Podcasts about remediant

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: A look at the Hive takedown UK's Royal Mail still struggling GitHub's code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week's show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,' FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker's online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: A look at the Hive takedown UK's Royal Mail still struggling GitHub's code signing certificates stolen TSA misses the point on no-fly list theft Much, much more This week's show is brought to you by Remediant, which is now a part of Netwrix. Tim Keeler is co-founder of Remediant and joins us to talk about how the PAM market – and the tech that makes it up – is changing. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes U.S. Department of Justice Disrupts Hive Ransomware Variant | OPA | Department of Justice U.S. Department of Justice Disrupts Hive Ransomware Variant - YouTube Ransomware experts laud Hive takedown but question impact without arrests - The Record from Recorded Future News Royal Mail progressing to full operations following ransomware attack - The Record from Recorded Future News British government minister told council to keep quiet after ransomware attack - The Record from Recorded Future News The Untold Story of a Crippling Ransomware Attack | WIRED Russia blocks access to US ‘Rewards for Justice,' FBI and CIA websites - The Record from Recorded Future News GitHub says hackers cloned code-signing certificates in breached repository | Ars Technica ESET: Sandworm could be behind new file-deleting malware targeting Ukraine - The Record from Recorded Future News TSA issues security directive to airports, carriers after 'no-fly' list leak - The Record from Recorded Future News U.S. No Fly list shared on a hacking forum, government investigating Chinese influence operations may lack critical element: influence | CyberScoop Cybercriminals scam two federal agencies via remote desktop tool, CISA warns | CyberScoop Kevin Rose loses pricey NFTs to wallet hack Moonbirds creator Kevin Rose loses $1.1M+ in NFTs after 1 wrong move NFT company gets restraining order to freeze hacker's online wallet - The Record from Recorded Future News Most Criminal Cryptocurrency Funnels Through Just 5 Exchanges | WIRED Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai Facebook two-factor authentication bypass issue patched | The Daily Swig AI-Generated Voice Firm Clamps Down After 4chan Makes Celebrity Voices for Abuse

If you've ever worked on a red or purple team, you know scaling engagements to production is an intensive, unwieldy process. Technology pitfalls may exist, but the fundamental problem is this: the process of writing, testing, deploying, and verifying the efficacy of TTPs is highly flawed and inconsistent. This conversation will focus on applying a scientific process to security testing in order to achieve production scale. Segment Resources: Prelude Build GitHub: https://github.com/preludeorg/build Prelude Docs: https://docs.prelude.org/docs Introducing Prelude Build: An Open Source IDE Purpose Built for Security Engineers: https://www.preludesecurity.com/blog/introducing-prelude-build-an-ide-purpose-built-for-security-engineers A Practical Guide for Scaling Continuous Security Testing: https://www.preludesecurity.com/blog/scaled-security-testing-a-practical-guide Prelude Build: https://www.preludesecurity.com/products/build   We will discuss the migration of the security community from Twitter to Mastodon, logistical challenges, and related matters of managing the community.   Finally, in the enterprise security news, Security funding is back, baby! Security Unicorn layoffs continue though! We talk Zombiecorns, IronNet struggles, Netwrix acquires Remediant, We talk breaches: Lastpass, Rackspace, Okta via Github, Slack via Github, Github announces 2FA improvements, AI generates insecure code, Cyberinsurance challenges, Fyre Festival Fraudster Funding more Frauds All that and more, on this episode of Enterprise Security Weekly.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw301

Finally, in the enterprise security news, Security funding is back, baby! Security Unicorn layoffs continue though! We talk Zombiecorns, IronNet struggles, Netwrix acquires Remediant, We talk breaches: Lastpass, Rackspace, Okta via Github, Slack via Github, Github announces 2FA improvements, AI generates insecure code, Cyberinsurance challenges, Fyre Festival Fraudster Funding more Frauds All that and more, on this episode of Enterprise Security Weekly.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw301

If you've ever worked on a red or purple team, you know scaling engagements to production is an intensive, unwieldy process. Technology pitfalls may exist, but the fundamental problem is this: the process of writing, testing, deploying, and verifying the efficacy of TTPs is highly flawed and inconsistent. This conversation will focus on applying a scientific process to security testing in order to achieve production scale. Segment Resources: Prelude Build GitHub: https://github.com/preludeorg/build Prelude Docs: https://docs.prelude.org/docs Introducing Prelude Build: An Open Source IDE Purpose Built for Security Engineers: https://www.preludesecurity.com/blog/introducing-prelude-build-an-ide-purpose-built-for-security-engineers A Practical Guide for Scaling Continuous Security Testing: https://www.preludesecurity.com/blog/scaled-security-testing-a-practical-guide Prelude Build: https://www.preludesecurity.com/products/build   We will discuss the migration of the security community from Twitter to Mastodon, logistical challenges, and related matters of managing the community.   Finally, in the enterprise security news, Security funding is back, baby! Security Unicorn layoffs continue though! We talk Zombiecorns, IronNet struggles, Netwrix acquires Remediant, We talk breaches: Lastpass, Rackspace, Okta via Github, Slack via Github, Github announces 2FA improvements, AI generates insecure code, Cyberinsurance challenges, Fyre Festival Fraudster Funding more Frauds All that and more, on this episode of Enterprise Security Weekly.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw301

Finally, in the enterprise security news, Security funding is back, baby! Security Unicorn layoffs continue though! We talk Zombiecorns, IronNet struggles, Netwrix acquires Remediant, We talk breaches: Lastpass, Rackspace, Okta via Github, Slack via Github, Github announces 2FA improvements, AI generates insecure code, Cyberinsurance challenges, Fyre Festival Fraudster Funding more Frauds All that and more, on this episode of Enterprise Security Weekly.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw301

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Why Entrust being ransomwared is good news UEFI bootkits turn hardware into landfill Microsoft resumes macro blocking rollout Pat and Adam talk about why plugging your IDP into legacy apps is a dreadful idea Much, much more This week's sponsor guest is Paul “The Voice” Lanzi of Remediant. He's popping along to talk about the emergence of a new product category – Identity Threat Detection and Response, or ITDR. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Italy investigating ransomware attack on tax agency - The Record by Recorded Future IT security giant Entrust says it's investigating alleged June data breach - The Record by Recorded Future Microsoft resuming default block of Office VBA macros - The Record by Recorded Future Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us | Ars Technica China: Declaration by the Minister for Foreign Affairs on behalf of the Belgian Government urging Chinese authorities to take action against malicious cyber activities undertaken by Chinese actors | Federal Public Service Foreign Affairs Cyber Command shares bevy of new malware used against Ukraine - The Record by Recorded Future Cyber criminals attack Ukrainian radio network, broadcast fake message about Zelensky's health Congress goes after spyware purveyors. Will it make a difference? Report: Mercenary spyware exploited Google Chrome zero-day to target journalists - The Record by Recorded Future TSA unveils updated cybersecurity regulations of oil and gas pipelines - The Record by Recorded Future Congress Might Actually Pass ADPPA, the American Data Privacy and Protection Act | WIRED Federal privacy legislation progresses, but concerns about data brokers loom China cybersecurity agency fines ride-hailing giant Didi $1.2 billion for data issues - The Record by Recorded Future T-Mobile reaches historic $350 million settlement in 2021 data breach - The Record by Recorded Future Former Coinbase Manager Arrested by Feds for Alleged Insider Trading Cisco patches dangerous bug trio in Nexus Dashboard | The Daily Swig Atlassian patches batch of critical vulnerabilities across multiple products | The Daily Swig Hardcoded password in Confluence app has been leaked on Twitter | Ars Technica

The wildly popular massive-multiplayer online games don't make the news much for big security breaches, but it appears they are vulnerable to lateral attacks that can steal data and abuse children. The companies that run these platforms tend to blame the users for breaching security. We spent some time with Raj Dodhiawala, CEO of Remediant, a cybersecurity SaaS company that defends networks against lateral attacks. He was pretty hard on companies that expect users to protect the network. Look for a larger article on game platform breaches in Cyber Protection Magazine --- Send in a voice message: https://anchor.fm/crucialtech/message Support this podcast: https://anchor.fm/crucialtech/support

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Okta's somewhat awful comms around its LAPSUS$ incident Inside Microsoft's brush with the same group How Elon Musk's Starlink service is being used to drop bombs on Russian tanks US, UK governments warn of impending Russian cyberdoom Much, much more… This week's sponsor interview is with Paul Lanzi, co-founder of Remediant. Paul joins the show this week to talk about cyber insurance. It's a topic that has come up a lot for us lately – ransomware has borderline sunk the current cyber insurance model as payments ballooned and payouts made a lot of insurers adjust premiums to the. But all is not lost – Paul says this blowup means the insurance industry is actually adapting and could wind up being a driver of better security practices. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Hackers hit authentication firm Okta, customers 'may have been impacted' | Reuters Updated Okta Statement on LAPSUS$ | Okta Microsoft investigating Lapsus$ claims of Bing, Cortana data theft - The Record by Recorded Future DEV-0537 criminal actor targeting organizations for data exfiltration and destruction - Microsoft Security Blog U.K. echoes Biden warning on Russian cyberattacks - The Record by Recorded Future Statement by President Biden on our Nation's Cybersecurity | The White House FBI advised that hackers scanned networks of 5 US energy firms ahead of Biden's Russia cyberattack warning - CNNPolitics CISA, FBI warn of satellite network hacks following Viasat cyberattack - The Record by Recorded Future Specialist Ukrainian drone unit picks off invading Russian forces as they sleep | News | The Times China's DJI And Its Billionaire Chief Put In An Awkward Spot As Both Sides In Ukraine War Use Its Drones Alert: peacenotwar module sabotages npm developers in the node-ipc package to protest the invasion of Ukraine | Snyk Catalin Cimpanu on Twitter: "Following the poisoning of the node-ipc npm package to sabotage systems in Belarus and Russia, Russia's NKTsKI cyber-security agency has told companies to use local repos for FOSS software, use older versions prior to the invasion, and audit new updates https://t.co/3PlKdXTfn1 https://t.co/EV25HBBZFN" / Twitter U.S. bars ex-spies from becoming 'mercenaries,' following Reuters series | Reuters Behold, a password phishing site that can trick even savvy users | Ars Technica Death of the Password? FIDO Alliance Reveals Its New Plan | WIRED Scammers have 2 clever new ways to install malicious apps on iOS devices | Ars Technica New details emerge on prolific Conti-linked cybercrime group Trickbot is using MikroTik routers to ply its trade. Now we know why | Ars Technica Sandworm-linked botnet has another piece of hardware in its sights Hacker Steals Customer Data From Circle, BlockFi, Other Big Crypto Firms - Decrypt Lawmakers Probe Early Release of Top RU Cybercrook – Krebs on Security A different way to do PAM -- Paul Lanzi, Remediant - YouTube

Endpoint detection and response (EDR) is quickly evolving into extended detection and response (XDR). That means that identity is moving to the center of your security approach. In this episode, Paul Lanzi, Co-founder and COO at Remediant, discusses the new capabilities available in XDR solutions and how the ability to gain granular control at the identity level is a game-changer for security teams facing modern threats.

On this week's show Patrick Gray and Adam Boileau discuss recent security news, including: Analysis suggests the Kaseya REvil incident was actually a bit of a fizzer They also obtained a decrypt key and no one knows how EU to follow US Treasury on Bitcoin controls Israeli Government has eyes on NSO fallout PetitPotam Active Directory technique is very bad news Much, much more… This week's show is brought to you by Remediant. Remediant makes a PAM solution that's, well, quite different from the traditional password-vault style solutions. That's put them in an interesting situation lately with Gartner. Remediant scored an honourable mention as a PAM to take note of, alongside Microsoft, but the thing is they don't even qualify as a PAM vendor under Gartner's own criteria. This might mean the analyst firms need to re-jig the way they evaluate and rank tech given there are so many more ways to skin cats these days. Remediant co-founder Paul Lanzi will join me in this week's sponsor slot to talk through all of that. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Security Researchers' Hunt to Discover Origins of the Kaseya VSA Mass Ransomware Incident Kaseya says it didn't pay ransomware gang for decryption key after hacks affected hundreds Kaseya obtains universal decryptor for REvil ransomware victims Joe Tidy on Twitter: "The impact of the South African port cyber attack is getting worse. The Road Freight Association (RFA) said it was “dismayed and gravely concerned” about the cyber-attack on Durban Port. https://t.co/iT1WAP165Z https://t.co/ipssCVfSIo" / Twitter Port cyber attack: Now Road freighters concerned about goods Chat logs show how Egregor, an $80 million ransomware gang, handled negotiations with little mercy FBI tracking more than 100 active ransomware groups New Haron ransomware gang emerges, borrows from Avaddon and Thanos - The Record by Recorded Future BlackMatter ransomware targets companies with revenue of $100 million and more - The Record by Recorded Future Spammer floods the Babuk ransomware gang's forum with gay porn GIFs - The Record by Recorded Future No More Ransom celebrates success in helping 600k people recover from ransomware attacks | The Daily Swig Justice Department officials urge Congress to pass ransomware notification law New EU legislation to ban anonymous cryptocurrency wallets, transfers - The Record by Recorded Future Government said to form team to deal with fallout of NSO spyware revelations | The Times of Israel ‘If You're Not A Criminal, Don't Be Afraid'—NSO CEO On ‘Insane' Hacking Allegations Facing $1 Billion Spyware Business NSO Group CEO Claims BDS Is Probably Behind Damning Investigation New PetitPotam attack forces Windows servers to authenticate with an attacker - The Record by Recorded Future HD Moore on Twitter: "It is wild to see *unauthenticated* RCE via NTLM relay attacks, again, in 2021: https://t.co/CiS4bKH8oV (decades since smbrelay / karma / karmetasploit PoCs)" / Twitter KB5005413: Mitigating NTLM Relay Attacks on Active Directory Certificate Services (AD CS) A Controversial Tool Calls Out Thousands of Hackable Websites | WIRED IDEMIA fixes vulnerability that can allow threat actors to open doors remotely - The Record by Recorded Future PlugwalkJoe Does the Perp Walk – Krebs on Security UK man arrested in Spain for role in Twitter 2020 hack - The Record by Recorded Future Praying Mantis APT targets IIS servers with ASP.NET exploits - The Record by Recorded Future Botnet operator who proxied traffic for other cybercrime groups pleads guilty - The Record by Recorded Future Chinese hacking group APT31 uses mesh of home routers to disguise attacks - The Record by Recorded Future VPN servers seized by Ukrainian authorities weren't encrypted | Ars Technica Accused CIA leaker Joshua Schulte allowed to represent himself at next Vault 7 trial Seriously Risky Business

$3 will get you private webcam feeds sold as home video tapes Ubiquiti attacker tried to extort us, company confirms Crooks offer $500 for work logins, $25/month if they stay valid Thanks to our episode sponsor, Remediant Former Incident Response practitioners Tim Keeler and Paul Lanzi founded Remediant, a leader in Privileged Access Management. They did it to solve the one problem they saw repeatedly - standing administrator privileges. Repeatedly, they saw these rights weaponized by adversaries to deploy ransomware and move laterally across a network. Remediant uniquely addresses the challenge of standing privilege and be a force multiplier to Security programs worldwide. To learn more about Tim & Paul’s story, watch the video at remediant.com.

North Korean hackers targeting security researchers Report details data sent from mobile operating systems Does CISA have the resources to succeed? Thanks to our episode sponsor, Remediant Did you know the average large enterprise workstation has 480 admins with 24x7 access to it? This access is called standing privilege and is an adversary’s favorite tool and a security team’s biggest undiscovered risk. Precision PAM leader Remediant addresses this risk by providing just enough access just in time, eliminating standing privilege with continuous scanning and agentless, vaultless simplicity. To learn more, visit remediant.com

Link to Blog Post https://cisoseries.com/cyber-security-headlines-week-in-review-march-29-april-2-2021/ Thanks to our episode sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management, one that a Fortune 100 company calls "the world's best protection against major incidents." Remediant uniquely: Deploys and inventories thousands of privileged accounts in hours Locks down lateral movement & ransomware spread by removing standing privilege with a single action Administer privileges just-in-time with MFA To learn more, visit remediant.com All links and the video of this episode can be found on CISO Series.com

Intel sued under wiretapping laws for tracking user activity on its website Whistleblower: Ubiquiti breach “catastrophic” Gibberish tweet from US nuclear-agency was from unattended child Thanks to our episode sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and a Fortune 100 company calls "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA. To learn more, visit remediant.com For the stories behind the headlines, head to CISOseries.com

Emails from DHS officials obtained in SolarWinds hack Docker Hub images contain cryptominers Commits with backdoor pushed to PHP Thanks to our episode sponsor, Remediant Former Incident Response practitioners Tim Keeler and Paul Lanzi founded Remediant, a leader in Privileged Access Management. They did it to solve the one problem they saw repeatedly - standing administrator privileges. Repeatedly, they saw these rights weaponized by adversaries to deploy ransomware and move laterally across a network. Remediant uniquely addresses the challenge of standing privilege and be a force multiplier to Security programs worldwide. To learn more about Tim & Paul’s story, watch the video at remediant.com.

Apple releases emergency update for iPhones, iPads, and Apple Watch Android system update may contain spyware Senators offer to let NSA hunt cyber actors inside the US Thanks to our episode sponsor, Remediant Did you know the average large enterprise workstation has 480 admins with 24x7 access to it? This access is called standing privilege and is an adversary’s favorite tool and a security team’s biggest undiscovered risk. Precision PAM leader Remediant addresses this risk by providing just enough access just in time, eliminating standing privilege with continuous scanning and agentless, vaultless simplicity. To learn more, visit remediant.com For the stories behind the headlines, head to CISOseries.com.

Jim and Jeff talk with Paul Lanzi, Co-Founder and COO at Remediant, about privileged access management maturity and capabilities that impact the overall security and risk management for an organization. Paul Lanzi: https://www.linkedin.com/in/planzi/ Remediant: https://www.remediant.com Lockheed Success Story: https://www.remediant.com/solutions/success-story CSNP: https://www.csnp.org/ IDSA: https://www.idsalliance.org/ Connect with Jim and Jeff on LinkedIn here: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show at www.IdentityAtTheCenter.com and follow @IDACPodcast on Twitter. --- Send in a voice message: https://anchor.fm/identity-at-the-center/message

On this week’s show Patrick and Adam discuss the week’s security news, including: Zoom settles with FTC over misleading E2EE claim Some poor sod had to give up $1bn in Bitcoin Solaris SSH 0day? Let’s party like it’s 1999 Samy Kamkar’s latest trick: NAT Slipstreaming Australia’s hardcore critical infrastructure protection bill Much, much more This week’s show is brought to you by Remediant. Company co-founder Paul Lanzi joins the show in this week’s sponsor interview to talk about how they’ve been helping companies recover from ransomware attacks. Maybe listen to this one. You know. Just in case you find yourself in that situation one day? Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Zoom settles FTC charges for misleading users about security features | ZDNet Someone has transferred ~$1 billion from a bitcoin wallet quiet since 2015 | Ars Technica The feds just seized Silk Road’s $1 billion stash of bitcoin | Ars Technica Hacker group uses Solaris zero-day to breach corporate networks | ZDNet NAT Slipstreaming hack tricks firewalls and routers | The Daily Swig Australia's hardcore critical infrastructure laws open to challenge - Risky Business 23,600 hacked databases have leaked from a defunct 'data breach index' site | ZDNet More suspected North Korean malware identified after US alert on Kimsuky hackers Suspected North Korean hackers who targeted job applicants prove more ambitious than first believed The many personalities of Lazarus - Risky Business Windows 10, iOS, Chrome, and many others fall at China's top hacking contest | ZDNet Linux version of RansomEXX ransomware discovered | ZDNet Cyberattack on U. of Vermont hospital IT network delays chemotherapy, mammogram appointments Building wave of ransomware attacks strike U.S. hospitals | Reuters Why Paying to Delete Stolen Data is Bonkers — Krebs on Security Israeli companies targeted with new Pay2Key ransomware | ZDNet Capcom takes systems offline following cyber-attack | The Daily Swig Company that runs US illegal immigration detention centers discloses ransomware attack | ZDNet Ransomware Hits Dozens of Hospitals in an Unprecedented Wave | WIRED Italian beverage vendor Campari knocked offline after ransomware attack | ZDNet Compal, the second-largest laptop manufacturer in the world, hit by ransomware | ZDNet Toy maker Mattel discloses ransomware attack | ZDNet Wisconsin Republicans say last minute hack cost party $2 million meant to reelect Trump FBI: Hackers stole source code from US government agencies and private companies | ZDNet Pwned: Deloitte Hacker IQ game forced offline after hack | The Daily Swig Russian authorities make rare arrest of malware author | ZDNet CERT/CC launches Twitter bot to give security bugs random names | ZDNet Oracle publishes rare out-of-band security update for WebLogic servers | ZDNet Apple fixes three iOS zero-days exploited in the wild | ZDNet After two zero-days in Chrome desktop, Google patches a third zero-day in the Android version | ZDNet Google’s Project Zero discloses Windows 0-day that’s been under active exploit | Ars Technica Google discloses Windows zero-day exploited in the wild | ZDNet Google patches second Chrome zero-day in two weeks | ZDNet ACOS/aGalaxy GUI RCE Vulnerability – CVE-2020-24384 – A10 Support Infamous ‘Hoax’ Artist Behind Trumpworld’s New Voter Fraud Claim (1) Matthew Gertz (@MattGertz) / Twitter

Portland passes bans on facial recognition technology. Bluetooth SIG publishes details on Blurtooth vulnerability. Microsoft detects attempted cyberattacks against US presidential campaigns. Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

NSA, CIA have proof of Russians hacking Florida voting systems, says Woodward's ‘Rage’ DHS whistleblower alleges he was ordered to halt Russia analysis because Trump looked ‘bad’ U.S. Supreme Court will decide legality of bug bounties Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

China launches initiative to set global data-security rules Google releases new development platform that includes no-code tools and serverless computing Intel’s supercomputer faces further delay Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA. For more, head to CISOSeries.com

Visa discovers new skimming malware. The US issues a space policy directive on cybersecurity. Netwalker ransomware hits Argentina's immigration systems. Thanks to our sponsor, Remediant Remediant is a fast growing Gartner Cool vendor focused on the concept of precision Privileged Access Management and one Fortune 100 company calls them "the world's best protection against major incidents." Remediant uniquely deploys & inventories thousands of privileged accounts in hours, locks down lateral movement & ransomware spread by removing standing privilege with a single action, and administers privileges just-in-time with MFA.

On this week’s show Patrick and Adam discuss the week’s security news, including: Salt framework 1Day wreaks havoc Toll Group hit with ransomware attack. Again. Germans indict APT28 operator Ransomware a key word in SEC filings Much, much more! This week’s show is brought to you by Remediant. They offer software that lets you get privileged accounts under control very quickly. In this week’s sponsor interview we’re chatting with Remediant’s COO Paul Lanzi and Julie Smith, the executive director of the Identity Defined Security Alliance (IDSA). We’ll be talking about what the IDSA actually is and what its goals are. You can subscribe to the new Risky Business newsletter, Seriously Risky Business, here. You can subscribe to our new YouTube channel here. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes Salt DevOps framework shaken by data center server security flaws | The Daily Swig CT2 Log Compromised via Salt Vulnerability - Google Groups Ghost blogging platform servers hacked and infected with crypto-miner | ZDNet Hackers seize on software flaw to breach two victims, despite patch availability Hackers breach LineageOS servers via unpatched vulnerability | ZDNet German authorities charge Russian hacker for 2015 Bundestag hack | ZDNet bellingcat - Who Is Dmitry Badin, The GRU Hacker Indicted By Germany Over The Bundestag Hacks? - bellingcat Toll Group suffers second ransomware attack this year - Security - iTnews Taiwan’s state-owned energy company suffers ransomware attack Ransomware mentioned in 1,000+ SEC filings over the past year | ZDNet Indonesian e-commerce giant probes reported breach of 91 million credentials Estonia: Foreign hackers breached local email provider for targeted attacks | ZDNet Google and Apple Reveal How Covid-19 Alert Apps Might Look | WIRED Australia’s COVID-19 app is buggy, not yet operational - Risky Business (13) Senator Murray Watt on Twitter: "Here are just a few of the issues with the Govt’s #COVIDSafe app that we’ll explore at today’s #COVID-19 Senate hearing. If it’s central to our recovery, we need to know it works. ⁦@riskybusiness⁩ https://t.co/ATtL6UExqs" / Twitter Coronavirus Australia: COVIDSafe app privacy law to seek jail time for offenders The United Nations Coronavirus App Doesn’t Work - VICE Apple, Google ban use of location tracking in contact tracing apps - Reuters Hacker Bribed 'Roblox' Insider to Access User Data - VICE CursedChrome turns your browser into a hacker's proxy | ZDNet Google announces Chrome Web Store crackdown for August 2020 | ZDNet First seen in the wild - Malware uses Corporate MDM as attack vector - Check Point Research Executive Order on Securing the United States Bulk-Power System | The White House DHS CISA to provide DoH and DoT servers for government use | ZDNet UK NCSC to stop using 'whitelist' and 'blacklist' due to racial stereotyping | ZDNet SAP notifying 9% of customers about mysterious cloud products security holes | ZDNet Adult Cam Site CAM4 Exposed 10.88 Billion Records Online | WIRED How Cybercriminals are Weathering COVID-19 — Krebs on Security NSO Group partly disputes claim about use of U.S.-based servers in WhatsApp spy campaign LabCorp investors file lawsuit, alleging 'persistent' failure to secure data Exclusive: Warning Over Chinese Mobile Giant Xiaomi Recording Millions Of People’s ‘Private’ Web And Phone Use Apple will make it easier to unlock your iPhone while wearing a face mask | TechCrunch Magento security: Adobe patches six critical flaws in e-commerce platform | The Daily Swig Oracle warns of attacks against recently patched WebLogic security bug | ZDNet Putting Identity at the Center of Security - Identity Defined Security Alliance Remediant: Privileged Access Management | SecureONE

Tortoiseshell is trolling for military veterans. There’s been a fresh Fancy Bear sighting. The transcript of a conversation between the US and Ukrainian presidents has been released. Citizen Lab warns that Poison Carp is actively working against Tibetan groups. A zero-day afflicting vBulletin forum software is out. GandCrab comes out of retirement. And there’s an odd spam campaign in circulation that looks like phishing but seems not to be.  Ben Yelin from UMD CHHS on the White House blocking Congress from auditing its offensive hacking strategy. Guest is Tim Keeler from Remediant looking at lateral movement in the context of the NotPetya attacks. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_25.html  Support our show

All links and images for this episode can be found on CISO Series (https://cisoseries.com/like-fine-wine-our-vendor-bs-meter-gets-better-with-age/)  The bouquet of this particular vendor BS is a mixture of FUD, unnecessary urgency, and a hint of pecan. Look to your left and grab the spittoon because we don't expect everyone to swallow what you're about to hear on this week's episode of CISO/Security Vendor Relationship Podcast. This episode is hosted by me, David Spark (@dspark), producer of CISO Series and founder of Spark Media Solutions and Mike Johnson. Our guest this week is Olivia Rose, CISO for MailChimp. Thanks to this week's podcast sponsor Remediant Eighty one percent of cyberattacks utilize stolen administrative credentials. Yet, legacy enterprise password vaults solve only a fraction of the problem and are difficult to rollout. Remediant’s SecureONE takes a new approach to privileged access management: offering agent-less, vault-less, continuous detection and just-in-time-administration. Learn what Remediant can do in a half-day POC deployment. On this week's episode Why is everyone talking about this now? One of the reasons we hate hearing security buzzwords is because it doesn't help us understand what it is a vendor is trying to sell. When a vendor says we have a "zero trust" product, what does that mean? We delve into some of the tell-tale signs that a vendor or consultant is trying to BS you. According to Olivia Rose, if you're going to pitch a CISO, make sure you can answer the following simply and succinctly: What does our product/service do? What specific security problem does it solve? How will it affect the typical strategic/business drivers for a company? It's time for "Ask a CISO" Fernando Montenegro, analyst for 451 Research, asked, "How can the CISO be a change agent for the security team so it can better align with the business?" What's Worse?! For this week's game I picked a question very apropos for our guest's current situation. Um… maybe you shouldn't have done that Unconscious bias towards women in professional settings is not always overt nor intentional, but it happens. We discuss some examples of unconscious bias for both women and men. And we discuss how too much of it can really push women out of the security industry. A distributed denial of service attack is the scourge of IT security. According to Verisign, one-third of all downtime incidents are attributed to DDoS attacks, and thousands happen every day. Are they created by sophisticated black hatted evil doers from an underground lair? Of course not. Welcome to the world of cybercrime-as-a-service. You too can silence a competitor or cause havoc for pretty much anyone for as low as $23.99 a month. Just have your credit card or Bitcoin ready. For more, go to CISOSeries.com. Check out lots more cloud security tips sponsored by OpenVPN, provider of next-gen secure and scalable communication software. OpenVPN Access Server keeps your company’s data safe with end-to-end encryption, secure remote access, and extension for your centralized UTM. First 90 days of a CISO Being just six weeks in, our guest, Olivia Rose is living the first 90 days of a CISO. We asked her and Mike what it's like those first few weeks. And to no one's surprise, it's beyond overwhelming.

We interviewed NetScout, Remediant, and BitDefender at Black Hat 2019!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode149 Visit https://www.securityweekly.com/esw for all the latest episodes!

We interviewed NetScout, Remediant, and BitDefender at Black Hat 2019!   Full Show Notes: https://wiki.securityweekly.com/ES_Episode149 Visit https://www.securityweekly.com/esw for all the latest episodes!

This week, Paul and Matt Alderman interview Mehul Revankar, Senior Product manager at SaltStack, to discuss the Sec and Ops Challenge! In the Enterprise Security News, Signal Sciences Rolls New Application Security Product, A10 Networks brings zero-day automated protection to DDoS defense, and we have some acquisition and funding updates from Symantec, McAfee, Cybereason, and Capsule8! In our final segment, we air three pre-recorded interviews with NETSCOUT, Remediant, and BitDefender from BlackHat USA 2019!   To learn more about NetScout, visit: https://securityweekly.com/netscout Full Show Notes: https://wiki.securityweekly.com/ES_Episode149   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Paul and Matt Alderman interview Mehul Revankar, Senior Product manager at SaltStack, to discuss the Sec and Ops Challenge! In the Enterprise Security News, Signal Sciences Rolls New Application Security Product, A10 Networks brings zero-day automated protection to DDoS defense, and we have some acquisition and funding updates from Symantec, McAfee, Cybereason, and Capsule8! In our final segment, we air three pre-recorded interviews with NETSCOUT, Remediant, and BitDefender from BlackHat USA 2019!   To learn more about NetScout, visit: https://securityweekly.com/netscout Full Show Notes: https://wiki.securityweekly.com/ES_Episode149   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

Find all links and images from this episode on CISO Series (https://cisoseries.com/defense-in-depth-is-the-cybersecurity-industry-solving-our-problems/) Is the cybersecurity industry solving our problems? We've got lots of new entrants. Are they doing anything new, or just doing the same thing slightly better? Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel.  Our guest this week is Taylor Lehmann (@BostonCyberGuy), CISO, Wellforce. Thanks to this week’s podcast sponsor, Remediant Eighty one percent of cyberattacks utilize stolen administrative credentials. Yet, legacy enterprise password vaults solve only a fraction of the problem and are difficult to rollout. Remediant's SecureONE takes a new approach to privileged access management: offering agent-less, vault-less, continuous detection and just-in-time-administration. Learn what Remediant can do in a half-day POC deployment. On this episode of Defense in Depth, you'll learn: Industry is just growing symptoms to core issues. The cybersecurity industry is motivated by marketplace which justifies investment. As one might expect many security solutions are just hyped rather than built on innovations. While many of our listeners are rather savvy, we expect most purchases are reactive rather proactive. And if this continues, then the profit-minded vendors will still deliver reactive-based solutions. We've got a radical increase in problems. We're just chasing the problems by spending more money. Security people know that the solution is people, process, and technology, but far too often we're looking for a 'box' to solve our problems. We don't look at the tougher challenge of people and processes. So much of the security market is reactive in its purchase decision. To improve your success rate in cybersecurity you need to be forward-thinking about building out your security program and your spend. One area of opportunity that not enough companies are taking advantage of is offering dramatically cheaper solutions than alternatives even though they don't perform as well. There is a definite market for those types of solutions. We always lean on security products to solve our problems rather looking internally at our people and processes. There is always a losing comparison between attackers and defenders. An attacker can come up with a new variant of attack in minutes to hours. Defenders in enterprises often take months to implement patches for known vulnerabilities.

If you can't see all the show notes (with images and links) head here: https://cisoseries.com/defense-in-depth-privileged-access-management-pam/ Where does privileged access management (PAM) fit in the order of operations? Check out this post and discussion and this one for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our sponsored guest for this episode is Tim Keeler, CEO and co-founder of Remediant. Thanks to this week’s podcast sponsor, Remediant Eighty one percent of cyberattacks utilize stolen administrative credentials. Yet, legacy enterprise password vaults solve only a fraction of the problem and are difficult to rollout. Remediant's SecureONE takes a new approach to privileged access management: offering agent-less, vault-less, continuous detection and just-in-time-administration. Learn what Remediant can do in a half-day POC deployment. On this episode of Defense in Depth, you'll learn: Privileged access management is designed to control lateral movement when an intruder gets legitimate access to your network. You can't protect what you don't know. A privileged access management program is ineffective without complete asset inventory and classification. Don't wait to begin instituting a PAM solution. It's unrealistic to believe you'd have a complete inventory right away that you could begin PAM. You'll probably have to work with what you've got. It's a moving target for all. It may be an incomplete target as well... at the beginning. Two-factor authentication (2FA) has a role. It can help with both initial intrusion and escalation. PAM's role is more refined with its ability to prevent escalation. One of the debated issues was how does PAM negatively affect the user experience. Concerns of pushback and productivity issues resulted in companies refusing to implement 2FA or PAM.

Full post for this episode (https://cisoseries.com/defense-in-depth-machine-learning-failures/) NOTE: You're seeing this special episode of Defense in Depth, because we think our CISO/Security Vendor Relationship Podcast listeners should hear it.  Is garbage in, garbage out the reason for machine learning failures? Or is there more to the equation? Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest for this episode is Davi Ottenheimer (@daviottenheimer), product security for MongoDB. Thanks to this week’s podcast sponsor, Remediant 81% of cyberattacks utilize stolen administrative credentials. Yet, legacy enterprise password vaults solve only a fraction of the problem and are difficult to rollout. Remediant's SecureONE takes a new approach to privileged access management: offering agent-less, vault-less, continuous detection and just-in-time-administration. Learn what Remediant can do in a half-day POC deployment. On this episode of Defense in Depth, you'll learn: Don't fall victim to believing that success and failure of machine learning is isolated to just garbage in/garbage out. It's far more nuanced than that. Some human actually has to determine what is considered garbage in and what is not. It only takes a very small amount of data to completely corrupt and ruin machine learning data. This knowledge of small infection can spread and corrupt all of the data and can have political and economic motivations to do just that. We have failures in human intervention. Machine learning can just magnify that at rapid rates. While there are many warning signs that machine learning can fail, and we have the examples to back it up, many argue that competitive environments don't allow us to ignore it. We're in a use it or lose it scenario. Even when you're aware of the pitfalls, you may have no choice but to utilize machine learning to accelerate development and/or innovation.

Full post for this episode (https://cisoseries.com/defense-in-depth-machine-learning-failures/) Is garbage in, garbage out the reason for machine learning failures? Or is there more to the equation? Check out this post and discussion for the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the creator of CISO Series and Allan Alford (@AllanAlfordinTX), CISO at Mitel. Our guest for this episode is Davi Ottenheimer (@daviottenheimer), product security for MongoDB. Thanks to this week’s podcast sponsor, Remediant 81% of cyberattacks utilize stolen administrative credentials. Yet, legacy enterprise password vaults solve only a fraction of the problem and are difficult to rollout. Remediant's SecureONE takes a new approach to privileged access management: offering agent-less, vault-less, continuous detection and just-in-time-administration. Learn what Remediant can do in a half-day POC deployment. On this episode of Defense in Depth, you'll learn: Don't fall victim to believing that success and failure of machine learning is isolated to just garbage in/garbage out. It's far more nuanced than that. Some human actually has to determine what is considered garbage in and what is not. It only takes a very small amount of data to completely corrupt and ruin machine learning data. This knowledge of small infection can spread and corrupt all of the data and can have political and economic motivations to do just that. We have failures in human intervention. Machine learning can just magnify that at rapid rates. While there are many warning signs that machine learning can fail, and we have the examples to back it up, many argue that competitive environments don't allow us to ignore it. We're in a use it or lose it scenario. Even when you're aware of the pitfalls, you may have no choice but to utilize machine learning to accelerate development and/or innovation.

In this episode: JD Sherry, Colorado security entrepreneur and CRO at Remediant is our feature guest this week. News from: CHI, SendGrid, Fast Enterprises, Madwire, National Cybersecurity Center, CableLabs, SecureSet, Webroot, LogRhythm, Red Canary, and a lot more! Full notes: https://www.colorado-security.com/news/2017/12/4/45-1211-jd-sherry-colorado-security-entrepreneur We're better than the Broncos Things might not be great for Denver's football game, but it's a great time to do security here. This week's news includes Catholic Health Initiatives merging with Dignity Health, three local companies named to Glassdoor's best employers list, news from National Cybersecurity Center, CableLabs, SecureSet, Webroot, LogRhythm, Red Canary, and a lot more! Please come join us on the new Colorado = Security Slack channel to meet old and new friends. Did you catch our trivia question? Be the first to reply to info@colorado-security.com with the right answer and get any $25 item from the Colorado = Security store. Feature interview: JD Sherry is our feature interview this week, and it's a good one. JD is located right here in the Denver area, and has had a number of executive positions in the security industry, from tech guy to CEO, and from massive companies (Intel) to start ups (Remediant). JD shares with us what he's learned and what he sees coming up next for the security community. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com Local security news: Join the Colorado = Security Slack channel CHI to merge with Dignity Health Three Colorado companies on Glassdoor’s best places to work list New Cybersecurity Center in Colorado Aims to Bring Good Practices to the Masses ENISA's new recommendations for IoT security Founder Spotlight: Bret Fund and His Advice to Cybersecurity Students Webroot's 15th consecutive quarter of double digit business growth LogRhythm named Leader in 2017 Gartner MQ for SIEM Atomic Red Team Tests: Catching the Dragon by the Tail - Red Canary Job Openings: Charles Schwab - Managing Director - Threat Management & Intelligence Trustwave - Supervisor - Security Operations (SOC) MBL Technologies - Information System Security Officer Deloitte - Information Security, Risk and Governance Analyst Dell - InfoSec Analyst - Security Operations CoBiz Financial - Information Security Risk Analyst University of Colorado - Assistant Professor of Information Systems TD Ameritrade - Associate Counsel, Privacy Xactly - Senior Director of IT Upcoming Events: This Week and Next: CTA - CTA 101 - 12/13 ISSA / ISACA Joint Meeting @ Comedy Works - 12/14 CTA - Legislative Outlook - 12/14 Colorado = Security lunch meet-up! (check us out on Slack for details) CitySec - Meetup North - 12/21 Other Notable Upcoming Events: Optiv - 2017 Solution and Program Insight Focus Group: Application Security (AppSec) - 1/18 SnowFROC - 3/8 Rocky Mountain Information Security Confernce - 5/8-10 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0