Podcast appearances and mentions of ryan kalember

On this week's show Patrick and Adam discuss the week's security news, including: Ransomware: down but not out Zero day prices on the rise… … and what it means for enterprise software Geopolitical conflict comes to computers in Palau Ukraine cyber chief Illia Vitiuk suspended More x86 microarchitectural bad times And much much more Proofpoint's chief strategy officer Ryan Kalember is this week's sponsor guest. He takes aim at some recent vendor trends, like security companies describing themselves as “platforms”. Show notes CyberCX_Report_DFIR 2023 Year in Review_Online.pdf Ransomlook Stats Vlad Styran

On this week's show Patrick and Adam discuss the week's security news, including: Ransomware: down but not out Zero day prices on the rise… … and what it means for enterprise software Geopolitical conflict comes to computers in Palau Ukraine cyber chief Illia Vitiuk suspended More x86 microarchitectural bad times And much much more Proofpoint's chief strategy officer Ryan Kalember is this week's sponsor guest. He takes aim at some recent vendor trends, like security companies describing themselves as “platforms”. Show notes CyberCX_Report_DFIR 2023 Year in Review_Online.pdf Ransomlook Stats Vlad Styran

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Iran-linked attacks on US water infrastructure Why the ownCloud bug isn't the end of the world The D-Link 0day that… never existed? In defence of Okta Much, much more This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of Cybersecurity Strategy, is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks | Cybersecurity Dive North Texas water utility the latest suspected industrial ransomware target | Cybersecurity Dive Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation | Ars Technica Staples hit by cyberattack during critical Cyber Week sales push | Cybersecurity Dive New Jersey, Pennsylvania hospitals affected by cyberattacks 60 credit unions facing outages due to ransomware attack on popular tech provider HHS warns of ‘Citrix Bleed' attacks after hospital outages Payments processor Tipalti investigating ransomware attack | Cybersecurity Dive CISA's Goldstein wants to ditch 'patch faster, fix faster' model | CyberScoop Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers | CISA Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says Latest severe Chrome bug prompts CISA warning Google researchers report critical 0-days in Chrome and all Apple OSes | Ars Technica Okta again promises it is taking security seriously | Cybersecurity Dive Okta: Breach Affected All Customer Support Users – Krebs on Security Russian and Chinese interference networks are ‘building audiences' ahead of 2024, warns Meta Meta says it broke up Chinese influence operation looking to exploit U.S. political divisions Clandestine online operations now require sign-off by senior officials - The Washington Post Feds seize Sinbad crypto mixer allegedly used by North Korean hackers | TechCrunch US sanctions North Korean ‘Kimsuky' hackers after surveillance satellite launch ‘Fugitive' Spanish aristocrat behind North Korea cryptocurrency conference arrested Used by only a few nerds, Facebook kills PGP-encrypted emails | TechCrunch

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: Iran-linked attacks on US water infrastructure Why the ownCloud bug isn't the end of the world The D-Link 0day that… never existed? In defence of Okta Much, much more This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of Cybersecurity Strategy, is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes CISA warns of threat groups exploiting Unitronics PLCs in water treatment hacks | Cybersecurity Dive North Texas water utility the latest suspected industrial ransomware target | Cybersecurity Dive Florida water agency latest to confirm cyber incident as feds warn of nation-state attacks ownCloud vulnerability with maximum 10 severity score comes under “mass” exploitation | Ars Technica Staples hit by cyberattack during critical Cyber Week sales push | Cybersecurity Dive New Jersey, Pennsylvania hospitals affected by cyberattacks 60 credit unions facing outages due to ransomware attack on popular tech provider HHS warns of ‘Citrix Bleed' attacks after hospital outages Payments processor Tipalti investigating ransomware attack | Cybersecurity Dive CISA's Goldstein wants to ditch 'patch faster, fix faster' model | CyberScoop Threat Actors Exploit Adobe ColdFusion CVE-2023-26360 for Initial Access to Government Servers | CISA Kremlin-backed hackers attacking unpatched Outlook systems, Microsoft says Latest severe Chrome bug prompts CISA warning Google researchers report critical 0-days in Chrome and all Apple OSes | Ars Technica Okta again promises it is taking security seriously | Cybersecurity Dive Okta: Breach Affected All Customer Support Users – Krebs on Security Russian and Chinese interference networks are ‘building audiences' ahead of 2024, warns Meta Meta says it broke up Chinese influence operation looking to exploit U.S. political divisions Clandestine online operations now require sign-off by senior officials - The Washington Post Feds seize Sinbad crypto mixer allegedly used by North Korean hackers | TechCrunch US sanctions North Korean ‘Kimsuky' hackers after surveillance satellite launch ‘Fugitive' Spanish aristocrat behind North Korea cryptocurrency conference arrested Used by only a few nerds, Facebook kills PGP-encrypted emails | TechCrunch

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: The FBI takes down Qakbot, steals operators' bitcoins ha ha Danish hosting provider completely destroyed in ransomware attack Sophisticated Russian cyber attack on Polish trains. Well. Not really. Microsoft revokes cert then revokes its revocation Much, much more! This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of cybersecurity strategy Ryan Kalember is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes US says it and partners have taken down notorious 'Qakbot' hacking network | Reuters Danish cloud host says customers ‘lost all data' after ransomware attack | TechCrunch VDP Platform 2022 Annual Report Showcases Platform's Success | CISA Proposed bill would require vulnerability disclosure policies for all federal contractors The Cheap Radio Hack That Disrupted Poland's Railway System | WIRED Two suspects arrested following Poland railway hack ‘Incredible concern and anger' among Metropolitan Police after hackers breach data New malware from North Korea's Lazarus used against healthcare industry North Korea's Lazarus hackers behind recent crypto heists: FBI US arrests Tornado Cash co-founder, sanctions another who remains at large Kroll Employee SIM-Swapped for Crypto Investor Data – Krebs on Security (2) Risky Biz News: WinRAR zero-day used to hack stock and crypto traders Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors | Ars Technica Renegade certificate removed from Windows. Then it returns. Microsoft stays silent. | Ars Technica Barracuda ESG zero-day exploit still under way after patches fail | Cybersecurity Dive Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) | Mandiant Unpacking the MOVEit Breach: Statistics and Analysis The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer Akira Ransomware Targeting VPNs without Multi-Factor Authentication - Cisco Blogs Ransomware attack dwell times fall, pressuring companies to quickly respond | Cybersecurity Dive British court convicts two teen Lapsus$ members of hacking tech firms Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. – Krebs on Security Apple security updates could be banned by British government

On this week's show Patrick Gray and Adam Boileau discuss the week's security news. They cover: The FBI takes down Qakbot, steals operators' bitcoins ha ha Danish hosting provider completely destroyed in ransomware attack Sophisticated Russian cyber attack on Polish trains. Well. Not really. Microsoft revokes cert then revokes its revocation Much, much more! This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of cybersecurity strategy Ryan Kalember is this week's sponsor guest. Links to everything that we discussed are below and you can follow Patrick or Adam on Mastodon if that's your thing. Show notes US says it and partners have taken down notorious 'Qakbot' hacking network | Reuters Danish cloud host says customers ‘lost all data' after ransomware attack | TechCrunch VDP Platform 2022 Annual Report Showcases Platform's Success | CISA Proposed bill would require vulnerability disclosure policies for all federal contractors The Cheap Radio Hack That Disrupted Poland's Railway System | WIRED Two suspects arrested following Poland railway hack ‘Incredible concern and anger' among Metropolitan Police after hackers breach data New malware from North Korea's Lazarus used against healthcare industry North Korea's Lazarus hackers behind recent crypto heists: FBI US arrests Tornado Cash co-founder, sanctions another who remains at large Kroll Employee SIM-Swapped for Crypto Investor Data – Krebs on Security (2) Risky Biz News: WinRAR zero-day used to hack stock and crypto traders Microsoft signing keys keep getting hijacked, to the delight of Chinese threat actors | Ars Technica Renegade certificate removed from Windows. Then it returns. Microsoft stays silent. | Ars Technica Barracuda ESG zero-day exploit still under way after patches fail | Cybersecurity Dive Diving Deep into UNC4841 Operations Following Barracuda ESG Zero-Day Remediation (CVE-2023-2868) | Mandiant Unpacking the MOVEit Breach: Statistics and Analysis The DEA Accidentally Sent $50,000 Of Seized Cryptocurrency To A Scammer Akira Ransomware Targeting VPNs without Multi-Factor Authentication - Cisco Blogs Ransomware attack dwell times fall, pressuring companies to quickly respond | Cybersecurity Dive British court convicts two teen Lapsus$ members of hacking tech firms Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders. – Krebs on Security Apple security updates could be banned by British government

This Soap Box edition of the podcast is sponsored by Proofpoint. Proofpoint offers email security and DLP products and services, and they're probably best known for being the biggest email security company on the planet. That means they process a LOT of emails in the hopes of throttling the number of malicious emails that organisations have to deal with, whether that's malware, phishing or BEC. So, with that in mind, what role could large language models play in email security? Now that the initial ChatGPT hype has died off a little, we spoke with Proofpoint's VP of cybersecurity strategy Ryan Kalember about large language models and how they're going to help defenders and attackers alike.

This Soap Box edition of the podcast is sponsored by Proofpoint. Proofpoint offers email security and DLP products and services, and they're probably best known for being the biggest email security company on the planet. That means they process a LOT of emails in the hopes of throttling the number of malicious emails that organisations have to deal with, whether that's malware, phishing or BEC. So, with that in mind, what role could large language models play in email security? Now that the initial ChatGPT hype has died off a little, we spoke with Proofpoint's VP of cybersecurity strategy Ryan Kalember about large language models and how they're going to help defenders and attackers alike.

In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint's acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive

In this sponsored podcast Patrick Gray and Ryan Kalember talk about Proofpoint's acquisition of Illusive, a company that started off in the “deception” space and then moved towards doing attack path analysis and management. Show notes Proofpoint Signs Definitive Agreement to Acquire Illusive

2022 continued long-standing cybersecurity risks — aligning with our expectations — alongside new harrowing threats. What does that mean for the new year, and what can we do to best prepare for new tricks in 2023? In this episode, Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint, joins us to shine a light on best practices for risk prevention, unpack present and potential threats, and more. Join us as we discuss: Potential pain points in cybersecurity for 2023 How security leaders should prepare for multiple challenges Top concerns for security leaders Register for our Power Series: https://go.proofpoint.com/powerseries#tab3

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: More Exchange 0days cause more havoc A look at some earlier Exchange hack incidents How the CIA got its agents killed with its truly awful online opsec Ex NSA staffer arrested for espionage Much, much more This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of cybersecurity strategy, joins the show this week to talk about some overlooked detection opportunities – some simple stuff you can look for in your environment that should raise gigantic flashing red flags. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Microsoft confirms two Exchange Server zero days are being used in cyberattacks - The Record by Recorded Future CISA: Multiple government hacking groups had ‘long-term' access to defense company - The Record by Recorded Future Mexican president confirms ‘Guacamaya' hack targeting regional militaries - The Record by Recorded Future Mexican journalists targeted by zero-click spyware infections - The Record by Recorded Future Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets Putin grants citizenship to Edward Snowden, who disclosed US eavesdropping - The Washington Post U.S. fails in bid to extradite Brit for helping North Korea evade sanctions with cryptocurrency - The Record by Recorded Future Bill Marczak on Twitter: "NEW REPORT today from @Reuters @JoelSchectman providing more detail about fatal flaws in the CIA's defunct communications network. Iran and China compromised the network in 2011, and killed dozens of CIA assets https://t.co/AwN8pQtWL2" / Twitter Numerous orgs hacked after installing weaponized open source apps | Ars Technica 'Poisoned' Tor Browser tracks Chinese users' online history, location Mystery Hackers Are ‘Hyperjacking' Targets for Insidious Spying | WIRED A Matrix Update Patches Serious End-to-End Encryption Flaws | WIRED LA officials confirm ransomware group leaked students' personal data - The Record by Recorded Future Nearly 700 ransomware incidents traced back to wholesale access markets: report - The Record by Recorded Future Semiconductor industry faced 8 attacks from ransomware groups, extortion gangs in 2022 - The Record by Recorded Future CISA directs federal agencies to track software and vulnerabilities - The Record by Recorded Future Fake CISO Profiles on LinkedIn Target Fortune 500s – Krebs on Security House Democrats debut new bill to limit US police use of facial recognition | TechCrunch EP000: Operation Aurora | HACKING GOOGLE - YouTube

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: More Exchange 0days cause more havoc A look at some earlier Exchange hack incidents How the CIA got its agents killed with its truly awful online opsec Ex NSA staffer arrested for espionage Much, much more This week's show is brought to you by Proofpoint. Ryan Kalember, Proofpoint's EVP of cybersecurity strategy, joins the show this week to talk about some overlooked detection opportunities – some simple stuff you can look for in your environment that should raise gigantic flashing red flags. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Microsoft confirms two Exchange Server zero days are being used in cyberattacks - The Record by Recorded Future CISA: Multiple government hacking groups had ‘long-term' access to defense company - The Record by Recorded Future Mexican president confirms ‘Guacamaya' hack targeting regional militaries - The Record by Recorded Future Mexican journalists targeted by zero-click spyware infections - The Record by Recorded Future Ex-NSA employee charged with violating Espionage Act, selling U.S. cyber secrets Putin grants citizenship to Edward Snowden, who disclosed US eavesdropping - The Washington Post U.S. fails in bid to extradite Brit for helping North Korea evade sanctions with cryptocurrency - The Record by Recorded Future Bill Marczak on Twitter: "NEW REPORT today from @Reuters @JoelSchectman providing more detail about fatal flaws in the CIA's defunct communications network. Iran and China compromised the network in 2011, and killed dozens of CIA assets https://t.co/AwN8pQtWL2" / Twitter Numerous orgs hacked after installing weaponized open source apps | Ars Technica 'Poisoned' Tor Browser tracks Chinese users' online history, location Mystery Hackers Are ‘Hyperjacking' Targets for Insidious Spying | WIRED A Matrix Update Patches Serious End-to-End Encryption Flaws | WIRED LA officials confirm ransomware group leaked students' personal data - The Record by Recorded Future Nearly 700 ransomware incidents traced back to wholesale access markets: report - The Record by Recorded Future Semiconductor industry faced 8 attacks from ransomware groups, extortion gangs in 2022 - The Record by Recorded Future CISA directs federal agencies to track software and vulnerabilities - The Record by Recorded Future Fake CISO Profiles on LinkedIn Target Fortune 500s – Krebs on Security House Democrats debut new bill to limit US police use of facial recognition | TechCrunch EP000: Operation Aurora | HACKING GOOGLE - YouTube

On this week's show Patrick Gray and guest cohost Dmitri Alperovitch discuss the week's security news, including: Why an American defence contractor acquiring NSO Group would be a nonproliferation win A look at Microsoft's botched macro measures iPhone's Lockdown Mode Ukraine goes big on Yubikeys Aerojet Rocketdyne pays millions over poor security controls, CISO whistleblower gets bag of cash Much, much more This week's show is sponsored by Proofpoint. Ryan Kalember, Proofpoint's Executive Vice President of Cybersecurity Strategy, joins us in this week's sponsor interview to talk about changes he's observed in the criminal ecosystem. Links to everything that we discussed are below and you can follow Patrick or Dmitri>Dmitri on Twitter if that's your thing. Show notes L3Harris drops bid for NSO spyware following U.S. concerns - The Washington Post Apple introduces 'Lockdown Mode' iPhone feature to block elite spyware Risky Biz News: Thousands of Yubikeys have been deployed in Ukraine, more to come PyPI repo to distribute 4,000 security keys to maintainers of ‘critical projects' in 2FA drive | The Daily Swig Microsoft makes major course reversal, allows Office to run untrusted macros [Updated] | Ars Technica Microsoft says decision to stop blocking Office VBA macros by default is ‘temporary' - The Record by Recorded Future Hacktivists claiming attack on Iranian steel facilities dump tranche of 'top secret documents' Rocket maker agrees to pay $9 million to settle allegations of cybersecurity violations - The Record by Recorded Future North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector | CISA North Korea is targeting hospitals with ransomware, U.S. agencies warn Medical debt collection firm says ransomware attack exposed info on 650+ healthcare orgs - The Record by Recorded Future French telecom company La Poste Mobile struggling to recover from ransomware attack - The Record by Recorded Future Cyberattack knocks out California community college email, website, landlines - The Record by Recorded Future OPM breach victims expected to receive about $700 each after class action settlement - The Record by Recorded Future Chinese Hackers Targeting Russian Government and Telcos DeFi Hacker Returns $8m Millions in Cryptocurrency Stolen in Phishing Attacks

A short podcast updating listeners on the security news of the last few days, as prepared and presented by Catalin Cimpanu. You can find the newsletter version of this podcast here. Today's podcast features an appearance from Ryan Kalember, Executive Vice-President for Cybersecurity Strategy at Proofpoint, this episode's sponsor. Show notes Risky Biz News: Google shuts down YouTube Russian propaganda channels

On this week's show Patrick Gray and Adam Boileau discuss the week's security news, including: Israel slashes number of countries it will export cyber tools to Interpol takes down 1,000 Internet fraudsters Ransomware crews lying low? When the tabloids do cyber the results are sometimes awesome Much, much more… This week's sponsor interview is with Ryan Kalember of Proofpoint. He's the EVP of Cybersecurity Strategy there and he's joining me this week to talk about how investment activity in cybersecurity is basically leaving everyone who isn't a mega enterprise behind. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes Israel restricts cyberweapons export list by two-thirds, from 102 to 37 countries - The Record by Recorded Future US sanctions 28 quantum computing entities in China, Russia, Pakistan, Japan - The Record by Recorded Future Months-long Interpol crackdown nets more than 1,000 online fraud arrests Ukrainian police expose international phone-hacking gang | The Daily Swig Group-IB helps Italian officials take down scammers selling COVID-19 docs via Telegram - The Record by Recorded Future Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny Russian hacker wanted by FBI for 'using ransomware to fleece millions of dollars' is unmasked | Daily Mail Online When Russia Helped the U.S. Nab Cybercriminals How the pandemic pulled Nigerian university students into cybercrime - The Record by Recorded Future A Hacking Spree Against Iran Spills Out Into the Physical World | WIRED China agency tells Tencent their apps have to be approved before they go live or update - The Record by Recorded Future Srsly Risky Biz: Thursday, November 25 - by Tom Uren Incident reporting, ransomware payment legislation faces trouble in Senate North Korean hackers posed as Samsung recruiters to target security researchers - The Record by Recorded Future FBI document shows what data can be obtained from encrypted messaging apps - The Record by Recorded Future AT&T takes action against DDoS botnet that hijacked VoIP servers - The Record by Recorded Future You Can Now Get $25 From Zoom Following a Class Action Settlement (3) Konstantin on Twitter: "Apparently, someone from r/antiwork is bombarding the internet with RAW TCP/IP printing requests. I'm going to tag this just for kicks. https://t.co/P0NC2dO6hx" / Twitter (3) Matthew Garrett on Twitter: "Someone is targeting network-attached receipt printers on the public internet and just printing copies of the r/antiwork manifesto and this is glorious" / Twitter Private 5G Mobile Networks – AWS Private 5G – Amazon Web Services

Once again, it is Cybersecurity awareness month and we'll be talking with Ryan Kalember about the latest threats and other activities he and Proofpoint have going on this month. When it comes to threats, some tactics aren't changing, though they're still effective. There are some notable shifts though: - Crews using Office 365 for lateral movement - FIN7 reborn - A sudden interest in exploits - Increased patience and increased focus on the individual as the key to an attack - SMB attacks look very different from large enterprise campaigns   This segment is sponsored by Proofpoint. Visit https://securityweekly.com/proofpoint to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw245

Once again, it is Cybersecurity awareness month and we'll be talking with Ryan Kalember about the latest threats and other activities he and Proofpoint have going on this month. When it comes to threats, some tactics aren't changing, though they're still effective. There are some notable shifts though: - Crews using Office 365 for lateral movement - FIN7 reborn - A sudden interest in exploits - Increased patience and increased focus on the individual as the key to an attack - SMB attacks look very different from large enterprise campaigns   This segment is sponsored by Proofpoint. Visit https://securityweekly.com/proofpoint to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw245

This week, we welcome Richard Reinders, Head of Security at Gravity Payments, to discuss Better Sales, Worse Relationships? In the next segment, we welcome Ryan Kalember, Executive Vice President, Cybersecurity Strategy at Proofpoint, to discuss Shifty Adversaries, Shifting Tactics! In the Enterprise News, Orca Security raises all the money, Privacy engineering firms hit their funding stride, McAfee and FireEye merge, but where's RSA's dance partner? Akamai acquires Guardicore, NetApp picks up CloudCheckr, SPDX becomes the ISO standard for SBOMs, & Facebook shares details on how they accidentally Thanos snapped themselves!   Show Notes: https://securityweekly.com/esw245 Visit https://securityweekly.com/proofpoint to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, we welcome Richard Reinders, Head of Security at Gravity Payments, to discuss Better Sales, Worse Relationships? In the next segment, we welcome Ryan Kalember, Executive Vice President, Cybersecurity Strategy at Proofpoint, to discuss Shifty Adversaries, Shifting Tactics! In the Enterprise News, Orca Security raises all the money, Privacy engineering firms hit their funding stride, McAfee and FireEye merge, but where's RSA's dance partner? Akamai acquires Guardicore, NetApp picks up CloudCheckr, SPDX becomes the ISO standard for SBOMs, & Facebook shares details on how they accidentally Thanos snapped themselves!   Show Notes: https://securityweekly.com/esw245 Visit https://securityweekly.com/proofpoint to learn more about them!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In this edition of the Soap Box podcast we'll be hearing from Ryan Kalember, the EVP of cybersecurity strategy at Proofpoint, a company best known for being an email filtering giant. Proofpoint's biggest challenger in that space is Microsoft, and if you've been paying attention you'd know that Microsoft is doing an absolutely massive push into the security space. It claims security is a $10bn revenue centre for the company, which is a bit of a screwy situation given a lot of the insecurity its security products mitigate is introduced through deficiencies in its core products. And, largely, that's what this interview is about – the screwy incentives that are driving Microsoft's decisionmaking. More emphasis on security product development, and less effort on securing its core products. Of course it's self-serving for Ryan and Proofpoint to give Microsoft a kicking, given Redmond is its primary competitor. But the thing is, Ryan makes some very good points. We talk about the incentives thing, and then we talk about why active directory is a trashfire and why the replication of the domain trust model in AzureAD is going to eventually bite us all in the ass. The circle of life, enterprise computing fail edition. Enjoy.

Five Minute Forecast for the week of August 16th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Most Americans think the government can't keep them safe from cyber attacks DarkSide still tapping Colonial Pipeline months after their initial breach A cryptocurrency thief steals a record haul before giving it all back Joining us is Ryan Kalember, Proofpoint's EVP, Cybersecurity Strategy, to discuss the latest developments in the ongoing ransomware crisis.    

All links and images for this episode can be found on CISO Series How is ransomware getting into your network? Is the path direct, like via email, or does it take a more circuitous route? Check out this post and this post for the basis for our conversation on this week's episode which features me, David Spark (@dspark), producer of CISO Series, co-host Steve Zalewski, and our sponsored guest Ryan Kalember (@rkalember), evp, cybersecurity strategy, Proofpoint. Thanks to our podcast sponsor, Proofpoint Sixty six percent of CISOs feel their organization is unprepared to handle a cyberattack and 58% consider human error to be their biggest cyber vulnerability. Proofpoint's 2021 Voice of the CISO report explores key challenges facing CISOs after an unprecedented twelve months. Get the report. In this episode: What role do email and phishing actually play? Has working from home really increased the threat? How dwell time has changed things Getting up to speed on sufficient backups  

Five Minute Forecast for the week of July 26th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. China denies involvement in cyber crime and points the finger at the United States Kaseya unlocks ransomed systems after getting its hands on an R-Evil decryption key More printer woes for Windows users as yet another vulnerability is discovered Joining us is Ryan Kalember, Proofpoint's Executive Vice President of Cyber Security Strategy, to discuss how cyber security has become a part of the global political conversation.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s security news, including: The latest news on the health system ransomware crisis in Ireland TSA to force pipeline operators to disclose attacks they probably aren’t detecting anyway Colonial paying ransom angers US congresspeople who really haven’t thought this through Iran targets Israeli systems with new wipers Israel targets Hamas systems with guided munitions that go bang Much, much more This week’s sponsor guest is Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint. He joins us to talk about how compromised o365 accounts are powering all sorts of threat actors right now – from ransomware operators to BEC crews and APT units, everyone loves a popped mailbox. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes U.S. didn’t hack DarkSide group that hacked Colonial Pipeline - The Washington Post Hear ye, DarkSide! This honorable ransomware court is now in session | Ars Technica Colonial Pipeline CEO to face questions from Congress on $4.4 million ransom payment TSA to issue cyber directive for pipeline operators following Colonial ransomware attack Irish officials warn of ongoing disruptions to health system, long recovery following ransomware incident (2) hakan on Twitter: "So, one hour ago CONTI apparently decided to provide HSE with a free decryption tool, as per their statement (see screenshot. https://t.co/lyIuBoN6XP" / Twitter Irish officials analyze decryption tool as long recovery process from ransomware continues FBI: Conti ransomware gang attacked more than 400 orgs, including 911 centers | The Record by Recorded Future Cyber insurance premiums rise as ransomware, hacks continue, GAO finds New Iranian threat actor targets Israel with wipers disguised as ransomware | The Record by Recorded Future Microsoft warns of malware campaign spreading a RAT masquerading as ransomware | The Record by Recorded Future Israel bombed two Hamas cyber targets | The Record by Recorded Future Israel Is a Cyber Superpower But Chooses Bombs to Fight Hackers in Gaza FSB NKTsKI: Foreign 'cyber mercenaries' breached Russian federal agencies | The Record by Recorded Future How Hydra, a Russian dark net market, made more than $1 billion in 2020 Air India says data breach impacts 4.5 million former passengers | The Record by Recorded Future The Full Story of the Stunning RSA Hack Can Finally Be Told | WIRED Nagios IT monitoring vulnerabilities chained to compromise telco customers en masse | The Daily Swig Open source ecosystem ripe for dependency confusion attacks, research finds | The Daily Swig DeepSloth: Researchers find denial-of-service equivalent against machine learning systems | The Daily Swig Chinese governments has warned 222 apps to remove data slurping code | The Record by Recorded Future Just a handful of Android apps exposed the data of more than 100 million users | The Record by Recorded Future Microsoft releases SimuLand, a lab environment to simulate attacker tradecraft | The Record by Recorded Future WordPress security: More than 600,000 sites hit by blind SQLi vulnerability in WP Statistics plugin | The Daily Swig Arm and Qualcomm zero-days quietly patched in this month's Android security updates | The Record by Recorded Future Vulnerability in VMware product has severity rating of 9.8 out of 10 | Ars Technica Apple fixes macOS zero-day abused by XCSSET malware | The Record by Recorded Future So long, Internet Explorer, and your decades of security bugs | TechCrunch Webinar Registration - Zoom

On this week’s show Patrick and Adam Boileau discuss the week’s security news, including: FireEye’s Very Bad Week Russian bears all up in your VMwares Chris Krebs sues Trump campaign Foxconn ransomware So much more Proofpoint’s Ryan Kalember is this week’s sponsor guest. He joins the show to talk about their rather different approach to DLP and insider threat detection. You may have noticed we don’t really talk about DLP a whole bunch on this show because it’s, well, really boring. But Proofpoint actually has an interesting approach to the problem that’s different enough to be interesting, so do stick around for that. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that’s your thing. Show notes U.S. cybersecurity firm FireEye discloses breach, theft of hacking tools | Reuters NSA warns of Russian state-sponsored hackers exploiting VMWare vulnerability | ZDNet Former CISA director Chris Krebs sues Trump campaign, lawyer after death threats Foxconn electronics giant hit by ransomware, $34 million ransom Ransomware attack may delay scheduled procedures at Baltimore-area medical center Ransomware attack cripples Vancouver public transportation agency | ZDNet Ransomware hits helicopter maker Kopter | ZDNet Ransomware gang Egregor publishes details from HR firm Randstand following hack Ransomware gangs are now cold-calling victims if they restore from backups without paying | ZDNet The Internet’s Most Notorious Botnet Has an Alarming New Trick | WIRED Hackers leak data from Embraer, world's third-largest airplane maker | ZDNet Data of 243 million Brazilians exposed online via website source code | ZDNet North Korean hackers ramp up coronavirus vaccine targeting Johnson & Johnson CISO: Healthcare orgs are seeing nation-state attacks every single minute of every single day | ZDNet Hackers Are Targeting the Covid-19 Vaccine ‘Cold Chain’ | WIRED Disputed bug in Microsoft Teams posed RCE risk, researcher warns | The Daily Swig iPhone zero-click Wi-Fi exploit is one of the most breathtaking hacks ever | Ars Technica Critical Flaws in Millions of IoT Devices May Never Get Fixed | WIRED 8% of all Google Play apps vulnerable to old security bug | ZDNet A Broken Piece of Internet Backbone Might Finally Get Fixed | WIRED Meet ODoH, where privacy means just not knowing anything BTC-e founder sentenced to five years in prison for laundering ransomware funds | ZDNet Hacker who sent information on US personnel to Islamic State is freed by judge Kazakhstan government is intercepting HTTPS traffic in its capital | ZDNet Dell announces new protections for its PC and server supply chain | ZDNet Massachusetts lawmakers vote to pass a statewide police ban on facial recognition | TechCrunch Account Hijacking Site OGUsers Hacked, Again — Krebs on Security Russian bears all up in your VMwares - Risky Business Hacker opens 2,732 PickPoint package lockers across Moscow | ZDNet

Would you pay the ransom?   There are 4,000+ ransomware attacks per day with $3.5Bn lost in just 2019.   Looks like the answer is Yes.   In our 6th episode to understand the mind of cybercriminals, your Protecting People hosts learn all about ransomware from Christopher Budd, Principal at Christopher Budd Security, and Ryan Kalember, EVP, Cybersecurity Strategy at Proofpoint.   What we talked about:   - What ransomware is & why people pay   - How to pay your ransomware attacker   - Professionalism among cybercriminals! Some have stopped attacking the healthcare industry during COVID-19   Find additional content and subscribe to Protecting People on Apple Podcasts, Spotify, or our website.

Cybersecurity has always evoked science fiction, but recent technological developments are pushing the boundary between imagination and reality. Looking into the future, what will you need to look for?With Shara Evans, Technology Futurist and Ryan Kalember, Executive Vice President of Cybersecurity Strategy at Proofpoint. See acast.com/privacy for privacy and opt-out information.

This edition of the Soap Box podcast is brought to you by Proofpoint. Today’s guest is Proofpoint’s EVP of Cybersecurity Strategy, Ryan Kalember, and the topic is business email compromise, or BEC. BEC is a big deal, generating billions of dollars in losses every year across basically all industry verticals and levels of government. Until recently, there haven’t been many technical controls that help to mitigate it. Trying to get on top of this issue is very much in Ryan Kalember’s job description. BEC is a diabolical problem, and as a company with a specialty in email security, Proofpoint is really expected to help clients get on top of it. In this conversation you’ll hear us talk a bunch about the problem and Proofpoint’s approach to trying to minimise BEC.

#ThisWeekinHealthIT Field Report with Ryan Kalember of Proofpoint we explore the most clickable phishing lure perhaps in history.

En los últimos años, tendencias como la transformación digital, la nube o simplemente la propia evolución de la sociedad están cambiando la forma de operar de los ciberatacantes, quienes cada vez enfocan sus ataques más hacia las personas que hacia la infraestructura, como estamos viendo recientemente con los ataques relacionados con el Covid-19. Esto requiere por tanto un nuevo paradigma, un nueva mentalidad en ciberseguridad. Para hablar de ello tenemos como invitado en este episodio a Ryan Kalember, Vicepresidente de Estrategia de Ciberseguridad en Proofpoint, empresa líder en servicios y productos de ciberseguridad.

Why would you do something hard when you could do something easy? That’s exactly what attackers are thinking.   99% of attacks rely on duping a human to run malicious code.   In this episode, we interview Ryan Kalember, EVP of Cybersecurity Strategy at Proofpoint, about why today’s attacks are about people, not infrastructure.   What we talked about:   - Social engineering is at the heart of over 99% of cyberattacks   - 26 billion cyberattacks are only a tiny fraction   - Industry focuses on technology while attackers focus on people Subscribe to Protecting People at Apple Podcasts, Spotify, or our website.

La neutralidad de la red ya se ha discutido de forma larga y tendida en los últimos meses y también años, pero por Oriente está llegando un nuevo internet. China ya tiene desplegada su propia red independiente de la usada de forma globalizada. La Historia ha demostrado a lo largo del tiempo que “los muros no van a traer éxito económico”. Nos lo cuenta Ryan Kalember de ProofPoint

FlawedAMMYY is a newly discovered remote access trojan (RAT) that’s been used in malicious email campaigns, as far back as 2016. Ryan Kalember is Senior Vice President of Cyber Security Strategy at Proofpoint, and he takes us through their research.  The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative.  

FlawedAMMYY is a newly discovered remote access trojan (RAT) that’s been used in malicious email campaigns, as far back as 2016. Ryan Kalember is Senior Vice President of Cyber Security Strategy at Proofpoint, and he takes us through their research. 

Proofpoint (https://www.proofpoint.com/us) and is a sought-out expert for media commentary on breaches and best practices for enterprises as well as consumers. He joined Proofpoint from WatchDox where he served as chief marketing officer and was responsible for successfully building and leading the marketing team through the company’s acquisition by Blackberry. Prior to WatchDox, Ryan was instrumental in running solutions across Hewlett-Packard’s portfolio of security products. He has also held a variety of marketing leadership positions at ArcSight and VeriSign including EMEA regional manager. Ryan received his bachelor's degree from Stanford University, where he studied fault tolerance, cryptography, and authentication algorithms. In this episode we discuss his start in cyber security, his transition to marketing and product management, the importance of communication skills, the changing role of the CISO, AI and machine learning, the malware research his team does, the spread of ransomware, and so much more. Where you can find Ryan: LinkedIn (https://www.linkedin.com/in/kalember/) Twitter (https://twitter.com/rkalember) Proofpoint Blog (https://www.proofpoint.com/us/corporate-blog)

Ryan Kalember is the SVP of Cybersecurity Strategy at Proofpoint and joins us to discuss the Proofpoint Q3 Threat Summary and their findings with regards to malware on iOS and Android. Read the complete show notes, comment or rate this episode, view pictures and obtain links from this episode at https://category5.tv/shows/technology/episode/476/ Running time: 1 Hour 11 Minutes 38 Seconds