - Infrastructure Upcoming Events: Let's Talk Software Security - What's Your Biggest Security Challenge? - 11/8 ISSA Denver - November Chapter Meeting, Asset Management - 11/8 CISO Debate Series: Will more government regulation help drive better security? - 11/9 ISSA Denver - The New SEC Reporting Rule and the End Cybersecurity as We Know It - 11/9 ISSA COS - November Mini Seminar - 11/11 CSA Colorado - Security Insights With James Condon - 11/14 ISSA COS - November Chapter Meeting - 11/14 ISC2 Pikes Peak - November Meeting - 11/15 ISSA Denver - Inaugural Veterans Special Interest Group meeting - 11/16 ISACA Denver - SEC Cybersecurity Disclosure - 11/16 ISSA COS - Mentoring Mixer and Log Wars - 11/30 Colorado Cyber Security - Cyber First Friday - 12/1 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Darren Weiner, President of Cloud Security Alliance Colorado is our feature interview this week, interviewed by Frank Victory. News from Maxar, University of Colorado, Ping Identity, LogRhythm, Coalfire, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado's first Michelin Star recipients announced 10 companies selected as finalists for Coolest Thing Made in Colorado contest Denver airport unveils plans for new walkable concourses (Renderings) Colorado aerospace giant being split in two, its CEO replaced and some employees laid off Colorado school ranks among top universities for startup founders MSU Denver cybersecurity program expands with the help of a new grant MFA Bombing Dismantled | Ping Identity Q3 2023 Analytic Co-Pilot Use Cases | LogRhythm A rundown of the OWASP top 10 for large language model applications SEC tells companies to “show their work” on cybersecurity - Red Canary Job Openings: Greenlight - VP, Security Thrivent - Director of Information Security BDO - Director, Privacy & Data Protection Gensler - Security Administrator - Senior Western Union - Information Security Architect Bank of America - Vulnerability Identification Senior Analyst Gogo Business Aviation - Senior Cybersecurity Analyst Honeywell - IT Security Engineering Manager CoBank - Senior Cloud Security Analyst Plante Moran - Cybersecurity Consultant - Entry Level (2024) Upcoming Events: This Week and Next: ISSA Denver - October Chapter Meetings - 10/11 Let's Talk Software Security - Is Threat Modeling Scalable? - 10/17 ISACA Denver - October Chapter Meeting: Fraud Lessons from a Reinvention Architect & Mindset Coach - 10/19 ISACA Denver - Fraud Lessons from a Reinvention Architect & Mindset Coach - 10/19 ISC2 Pikes Peak - October Meeting - 10/25 CSA Colorado - Fall Summit 2023 AI IN CYBERSECURITY: REVOLUTION AND RISKS - 10/25 ISSA Denver - Women and Whiskey - 10/25 ISACA Denver - Dark Web Investigations Workshop - 11/3 Let's Talk Software Security - What's Your Biggest Security Challenge? - 11/8 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

This is DartPoints Podcast #94 for September 19th, 2023.  In this podcast, we discuss Managed Detected and Response with our partner Red Canary. We'll be joined by Red Canary's Eric Groce and our own Solutions Architects Manager, James Williamson. DartPoints Product Page: https://dartpoints.com/solutions/cybersecurity/mdr/ DartPoints 5-Minute Demo: https://gsp.object.dartpoints.io:10443/dartpoints/mdr.mp4 The views, thoughts, and opinions expressed in this podcast are the speakers own---and do not necessarily represent the views, thoughts, and opinions of DartPoints or a guest's employer. #DartPoints #DaaS, #Storage, #DataCenter, #Cybersecurity, #TechNews, #DisasterRecovery, #DataProtection, #Enterprise, #InternetPrivacy, #LifecycleManagement, #VMware, #NOC, #NetworkOperationsCenter, #ManagedDetectionAndResponse, #MDR Special Guests: Eric Groce: Sr. Sales Engineer, Red Canary James Williamson: Solution Architects Manager, DartPoints

In this Risky Business News sponsor interview, Catalin Cimpanu talks with Red Canary Principal Readiness Engineer Gerry Johansen about the need to prepare IR plans in advance and why that's just as important as the IR playbook itself.

Patrick Walsh, CEO and founder at IronCore Labs is our feature interview this week. News from Casa Bonita, Koelbel and Company, CyberGRX, Lares, Coalfire, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Casa Bonita taps Denver brewery to create an original “casa beer” Denver's airport is spending $1.5 million on one way to ease security lines New Denver company is hungry for 'zombie buildings' across the country 3 startups win Colorado pitch competition and $5,000 grants Biden to keep US Space Command in Colorado, reversing Trump decision Colorado Dept. of Higher Education cyberattack threatens student, teacher data Denver-based CyberGRX goes through layoffs following acquisition Strengthening Cybersecurity Practices: An Overview of the SEC's Latest Rules Coalfire Unveils Offensive Security Platform Contain yourself: An intro to Linux EDR Job Openings: Davita - Engineer, Security (IT) Homebot - Security Operations Manager Bank of America - Senior Data Security Engineer StarRez - Data Privacy Manager Workday - Senior Cyber Threat Intelligence Engineer Salesforce - Senior Incident and Vulnerability Manager Deloitte - Confidentiality & Privacy - Incident Management Senior Specialist Movement Mortgage - Cyber Security Cloud Engineer CoBank - Senior Cloud Security Analyst Colorado PERA - Information Security Engineer Upcoming Events: This Week and Next: How to Protect Sensitive AI Data in Vector Databases - 8/10 CSA Colorado - Rockies Night - 8/15 Let's Talk Software Security - Getting Buy-In: Impactful Communication for Software Security Business Cases - 8/23 ISC2 Pikes Peak - August Meeting - 8/23 Denver OWASP - API Security: A CISO Perspective - 8/23 LIFT - Level up your golf game with LIFT, Women in Cybersecurity - 8/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

News from Cherry Cricket, Ball Corp, Boom Supersonic, Casa Bonita, Optiv, Red Canary, SSO, zvelo, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel The Cherry Cricket Is Now Serving Its Iconic Burgers in Littleton TSA Testing Facial Recognition at Denver International Airport Ball Corp. eyes possible sale of aerospace business Boom Supersonic inches closer to legitimacy as doubts remain Casa Bonita eliminates tipping, going against service industry norm New Changes to the 2023 OWASP Top 10 API Security Risks When MFA isn't an option: The legacy of ROPC - Red Canary Top Benefits of single sign-on AI and Machine Learning in Cybersecurity LogRhythm Celebrates 20 Years of Empowering Security Teams to Ensure a More Secure Environment with Continued Quarterly Innovations | LogRhythm Job Openings: City of Lafayette - Senior Network and Security Administrator FirstBank - Info Security Analyst Proofpoint - Security Solution Analyst II KP - VP, Technology Risk Mgmt Maxar - Product Engineering Information Security Manager Olympus - Principal Product Cybersecurity Engineer Perforce - Head of Product Security FBI - Special Agent (cybersecurity background) Fastly - IAM Security Architect Microsoft - Principal Security Architect Upcoming Events: This Week and Next: ISSA Denver - July Meeting (DTC and Downtown) - 7/12 Let's Talk Software Security - Applying AI to AppSec - 7/18 CSA CO - July Meeting: Getting your hands dirty: Exploring Exploits with ChatGPT - 7/20 ISC2 Pikes Peak - July Meeting - 7/26 Colorado = Security Gives Back - Brent's Place Annual Block Party - 8/5 Colorado = Security 2023 Picnic View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Fortinet 0day Groundhog Day CISA's new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week's show is brought to you by Red Canary. Chris Rothe is this week's sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds' of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous' traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans' Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn't close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT's package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Fortinet 0day Groundhog Day CISA's new binding directive on exposed management interfaces Confirmed: US intelligence buying commercially available data MOVEit drama rolls on Much, much more This week's show is brought to you by Red Canary. Chris Rothe is this week's sponsor guest and he joins us to talk about how MDR providers are helping customers deal with cloud monitoring. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Fortinet Warns Customers of Possible Zero-Day Exploited in Limited Attacks - SecurityWeek Barracuda Urges Replacing — Not Patching — Its Email Security Gateways – Krebs on Security MOVEit announces second vulnerability; Minnesota schools agency breached with original bug Confidential data downloaded from UK regulator Ofcom in cyberattack Ransomware group Clop issues extortion notice to ‘hundreds' of victims Another huge US medical data breach confirmed after Fortra mass-hack | TechCrunch CISA orders US civilian agencies to remove tools from public-facing internet Microsoft says Azure disrupted after a week of repeated service outages | Cybersecurity Dive Microsoft says Azure outage was caused by ‘anomalous' traffic spike Microsoft investigating threat actor claims following multiple outages in 365, OneDrive | Cybersecurity Dive Risky Biz News: Ukrainian hackers wipe equipment of major Russian telco U.S. Spy Agencies Buy Vast Quantities of Americans' Personal Data, U.S. Says - WSJ The US Is Openly Stockpiling Dirt on All Its Citizens | WIRED Srsly Risky Biz: Thursday, July 29 - by Tom Uren National security officials make case for keeping surveillance powers to skeptical Congress - The Washington Post Senators say Biden administration isn't close on overhauling surveillance law Russian nationals accused of Mt. Gox bitcoin heist, shifting stolen funds to BTC-e North Korean hacking group Lazarus linked to $35 million cryptocurrency heist North Korean hackers stole $100 million in recent cryptocurrency heist -analysts | Reuters An Illinois hospital links closure to ransomware attack Security professional's tweet forces big change to Google email authentication | CyberScoop Can you trust ChatGPT's package recommendations? LastPass CEO reflects on lessons learned, regrets and moving forward from a cyberattack | Cybersecurity Dive

Chelsea Kelleher, Privacy & Security Attorney is our feature interview this week, interviewed by Janelle Hsia. News from Fluid Truck, Guild, Red Canary, Ping Identity, LogRhythm, Optiv and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Why Denver barely made the top 100 'Best Places to Live' Two Coors Field bars become first to use biometrics in age ID Fast-growing Denver company strikes deal with Lyft to help it electrify its services Denver-based education tech firm Guild eliminates 172 jobs How 4 Colorado companies are innovating with generative AI Train hard for an easy battle: Introducing Readiness Exercises Blockchain and Sidechains in the Age of Decentralized Identity Starting your Zero-Trust Journey | LogRhythm Privacy Concerns Are Not Just for Goliath Anymore Job Openings: Ledgent Technology - Director of Cyber Security S&P Global - Associate Director, Security Automation US Bank - Senior Technology Risk Manager, Corporate and Wealth Management Technology Visa - Sr. Cybersecurity Engineer - Applied Cryptography Western Union - Senior Information Security Engineer RTD - Manager, Cybersecurity Operations DISH Network - Information Security Risk & Compliance Manager Stripe - Program Manager, Security Risk Management Paylocity - Director Information Security Operations Plante Moran - Managed IT Consultant – Entry Level (2023) Upcoming Events: This Week and Next: LIFT - Splunk Game-fest: Come play O11Y your favorite games! - 6/14 Let's Talk Software Security - Software Security Training & Education - 6/23 ISC2 Pikes Peak - June Meeting - 6/28 LIFT - Mentorship Hike - 6/28 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

We've made it to the third installment of our Stronger Together Mini Series! In this episode we're joined by researchers, threat analysts, and C-Suites including Katie Nickels from Red Canary and the SANS Institute, Don Jeter from Torq, Ben April from Maltego, Lesley Carhart from Dragos, and Jeff Stout from Akamai. We have some great discussions on the pros and cons of AI, protecting industrial control systems, imposter syndrome, and more.

Larisa Thomas, CISO at Nox Health is our feature interview this week. News from Bandimere, Orbit Fab, Maxar, True Anomaly, Red Canary, Coalfire, Zvelo, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Bandimere Speedway leaving Morrison location after 2023 Colorado becomes 1st state to pass "right to repair" law for farmers Colorado space 'gas station' startup lands millions in venture backing, plans significant expansion Private equity firm closes $6.4 billion deal to acquire Maxar Technologies Colorado to launch seed grants to jumpstart quantum tech industry Colorado Space Force veterans launch startup to prepare US military for space warfare Red Canary Announces Readiness Introducing: Red Canary Mac Monitor Coalfire recognition from Cyber Defense Magazine Zvelo - Phishing Detection in Depth LogRhythm Announces Partnership with Zscaler to Address Cloud Access Security Challenges Faced by the Modern SOC Job Openings: Jeffco Public Schools - Executive Director - Enterprise Architecture, Information Security and Identity BI Incorporated - Senior Security Engineer Ring Central - Security Trust Data Analyst DISH - Security Threat Response Manager Frontier Airlines - Engineer, Application & Cloud Security Banner Health - Cybersecurity IAM Architect Remote HSS - Biomedical Device Network & Security Field Technician Avanade - Global Security Advisory Lead Block - Vulnerability Research Analyst Workday - Principal Cybersecurity Engineer – Analytics and Automation Upcoming Events: This Week and Next: ASIS Denver - NEXT: YOUR DIGITAL PROFILE WITH KERRI SUTHERLAND - 5/2 ISSA Denver - May Chapter Meeting "How cyber insurance drives C-Suite decisions around IT strategy, infrastructure, and planning" - 5/10 OWASP Denver - Back to Basics - How to Mature your Security Program - 5/10 Let's Talk Software Security - Software Security: What are we missing?? - 5/12 ISSA C.Springs - May Chapter Meeting - 5/16 ISACA Denver - May Meeting (Virtual) - 5/18 CSA Colorado - May Meeting, "The Future of Cloud Security: Embracing CNAPP to Protect Cloud-Native Applications" - 5/18 ISSA C.Springs - Mini Seminar - 5/20 ISSA Denver - Cybersecurity Is Not A Game? - 5/25 RMISC - 6/7-9 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Guests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.____________________________ResourcesSession | The Five Most Dangerous New Attack Techniques: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20TechniquesInternet Storm Center Diaries: https://isc.sans.edu/Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Chris Rothe, Co-Founder and CTO at Red Canary is our feature interview this week. News from Keystone, Sweater Ventures, TiLT, MSU Denver, Monarch Casino, Red Canary, Ping Identity, Secure64 and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Keystone will become Colorado's newest town following incorporation approval Tuesday Colorado unemployment reaches pre-pandemic levels Boulder fintech company launches a 'VC fund for everyone' Fort Collins tech company raises $10 million to humanize HR Program guides students with autism to cybersecurity careers - MSU Denver RED Black Hawk casino heist is largest in Colorado history Colorado Finalizes CPA Regulations A guided tour of the 2023 Threat Detection Report - Red Canary Announcing Neo, Ping's Decentralized Identity Solution Press Release: Secure64 Vizion Job Openings: US Bank - Operational Risk-Crisis Management Executive RingCentral - Director, Data Security RTD - Manager, Cybersecurity Operations Credit Union of Colorado - Supervision - Information Security SiriusXM - Senior Security Architect CloudFlare - Lead Email Security Detections Engineer Oracle - Offensive Security, Manager TIAA - Sr Director, Cyber AI Lead Conga - Product Security Engineer Epic - Junior Network Security Engineer Upcoming Events: This Week and Next: ASIS Denver - Coffee Chat with Lisa Buckley - 4/7 ISSA Denver - April Meetings | 3 Game Changers and 3 No Brainers by Doug Staubach (DTC and Downtown) - 4/12 Let's Talk Software Security - Software Security OKRs and KPIs - 4/14 ISACA Denver - Annual Chapter Meeting (In Person) - 4/20 CSA Colorado - “SEARCH Party: Threat Hunting in the Clouds" - 4/20 ISCs Pikes Peak - April Meeting - 4/26 Colorado = Security Giving Back - 4/29 ASIS Denver - NEXT: YOUR DIGITAL PROFILE WITH KERRI SUTHERLAND - 5/2 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Chris is back after a suspension and traveling to the CoSN conference. He recaps some of the discussion and overall trending topics from the CoSN conference. He also discusses the fact that he did not appreciate Eric the Intern's love for walking everywhere in Austin (and other Eric antics). Josh talks about the 3CX phone system vulnerability that was published 3/29/2023 by CrowdStrike and Red Canary. Hint - If you have a 3CX phone system, you will want to look this issue up and mitigate it right away. Of course, ChatGPT makes it's way into conversation this week again too. Listen here (and on all major podcast platforms). Join the K12TechPro.com Community. Buy our merch!!! Absolute - Email oschmidt@absolute.com Absolute Education Solutions Brief Fortinet - Email fortinetpodcast@fortinet.com SomethingCool.com - X360 Cloud Solution for backing up Google Workspace Extreme Networks - Email dmayer@extremenetworks.com Provision Data Solutions Oh, and... Email us at k12techtalk@gmail.com Tweet us @k12techtalkpod Visit our LinkedIn page HERE Reddit

This Week on Earth Station DCU! Drew Leiter and Cletus Jacobs watch as the Rogues go to war! Slam Bradley learns the truth behind his partner death in Gotham City: Year One #5. Harley Quinn comes to Seattle to visit Ivy in Poison Ivy #9. Batman and Joker must lighten the weight on a train before the villain crashes them into the Martha Wayne Memorial Train Station in Batman & The Joker: The Deadly Duo #4. Bruce Wayne searches for a solution to return to his Earth in Batman #132. The Origin of the Fraction is revealed in The Flash: One-Minute War Special #1. While the older speedsters find a new base of operations, Bart and Wallace sneak across enemy lines to learn more about the Fraction in The Flash #792. Raven, Trigon, Nightwing, City Boy, Red Hood, The Vigil, Dead Eye, Amanda Waller, Red Canary, Flatline, Ras Al Ghul, and a kid named Liam must all deal with the fallout of the Lazarus rain in Lazarus Planet: Legends Reborn #1 and Lazarus Planet: Next Evolution #1. Monkey Prince discovers his father in the Phantom Zone in Monkey Prince #11. All this plus, DC News, DC TV, Shout Outs, and much, much more! ------------------------ Table of Contents 0:00:00 Show Open 0:01:12 DC News 0:23:30 Gotham City: Year One #5 0:32:19 Poison Ivy #9 0:35:49 Batman & The Joker: The Deadly Duo #4 0:43:28 Batman #132 0:49:26 The Flash: One-Minute War Special #1 0:55:28 The Flash #792 1:07:32 Lazarus Planet: Legends Reborn #1 1:13:09 Lazarus Planet: Next Evolution #1 1:17:17 Monkey Prince #11 1:24:58 The Flash S9 Ep3 – Rogues of War 1:30:17 Show Close   Links Gotham City: Year One #5 Poison Ivy #9 Batman & The Joker: The Deadly Duo #4 Batman #132 The Flash: One-Minute War Special #1 The Flash #792 Lazarus Planet: Legends Reborn #1 Lazarus Planet: Next Evolution #1 Monkey Prince #11 Earth Station One Tales of the Station Earth Station One Tales of the Station Vol. 2 The Chameleon Chronicles: Colors of Fate The Chameleon Chronicles: Sisters of the Thorn If you would like to leave feedback, comment on the show, or would like us to give you a shout out, please call the ESDCU feedback line at (317) 564-9133 (remember long distance charges may apply) or feel free to email us @ earthstationdcu@gmail.com

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Unpatched ESXi boxes are getting rinsed GoAnywhere MFT file transfer boxes are too Royal Mail data being ransomed by Lockbit Advanced materials manufacturer and finance company among latest rware victims Guilty plea in Ubiquiti case Much, much more This week's show is brought to you by Red Canary. Red Canary's Adam Mashinchi is this week's sponsor guest. He joins us to talk about the impact layoffs are having on infosec teams. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes Risky Biz News: Ransomware wave hits thousands of VMWare ESXi servers Risky Biz News: Zero-day alert for GoAnywhere file transfer servers Royal Mail faces threat from ransomware group LockBit | Reuters ION brings clients back online after ransomware attack: Source | Business Insurance Hackers who breached ION say ransom paid; company declines comment | Reuters Blow to Morgan Advanced Materials as cyber-attack to cost millions to deal with | Evening Standard K-12 schools in Tucson, Nantucket respond to cyberattacks - The Record from Recorded Future News Ransomware gang attempts to extort UK school by posting files about at-risk children - The Record from Recorded Future News British steel industry supplier Vesuvius ‘currently managing cyber incident' - The Record from Recorded Future News Tallahassee hospital diverting patients, canceling non-emergency surgeries after cyberattack - The Record from Recorded Future News All classes canceled at Irish university as it announces ‘significant IT breach' - The Record from Recorded Future News Switzerland's largest university confirms ‘serious cyberattack' - The Record from Recorded Future News Dutch Police Read Messages of Encrypted Messenger 'Exclu' Julius 'zeekill' Kivimäki, former Lizard Squad hacker, arrested in France - The Record from Recorded Future News New York attorney general fines developer of stalking apps - The Record from Recorded Future News Microsoft alleges attacks on French magazine came from Iranian-backed group | Ars Technica Hackers linked to North Korea targeted Indian medical org, energy sector - The Record from Recorded Future News Google Cuts Company Protecting People From Surveillance To A ‘Skeleton Crew,' Say Laid Off Workers Feds get guilty plea in Ubiquiti data extortion case - The Record from Recorded Future News For Hire: Ex-Ubiquiti Developer Charged With Extortion Microsoft notifies UK customers affected by hackers abusing ‘verified publisher' tag - The Record from Recorded Future News Darknet drug market BlackSprut openly advertises on billboards in Moscow - The Record from Recorded Future News Toyota sealed up a backdoor to its global supplier management network | The Daily Swig

David Stauss, Partner at Husch Blackwell, (and author at the Byte Back blog) is our feature interview this week, interviewed by Douglas Brush. News from Casa Bonita, The Fort, Atom Computing, RADICL Defense, Red Canary, Lares, Strata and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Casa Bonita Jobs in Colorado Waugh! The Fort Celebrates Sixty Years of Old West Wonder Not your grandpa's apprenticeships: Colorado invests in paid training as a way into the workforce Tired of fighting robots for concert tickets? This Colorado bill aims to help. How close are we to quantum computing? A Boulder company will partner with the DOD to find out. In State of the State Address, Governor Polis Channels Nerds and Geeks Boulder cybersecurity startup looks to add 491 workers Red Canary: Detecting credential access without losing cred Lares Research Highlights Top 5 Penetration Test Findings From 2022 Boulder identity orchestration startup hopes to become a market leader with $26M raise Job Openings: Noodles Co - IT Security Administrator Sierra Space - Cybersecurity Analyst III University of Colorado - Information Security Officer Terumo BCT - Product Security Engineer Maximum - Application Security Administrator City & County of Denver - Information Security Architect Prologis - IT Governance, Risk & Compliance Manager Western Union - Group Leader, Cyber Security Engineering Marathon Petroleum Corporation - Internal Auditor RTD - Senior Cybersecurity Engineer, Access Management Upcoming Events: This Week and Next: ISSA Denver - February Meetings (lunch and evening) Transitioning to ISO/IEC 27001:2022 - 2/8 ASIS Denver - Biometric Access Trends - 2/15 ISACA Denver - February Meeting (In Person with IIA) - 2/16 CSA Colorado - February Meeting - 2/21 ISC2 Pikes Peak - February Meeting - 2/22 ASIS Denver - COFFEE CHAT WITH MISTY SHEPHARD - 2/23 Let's Talk Software Security - Vulnerability Tracking and Reporting - 2/24 OWASP Colorado - SNOWFROC - 3/2 Colorado Springs - Cybersecurity First Friday - 3/3 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

How do the North Koreans get away with it? They do run their cyber ops like a creepy start-up business. A spoofing vulnerability is discovered in Windows CryptoAPI. Python-based malware is distributed via phishing. MacOS may have a reputation for threat-resistance, but users shouldn't get cocky. DevSecOps survey results show tension between innovation and security. Russian hacktivist auxiliaries hit German targets. Tim Starks from the Washington Post Cyber 202 shares insights from his interview with Senator Warner. Our guest is Keith McCammon of Red Canary to discuss cyber accessibility. And Private sector support for Ukraine's cyber defense. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/16 Selected reading. TA444: The APT Startup Aimed at Acquisition (of Your Funds) (Proofpoint) Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI (Akamai)  Securonix Security Advisory: Python-Based PY#RATION Attack Campaign Leverages Fernet Encryption and Websockets to Avoid Detection (Securonix) BlackBerry's Inaugural Quarterly Threat Intelligence Report Reveals Threat Actors Launch One Malicious Threat Every Minute (BlackBerry) Global CIO Report Reveals Growing Urgency for Observability and Security to Converge (Dynatrace) Russian 'hacktivists' briefly knock German websites offline (Reuters) How Microsoft is helping Ukraine's cyberwar against Russia (Computerworld) CISA Releases Two Industrial Control Systems Advisories (CISA) 

2023 is already here? This seems impossible. News from Casa Bonita, CommonSpirit, Red Canary, LogRhythm and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Netflix's “Inside Job” exposes naked truths of Blucifer and DIA conspiracy theories Casa Bonita to open in May What's in a domain name? Colorado may spend $2 million to switch to .gov. Colorado startups raised $5.7B in 2022. Here were the largest deals. There's a shortage of cybersecurity workers, and these girls aspire to fill the gap Colorado Releases Revised Privacy Rules CommonSpirit Health ransomware attack exposed data of 623,000 patients Google Workspace account takeover protection Capture the flag - February 21st - National Cybersecurity Center 2023 Cybersecurity Predictions - LogRhythm Job Openings: Colorado Secretary of State - Chief Information Security Officer Frontier Airlines - Sr Manager, IT Governance, Risk & Compliance Denver Health - IS Security Analyst III Ibotta - Senior Information Security Analyst DISH - GRC Information Security Business Partner Western Union - Group Leader, Cyber Security Engineering Degreed - Information Security Officer Spectrum - Director, Identity & Security Sierra Space - Cybersecurity Analyst III Upcoming Events: This Week and Next: CSA Colorado - January Meeting, Where are you today in the email maturity model curve? - 1/17 ISSA C.Springs - January Chapter Meeting - 1/17 ISACA Denver - January Meeting (Virtual) - 1/19 Let's Talk Software Security - AppSec Regulation, Frameworks, and Compliance - 1/20 ISSA C.Springs - January Mini Seminar - 1/21 ISC2 Pikes Peak - January Meeting - 1/25 Colorado Springs - Cybersecurity First Friday - 2/3 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Dustin Lehr, Senior Director of Platform Security at FiveTran, and co-founder at Katilyt Security is our feature interview this week. News from Karman+, CyberGRX, Swimlane, Red Canary, LogRhythm, Lares, and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Several big-budget films, TV shows are either currently filming in Colorado or will be soon Dutch asteroid mining company to relocate to Denver in a win for Colorado's space industry Meet the newest cohort of the Denver-based Techstars Workforce Development Accelerator Tech workers 'rejecting' return to office, Denver company's survey finds 17 Colorado companies rank on Deloitte's list of fastest-growing tech businesses Red Canary Provides First-Ever MITRE Engenuity™ ATT&CK® Evaluations for Managed Services Swimlane Ranked Among the Top 25 Fastest-Growing Cybersecurity Companies Deep-Dive Analysis of Multi-Factor Authentication Request Generation Attacks Choosing the Right Application Security Assessment Company Holland & Hart CISO Joe McComb Named 2022 Top Global CISO by Cyber Defense Magazine Job Openings: Uplight - Product Security Engineer Weld County - CISO Vertafore - VP of Information Security CommonSpirit Health - Director IT Cybersecurity Kaiser Permanente - Senior Director, Cyber Risk Defense Western Union - Senior Information Security Analyst Denver Health - IS ANALYST SECURITY III DISH Networks - GRC Information Security Business Partner Flexential - Compliance Specialist FBI - Special Agent: Cybersecurity/Technology Background Upcoming Events: This Week and Next: ISC2 Pikes Peak - Annual Chapter Meeting - 12/9 ISSA & ISACA - Holiday Party - 12/13 Let's Talk Software Security - Practicing Security Within Company Culture - 12/16 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Derek Booth, Special Agent, US Secret Service is our feature interview this week. News from Toys R Us, Ping Identity, Red Canary, Coalfire and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Colorado's biggest corporations are investing in saving bees Iconic toy brand that went bankrupt making comeback in Colorado Macy's These 11 tech products will be tested in Colorado cities How Colorado's first blockchain architect wants to optimize government This Denver suburb to become the first Colorado city with Google Fiber Colorado state website hit with cyberattack Ping Identity Scores a Hat Trick: Named Leader in KuppingerCole CIAM Leadership Compass Three Consecutive Times Persistent pests: A taxonomy of computer worms - Red Canary FAQ: Transitioning to the highly anticipated new revision of ISO 27001 Job Openings: Uplight - Product Security Engineer Ball Aerospace - Deputy CISO Sovrn - Privacy System Engineer Common Spirit Health - IT Cybersecurity Engineer RTD - Analyst, Information Systems Risk FirstBank - Info Security Analyst, Application Security VISA - Cybersecurity Attorney, Director Charles Schwab - Senior Manager, Technology Risk Management Senior Red Robin - VP, CISO University of Colorado - Security Analyst Upcoming Events: This Week and Next: ISSA Denver - November Chapter Meeting - 11/9 C.Springs ISSA - November Mini Seminar - 11/12 C.Springs ISSA - November Chapter Meeting - 11/15 ISSA Denver - Bank of America Networking Event - 11/15 CSA Colorado - November Meeting - 11/15 ISC2 Pikes Peak - November Meeting - 11/16 ISACA Denver - 5 Reasons You're Thinking About Breaking Up with Your Service Provider (Virtual) - 11/17 ISC2 Pikes Peak - Annual Chapter Meeting - 12/9 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Patrick Dennis, CEO at Extrahop is our feature interview this week. News from, Colorado DMV, Wheat Ridge, Virta Health, Colorado AG, CommonSpirit, Red Canary, Ping Identity and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel The Drunkest Cities in America: Denver Comes in a Disappointing Fourth Stuck on Colorado? Add Affinity Icons to Your Digital ID Colorado becomes first state to accept crypto for tax payments Denver suburb won't cough up millions in ransomware attack that closed city hall Bay Area health tech unicorn Virta Health to relocate HQ to Denver Colorado AG Gives First Public Comments on Privacy Rules Since April Ex-NSA worker in Colorado Springs thought he was helping Russia, indictment says US Healthcare Giant CommonSpirit Hit by Possible Ransomware Cloud coverage: Detecting an email payroll diversion attack Cybersecurity Awareness Month 2022: Four Best Practices Job Openings: Visa - Senior Director, Product Security Architecture and Assessments Sovrn - Privacy System Engineer Boulder Valley School District - Director Information Technology Security Janus Henderson Investors - IT Operational Risk and Business Continuity Manager Charles Schwab - Director Security Development & Engineering Principal DotCom Therapy - Director of Information Technology and Security (Remote - US) Denver Water - IT Asset Manager Western Union - Leader, Information Security - Cyber Threat Intelligence Banner Health - Associate Director of Cybersecurity GRC TIAA - Lead Info Security Governance & Risk Specialist Upcoming Events: This Week and Next: Let's Talk Software Security! - Software Security Engineering and Automation - 10/14 ISSA C.Springs - October Meeting - 10/18 CSA Colorado - Fall Summit 2022 - 10/18 ISACA Denver - October Chapter Meeting: Cloud Auditing & View From the Top - How Boards and C-suites Value our Work - 10/20 ISSA C.Springs - October Mini Seminar - 10/22 ISC2 Pikes Peak - October Meeting - 10/26 Let's Talk Software Security - Talent and Strategy Diversity in AppSec - 11/4 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

News from Casa Bonita, The Last Gameboard, NCC, Ping Identity, Optiv, ThreatX, Red Canary and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Casa Bonita renovation: Photos, documents reveal $12 million plans Why People Are Coming to and Leaving Colorado Casa Bonita's 'South Park' owners spending 4 times more than purchase price on renovations Denver startup prepares for public launch of tabletop gaming consoles Metro Denver's 29-month streak of monthly home price gains comes to an end Revealed: DBJ's 2022 C-Suite Awards winners, Part 1 Inaugural Colorado Cyber Games - National Cybersecurity Center Denver-based Ping Identity to sell for $2.8B Optiv's Annual $40K Scholarship for Black, African-American-Identifying STEM Students Now Open for Applicants ThreatX raises a fresh round of capital to protect APIs and web apps MDR Integration Update for Network, Cloud & Identity - Red Canary Building Business-relevant Application Threat Models with FAIR STRIDE Job Openings: CoBank - Senior Cloud Security Analyst Alterra Mountain Company - IT Security & Compliance Analyst Richey May - Offensive Security Lead Western Union - Information Security Senior Manager Denver Water - Information Security Analyst Zvelo - Senior Cyber Security Analyst Salesforce - Security GRC, Senior Analyst/ Manager T-mobile - Senior Engineer, Cybersecurity Evercommerce - Senior Security Engineer ULA - Cybersecurity Analyst 5 Upcoming Events: This Week and Next: HOME | Peak Cyber Symposium - 9/14-16 Let's Talk Software Security - Building a Successful Security Champion Program 9/16 RMISC - 9/21-23 ISC2 Pikes Peak - September Meeting - 9/28 ISACA CommunITy Day - 10/1 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0