Podcasts about sans technology institute

CISA braces for widespread staffing cuts. Russian hackers target a Western military mission in Ukraine. China acknowledges Volt Typhoon. The U.S. signs on to global spyware restrictions. A lab supporting Planned Parenthood confirms a data breach. Threat actors steal metadata from unsecured Amazon EC2 instances. A critical WordPress plugin vulnerability is under active exploitation. A new analysis details a critical unauthenticated remote code execution flaw affecting Ivanti products. Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, with his take on "Vibe Security." Does AI understand, and does that ultimately matter?  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Joining us today is Johannes Ullrich, Dean of Research at SANS Technology Institute, discussing "Vibe Security," similar to “Vibe Coding” where security teams overly rely on AI to do their job. Selected Reading Trump administration planning major workforce cuts at CISA (The Record) Cybersecurity industry falls silent as Trump turns ire on SentinelOne (Reuters) Russian hackers attack Western military mission using malicious drive (Bleeping Computer) China Admitted to US That It Conducted Volt Typhoon Attacks: Report (SecurityWeek) US to sign Pall Mall pact aimed at countering spyware abuses (The Record) US lab testing provider exposed health data of 1.6 million people (Bleeping Computer) Amazon EC2 instance metadata targeted in SSRF attacks (SC Media) Vulnerability in OttoKit WordPress Plugin Exploited in the Wild (SecurityWeek) Ivanti 0-day RCE Vulnerability Exploitation Details Disclosed (Cyber Security News) Experts Debate: Do AI Chatbots Truly Understand? (IEEE Spectrum) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A joint advisory labels Fast Flux a national security threat. Europol shuts down a major international CSAM platform. Oracle verifies a data breach. A new attack targets Apache Tomcat servers. The Hunters International group pivots away from ransomware. Hackers target Juniper routers using default credentials. A controversy erupts over a critical CrushFTP vulnerability.  Johannes Ullrich, Dean of Research at SANS Technology Institute unpacks Next.js.  Abracadabra, alakazam — poof! Your credentials are gone. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Johannes Ullrich, Dean of Research at SANS Technology Institute, is discussing Next.js and how similar problems have led to vulnerabilities recently. Selected Reading Fast Flux: A National Security Threat (CISA) Don't cut CISA personnel, House panel leaders say, as they plan legislation giving the agency more to do (CyberScoop) CSAM platform Kidflix shut down by international operation (The Record) AI Image Site GenNomis Exposed 47GB of Underage Deepfakes (Hackread) Oracle tells clients of second recent hack, log-in data stolen, Bloomberg News reports (Reuters) Hackers Exploiting Apache Tomcat Vulnerability to Steal SSH Credentials & Gain Server Control (Cyber Security News) Hunters International Ransomware Gang Rebranding, Shifting Focus (SecurityWeek) Hackers Actively Scanning for Juniper's Smart Router With Default Password (Cyber Security News) Details Emerge on CVE Controversy Around Exploited CrushFTP Vulnerability (SecurityWeek)  New Malware Attacking Magic Enthusiasts to Steal Login Credentials (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: ICS/OT Cybersecurity: Events, Networking, and Industry Discussions with Mike HolcombPub date: 2024-12-02Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by special guest  Mike Holcomb to discuss the intricate realm of Industrial Control Systems and Operational Technology (ICS/OT) cybersecurity. The episode also spotlights the upcoming event B Sides ICS, an open and community-centric conference set to run alongside the prestigious S4 conference in Tampa.   Mike Holcomb provides insights into the much-anticipated ticket sales for the event and underscores the importance of submitting papers or presentations by the end of the year. The discussion emphasizes the significance of expertise in OT, cyber, and enterprise operations for top-level management and how events like B Sides ICS and S4 promote networking, learning, and professional development.   Listeners will gain a deeper understanding of the origins of B Sides events, the excitement surrounding B Sides ICS, and the impactful discussions and innovations poised to shape the future of ICS/OT cybersecurity. Whether the audience comprises newcomers or seasoned professionals, this episode offers valuable takeaways for everyone.   Key Moments:    00:00 Educating and supporting ICS & OT cybersecurity communities. 04:28 Passionate about learning and sharing cybersecurity knowledge. 08:59 B Sides: Global community-focused conference events. 10:43 Bringing B-Sides to Greenville increased attendance. 16:29 Promote diverse perspectives in OT cybersecurity. 19:01 Active Directory challenges in IT-OT integration. 21:07 Active Directory simplifies system management, poses risks. 28:57 Lean on IT for the correct Active Directory setup. 31:52 Availability is crucial in an OT environment. 34:14 Integrating IT and OT for enhanced cybersecurity collaboration. 36:16 IT and OT integration needs improvement. 40:54 Exploring cybersecurity in ICSOT across various sectors.   About the guest :    Mike Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, one of the world's largest engineering, procurement, and construction companies. His current role provides him with the opportunity to work in securing some of the world's largest ICS/OT environments, from power plants and commuter rail to manufacturing facilities and refineries. He has his Masters degree in ICS/OT cybersecurity from the SANS Technology Institute. Additionally, he maintains cyber security and ICS/OT certifications such as the CISSP, GRID, GICSP, GCIP, GPEN, GCIH, ISA 62443, and more. He posts regularly on LinkedIn and YouTube to help others learn more about securing ICS/OT and critical infrastructure.   How to contact Mike:  Website : https://www.mikeholcomb.com/ Youtube :  https://www.youtube.com/@utilsec LinkedIn: https://www.linkedin.com/in/mikeholcomb/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In episode 108 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Ed Skoudis, CEO of Counter Hack Challenges and President of SANS Technology Institute. Together, they discuss the evolution of gaming and competition in cybersecurity and how these activities help to make the industry stronger.Here are some highlights from our episode:02:04. What goes into creating a game environment that attracts all kinds of skill levels04:43. A multi-disciplinary approach to creating a game environment16:14. How gaming and competition help to spot people with talent and potential23:32. The challenges of keeping pace with new technology32:03. The biggest challenges of putting a game environment together36:47. How to keep track of characters, situations, and story elements of a gameResourcesSANS Cyber RangesSANS Holiday Hack ChallengeEpisode 59: Probing the Modern Role of the PentestEpisode 95: AI Augmentation and Its Impact on Cyber DefenseLockBit 3.0 RaaS Gang Incorporates BlackMatter CapabilitiesIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

Enjoy this special encore episode, where we are joined by a High Performance Computing Systems Administrator at Brigham Young University. Billy Wilson tells his cybersecurity career story translating language skills to technical skills. According to Billy's employer, moving to a technical position at his alma mater occurred because Billy showed this potential and a thirst for learning. He is currently pursuing his master's degree from SANS Technology Institute for Information Security Engineering while working to secure BYU's data for their computationally-intensive research. Billy notes that not everyone has one overarching passion which gives him variety in his work. And, we thank Billy for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

Enjoy this special encore episode, where we are joined by a High Performance Computing Systems Administrator at Brigham Young University. Billy Wilson tells his cybersecurity career story translating language skills to technical skills. According to Billy's employer, moving to a technical position at his alma mater occurred because Billy showed this potential and a thirst for learning. He is currently pursuing his master's degree from SANS Technology Institute for Information Security Engineering while working to secure BYU's data for their computationally-intensive research. Billy notes that not everyone has one overarching passion which gives him variety in his work. And, we thank Billy for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices

A new OpenSSH vulnerability affects Linux systems. The Supreme Court sends social media censorship cases back to the lower courts. Chinese hackers exploit a new Cisco zero-day. HubSpot investigates unauthorized access to customer accounts. Japanese media giant Kadokawa confirmed data leaks from a ransomware attack. FakeBat is a popular malware loader. Volcano Demon is a hot new ransomware group. Google launches a KVM hypervisor bug bounty program.  Johannes Ullrich from SANS Technology Institute discusses defending against API attacks. Goodnight, Sleep Tight, Don't Let the Hackers Byte! Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Guest is Johannes Ullrich from SANS Technology Institute talking about defending against attacks affecting APIs and dangerous new attack techniques you need to know about. This conversation is based on Johannes' presentations at the 2024 RSA Conference. You can learn more about them here:  Attack and Defend: How to Defend Against Three Attacks Affecting APIs The Five Most Dangerous New Attack Techniques You Need to Know About Selected Reading New regreSSHion OpenSSH RCE bug gives root on Linux servers (Bleeping Computer) US Supreme Court sidesteps dispute on state laws regulating social media (Reuters) China's ‘Velvet Ant' hackers caught exploiting new zero-day in Cisco devices (The Record) HubSpot accounts breach under investigation (SC Media) Japanese anime and gaming giant admits data leak following ransomware attack (The Record) Exposing FakeBat loader: distribution methods and adversary infrastructure (Sekoia.io blog) Halcyon Identifies New Ransomware Operator Volcano Demon Serving Up LukaLocker (Halcyon) Google launches Bug Bounty Program for KVM Hypervisor (Stack Diary) How to Get Root Access to Your Sleep Number Bed (Dillan Mills) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, Ryan Williams Sr. interviews Delisha Hodo, the Assistant Director of Advising at the SANS Technology Institute. They discuss various initiatives and opportunities in the cybersecurity field, including the reopening of the SANS Cyber Academies, the Women's Cyber Academy, and the Diversity Cyber Academy. Delisha provides advice for individuals looking to enter the cybersecurity field, emphasizing the importance of hands-on experience, networking, and taking advantage of free resources. They also discuss the use of AI tools like BARD and Gemini for creating thumbnails and show descriptions. Overall, the conversation highlights the need for diversity and inclusion in cybersecurity and the importance of continuous learning and professional development. In this conversation, Ryan and Delisha discuss the importance of diverse backgrounds in cybersecurity and the value of soft skills. They emphasize that a degree in computer science is not necessary to break into the field and highlight the need for individuals with backgrounds in theater, music, therapy, and other non-traditional fields. They also stress the importance of emotional intelligence and the ability to communicate and motivate others. Delisha shares advice on how to provide mentorship and support to those trying to enter the field, including reaching out to organizations and individuals on LinkedIn. They also discuss their personal interests and ways they unwind, such as taking walks, reading books, and watching movies. They end the conversation by encouraging listeners to check out the SANS Institute and various cybersecurity communities, and to support each other in the field. Please LISTEN

Guests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrichAt RSAC | https://www.rsaconference.com/experts/johannes-ullrich____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this new episode of the On Location Podcast with Sean and Marco, listeners were treated to an in-depth preview of the RSA Conference SANS Keynote, featuring engaging dialogues with industry luminaries Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich. Each brought to the fore their unique perspectives and expertise, providing a fascinating glimpse into the current state and future direction of cybersecurity.Ed Skoudis, President of the SANS Technology Institute College, stands at the forefront of cybersecurity education, guiding the future of the field through his leadership and vision. As moderator of the RSA Conference keynote panel, Skoudis emphasized the panel's history and its focus on burgeoning cybersecurity threats and innovations. His dual role as a SANS fellow and the founder of CounterHack challenges underscores a commitment to practical, real-world applications of cybersecurity knowledge.Heather Mahalik Barnhart brings a wealth of experience as the Curriculum Lead at SANS and a Senior Director of Community Engagement at Celebrite. Her expertise in mobile threats and digital intelligence is pivotal in an era where mobile devices are ubiquitous. Barnhart's focus on the escalation of mobile security threats underscores the critical need for continuous vigilance and advanced protective measures in cybersecurity practices.Johannes Ullrich, Dean of Research for the SANS Technology Institute College, brings his profound insights into web application security to the discussion. His leadership at the Internet Storm Center provides him with a unique vantage point on the latest cyber threats and defensive strategies. Ullrich's work exemplifies the essential nature of forward-looking research in developing effective cybersecurity defenses.The conversation highlights not just individual achievements but also the collective effort of the panel to address current cyber threats while preparing for future challenges. The keynote panelists discussed their approach to selecting topics that not only resonate with current issues but also anticipate future threats. This proactive approach is a testament to their deep understanding of the cybersecurity landscape and their commitment to equipping professionals with the knowledge to stay one step ahead.Terrence Williams, a new addition to the panel and a notable figure in cloud security from Amazon, and Steve Sims, an authority on offensive security curriculum at SANS, were also mentioned as key contributors to the upcoming keynote session. Their inclusion promises to bring fresh insights and a broader perspective to the discussions, enriching the discourse on cybersecurity's most pressing and complex issues.Key Questions AddressedHow does SANS choose the five topics for the RSA Conference SANS Keynote?What are the key cybersecurity trends and threats for the future?How can individuals and organizations mitigate these identified threats?Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guests: Ed Skoudis, President at SANS Technology Institute [@SANS_EDU]On LinkedIn | https://www.linkedin.com/in/edskoudis/At RSAC | https://www.rsaconference.com/experts/ed-skoudisHeather Mahalik Barnhart, Faculty Fellow & DFIR Curriculum Lead at SANS, Sr Dir of Community Engagement at Cellebrite [@Cellebrite]On LinkedIn | https://www.linkedin.com/in/heather-mahalik-cellebrite/On Twitter | https://twitter.com/HeatherMahalikAt RSAC | https://www.rsaconference.com/experts/heather-mahalikJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrichAt RSAC | https://www.rsaconference.com/experts/johannes-ullrich____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this new episode of the On Location Podcast with Sean and Marco, listeners were treated to an in-depth preview of the RSA Conference SANS Keynote, featuring engaging dialogues with industry luminaries Ed Skoudis, Heather Mahalik Barnhart, and Johannes Ullrich. Each brought to the fore their unique perspectives and expertise, providing a fascinating glimpse into the current state and future direction of cybersecurity.Ed Skoudis, President of the SANS Technology Institute College, stands at the forefront of cybersecurity education, guiding the future of the field through his leadership and vision. As moderator of the RSA Conference keynote panel, Skoudis emphasized the panel's history and its focus on burgeoning cybersecurity threats and innovations. His dual role as a SANS fellow and the founder of CounterHack challenges underscores a commitment to practical, real-world applications of cybersecurity knowledge.Heather Mahalik Barnhart brings a wealth of experience as the Curriculum Lead at SANS and a Senior Director of Community Engagement at Celebrite. Her expertise in mobile threats and digital intelligence is pivotal in an era where mobile devices are ubiquitous. Barnhart's focus on the escalation of mobile security threats underscores the critical need for continuous vigilance and advanced protective measures in cybersecurity practices.Johannes Ullrich, Dean of Research for the SANS Technology Institute College, brings his profound insights into web application security to the discussion. His leadership at the Internet Storm Center provides him with a unique vantage point on the latest cyber threats and defensive strategies. Ullrich's work exemplifies the essential nature of forward-looking research in developing effective cybersecurity defenses.The conversation highlights not just individual achievements but also the collective effort of the panel to address current cyber threats while preparing for future challenges. The keynote panelists discussed their approach to selecting topics that not only resonate with current issues but also anticipate future threats. This proactive approach is a testament to their deep understanding of the cybersecurity landscape and their commitment to equipping professionals with the knowledge to stay one step ahead.Terrence Williams, a new addition to the panel and a notable figure in cloud security from Amazon, and Steve Sims, an authority on offensive security curriculum at SANS, were also mentioned as key contributors to the upcoming keynote session. Their inclusion promises to bring fresh insights and a broader perspective to the discussions, enriching the discourse on cybersecurity's most pressing and complex issues.Key Questions AddressedHow does SANS choose the five topics for the RSA Conference SANS Keynote?What are the key cybersecurity trends and threats for the future?How can individuals and organizations mitigate these identified threats?Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Johannes Ullrich, dean of research at the SANS Technology Institute, offers healthcare CISOs, CIOs and other security leaders advice on how best to protect their organizations from the vulnerabilities that lie within web apps.

We promise a roller coaster of a ride as we invite the IT industry stalwart, Scott Moore, for an exhilarating exchange of talk and thoughts. Kick back, grab a drink, and join us as we jump from the world of non-alcoholic beers to the unending expanse of IT, exploring Scott's impressive 30-year journey! Sharing his unique Guinness and Samuel Adams concoction, Scott sets the stage for a fascinating voyage through his career - right from performance and load testing to his experiences with Deloitte. Be prepared to take on some industry truths, as he shares his insights on the ever-changing security landscape and the rise of SRE roles. Fasten your seat belts as we then catapult into the world of cybersecurity, shedding light on the challenges that plague the industry. From disorganized processes to the need for scalability and training, and the frequent ego clashes, we cover it all. We also spotlight the SANS Technology Institute as a top resource for cybersecurity education and certifications. But hold on, the journey isn't over yet! We switch gears and bring you the mellifluous world of 80s heavy metal, bantering about our favorite bands and discussing the technicalities of audio production. Wrapping up our exhilarating ride, we land into a light-hearted conversation about the impact of drinking after donating blood and maintaining a healthy diet. Scott's personal anecdote adds a touch of humor and relatability to our discussion. This episode truly brings you a mixed bag - an enticing blend of IT, beers, 80s metal, and even salad! So, hit play and join us as we traverse through an array of subjects, each equally enthralling and filled with insights. Trust us; this is an episode you wouldn't want to miss!Hosts:Fortify 24x7 - https://fortify24x7.comFluency Security - https://fluencysecurity.comBeers & Bytes Web - https://beersandbytespodcast.comBeers & Bytes Official Links - https://linktr.ee/beersandbytesBeers from this episode:Guinness 0 - https://www.guinness.com/en/beers/guinness-zeroSamul Adams Just the Haze - https://www.samueladams.com/our-beers/originals/non-alcoholic/just-the-hazeVasen Norse Double IPA - https://www.vasenbrewing.com/Laganitus Tiki Fusion Zombie - https://lagunitas.com/beer/tiki-fusion-zombie/Support the show

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Michael Holcomb: The Journey from IT to OT and Strengthening IT-OT PartnershipPub date: 2023-11-16About Michael Holcomb: Michael Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, a prominent engineering, procurement, and construction company. In his current role, he focuses on securing vast ICS/OT environments, ranging from power plants and commuter rail to manufacturing facilities and refineries. Currently pursuing his Master's thesis on Programmable Logic Controllers' attack surface with the SANS Technology Institute, he holds multiple cyber security and ICS/OT certifications like CISSP, GRID, GICSP, GCIP, GPEN, GCIH, and ISA 62443. Beyond his professional endeavors, he founded the UpstateSC ISSA Chapter and BSides Greenville conference, and authored and taught cyber security courses at Greenville Technical College, earning him the CyberSC's MG Lester D. Eisner Award for Cyber Excellence in Leadership for South Carolina in 2023. In this episode, Aaron and Michael Holcomb discuss:○ Closing the IT-OT skills gap in cybersecurity○ Navigating the path to cybersecurity expertise○ The intersection of OT cybersecurity and networking○ The evolving landscape of OT cybersecurity Key Takeaways:○ Bridging the gap between IT professionals learning to think like engineers and OT specialists embracing cybersecurity not only enhances collaboration but also strengthens our ability to secure critical infrastructures, a journey that demands time, dedication, and a shared commitment to a safer digital future.○ Embracing a multidisciplinary approach and fostering collaboration between IT and OT professionals, along with hands-on experience and continuous learning, is the key to breaking into the rapidly evolving field of cybersecurity, transforming passion and knowledge into practical expertise.○ Mastering networking fundamentals is the key to bridging the gap between IT and engineering, enabling the design of resilient systems that prevent costly operational disruptions, and emphasizing the need for continuous learning and collaboration in this dynamic field.○ The integration of IT technologies into OT without adequate expertise has led to vulnerabilities; expecting OT professionals to handle cybersecurity is akin to asking a plumber to do electrical work. While progress is being made, the industry must prepare for a potentially catastrophic event to truly acknowledge the importance of cybersecurity in OT. "One of the things that's sad to me about the OT cybersecurity industry, and this even goes for folks that are new to the industry and even some of the old players that have been out there for 20, 30, maybe 40 years plus, is that there's still, in some respects, not a lot of concern around what it's going to take for people to take cybersecurity and OT seriously. And so there's going to be that event one day, where people are going to die, right? That is going to finally force people to take cybersecurity and OT seriously." — Michael Holcomb Connect with Michael Holcomb: Email: michael.holcomb@fluor.comWebsite: www.fluor.comLinkedIn: www.linkedin.com/in/mikeholcombYouTube: https://www.youtube.com/@utilsec Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120 Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Michael Holcomb: The Journey from IT to OT and Strengthening IT-OT PartnershipPub date: 2023-11-16About Michael Holcomb: Michael Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, a prominent engineering, procurement, and construction company. In his current role, he focuses on securing vast ICS/OT environments, ranging from power plants and commuter rail to manufacturing facilities and refineries. Currently pursuing his Master's thesis on Programmable Logic Controllers' attack surface with the SANS Technology Institute, he holds multiple cyber security and ICS/OT certifications like CISSP, GRID, GICSP, GCIP, GPEN, GCIH, and ISA 62443. Beyond his professional endeavors, he founded the UpstateSC ISSA Chapter and BSides Greenville conference, and authored and taught cyber security courses at Greenville Technical College, earning him the CyberSC's MG Lester D. Eisner Award for Cyber Excellence in Leadership for South Carolina in 2023. In this episode, Aaron and Michael Holcomb discuss:○ Closing the IT-OT skills gap in cybersecurity○ Navigating the path to cybersecurity expertise○ The intersection of OT cybersecurity and networking○ The evolving landscape of OT cybersecurity Key Takeaways:○ Bridging the gap between IT professionals learning to think like engineers and OT specialists embracing cybersecurity not only enhances collaboration but also strengthens our ability to secure critical infrastructures, a journey that demands time, dedication, and a shared commitment to a safer digital future.○ Embracing a multidisciplinary approach and fostering collaboration between IT and OT professionals, along with hands-on experience and continuous learning, is the key to breaking into the rapidly evolving field of cybersecurity, transforming passion and knowledge into practical expertise.○ Mastering networking fundamentals is the key to bridging the gap between IT and engineering, enabling the design of resilient systems that prevent costly operational disruptions, and emphasizing the need for continuous learning and collaboration in this dynamic field.○ The integration of IT technologies into OT without adequate expertise has led to vulnerabilities; expecting OT professionals to handle cybersecurity is akin to asking a plumber to do electrical work. While progress is being made, the industry must prepare for a potentially catastrophic event to truly acknowledge the importance of cybersecurity in OT. "One of the things that's sad to me about the OT cybersecurity industry, and this even goes for folks that are new to the industry and even some of the old players that have been out there for 20, 30, maybe 40 years plus, is that there's still, in some respects, not a lot of concern around what it's going to take for people to take cybersecurity and OT seriously. And so there's going to be that event one day, where people are going to die, right? That is going to finally force people to take cybersecurity and OT seriously." — Michael Holcomb Connect with Michael Holcomb: Email: michael.holcomb@fluor.comWebsite: www.fluor.comLinkedIn: www.linkedin.com/in/mikeholcombYouTube: https://www.youtube.com/@utilsec Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120 Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

About Michael Holcomb: Michael Holcomb is the Fellow of Cybersecurity and the ICS/OT Cybersecurity Global Lead for Fluor, a prominent engineering, procurement, and construction company. In his current role, he focuses on securing vast ICS/OT environments, ranging from power plants and commuter rail to manufacturing facilities and refineries. Currently pursuing his Master's thesis on Programmable Logic Controllers' attack surface with the SANS Technology Institute, he holds multiple cyber security and ICS/OT certifications like CISSP, GRID, GICSP, GCIP, GPEN, GCIH, and ISA 62443. Beyond his professional endeavors, he founded the UpstateSC ISSA Chapter and BSides Greenville conference, and authored and taught cyber security courses at Greenville Technical College, earning him the CyberSC's MG Lester D. Eisner Award for Cyber Excellence in Leadership for South Carolina in 2023. In this episode, Aaron and Michael Holcomb discuss:○ Closing the IT-OT skills gap in cybersecurity○ Navigating the path to cybersecurity expertise○ The intersection of OT cybersecurity and networking○ The evolving landscape of OT cybersecurity Key Takeaways:○ Bridging the gap between IT professionals learning to think like engineers and OT specialists embracing cybersecurity not only enhances collaboration but also strengthens our ability to secure critical infrastructures, a journey that demands time, dedication, and a shared commitment to a safer digital future.○ Embracing a multidisciplinary approach and fostering collaboration between IT and OT professionals, along with hands-on experience and continuous learning, is the key to breaking into the rapidly evolving field of cybersecurity, transforming passion and knowledge into practical expertise.○ Mastering networking fundamentals is the key to bridging the gap between IT and engineering, enabling the design of resilient systems that prevent costly operational disruptions, and emphasizing the need for continuous learning and collaboration in this dynamic field.○ The integration of IT technologies into OT without adequate expertise has led to vulnerabilities; expecting OT professionals to handle cybersecurity is akin to asking a plumber to do electrical work. While progress is being made, the industry must prepare for a potentially catastrophic event to truly acknowledge the importance of cybersecurity in OT. "One of the things that's sad to me about the OT cybersecurity industry, and this even goes for folks that are new to the industry and even some of the old players that have been out there for 20, 30, maybe 40 years plus, is that there's still, in some respects, not a lot of concern around what it's going to take for people to take cybersecurity and OT seriously. And so there's going to be that event one day, where people are going to die, right? That is going to finally force people to take cybersecurity and OT seriously." — Michael Holcomb Connect with Michael Holcomb: Email: michael.holcomb@fluor.comWebsite: www.fluor.comLinkedIn: www.linkedin.com/in/mikeholcombYouTube: https://www.youtube.com/@utilsec Connect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120 Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

This week on Ask A CISSP, we have an interview with Delisha Hodo, Assistant Director of Advising at SANS Technology Institute. In this very informative episode, we'll learn Delisha's extraordinary cybersecurity "origin story" and discuss the pathways her and SANS have created to bring more people of color, woman, veterans, young adults, and HBCU students and alumni into the field of cybersecurity. Don't miss out! Please LISTEN

We're back for the first episode of Season 10! In this Behind the Cyber News episode we kick off with a look into the United Nations Cyber Crime Treaty and its implications on global law enforcement. We then review the Top 5 Most Dangerous cyberattacks for 2023 as announced by the SANS Technology Institute at the RSA Conference, we then move back to local headlines with the Federal Government and Minister Clare O'Neil warning that Australia faces a ‘dystopian' future of cyber attacks targeting the fabric of our society. We then wrap up of the latest breaches and vulnerabilities to make the headlines. Check out some of out latest articles: This month in security: April 2023 Zero trust's pitfalls – and how to sidestep them Collaboration tools, essential but risky Paying the bill: will SBOM save the software supply chain? Or subscribe to our free monthly newsletter!

Guests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.____________________________ResourcesSession | The Five Most Dangerous New Attack Techniques: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20TechniquesInternet Storm Center Diaries: https://isc.sans.edu/Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Guests: Katie Nickels, Certified Instructor and Director of Intelligence Operations at SANS Institute [@sansforensics] and Red Canary [@redcanary]On LinkedIn | https://www.linkedin.com/in/katie-nickels/On Twitter | https://twitter.com/likethecoinsOn Mastodon | https://infosec.exchange/@likethecoinsJohannes Ullrich, Dean of Research at SANS Technology Institute [@sansforensics]On LinkedIn | https://www.linkedin.com/in/johannesullrich/On Twitter | https://twitter.com/sans_iscOn Mastodon | https://infosec.exchange/@jullrich____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this new RSA Conference Coverage podcast episode with ITSPmagazine, cybersecurity experts and SANS instructors, Katie Nickels and Johannes Ullrich, delve into the "Five Most Dangerous New Attack Techniques" panel, a discussion they've been part of for the past few years. They shed light on how they identify these top techniques by examining their increasing prevalence and potential impact. Joined by an outstanding panel of experts, including Heather Mahalik, a mobile technology specialist, and Steve Sims, an offensive security guru, they offer unique insights from different sides of the industry while also highlighting the importance of practical, hands-on advice and defense strategies against these threats.The panel emphasizes the importance of practical, hands-on advice and defense strategies to combat these emerging threats. Furthermore, Johannes shares valuable information about the Internet Storm Center's role in monitoring attacks and disseminating knowledge within the cybersecurity community.Tune in to this must-listen episode for a sneak peek of the latest attack techniques, evolving defense mechanisms, and the collaborative efforts of the cybersecurity community that will be presented during the panel so you can stay one step ahead of the attackers.Don't forget to share and subscribe to ITSPmagazine's RSA Conference Coverage to keep up with the latest trends in technology and cybersecurity.____________________________ResourcesSession | The Five Most Dangerous New Attack Techniques: https://www.rsaconference.com/USA/agenda/session/The%20Five%20Most%20Dangerous%20New%20Attack%20TechniquesInternet Storm Center Diaries: https://isc.sans.edu/Learn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

It seems that Fancy Bear may be interested in Log4shell after all. CISA issues Emergency Directive 22-02, which addressed Log4j. Huawei's reputation as a security risk may be traceable to a 2012 incident in an Australian telco's networks. Tropic Trooper is back, and interested in transportation. Meta kicks out seven “cyber mercenary” surveillance outfits. PseudoManusrypt looks curiously indiscriminate. Johannes Ullrich from SANS Technology Institute on making the great Chinese firewall work for you. Our guest is Terry Halvorsen from IBM on next-gen cybersecurity efforts to fix the cybersecurity inequity. And the US Commission on International Religious Freedom is reportedly hacked. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/241

Chances are, you know Ed. Ed Skoudis is founder of the SANS Institute's Penetration Testing Curriculum and creator of SANS NetWars, CyberCity, and the Holiday Hack Challenge. Learn more about the upcoming SANS Holiday Hack Challenge at https://www.sans.org/mlp/holiday-hack-challenge/. Disclaimer: The views expressed by the hosts and guests are their own and their participation on the podcast does not imply an endorsement of them or any entity they represent.

Someone is phishing for Russian rocketeers. The Port of Houston discloses a cyberattack, which the Port says it deflected before it had operational consequences. Ransomware gangs are up and active, and the US is considering mandatory reporting by victims as a defensive policy. Pegasus spyware is said to have been found in the phones of five French government ministers. Johannes Ullrich from the SANS Technology Institute on Attackers Hunting for Environment Variables. Our guest is Graeme Bunton of DNS Abuse Institute. And Huawei's Meng Wanzhou may soon be headed home from Vancouver. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/185

High Performance Computing Systems Administrator at Brigham Young University Billy Wilson tells his cybersecurity career story translating language skills to technical skills. According to Billy's employer, moving to a technical position at his alma mater occurred because Billy showed this potential and a thirst for learning. He is currently pursuing his master's degree from SANS Technology Institute for Information Security Engineering while working to secure BYU's data for their computationally-intensive research. Billy notes that not everyone has one overarching passion which gives him variety in his work. And, we thank Billy for sharing his story with us.

High Performance Computing Systems Administrator at Brigham Young University Billy Wilson tells his cybersecurity career story translating language skills to technical skills. According to Billy's employer, moving to a technical position at his alma mater occurred because Billy showed this potential and a thirst for learning. He is currently pursuing his master's degree from SANS Technology Institute for Information Security Engineering while working to secure BYU's data for their computationally-intensive research. Billy notes that not everyone has one overarching passion which gives him variety in his work. And, we thank Billy for sharing his story with us.

Is there such a thing as an ethical hacker? Do all hackers use their skills to attack infrastructures? If you’re interested in ethical hacking and penetration testing, this is the episode for you.  Today’s guest is Ed Skoudis. Ed has taught upwards of 20,000 security professionals globally and his contributions to information security have had an immense impact on the community. His courses distill the essence of real world frontline case studies he accumulates, because he is consistently one of the first authorities brought in to provide post-attack analysis on major breeches. He’s not just an expert in the field, he’s created many of the founding methodologies empowered by governments and organizations around the world to test and secure their infrastructures. Ed is the founder of the SANS Penetration Testing Curriculum and Counter Hack; leads the team that builds NetWars, Holiday Hack, and CyberCity; and serves on the Board of Directors for the SANS Technology Institute. A consummate presenter, Ed is a keynote speaker appearing internationally at conferences, and is an Advisory Board member for RSA. Show Notes: [1:14] - Ed introduces himself as a penetration tester and hacker. He does expert witness work on large scale breeches and incident response. [1:37] - He started this path as hacking for phone companies. He explains how he started and why he was hired. [3:55] - Ed describes what penetration testing (or pen testing) is. It is when he models the techniques used by real world attackers and then apply them in structured fashion to help protect companies from future attacks. [4:53] - Pen tests can be used by an organization for a specific reason or can be done as a “check-up” to make sure everything is okay. [5:40] - Zero Day is researching vulnerabilities that aren’t known yet. It is called Zero Day because it has been known for zero days. [6:18] - Ed never believed the cybersecurity industry would be as huge as it is today and explains some of the more recent issues we’ve been seeing through Covid. [7:52] - Security is now a part of the process and is becoming less of an afterthought. Ed shares this idea long-term, but sees the same vulnerabilities repeatedly. [8:49] - There is no such thing as 100% safe and secure. The goal is to raise the bar to make things more difficult for an attacker. [9:31] - With ransomware, attackers have figured out a really reliable way to get paid for their malware. [10:08] - Ransomware is a real problem and have even attacked hospitals and local governments. [12:37] - There is so much that we do that leaves us vulnerable. [13:29] - One major piece of advice that Ed gives in regards to general consumer security is to keep all of your devices patched and updated. [14:18] - Another area to be aware of is always spear phishing. Don’t click unless you are confident in the link. [15:19] - Ed has a separate computer that is separate and independent that he only uses for financial transactions.  [17:17] - Chris and Ed discuss routers that consumers buy from their ISP. [19:01] - Ed shares how “Live Off the Land” attacks work by using what is already installed on a computer. These are harder to detect. [20:18] - With ransomware, organizations have to think about what is best for the business. Is it better to give the attacker the money or spend the time and money to fix the problem? [22:27] - The dominant trend in technology today is cloud storage. [24:18] - Ed describes how this works and some of the various problems associated with it. [25:39] - The US Army, Tesla, and Uber are a few organizations that have lost data to this common vulnerability. [26:10] - Ed describes the Holiday Hack Challenge and the fun way he has modeled this problem to educate users. [28:03] - Although there are some security risks if not managed properly, Ed shares that cloud data storage is a very cost effective option for small to medium sized businesses. [29:24] - Most organizations use multiple cloud services. Cloud migration is good if a different service is necessary, but the previous cloud service is left alone and vulnerable. [31:01] - The Holiday Hack Challenge is a free educational event that Ed and his team have created to solve cybersecurity challenges. This is a worldwide event. [34:02] - The Holiday Hack Challenge is something that some people participate in with their kids due to the video game aspect. There is also a social aspect to it with the chat feature. [35:29] - Not only is the Holiday Hack Challenge free, but all of the past challenges are free and accessible to play. This can build your skills. [36:30] - Chris asks if Holiday Hack Challenge has ever been compromised. Ed admits that there are three people who have hacked their way in as players, but there were no purposeful attacks. [39:43] - Ed admits that he sees the world through the eyes of an ethical hacker because he likes to explore and see what’s beyond the edges.  [40:48] - Chris and Ed discuss Bug Bounty Programs and can be useful. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest SANS Web Page Counter Hack Web Page Ed Skoudis on Twitter 2020 Holiday Hack Challenge

“Cyberbunker” refers to a criminal group that operated a “bulletproof” hosting facility out of an actual military bunker. “Bullet Proof” hosting usually refers to hosting locations in countries with little or corrupt law enforcement, making shutting down criminal activity difficult. Cyberbunker, which is also known as “ZYZtm” and “Calibour”, was a bit different in that it actually operated out of a bulletproof bunker. In September of last year, German police raided this actual Cyberbunker and arrested several suspects. While most of the group's assets were seized during the initial raid, the IP address space remained and was later sold to Legaco Networks. Before being shut down, Legaco Networks temporarily redirected the traffic to the SANS Internet Storm Center honeypots for examination. Joining us on this week's Research Saturday from SANS Technology Institute is graduate student Karim Lalji and Dean of Research Johannes Ullrich to discuss their experiences.  The research and blog post can be found here:  Real-Time Honeypot Forensic Investigation on a German Organized Crime Network Cyberbunker 2.0: Analysis of the Remnants of a Bullet Proof Hosting Provider

“Cyberbunker” refers to a criminal group that operated a “bulletproof” hosting facility out of an actual military bunker. “Bullet Proof” hosting usually refers to hosting locations in countries with little or corrupt law enforcement, making shutting down criminal activity difficult. Cyberbunker, which is also known as “ZYZtm” and “Calibour”, was a bit different in that it actually operated out of a bulletproof bunker. In September of last year, German police raided this actual Cyberbunker and arrested several suspects. While most of the group's assets were seized during the initial raid, the IP address space remained and was later sold to Legaco Networks. Before being shut down, Legaco Networks temporarily redirected the traffic to the SANS Internet Storm Center honeypots for examination. Joining us on this week's Research Saturday from SANS Technology Institute is graduate student Karim Lalji and Dean of Research Johannes Ullrich to discuss their experiences.  The research and blog post can be found here:  Real-Time Honeypot Forensic Investigation on a German Organized Crime Network Cyberbunker 2.0: Analysis of the Remnants of a Bullet Proof Hosting Provider

The US off-off-year elections seem to have gone off largely free of interference, but officials caution that major foreign influence campaigns can be expected in 2020. Three former Twitter employees are charged with spying for Saudi Arabia. The website defacement campaign in Georgia remains unattributed. Google boots seven adware droppers from the Play Store. Phishers are using web analytics for better hauls. And nation-states are targeting unpatched Confluence. Johannes Ullrich from the SANS Technology Institute on encrypted SNI in TLS 1.3 and how that can be used for domain fronting. Guest is Kevin O’Brien from GreatHorn on managing email threats. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/November/CyberWire_2019_11_07.html  Support our show

Facebook takes down more coordinated inauthenticity from Iran and Russia, and announces a new transparency policy about news sources. The former NSA Director schools an ICS security audience on the Westphalian system. Three VPNs and one antivirus provider sustain breaches that may be contained, but that may also derive from exploitation of phantom accounts. Microsoft gets more EU scrutiny. And Mr. Assange gets another day in court.  Johannes Ullrich from the SANS Technology Institute on phishing targeting the financial industry. Guest is Ori Eisen from Trusona on moving beyond phone numbers, usernames and passwords online. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/October/CyberWire_2019_10_22.html  Support our show

Sure, you may know how to subnet a class "C" network into 64 different networks, but how about where to go to learn about technology that has yet to make it into a textbook? Or to find your next job? Or just somewhere where you can commensurate with someone who understands what you mean when you say, "That APT left the MSSP DOA!" This presentation will outline the OSINT and TTP's cyber security practitioners use in industry to connect, build, and maintain networks, with an eye towards how Boilermakers who are CERIAS about cybersecurity can do the same. About the speaker: Andrew Rozema is the department head of the Grand Rapids Community College Computer Information Systems department, an Assistant Professor, and the director of the Grand Rapids Community College Center for Cybersecurity Studies. Prof. Rozema led GRCC's efforts to earn the "NSA DHS Center of Academic Excellence in Two Year Education" designation, and now mentors and reviews other institutions as they do the same. After 20 years in various IT, security, and managerial roles in industry, Prof. Rozema now focuses his attention on educating the next generation of IT and cybersecurity professionals.As an educator, Prof. Rozema teaches cybersecurity related courses for Grand Rapids Community College, and the ISC^2, as well as serving as a mentor for students with the SANS Institute.Prof. Rozema holds a AA from Grand Rapids Community College, a Bachelor of Science in Information Assurance and Security, and a Master of Computer Information Systems with a focus on Security from Boston University. Prof. Rozema has done postgraduate work with the SANS Technology Institute and is currently a student in the interdisciplinary Ph.D. program at the Center for Education and Research in Information Assurance and Security (CERIAS) at Purdue University.

An update on Mustang Panda, and its pursuit of the goals outlined in the Thirteenth Five Year Plan. Unpatched Drupal instances are being hit as targets of opportunity. NSA adds its warnings to those of CISA and NCSC concering widely used VPNs: if you use them, patch them. (And change your credentials). Five Senators tell Microsoft, nicely, that Redmond is naive about Huawei. Patch Tuesday is here. And US Presidential campaign websites get privacy grades. Johannes Ullrich from the SANS Technology Institute on server side request forging. Guest is Jadee Hanson from Code42 with the results of their 2019 Global Data Exposure Report. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/October/CyberWire_2019_10_08.html  Support our show

APT10 has been phishing in US utilities. Google wins a big round over the EU’s right to be forgotten. European courts are also considering binding contractual clauses and Privacy Shield, which together have facilitated transatlantic data transfer. Twenty-seven nations agree on “responsible state behavior in cyberspace.” A hawkish take on Huawei’s 5G ambitions. And Edward Snowden’s book is being used as phishbait (not, we hasten to say, by Mr. Snowden). Johannes Ullrich from the SANS Technology Institute on the security issues with local host web servers. Guest is Fleming Shi from Barracuda with research on city/state ransomware attacks. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_24.html  Support our show

The Ukrainian electrical grid hack seems, on further review, to have been designed to do far more damage than it actually accomplished. InnfiRAT is scouting for access to cryptocurrency wallets. A sophisticated threat actor is using Simjacker for surveillance on phones in the Middle East. The SINET 16 have been announced. A penetration test goes bad due to a misunderstanding of scope, and Baltimore decides, hey, it might be a good idea to back up files.  Johannes Ullrich from the SANS Technology Institute on web spam systems. Guest is Rosa Smothers from KnowBe4 discussing her career journey and the importance of diversity in tech. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/September/CyberWire_2019_09_13.html  Support our show

The European Central Bank shutters a service due to a hostile intrusion. Norman quietly mines Monero. MetaMorph passes through email security filters. Some Capital One insiders thought they saw trouble brewing. Instagram crowd-sources epistemology. Deep fakes are well and good, but the will to believe probably gets along just fine with shallow fakes. US Cyber Command posts North Korea’s Electric Fish malware to VirusTotal. Johannes Ullrich from the SANS Technology Institute on IP fragmentation in operating systems. Guest is John Smith from ExtraHop on the aftermath of an insurance claim.

K3chang is out, about, and more evasive than ever. Data breached at Bulgaria’s National Revenue Agency has turned up online in at least one hacker forum. Facebook’s planned Libra cryptocurrency received close scrutiny and a tepid reception on Capitol Hill this week. Emsisoft offers some common-sense reflections on why local governments are attractive ransomware targets. Please patch BlueKeep. And a hair care product is vulnerable to hacking. Johannes Ullrich from the SANS Technology Institute with tips on ensuring your vulnerability scans are secure. Guest is Richard Clarke, former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States, and coauthor of the book The Fifth Domain. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/July/CyberWire_2019_07_19.html  Support our show

Tensions between the US and Iran are likely to find further expression in cyberspace. OceanLotus’s Ratsnif kit isn’t up to the threat actors normally high standards of coding, but it’s plenty good enough. Cyberattacks in the states of Florida and Georgia. Utilities are urged to go lower tech where possible. Magecart skimmer “Inter” is being hawked on the dark web. And no, they haven’t videoed you using EternalBlue: just dump that email. Johannes Ullrich from the SANS Technology Institute and the ISC Stormcast podcast on Weblogic exploits. Guest is Nick Jovanovic from Thales on cloud security in the federal space. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/July/CyberWire_2019_07_02.html  Support our show

The US cyberattack against Iranian targets remains only indistinctly visible in the information fog of cyberwar. Iran’s APT33 seems to have altered its tactics after its operations against Saudi targets were described by Symantec at the end of March. An insurer and provider of vision and dental benefits investigates a “data incident.” Skids-on-skids, kids. Facebook talks information operations, and teases plans concerning identity. Notes on the labor market. Johannes Ullrich from the SANS Technology Institute and the ISC Stormcast podcast on malware C&C channels making use of TLS. Tamika Smith speaks with Harrison Van Riper from Digital Shadows about their recent report, “Too Much Information: The Sequel,” outlining the increase in data exposure over the past year. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/June/CyberWire_2019_06_27.html  Support our show

Rob Lee, faculty fellow at the SANS Technology Institute, talks with host Steve Ragan about his group's work to help companies out of sticky situations, plus the state of the security industry and predictions for 2018.

In today's podcast, we hear that Spain sees foreign influence operations in Catalonia. IBM's X-Force warns of a new banking Trojan. There may be a mole hunt going on in NSA—and somewhere the Shadow Brokers are smiling. Anti-virus companies fix the AVGater vulnerability. Firefox and Google both commit to security upgrades. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on the challenges of random number generation. Steve McGregory from Ixia on the challenges of dealing with the virtually infinite computing power and bandwidth of cloud computing. Tenable urges people to avoid breaches through good hygiene, and Carbon Black wishes we'd stop calling attackers "hackers."  Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. We read Recorded Future’s free intel daily, you might find it valuable, too. Cylance is revolutionizing cybersecurity with products and services that proactively prevent, rather than reactively detect the execution of advanced persistent threats and malware. Learn more at cylance.com. Dragos is leading a webinar on November 21st that will help enable industrial control system (#ICS) security teams to defend their environments appropriately. Check it out at thecyberwire.com/dragos.

In today's podcast, we hear about ONI ansomware in Japan that may prove to be a wiper. Ukraine blames NotPetya operators Black Energy for BadRabbit. Pyongyang feels London is picking on it. Fishing Facebook in Nordic nations. Security firms sell certificate authority business. Twitter won't sell any more ads to RT or Sputnik. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on honeypots. Russell Jones from Deloitte with the results from a recent medical security poll.During hearings on influence operations, Senators wonder why Facebook wasn't suspicious when people paid for their advertising in rubles. 

In today's podcast, we hear about how KRACK attacks get past secure wi-fi protocols. Probes and distributed denial-of-service incidents in Poland and Sweden have the look of state operations. East Asian threat actors moving on from cyber espionage to supply chain attacks. Iran blamed for June's hack of UK Parliamentary email. QR codes may pose security issues. Do FSB social media trolls really train against US targets by watching House of Cards? Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on scammers taking advantage of disaster. And can the CryptoRuble really complete with VopperCoin? Investors want to know. Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. We read Recorded Future’s free intel daily, and we think you'll find it valuable, too. If you’d like to learn more about how small nuances in how artificial intelligence and machine learning are used can make a big difference, check out E8’s white paper. Interested in the latest research in cyber security? Our new Research Saturday podcast highlights research being done in industry, universities, and governments. Hear from people who are discovering threats, uncovering vulnerabilities, and devising the security measures to keep cyberspace as safe as it can be. Check it out.

In today's podcast, it's bots, sockpuppets, and trolls, oh my. Mr. Zuckerberg goes to Washington. Equifax sources suggest China hacked it. Credit bureau phishbait chums the Internet. Pyongyang gets a new Internet connection, and observers bet it's not for checking Mr. Kim's fantasy sports leagues (anyway he could get all that from Mr. Rodman). ISIS posts more inspiration, and warnings. NSA prepares to wind down Section 702 operations. Johannes Ullrich from SANS Technology Institute and the ISC Stormcast podcast on malware using malicious DLL files. US and Russia seem to agree on one thing at least: Bitcoin fraud is bad.   

In today's podcast, we hear that election influence operations appear to have begun in Germany. Turla's spoor tracked to the Pacifier APT. Cambodia takes an authoritarian turn, possibly extending to domestic spying via RAT. Rival jihadists remain active online; US Cyber Command working to deny them cyberspace safe havens. More exposed AWS S3 databases. MongoDB databases hit with ransom wiper. PrincessLocker and Locky ransomware continue to romp in the wild. Free RAT backdoors criminals. Johannes Ulrich from SANS Technology Institute and the ISC Stormcast podcast on DDoS extortion emails. Disgruntled customer doxes booter service. Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. To learn about combining threat intelligence, analytics, and orchestration, check out ThreatConnect’s webinar. If you’d like to learn more about how small nuances in how artificial intelligence and machine learning are used can make a big difference, check out E8’s white paper. JHUISI & partner COMPASS Cyber present Cyber Security Conference for Executives on September 19th in Baltimore. Register for the event.

In today's podcast, we hear that Ukraine is worried about cyberattacks in conjunction with tomorrow's independence day holiday. The US Navy investigates the possibility of cyberattack in this week's Malacca Straits collision, but that possibility may be fading. Zscaler finds more malicious apps in Google Play. New York State's Department of Financial Services' cyber regulations begin to take effect Monday. Delaware is also stepping up data security regulations. Johannes Ulrich from the SANS Technology Institute and the ISC Stormcast podcast on hacks to Uber driver accounts. Tony Dahbura from JHU promotes their upcoming Cyber Security Conference for Executives. And ISIS continues its inspiration online as police in many countries scramble to follow the Caliphate's messaging. Thanks for listening to the CyberWire. One of the ways you can support what we do is by visiting our sponsors. If you’d like to learn more about how small nuances in how artificial intelligence and machine learning are used can make a big difference, check out E8’s white paper. Your patient data depends on incident response plans. Prepare with DeltaRisk's webinar. JHUISI & partner COMPASS Cyber present Cyber Security Conference for Executives on September 19th in Baltimore. Register for the event.  

ISC Briefing: Large DDoS Attack Against Dyn https://isc.sans.edu/forums/diary/ISC+Briefing+Large+DDoS+Attack+Against+Dyn/21627/ TCP Port 4786: Cisco Memory Leak Vulnerability https://isc.sans.edu/forums/diary/Request+for+Packets+TCP+4786+CVE20166385/21625/ Dirty Cow PoC Exploits Available https://github.com/dirtycow/dirtycow.github.io/wiki/PoCs To register for today's SANS Technology Institute's Professional Lecture Series, pleaes e-mail info@sans.edu

Dr. Johnson is co-founder and Chairman of the Board of Directors of the California Sciences Institute, and also serves as a member of the Board of Directors of the SANS Technology Institute. Dr. Johnson is one of the founding partners of the Forensic Data Center a company focused on computer forensics He received his Bachelor's and Master's degrees from Michigan State University and his Doctorate from the University of California - Berkeley. Dr. Johnson founded the Center for Cybercrime and Forensic Computer Investigation, and the Forensic Computer Investigation Graduate program. Additionally, Dr. Johnson was responsible for developing the on-line program in Information Protection and Security and also founded the Graduate National Security program offered at two of our National Nuclear Security Administration Laboratories in California and New Mexico. Currently, Dr. Johnson serves as a member of the FBI Infraguard program; and also is a member of the Electronic Crime Task Force, New York Field Office, U.S. Secret Service. The United States Attorney General appointed Dr. Johnson a member of the Information Technology Working Group, and he served as Chair, Task Force Group on Combating High Technology Crime for the National Institute of Justice. Dean Johnson was also appointed an advisor to the Judicial Council of California on the Court Technology Task Force by the California Supreme Court. Dr. Johnson has published five books, 13 referred articles; holds copyright on 4 software programs and his chapter on "Infrastructure Warriors: A Threat to the U.S. Homeland by Organized Crime," was published by the Strategic Studies Institute of the U.S. Army War College. In addition to lecturing at the U.S. Army War College, Carlisle Barracks, he has also lectured at the Federal Law Enforcement Training Center, and numerous universities. Dr. Johnson has appeared in both State and U.S. Federal courts as an expert witness and was a member of the Select Ad Hoc Presidential Investigative Committee and consultant to the American Academy of Forensic Sciences in the case of Sirhan B. Sirhan regarding evaluation of ballistics and physical evidence concerning the assassination of United States Senator, Robert F. Kennedy.