Podcasts about SolarWinds

  • 941PODCASTS
  • 2,232EPISODES
  • 44mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jan 17, 2023LATEST

POPULARITY

20152016201720182019202020212022

Categories



Best podcasts about SolarWinds

Show all podcasts related to solarwinds

Latest podcast episodes about SolarWinds

Left to Our Own Devices
Thomas LaRock: SolarWinds' Cybersecurity Strategy

Left to Our Own Devices

Play Episode Listen Later Jan 17, 2023 25:45


Thomas is the Head Geek at SolarWinds. He has over 20 years of IT experience holding roles such as programmer, developer, analyst, and database administrator. He came to our show to talk about lessons learned from SUNBURST, as well as SolarWinds' initiatives and strategy going forward.

Business Security Weekly (Audio)
BSW #290 - Tim Brown

Business Security Weekly (Audio)

Play Episode Listen Later Jan 10, 2023 67:21


In the leadership and communications section, The CISO Role is Broken, Five Cybersecurity Resolutions CISOs Can Actually Keep In 2023, Are Cyber Attacks at Risk of Becoming ‘Uninsurable'?, and more! SolarWinds has been on the journey of Secure by Design since the Sunburst incident in late 2020. Secure by Design is a practical approach to minimizing risk. It involves advanced build systems, an assumed breach model, proactive testing, audit, increased visibility and sharing lessons externally. Segment Resources: https://www.solarwinds.com/secure-by-design-resources   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/bsw290

Paul's Security Weekly
BSW #290 - Tim Brown

Paul's Security Weekly

Play Episode Listen Later Jan 10, 2023 67:21


In the leadership and communications section, The CISO Role is Broken, Five Cybersecurity Resolutions CISOs Can Actually Keep In 2023, Are Cyber Attacks at Risk of Becoming ‘Uninsurable'?, and more! SolarWinds has been on the journey of Secure by Design since the Sunburst incident in late 2020. Secure by Design is a practical approach to minimizing risk. It involves advanced build systems, an assumed breach model, proactive testing, audit, increased visibility and sharing lessons externally. Segment Resources: https://www.solarwinds.com/secure-by-design-resources   Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/bsw290

The CyberWire
Software supply chain management: Lessons learned from SolarWinds. [CyberWire-X]

The CyberWire

Play Episode Listen Later Jan 3, 2023 43:29 Very Popular


Between the emergence of sophisticated nation-state actors, the rise of ransomware-as-a-service, the increasing attack surface remote work presents, and much more, organizations today contend with more complex risk than ever. A “Secure-by-Design” approach can secure software environments, development processes and products. That approach includes increasing training for employees, adopting zero trust, leveraging Red Teams, and creating a unique triple-build software development process. SolarWinds calls its version of this process the "Next-Generation Build System," and offers it as a model for secure software development that will make supply chain attacks more difficult. On this episode of CyberWire-X, host Rick Howard, N2K's CSO, and CyberWire's Chief Analyst and Senior Fellow, discusses software supply chain lessons learned from the SolarWinds attack of 2020 with Hash Table members Rick Doten, the CISO for Healthcare Enterprises and Centene, Steve Winterfeld, Akamai's Advisory CISO, and Dawn Cappelli, Director of OT-CERT at Dragos, and in the second half of the show, Rick speaks with our episode sponsor, SolarWinds, CISO Tim Brown.

The Secret Teachings
BEST OF 2/19/21 - Solar Winds: Red Star State

The Secret Teachings

Play Episode Listen Later Dec 27, 2022 112:28


The Solar Winds hack attack discovered in December of 2020 resulted in hundreds of companies and multiple US federal agencies having their sensitive data exposed. It displayed incredible vulnerabilities in civilian government networks. The current White House wishes to prevent further attacks by issuing executive actions, i.e., moving money around, that have suspended the previous administration's order from May 2020, Securing the United States Bulk-Power System, and a December 2020 Prohibition Order, both of which sought to actually ban, replace and restrict bulk power system electric equipment coming from a foreign country, China in particular. In the midst of one of the most devastating winter storms to hit Texas, and the major power outages resulting therefrom, it should come as no surprise that Solar Winds is located in Austin and that the Chinese Foreign Ministry commented directly on the devastation by saying “China is on the right path. We are fully confident about our future”. Even William Gates used the opportunity to attack the infrastructure and state of Texas. Although Solar Winds and the Dark Winter storm may seem unrelated, consider that in the same month the hack was discovered, China expanded their weather modification program to cover an area more than 1.5 times the total size of India. Previously the area was the size of Alaska. Compound that by a study published in early 2020 from the US National Science Foundation which stated, "cloud seeding can boost snowfall across a wide area”, and you can see how the Lone Star State was turned into the Red Star State.

Ba'al Busters Broadcast
Holiday Mental Health Awareness, plus Twitter intel

Ba'al Busters Broadcast

Play Episode Listen Later Dec 25, 2022 102:37


Subscribe to my RUMBLE if you like this Podcast, and you can catch Livestream Invites!https://rumble.com/c/c-1121444VISIT https://GiveSendGo.com/BaalBusters and Support the Efforts so I can do these shows.https://www.tipeeestream.com/baal-busters/donationor https://paypal.me/BaalBustershttps://SemperFryLLC.com Use Code: HSFAMILY for 11% Off plus a free bonus 2 oz on orders of 3 bottles or more.Support the Show, Feel Better about YourselfShirts and Merch:https://my-store-c960b1.creator-spring.com/Learn How to Naturally Improve Your Health and Wellness by Dr Peter Glidden, NDhttps://riseupintohealth.com/?via=baalbustersGet COPPERINE From Dr Tau Braun:Https://BioChemScience.com Use Code BB2022 for FREE SHIPPINGHoliday Mental Health is a concern, and this year there are more empty seats at the table than prior years due to the active genocide being carried out worldwide. Let's be there for each other, for our neighbors, for the sake of all our survival. I share a couple personal traumas that forever impacted me, and altered the way I allowed myself to live. I discuss what COVID tyranny has done to my small business, and my family. I then have JoshWho on and he delivers insights into Twitter, the FBI involvement in so-called independent media platforms, Solar Winds hack ripples still being felt, and his newfound relationship with Elon Musk.

Feds At The Edge by FedInsider
Ep. 82 Headlines in Cybersecurity–What States Should Know, Day 3: Moving to Zero Trust

Feds At The Edge by FedInsider

Play Episode Listen Later Dec 21, 2022 55:21


The three subject matter experts in this discussion give the listener a wonderful perspective on challenges and solutions to moving to Zero Trust. The interview revolves around tools needed to audit a network, risks inherent in a hybrid cloud, a why a Zero trust platform gives an agency the flexibility it needs to deploy zero trust effectively. Every discussion about zero trust for government agencies starts with trying to determine what is on your network. Smurti Shah from Michigan notes that tools that commercial organizations can use to accomplish that task may not work in a government environment. Therefore, State and local organizations must select Governance, Risk, and Compliance (GRC) solutions that are permitted. Ian Farquhar from Gigamon brings up a fascinating issue with the “discovery” aspect of network analysis: cognitive bias. For example, a systems administrator may swear on a stack of bibles that they have documented every single item on the network. Ian mentions simple questions like: What about that copier? Does it ever have sensitive documents on it? What about the printer? If your organization allows employees to bring in devices, what kind of security implications does that bring? During the discussion, the concept of “trust” was unpacked. We know that trust applies to “who” and “what,” but what about the system itself? Ian Farquhar applies trust to logging and Cloud Service Providers (CSPs). The Solar Winds event looks like it started with the modification of the logs themselves. If you trust the logs, then you can be vulnerable to attack, one should apply zero trust to log controls. One approach to minimizing vendor lock-in is to use a hybrid cloud. This adds complexity to an already complicated situation. The CSPs certainly do a wonderful job at telling people about the security of their cloud. Be careful to apply controls to that cloud environment, offloading trust to them can put you at risk. All participants agreed that zero trust gives the flexibility to handle attacks today and in the future.    

CarahCast: Podcasts on Technology in the Public Sector
Modernizing ARUSD Security with SolarWinds Network Visibility Solutions | Official CarahCast

CarahCast: Podcasts on Technology in the Public Sector

Play Episode Listen Later Dec 19, 2022 45:38


Scott Pross, Vice President of Technology at Monalytic, a SolarWinds company, and Brett Littrell, Chief Technology Officer of Alum Rock Union School District, discuss real world solutions utilizing school district case studies. Learn how Alum Rock Union School District transformed their aging technical infrastructure into a modern network with SolarWinds to meet the needs of their students and staff.

Feds At The Edge by FedInsider
Ep 82 How SolarWinds Responded to an Incident by Improving Service to Federal Customers

Feds At The Edge by FedInsider

Play Episode Listen Later Dec 16, 2022 30:53


An argument can be made that the Solar Winds breach precipitated the interest in Zero Trust in the federal government.  Thousands of words have been written, justly, about the incident.  However, much less attention has been given to how SolarWinds has handled the situation.  SolarWinds has provided us with a classic case study on how to handle a crisis.  They have been transparent, changed leadership, and have made strategic acquisitions that help them serve customers better.  An example of that strategy is today's interview with Gregory Fetterhoff, the CEO of Monalytic. It was acquired by SolarWinds and operates as a separate company. An argument can be made that new leadership at SolarWinds has objectively looked at how to improve service to federal customers and made the acquisition of Monalytic to remedy the situation. During this interview, Gregory Fetterolf gives three reasons why this partnership is effective: the skill set Monalytic brings, accommodations made for corporate culture, and the synergy gives Solar winds the ability to serve the federal government in other areas. Monalytic is comprised primarily of people who have served in the military or federal government.  SolarWinds had extensive experience in commercial environments.  The credentials that Monalytic brings to the table allow them to have a deep understanding of federal needs. Consultants like to say culture eats strategy for breakfast.  What happens when two completely different cultures get thrown into the same room?  Leadership at SolarWinds has the confidence to allow the successful culture at Monalytic to continue, garnering respect from all employees. The strength of this new partnership is revealed in the interest of both federal as well as commercial organizations.  From the government side, they appreciate the ability of Monalytic to understand their needs.  Commercial entities know that federal compliance is difficult; if they start with federal compliance, the commercial concerns go away. Sometimes, it takes an event to show the true strength of a company.      

Feds At The Edge by FedInsider
Ep. 81 Headlines in Cybersecurity: What States Should Know Day Two: Supply Chain Hacks

Feds At The Edge by FedInsider

Play Episode Listen Later Dec 11, 2022 54:39


When the World Wide Web was developed in the late 1980s the idea was you could get information from the platform easily. Well, that certainly worked. In the past thirty years, this “interconnectedness” has brought benefits and unexpected risks. One of the dangers is the ease of one system connecting to another. Great if you want to validate a person's identity; also beneficial for a malicious actor to place code in a system that automatically updates. The most egregious example of the danger of automatic interconnectedness is the Solar Winds event. Systems were set where network “A” trusted code from network “B.”  The cyber attackers took advantage of this trust and inserted code into the target system. The application for systems managers is obvious – if your architecture is designed to connect to trusted third-party solutions providers, how can know the code is clean? If you combine that with the lack of staff that most state and local governments have, then you have a serious problem. Just to amplify the situation, remote connections blossomed in COVID and the number of logs to manage is out of control. This is a discussion where subject matter experts from software companies, federal leaders, and county practitioners sit down to provide some suggestions to solve the vexing problem. One possibility is to treat code in a “suspected” manner. Take each system update and consider it as malicious and run it in a sandbox before deploying. Unfortunately, this is a labor-intensive process, and we are assuming a situation with a lack of professionals. Bill Harrod from Ivanti suggests that systems administrators can take advantage of artificial intelligence and automation to vet patches and updates quickly. If there is an issue, remediation can take place rapidly. Another remedy discussed was including text in future contracts where software vendors must assure end users that the code they provide has been thoroughly evaluated. This does nothing for a system in place today, but it is a good long-term preventative measure.        

Future of Application Security
EP 17 — SolarWinds VP of Security Tim Brown: Behind the Scenes of the 2020 SolarWinds Breach

Future of Application Security

Play Episode Listen Later Nov 30, 2022 34:45


Those in IT, DevOps, and SecOps are all too familiar with the demands of a complex and dynamic technological landscape. For more than two decades, SolarWinds has helped technology professionals and organizations manage and adapt to an ever-expanding ecosystem of IT applications and infrastructure.  In this episode, Tim Brown, Vice President of Security at SolarWinds, gives us an insider view of the 2020 cyberattack where hackers slipped malicious code into the company's popular network management system and software program, Orion.  He shares how his team worked tirelessly to resolve the breach, and how this incident  has brought light to the software supply chain security issue and has helped strengthen the whole security industry.  Topics discussed: Tim's perspective on the dependence of security maturity on engineering process or development process maturity  How the SolarWinds team handled the 2020 breach The importance of creating SBOMs for every application and learning to utilize the data to protect against security vulnerabilities Tim's advice for security leaders working with a supply chain What supply chain security will look like in the next few years Links: SolarWinds hack explained: Everything you need to know SolarWinds breach: Lessons Learned & Practical steps

PreSales Podcast by PreSales Collective
131. PreSales Performance - Metrics That Matter w/Jeff Stewart

PreSales Podcast by PreSales Collective

Play Episode Listen Later Nov 21, 2022 39:28


On the PreSales Podcast, James Kaikis and Jeff Stewart connect on "PreSales Performance – Metrics That Matter." Jeff, Field CTO and Vice President, Global Solutions Engineering at SolarWinds, talks about what the PreSales Metrics are that truly highlight the impact of Solutions on the business. Jeff highlights how he looks at Team and Individual Performance as well as Sales Performance, Productivity and Efficiency, and Business Impact with Data. Additionally, James and Jeff have a philosophical conversation regarding the future of measuring Solutions Data.

Revenue Rehab
Competitive Intel vs. Competitor Obsession: Striking the Right Balance

Revenue Rehab

Play Episode Listen Later Nov 16, 2022 35:45


This week our host Brandi Starr is joined by Tiziana Barrow, Founder and CEO at Tilagia and Gerardo Dada, CMO at Catchpoint.  On the couch Brandi, Tiziana and Gerardo will tackle Competitive Intel vs. Competitor Obsession. Tiziana Barrow has spent the last 20+ years of her career in the B2B high tech Industry in key positions, including VP of Marketing, Principal Marketing Consultant, Director of Competitive & Market Intelligence, and Analyst Relations.  Passionate about building strategies, innovative campaigns, and the teams that thrive to deliver, Tiziana is very much a change agent marketer who finds satisfaction in producing high quality results.  She has also been part of building and growing start-up companies, including Symantec, the industry's most popular antivirus software provider and Eloqua—prior to the Oracle acquisition—a marketing automation platform. Gerardo Dada has over 20 years of experience in technology marketing and has been at the center of the Web, Mobile, Social, and Cloud revolutions. He has held senior marketing and strategy positions at SolarWinds, Microsoft, Rackspace, DataCore, BazaarVoice, and Keeper Security. He writes on his blog www.theAdaptiveMarketer.com Together, in this week's episode, Competitive Intel vs. Competitor Obsession Striking the Right Balance, Brandi, Tiziana and Gerardo explore the difference between competitive intel and competitor obsession, value versus reaction, how to use the intel when you have it and much more. Links: Get in touch with Tiziana Barrow on: LinkedIn Tilagia Get in touch with Gerardo Dada on: LinkedIn Twitter YouTube Blog Subscribe, listen, and rate/review Revenue Rehab Podcast on Apple Podcasts, Spotify, Google Podcasts , Amazon Music, or iHeart Radio and find more episodes on our website RevenueRehab.live

Loving Liberty Radio Network
11-14-2022 Liberty RoundTable with Sam Bushman

Loving Liberty Radio Network

Play Episode Listen Later Nov 16, 2022 109:40


Hour 1 * Guest: Alex Newman – Writer/Speaker, Award-winning international journalist, educator, author, and consultant, The John Birch Society – JBS.org * Alex Reports Live From The Conference of the Parties, COP27 in Egypt! * Can You Say Election Fraud!? – Katie Hobbs defeated Kari Lake in AZ governor's race – The Democrat defeated Lake by just one percentage point, 50.4%-49.5%. * Video: Proof Climate Cult Leaders Don't Believe Their Own Narrative. * Biden addresses UN climate conference in Egypt – NPR. * Biden claims climate efforts ‘more urgent than ever' at summit. * The United Nations Framework Convention on Climate Change. * Are you familiar with the Human Development Report? * Global Leaders Usher In New Man Made Ten Commandments! * Guest: Patrick Byrne, Former Chairman and CEO of Overstock.com * Patrick Sneaks in to the White House – Has Emergency Meeting With Trump! * Trump and Patrick Betrayed from Within by Rudy Giuliani. * Patrick: “anyone who had a key to the SolarWinds hack had a key to every election machine in America that was running the Serv-U product, which means they had unlimited administrative access to the databases. And most of these databases use SQL, a tool that lets you change entries to the database.” * A Direct Challenge to Obama, DOJ, FBI and the Rest of the Deep State – Patrick Byrne. * Mr. Byrne: “I'd pay $10 million to be tried for Sedition in a military court next week. If I'm convicted, hang me. If I'm lying about this stuff, hang me. * Patrick announced that he was recently diagnosed with cancerous tumors in his spine, “which has given him the courage to dare the military courts to try him in one day for Sedition and to hang him by sunset if he's lying. He'll call his 6 witnesses for 10 minutes each. His one condition is that they televise the trial.” * ‘Deplorables' Proven Right Once Again! * Get CSPOA SMS Updates! Simply text the letters CSPOA to 53445. * Archives of the Simulcast of the Sheriff Mack show and Liberty RoundTable Live can be found in Video at BrightEON.tv and Audio at LibertyRoundTable.com Hour 2 * Guest: Loy Brunson, Knowing the US attorneys would be able to get the courts to dismiss the following cases, my two brothers and I planned from the get-go, to take all cases we would file, to the United States Supreme Court where the final decision could be made by a majority of constitutional Supreme Court Justices – 7Discoveries.com * How Can Citizens Redress their Grievances of an Unfair Election Process? * In the Utah District United States District Court which is the federal court of Utah, Loy sued Biden, Harris, Mike Pence and 385 members of the US Congress (House and Senate). * For blocking his federal lawsuit against the 388 defendants, In Utah's Fourth District Court, Loy sued two defendants, the federal court of Utah and the 10th Circuit Court of Appeals in Denver Colorado. Yes he took two federal courts to State Court. You're reading this correctly. * My brother Raland with an identical complaint sued the same defendants in the 3rd District Court of Utah. This is the case that is now on the docket of the United States Supreme Court. This can be found at supremecourt.gov docket # 22-380. * Court Documents Show FBI Had 8 Informants In Far-Right Proud Boys – NYT, In filings in the seditious conspiracy case against members of the Proud Boys, defense lawyers claimed that information favorable to their clients was improperly withheld by the government until recently. --- Support this podcast: https://anchor.fm/loving-liberty/support

Security Serengeti
SS-NEWS-086: Solarwinds facing Lawsuit and Gov Action

Security Serengeti

Play Episode Listen Later Nov 15, 2022 45:21


Matthew ran a little late this weekend, so apologies for being a day late deploying the latest security news into your earhole! We talk Solarwinds and a lawsuit, then a little SEC action. Then we discuss the ever decreasing time frame to patch new vulnerabilities, and we lead off with a little conspiracy theory action about a government contractor that just might be using their privileged position for some man in the middle for the gov. I mean, what legitimate government contractor ISN'T run out of a UPS Store? Article 1 - Mysterious company with government ties plays key internet roleSupporting Article:Where does Firefox store cerificates and how to delete one? Article 2 - Zero-day are exploited on a massive scale in increasingly shorter timeframesSupporting Article:Microsoft Digital Defense Report 2022Intro to HDMoore’s Law Article 3 - SolarWinds Faces Potential SEC Enforcement Act Over Orion BreachSupporting Article:CLASS ACTION COMPLAINT FOR VIOLATION OF THE FEDERAL SECURITIES LAWS SOLARWINDS CORPORATION Form 8-K If you found this interesting or useful, please follow us on Twitter @serengetisec and subscribe and review on your favorite podcast app!

Liberty Roundtable Podcast
Radio Show Hour 1 – 11/15/2022

Liberty Roundtable Podcast

Play Episode Listen Later Nov 15, 2022 54:50


* Guest: Alex Newman - Writer/Speaker, Award-winning international journalist, educator, author, and consultant, The John Birch Society - JBS.org * Alex Reports Live From The Conference of the Parties, COP27 in Egypt! * Can You Say Election Fraud!? - Katie Hobbs defeated Kari Lake in AZ governor's race - The Democrat defeated Lake by just one percentage point, 50.4%-49.5%. * Video: Proof Climate Cult Leaders Don't Believe Their Own Narrative. * Biden addresses UN climate conference in Egypt - NPR. * Biden claims climate efforts 'more urgent than ever' at summit. * The United Nations Framework Convention on Climate Change. * Are you familiar with the Human Development Report? * Global Leaders Usher In New Man Made Ten Commandments! * Guest: Patrick Byrne, Former Chairman and CEO of Overstock.com * Patrick Sneaks in to the White House - Has Emergency Meeting With Trump! * Trump and Patrick Betrayed from Within by Rudy Giuliani. * Patrick: "anyone who had a key to the SolarWinds hack had a key to every election machine in America that was running the Serv-U product, which means they had unlimited administrative access to the databases. And most of these databases use SQL, a tool that lets you change entries to the database." * A Direct Challenge to Obama, DOJ, FBI and the Rest of the Deep State - Patrick Byrne. * Mr. Byrne: "I'd pay $10 million to be tried for Sedition in a military court next week. If I'm convicted, hang me. If I'm lying about this stuff, hang me. * Patrick announced that he was recently diagnosed with cancerous tumors in his spine, "which has given him the courage to dare the military courts to try him in one day for Sedition and to hang him by sunset if he's lying. He'll call his 6 witnesses for 10 minutes each. His one condition is that they televise the trial." * 'Deplorables' Proven Right Once Again! * Get CSPOA SMS Updates! Simply text the letters CSPOA to 53445. * Archives of the Simulcast of the Sheriff Mack show and Liberty RoundTable Live can be found in Video at BrightEON.tv and Audio at LibertyRoundTable.com

Loving Liberty Radio Network
11-14-2022 Liberty RoundTable with Sam Bushman

Loving Liberty Radio Network

Play Episode Listen Later Nov 14, 2022 109:40


Hour 1 * Guest: Dr. Scott Bradley, * To Preserve the Nation: In the Tradition of the Founding Fathers – FreedomsRisingSun.com * America: A History In Review. * George washingtons Unheeded warning: religion-and-morality-are-indispensable-supports! * George Washington: “Of all the dispositions and habits which lead to political prosperity, religion and morality are indispensable supports. “In vain would that man claim the tribute of Patriotism, who should labor to subvert these great pillars of human happiness.” * What The Founders Meant By Self-Governance. * Self-Governing Individuals Are Necessary for a Self-Governing Society! * Exodus 20:15 KJV “Thou shalt not steal.” * Why checks and balances are so important * How are checks and balances vital to maintaining a Constitutional, Representive Republic? Hour 2 * Guest: Lowell Nelson – CampaignForLiberty.org – RonPaulInstitute.org * Hey Incoming Congress: Try These Three Simple Tricks for a Successful Start – Ron Paul. * Mr. Paul: “once the voting is over and the smoke has cleared, not much changes. The Washington uni-party takes over and makes sure the status quo is maintained.” * “end the massive money spigot opened by the last Congress for Ukraine. – Defund the Department of Homeland Security – Pass a bill to audit the Fed! * The Election Won't Change Much in DC. The Real Battle Is Now in the States – Ryan McMaken, LewRockwell.com * A Direct Challenge to Obama, DOJ, FBI and the Rest of the Deep State – Patrick Byrne. * Mr. Byrne: “I'd pay $10 million to be tried for Sedition in a military court next week. If I'm convicted, hang me. If I'm lying about this stuff, hang me. * Patrick said, “anyone who had a key to the SolarWinds hack had a key to every election machine in America that was running the Serv-U product, which means they had unlimited administrative access to the databases. And most of these databases use SQL, a tool that lets you change entries to the database.” * Patrick announced that he was recently diagnosed with cancerous tumors in his spine, “which has given him the courage to dare the military courts to try him in one day for Sedition and to hang him by sunset if he's lying. He'll call his 6 witnesses for 10 minutes each. His one condition is that they televise the trial.” --- Support this podcast: https://anchor.fm/loving-liberty/support

Packet Pushers - Network Break
Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies?

Packet Pushers - Network Break

Play Episode Listen Later Nov 14, 2022 32:06


This week's Network Break covers several announces from VMware Explore including a new SD-WAN client. ASIC-maker Marvell goes after industrial networks with new silicon, Cisco announces the curtain falling on several ISR router models, and SolarWinds settles with the SEC. Zoom and the AMC movie theater chain partner on an offering to hold big meetings at the movies, and Starlink announces it will slow customer speeds if they cross a 1TB cap. The post Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies? appeared first on Packet Pushers.

Packet Pushers - Full Podcast Feed
Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies?

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Nov 14, 2022 32:06


This week's Network Break covers several announces from VMware Explore including a new SD-WAN client. ASIC-maker Marvell goes after industrial networks with new silicon, Cisco announces the curtain falling on several ISR router models, and SolarWinds settles with the SEC. Zoom and the AMC movie theater chain partner on an offering to hold big meetings at the movies, and Starlink announces it will slow customer speeds if they cross a 1TB cap. The post Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies? appeared first on Packet Pushers.

Packet Pushers - Fat Pipe
Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies?

Packet Pushers - Fat Pipe

Play Episode Listen Later Nov 14, 2022 32:06


This week's Network Break covers several announces from VMware Explore including a new SD-WAN client. ASIC-maker Marvell goes after industrial networks with new silicon, Cisco announces the curtain falling on several ISR router models, and SolarWinds settles with the SEC. Zoom and the AMC movie theater chain partner on an offering to hold big meetings at the movies, and Starlink announces it will slow customer speeds if they cross a 1TB cap. The post Network Break 407: VMware Buys Startup For SD-WAN Client; Zoom Meetings At The Movies? appeared first on Packet Pushers.

Liberty Roundtable Podcast
Radio Show Hour 2 – 11/14/2022

Liberty Roundtable Podcast

Play Episode Listen Later Nov 14, 2022 54:50


* Guest: Lowell Nelson - CampaignForLiberty.org - RonPaulInstitute.org * Hey Incoming Congress: Try These Three Simple Tricks for a Successful Start - Ron Paul. * Mr. Paul: "once the voting is over and the smoke has cleared, not much changes. The Washington uni-party takes over and makes sure the status quo is maintained." * "end the massive money spigot opened by the last Congress for Ukraine. - Defund the Department of Homeland Security - Pass a bill to audit the Fed! * The Election Won't Change Much in DC. The Real Battle Is Now in the States - Ryan McMaken, LewRockwell.com * A Direct Challenge to Obama, DOJ, FBI and the Rest of the Deep State - Patrick Byrne. * Mr. Byrne: "I'd pay $10 million to be tried for Sedition in a military court next week. If I'm convicted, hang me. If I'm lying about this stuff, hang me. * Patrick said, "anyone who had a key to the SolarWinds hack had a key to every election machine in America that was running the Serv-U product, which means they had unlimited administrative access to the databases. And most of these databases use SQL, a tool that lets you change entries to the database." * Patrick announced that he was recently diagnosed with cancerous tumors in his spine, "which has given him the courage to dare the military courts to try him in one day for Sedition and to hang him by sunset if he's lying. He'll call his 6 witnesses for 10 minutes each. His one condition is that they televise the trial."

The ITAM Executive: A Podcast for IT Asset Management Professionals
Security & ITAM in the Public Sector

The ITAM Executive: A Podcast for IT Asset Management Professionals

Play Episode Listen Later Nov 12, 2022 27:12 Transcription Available


Host: Philippe de Raet, VP of Business Development at Anglepoint (https://www.linkedin.com/in/pderaet/) Speaker: Blake DeShaw, Security Manager at Anglepoint As the world becomes more connected, digital security is paramount—not simply for maintaining positive customer relations but for global security and safety. This is one of, if not the most important parts of a robust ITAM & Security strategy. However, the task has never been more monumental. Not only do your organization's tens of thousands of networked devices need to be tracked, but even employees' personal devices, such as their phones and personal computers, need to be taken into consideration. Protecting information from cyber-attacks is so crucial that extensive Executive Orders are in place to guide what companies are accountable for. Executive Order 14028: Improving the Nation's Cybersecurity was a direct result of the Solar Winds incident, which was released in 2021. Based on this EO, Memorandum M2218: Enhancing the Security of the Software Supply Chain through Secure Software Development Practices was also recently released. Listen in as Blake helps dive into what this means for your organization. We discuss: 3 major security breach case studies The triggers you need to keep an eye on Importance of accurate data, inventories, and usage How to reduce and mitigate security exposures If you're interested in learning more about Blake, connect with him on LinkedIn (https://www.linkedin.com/in/blake-w-deshaw-52513661/). Dig into more insights from ITAM executives by subscribing on Apple Podcasts, Spotify, or wherever you listen to podcasts. Listening on a desktop & can't see the links? Just search for The ITAM Executive in your favorite podcast player.

Tmsoft's White Noise Sleep Sounds
Solar Winds 9 Hours Sleep Sounds

Tmsoft's White Noise Sleep Sounds

Play Episode Listen Later Nov 10, 2022 540:10


In 2020 NASA's Parker probe captured the sounds of the sun's wind. This recording is from a set of plasma data. The original sound contained occasional unpleasant frequencies. This edited version has been stretched and edited to be more pleasant and relaxing. Spotify listener? Lose the intros by becoming a subscriber! https://anchor.fm/tmsoft/subscribe Learn more about the White Noise App Download the White Noise app for free! Download this sound to White Noise for free!

Tmsoft's White Noise Sleep Sounds
Solar Winds 9 Hours Sleep Sound

Tmsoft's White Noise Sleep Sounds

Play Episode Listen Later Nov 10, 2022 540:10


In 2020 NASA's Parker probe captured the sounds of the sun's wind. This recording is from a set of plasma data. The original sound contained occasional unpleasant frequencies. This edited version has been stretched and edited to be more pleasant and relaxing. Spotify listener? Lose the intros by becoming a subscriber! https://anchor.fm/tmsoft/subscribe Learn more about the White Noise App Download the White Noise app for free! Download this sound to White Noise for free!

Risky Business
Risky Business #684 -- DoJ seizes 50,000 stolen bitcoins from popcorn tin

Risky Business

Play Episode Listen Later Nov 9, 2022


On this week's show Patrick Gray, Adam Boileau and Dmitri Alperovitch discuss the week's security news, including: DoJ seizes 50k bitcoin stolen from Silk Road, charges thief Australian health insurer Medibank refuses to pay ransom, data leaked Inside Qatar's $386m world cup espionage operation EU Parliament report into spyware lands SolarWinds settles shareholder lawsuit, faces SEC enforcement action Much, much more This week's sponsor guest is Andrew Morris from Greynoise Intelligence. Links to everything that we discussed are below and you can follow Patrick or Adam on Twitter if that's your thing. Show notes DOJ says it seized billions in Bitcoin stolen by hacker from Silk Road darknet marketplace - The Record by Recorded Future U.S. Attorney Announces Historic $3.36 Billion Cryptocurrency Seizure And Conviction In Connection With Silk Road Dark Web Fraud | USAO-SDNY | Department of Justice Medibank says it will not pay ransom in hack that impacted 9.7 million customers - The Record by Recorded Future Names, addresses, birthdays posted to dark web by hackers after Medibank ransom deadline passes - ABC News ‘Project Merciless': how Qatar spied on the world of football in Switzerland - SWI swissinfo.ch How Qatar hacked the World Cup — The Bureau of Investigative Journalism (en-GB) FBI probing ex-CIA officer's spying for World Cup host Qatar - The Washington Post EU governments accused of using spyware ‘to cover up corruption and criminal activity' - The Record by Recorded Future Press conference on draft findings of EP spyware inquiry | News | European Parliament SolarWinds says it's facing SEC ‘enforcement action' over 2020 hack | TechCrunch Microsoft accuses China of abusing vulnerability disclosure requirements - The Record by Recorded Future 工业和信息化部国家互联网信息办公室公安部关于印发网络产品安全漏洞管理规定的通知-中共中央网络安全和信息化委员会办公室 Insurance giant settles NotPetya lawsuit, signaling cyber insurance shakeup Could a ‘digital Red Cross emblem' protect hospitals from cyber warfare? - The Record by Recorded Future TrustCor Systems verifies web addresses, but its address is a UPS Store - The Washington Post Cyber incident at Boeing subsidiary causes flight planning disruptions - The Record by Recorded Future FIN7 cybercrime cartel tied to Black Basta ransomware operation: report - The Record by Recorded Future More than 100 election jurisdictions waiting on federal cyber help, sources say $28 million stolen from cryptocurrency platform Deribit - The Record by Recorded Future Nigerian scammer sentenced to 11 years in US prison - The Record by Recorded Future Hackers get into Dropbox developer accounts on GitHub, access 130 code repositories and more - The Record by Recorded Future Urlscan.io API unwittingly leaks sensitive URLs, data | The Daily Swig The Most Vulnerable Place on the Internet | WIRED So long and thanks for all the bits - NCSC.GOV.UK

Tevora Talks Info-Sec Podcast
Tevora Talks - Hackers Bake RomCom RAT into KeePass and SolarWinds + Clipboard Hijacker Replaces Crypto Wallets

Tevora Talks Info-Sec Podcast

Play Episode Listen Later Nov 8, 2022 18:29


This week, Matt Mosley and Kash Izadseta cover Hacker News! Hackers copycat popular software tools like KeePass and Solarwinds to distribute malware. Clipboard hijacked to replace crypto wallet addresses! Links mentioned in this episode: https://thehackernews.com/2022/11/hackers-using-rogue-versions-of-keepass.html https://www.bleepingcomputer.com/news/security/new-clipboard-hijacker-replaces-crypto-wallet-addresses-with-lookalikes/ http://tevoratalks.com Instagram, Twitter, Facebook: @TevoraTalks

The CyberWire
“Static expressway” tactics in credential harvesting. Emotet is back. Black Basta linked to Fin7. RomCom hits Ukrainian targets and warms up against the Anglo-Saxons. Cyber cooperation?

The CyberWire

Play Episode Listen Later Nov 3, 2022 32:39 Very Popular


Leveraging Microsoft Dynamics 365 Customer Voice for credential harvesting. Emotet is back. Black Basta ransomware linked to Fin7. A Russophone gang increases activity against Ukrainian targets. Betsy Carmelite from Booz Allen Hamilton on adversary-informed defense. Our guest is Tom Gorup of Alert Logic with a view on cybersecurity from a combat veteran. And Russia regrets that old US lack of cooperation in cyberspace–things would be so much better if the Anglo-Saxons didn't think cyberspace was the property of the East India Company. Or something like that. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/212 Selected reading. Abusing Microsoft Customer Voice to Send Phishing Links (Avanan)  Emotet botnet starts blasting malware again after 5 month break (BleepingComputer)  Black Basta Ransomware | Attacks Deploy Custom EDR Evasion Tools Tied to FIN7 Threat Actor (SentinelOne)  RomCom Threat Actor Abuses KeePass and SolarWinds to Target Ukraine and Potentially the United Kingdom (BlackBerry)  Russia cyber director warns no U.S. cooperation risks "mutual destruction" (Newsweek)

Feds At The Edge by FedInsider
Ep. 77 Hybrid Cloud Observability

Feds At The Edge by FedInsider

Play Episode Listen Later Nov 1, 2022 38:21


When you read the current literature on cloud systems management, one key factor is what is called “observability.”  With so many moving parts, one tends to focus on a specific group of indicators and miss the overall activity. When Vivek Kundra started to talk about “Cloud First” back in 2009. He had no idea the size and complexity of clouds that would evolve in his desire to reduce cost and increase flexibility for federal projects. SolarWinds has been a leader in system observability for decades. Today, we have a person who has successfully used Solar Winds on a variety of systems and relates some of the best practices for gaining this elusive observability. Scott Pross has seen systems managers look at specific aspects of federal systems in silos. For example, a manager may have data coming in on servers, or even the network itself. Another set of metrics may give information on applications. Managing virtual environments has evolved into a category in and of itself. When a problem arises, a troubleshooter may microfocus on an area, but not realize how it impacts the entire ecosystem. Scott suggests that using solutions from SolarWinds can give a systems analyst a view from 40,000 feet instead of ten feet off the ground. Another consideration is how to monitor activity in a cloud when its architecture is changing. The change may be for compliance reasons, expanding applications, or something as basic as running out of room and having to adapt to an influx of data. Leaders of federal agencies are not interested in extremely detailed observations about logs.  They want to know when their application will be available for citizens or employees. Addressing this issue, Scott details how, using SolarWinds, he can assemble dashboards to give leaders a better understanding of what has gone wrong to enable them to make data-based decisions.  

Major Daughter Live The Podcast
THE CURRENT STATE OF THE MARKET

Major Daughter Live The Podcast

Play Episode Listen Later Oct 14, 2022 32:01


MAJOR DAUGHTER IN CONVERSATION WITH LEADING TECH EXPERT DAVE SOBEL Dave is the host of the Business of Tech podcast, and owner of MSP Radio. Dave is regarded as a leading expert in the delivery of technology services, with broad experience in both technology and business. He owned and operated an IT Solution Provider and MSP for over a decade, both acquiring other organizations and eventually being acquired. This firm was a winner of multiple awards, including being a finalist for Microsoft's Worldwide Partner of the Year in the Small Business Specialist category. After his MSP experience, he has worked for multiple vendors at such companies as Level Platforms, GFI, LogicNow, and SolarWinds, leading community, event, marketing, and product strategies, as well as several M&A activities. “The Business of Tech” is a leading IT services focused news and analysis podcast and YouTube show, with thousands of listeners and subscribers. He also co-hosts of the podcast “Killing IT” and authored the book Virtualization: Defined. He was a CRN Channel Chief, on the CRN UK A-List, a Channel Futures Circle of Excellence winner, one of Channel Pro's 20/20 Visionaries, and has a MSPmentor 250 member for multiple times. Dave has been recognized as one of the top virtualization experts globally as a Microsoft MVP for Virtualization. Dave has served on the executive council for Managed Services and Emerging Technologies, the Vendor Advisory Council, as founding Chair for the Mobility Community for CompTIA. Dave holds a bachelor's degree in Computer Science from the College of William and Mary. He is a dynamic voice within the IT community, a former member and facilitator for Heartland Technology Groups and passionate about collaborating with clients and peers on utilizing technology to advance organizations. He lives just outside Washington DC with his wife and two cats. His interests include travel and food, cheering the Washington Nationals and Capitals, smoking barbeque, enjoying craft beers, and collecting and playing retro and modern video games among others. https://businessof.tech/ --- Send in a voice message: https://anchor.fm/major-daughter/message

The Tech Blog Writer Podcast
2140: SolarWinds Hybrid Cloud Observability

The Tech Blog Writer Podcast

Play Episode Listen Later Oct 14, 2022 29:14


SolarWinds is number one in network management software beating out IBM, Cisco and others, and serves over 300,000 customers including 498 of the Fortune 500. Its products have become ubiquitous because they are easier to use, more powerful and scalable and more affordable than other providers, including its recently launched Hybrid Cloud Observability Platform. This is the first platform that the company has built from the ground up since the SUNBURST supply chain incident that targeted SolarWinds and other technology companies last year. The platform provides customers with an integrated, full-stack solution that's able to detect productivity and security anomalies, identify issues and take automated remediation actions to maximize productivity, prevent security issues and reduce costs. The company's Head Geeks, Chrystal Taylor and Sascha Giese join me on Tech Talks Daily to talk about what observability can do for network administrators and learn more about SolarWinds' new Hybrid Cloud Observability Platform.

SolarWinds TechPod
Hybrid IT...It's Trendy?

SolarWinds TechPod

Play Episode Listen Later Oct 13, 2022 43:18


The IT Trends report is released by SolarWinds every year with predictions on what will be the most popular trends in IT during the upcoming months. As we enter the second half of 2022, hosts Sean Sebring and Chris Bowie unpack the SolarWinds 2022 IT Trends report with Professor Dr. Sally Eaves. The three discuss findings from the report, getting hybrid IT right, managing complexity, Observability, and even... time travel? 

Security Conversations
Chainguard's Dan Lorenc gets real on software supply chain problems

Security Conversations

Play Episode Listen Later Oct 13, 2022 47:07


Episode sponsors: Binarly (https://binarly.io/) and FwHunt (https://fwhunt.run/) - Protecting devices from emerging firmware and hardware threats using modern artificial intelligence. Dan Lorenc and a team or ex-Googlers raised $55 million in early-stage funding to build technology to secure software supply chains. On this episode of the show, Dan joins Ryan to talk about the different faces of the supply chain problem, the security gaps that will never go away, the decision to raise an unusually large early-stage funding round, and how the U.S. government's efforts will speed up technology innovation.

Voice of the DBA
Code Supply Chain Security

Voice of the DBA

Play Episode Listen Later Oct 11, 2022 2:28


There have been a number of attacks in the last few years on source code. In fact, I saw a new one this week for an e-commerce Wordpress plugin. This time hackers got access to the distribution server for the company, Fishpig, and altered the plug-ins that their customers download. A few years ago this was big news, with the SolarWinds exploit. There was also an attack on PyPy, a popular Python package that many people include in their code.  There have been no shortages of problems in npm packages as well. I'm sure this has happened in other software packages, which is scary. In the days of DevOps where we publish code from a repository, an exploit against your developers might go unnoticed. Then again, maybe not. Read the rest of Code Supply Chain Security

Outspoken with Shana Cosgrove
From the Rafters: Bailey Bickley, Chief Strategy Officer, NSA Cybersecurity Collaboration Center

Outspoken with Shana Cosgrove

Play Episode Listen Later Oct 11, 2022 47:36


Collaboration, Transparency, and Family Legacy.In this episode of The Outspoken Podcast, host Shana Cosgrove talks to Bailey Bickley, Chief Strategy Officer for the NSA Cybersecurity Collaboration Center. Bailey discusses The NSA's journey from a private organization to one that is now discussing cybersecurity publicly to help ensure online safety. Bailey's family has been a part of The NSA for 3 generations, and Bailey explains why this family legacy is so important to her. She also explains SolarWinds and other hacking incidents, and why the mission of The NSA is so vital to protect the national interests of The United States. Lastly, Bailey reveals to us her favorite book, future TED talk topic, and the popular movie franchise that puts her to sleep!QUOTES“You want to build trust through transparency. Folks won't take action on our cybersecurity guidance, unless they trust the source of that guidance.” - Bailey Bickley [05:32]“I realized very early on that my enthusiasm, my ability to connect with people was a skill. It wasn't just a personality aspect, but it was something that I could leverage in the workplace to get the job done.” - Bailey Bickley [21:38]“If you don't lean into identifying what you don't understand and remediating that, you'll only get so far. [...] Making sure you put the work in first, versus relying on other people to teach you, I think is really important.” - Bailey Bickley [38:00] TIMESTAMPS [00:04] Intro[01:31] Meet Bailey Bickley[05:01] The Shift into a Public-Facing NSA[14:42] SolarWinds Cybersecurity Incident[17:15] NSA's Missions[21:01] How Bailey's Personality Fits into NSA[24:07] Bailey's Start with NSA[34:57] Mistakes and Moments of Failure[37:14] Advice for Young People[39:38] Bailey's Book Recommendation[43:49] Bailey's Surprising Fact[46:48] OutroRELEVANT LINKSBailey Bickley on LinkedInIntelligencecareers.gov/nsaNyla Technology SolutionsI'd love to hear from you -- your feedback is important to me and I read all of it. If you enjoyed the podcast, I hope you'll give us 5 stars. I'll be sure to thank you via email. If not, let me know what you think we should do differently. Don't forget to hit “subscribe” so you'll receive notifications about guest interviews and other topics that drop every Tuesday.Live well, Shana

Outspoken with Shana Cosgrove
From the Rafters: Bailey Bickley, Chief Strategy Officer, NSA Cybersecurity Collaboration Center

Outspoken with Shana Cosgrove

Play Episode Listen Later Oct 11, 2022 47:36


Collaboration, Transparency, and Family Legacy.In this episode of The Outspoken Podcast, host Shana Cosgrove talks to Bailey Bickley, Chief Strategy Officer for the NSA Cybersecurity Collaboration Center. Bailey discusses The NSA's journey from a private organization to one that is now discussing cybersecurity publicly to help ensure online safety. Bailey's family has been a part of The NSA for 3 generations, and Bailey explains why this family legacy is so important to her. She also explains SolarWinds and other hacking incidents, and why the mission of The NSA is so vital to protect the national interests of The United States. Lastly, Bailey reveals to us her favorite book, future TED talk topic, and the popular movie franchise that puts her to sleep!QUOTES“You want to build trust through transparency. Folks won't take action on our cybersecurity guidance, unless they trust the source of that guidance.” - Bailey Bickley [05:32]“I realized very early on that my enthusiasm, my ability to connect with people was a skill. It wasn't just a personality aspect, but it was something that I could leverage in the workplace to get the job done.” - Bailey Bickley [21:38]“If you don't lean into identifying what you don't understand and remediating that, you'll only get so far. [...] Making sure you put the work in first, versus relying on other people to teach you, I think is really important.” - Bailey Bickley [38:00] TIMESTAMPS [00:04] Intro[01:31] Meet Bailey Bickley[05:01] The Shift into a Public-Facing NSA[14:42] SolarWinds Cybersecurity Incident[17:15] NSA's Missions[21:01] How Bailey's Personality Fits into NSA[24:07] Bailey's Start with NSA[34:57] Mistakes and Moments of Failure[37:14] Advice for Young People[39:38] Bailey's Book Recommendation[43:49] Bailey's Surprising Fact[46:48] Outro RELEVANT LINKShttps://www.linkedin.com/in/bailey-bickley-b76196128/ (Bailey Bickley) on LinkedInhttps://www.intelligencecareers.gov/nsa (Intelligencecareers.gov/nsa)https://nylatechnologysolutions.com/ (Nyla Technology Solutions)I'd love to hear from you -- your feedback is important to me and I read all of it. If you enjoyed the podcast, I hope you'll give us 5 stars. I'll be sure to thank you via email. If not, let me know what you think we should do differently. Don't forget to hit “subscribe” so you'll receive notifications about guest interviews and other topics that drop every Tuesday.Live well, Shana

Federal Drive with Tom Temin
After Log4j and SolarWinds, CISA tells agencies to routinely scan networks for devices, potential bugs

Federal Drive with Tom Temin

Play Episode Listen Later Oct 6, 2022 19:32


Agencies are starting out Cybersecurity Awareness Month with a new directive to routinely scan their networks for new devices and potential cyber vulnerabilities after recent high-profile cyber incidents exposed a lack of real-time visibility into federal networks.The Cybersecurity and Infrastructure Security Agency issued a binding operational directive on Monday for “improving asset visibility and vulnerability detection on federal networks.” The goal of the mandate, it states, is to “make measurable progress toward enhancing visibility into agency assets and associated vulnerabilities.”

CPE Today
2022 Biggest Security and Privacy Concerns - Part 4

CPE Today

Play Episode Listen Later Oct 4, 2022 55:22


Technology is a business-critical business capability in today's day and age. Any interruption to an organization's ability to use its information system poses a significant risk to the viability of the organization. Data breaches, cyber-attacks, and ransomware are examples of some of the biggest existential risks facing businesses today. There are threat actors all around the world that entirely focus on stealing organizational data, stealing economic resources, and disrupting the flow of business. They are using complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. From recently released data breach reports, there were 100k data breaches publicly reported in 2020 alone. Resulting in the personal information of millions of people worldwide being released, billions of dollars of organizational assets, and putting countless people in harm's way. This course will go over recent major security breaches including breaches at Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, LabCorp, and others. It will discuss how these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them. Each case study will discuss a different form of security vulnerability and how to prevent it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and from that experience develop their own security best practices for their organizations Are you a CPA?? Are you a Financial Professional?? Earn CPE Credits for Today's Podcast. Check out https://cpe.cx/22BSC4/. Take a quick 5 question quiz and get your certificate today. Super Easy!  Presented by Stephen M. Yoss, CPA, MS (https://yoss.io) Produced by Alicia Yoss & Alanna Regalbuto Graphics By Flaticon.com and iStock Music by Bensound.com Education and Compliance By K2 Enterprises (https://k2e.com) Copyright. All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this website are for identification purposes only. The use of these names, logos, and brands does not imply endorsement. Educational Use Only. The information presented in this presentation is for educational use only. The presenter will make specific recommendations, but the participant is highly recommended to do their own due diligence before making any investment decision.

CPE Today
2022 Biggest Security and Privacy Concerns - Part 3

CPE Today

Play Episode Listen Later Sep 30, 2022 55:49


Technology is a business-critical business capability in today's day and age. Any interruption to an organization's ability to use its information system poses a significant risk to the viability of the organization. Data breaches, cyber-attacks, and ransomware are examples of some of the biggest existential risks facing businesses today. There are threat actors all around the world that entirely focus on stealing organizational data, stealing economic resources, and disrupting the flow of business. They are using complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. From recently released data breach reports, there were 100k data breaches publicly reported in 2020 alone. Resulting in the personal information of millions of people worldwide being released, billions of dollars of organizational assets, and putting countless people in harm's way. This course will go over recent major security breaches including breaches at Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, LabCorp, and others. It will discuss how these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them. Each case study will discuss a different form of security vulnerability and how to prevent it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and from that experience develop their own security best practices for their organizations Are you a CPA?? Are you a Financial Professional?? Earn CPE Credits for Today's Podcast. Check out https://cpe.cx/22BSC3/. Take a quick 5 question quiz and get your certificate today. Super Easy!  Presented by Stephen M. Yoss, CPA, MS (https://yoss.io) Produced by Alicia Yoss & Alanna Regalbuto Graphics By Flaticon.com and iStock Music by Bensound.com Education and Compliance By K2 Enterprises (https://k2e.com) Copyright. All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this website are for identification purposes only. The use of these names, logos, and brands does not imply endorsement. Educational Use Only. The information presented in this presentation is for educational use only. The presenter will make specific recommendations, but the participant is highly recommended to do their own due diligence before making any investment decision.

CPE Today
2022 Biggest Security and Privacy Concerns - Part 2

CPE Today

Play Episode Listen Later Sep 23, 2022 60:47


Technology is a business-critical business capability in today's day and age. Any interruption to an organization's ability to use its information system poses a significant risk to the viability of the organization. Data breaches, cyber-attacks, and ransomware are examples of some of the biggest existential risks facing businesses today. There are threat actors all around the world that entirely focus on stealing organizational data, stealing economic resources, and disrupting the flow of business. They are using complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. From recently released data breach reports, there were 100k data breaches publicly reported in 2020 alone. Resulting in the personal information of millions of people worldwide being released, billions of dollars of organizational assets, and putting countless people in harm's way. This course will go over recent major security breaches including breaches at Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, LabCorp, and others. It will discuss how these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them. Each case study will discuss a different form of security vulnerability and how to prevent it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and from that experience develop their own security best practices for their organizations Are you a CPA?? Are you a Financial Professional?? Earn CPE Credits for Today's Podcast. Check out https://cpe.cx/22BSC2/. Take a quick 5 question quiz and get your certificate today. Super Easy!  Presented by Stephen M. Yoss, CPA, MS (https://yoss.io) Produced by Alicia Yoss & Alanna Regalbuto Graphics By Flaticon.com and iStock Music by Bensound.com Education and Compliance By K2 Enterprises (https://k2e.com) Copyright. All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this website are for identification purposes only. The use of these names, logos, and brands does not imply endorsement. Educational Use Only. The information presented in this presentation is for educational use only. The presenter will make specific recommendations, but the participant is highly recommended to do their own due diligence before making any investment decision.

Science of CX
Dan Balcauski: Product Pricing As A Tool & Key Indicator For Business Growth

Science of CX

Play Episode Listen Later Sep 21, 2022 51:53


Dan Balcauski is the founder and Principal Consultant at Product Tranquility, a consulting firm that helps SaaS business leaders accelerate their product growth and increase customer loyalty.  He's an expert in digital marketing and e-commerce with a specialization in pricing and product strategy. Dan is also the Program Leader for Kellogg's Executive Education Product Strategy course.  In addition to his role at Product Tranquility, Dan works as a freelance product manager and is a member of Veritux. Some of the companies he's worked for include SolarWinds, LawnStarter, and NI (formerly National Instruments). Dan's good news on the podcast today is that there's a golden opportunity that every SaaS company has right now to build a pricing model that their customers (and their investors) will love that won't distract you with a mirage of “free growth.” Tune in and get ready to take some notes.  Key Takeaways What does pricing entirely encapsulate and why do many businesses struggle with it?Finding out who in the company should initially deal with the pricing and packaging aspect of thingsProblems and pitfalls that Dan has encountered with all the companies he's helped, and what indicators are there to guide companies in the right directionMetrics that companies can use to verify if they are meeting their goals and whether or not their pricing is playing a role in meeting those goals Pricing model variations between long-term businesses versus exit-driven businessesThe pros and cons of the various discounting strategies in use by different companies i.e free trials, freemium, free tools, etc.The importance of free tools to act as a starting point for the user and fend off buyers remorse without added effort to convert the prospects to customersThe dangers that businesses might run into with a low price; especially with new non-existing products in their category Connect with Dan Website - https://www.producttranquility.com/  LinkedIn - https://www.linkedin.com/in/balcauski/  Twitter - https://twitter.com/dan_balcauski 

CPE Today
2022 Biggest Security and Privacy Concerns - Part 1

CPE Today

Play Episode Listen Later Sep 20, 2022 54:42


Technology is a business-critical business capability in today's day and age. Any interruption to an organization's ability to use its information system poses a significant risk to the viability of the organization. Data breaches, cyber-attacks, and ransomware are examples of some of the biggest existential risks facing businesses today. There are threat actors all around the world that entirely focus on stealing organizational data, stealing economic resources, and disrupting the flow of business. They are using complex social engineering attacks, pervasive phishing messages, intricate malware, and other highly effective techniques. From recently released data breach reports, there were 100k data breaches publicly reported in 2020 alone. Resulting in the personal information of millions of people worldwide being released, billions of dollars of organizational assets, and putting countless people in harm's way. This course will go over recent major security breaches including breaches at Solarwinds, Ubiquity, Colonial Pipeline, Tecnimont SpA, Citrix, LabCorp, and others. It will discuss how these breaches occurred, why the breaches happened, and how organizations can prevent it from happening to them. Each case study will discuss a different form of security vulnerability and how to prevent it. The topics will include social engineering, auditing processes for IT Security systems, forensic accounting, password, two-factor authentication, and improvements for managerial oversight. Participants will gain real-world knowledge from the mistakes of other organizations and from that experience develop their own security best practices for their organizations Are you a CPA?? Are you a Financial Professional?? Earn CPE Credits for Today's Podcast. Check out https://cpe.cx/22BSC1/. Take a quick 5 question quiz and get your certificate today. Super Easy!  Presented by Stephen M. Yoss, CPA, MS (https://yoss.io) Produced by Alicia Yoss & Alanna Regalbuto Graphics By Flaticon.com and iStock Music by Bensound.com Education and Compliance By K2 Enterprises (https://k2e.com) Copyright. All product names, logos, and brands are the property of their respective owners. All company, product, and service names used in this website are for identification purposes only. The use of these names, logos, and brands does not imply endorsement. Educational Use Only. The information presented in this presentation is for educational use only. The presenter will make specific recommendations, but the participant is highly recommended to do their own due diligence before making any investment decision.

The Killing IT Podcast
Episode 182: "Good" hack for SolarWinds, "Bad" security for Twitter, and "Sock Puppet" phishing

The Killing IT Podcast

Play Episode Listen Later Sep 20, 2022 30:47


Topic 1: Could it actually be possible that the SolarWinds hack was “good” for their business? https://www.scmagazine.com/feature/incident-response/why-solarwinds-just-may-be-one-of-the-most-secure-software-companies-in-the-tech-universe No one would argue that being the victim of “the largest and most damaging security breach in US history” is a good thing. But as a result of the hack, SolarWinds took unprecedented steps to fundamentally reengineer their approach to security and dev-ops … and they are telling a surprisingly compelling story about how this makes them the most secure system in the industry. What's more, it seems like customers are listening … and buying. Do you buy it? Topic 2: Headline: Twitter is bad at data security and privacy. Conclusion: No duh. https://www.protocol.com/policy/mudge-twitter-whistleblower-hearing The Twitter whistleblower testified in congress yesterday … and he made the “shocking” accusation that Twitter doesn't have (and never has had) sufficient control systems for data protection. Thank you, Captain Obvious. This brings up a few questions: 1) does any social media company have sufficient data controls (no); 2) is there any appetite to make social media companies accountable for actual privacy / security (no); and 3) why does our society accept the presence of a tech platform that is “too big to control” and not simply turn it off if it can't be made secure? Topic 3: Because Security needs another piece of jargon: Beware Sock Puppet phishing https://www.bleepingcomputer.com/news/security/hackers-now-use-sock-puppets-for-more-realistic-phishing-attacks/ Or would you rather call the attack 'multi-persona impersonation' (MPI)? That's the name used by researchers at Proofpoint. Basically, this is an orchestrated attack where the bad guys control multiple email accounts and email back and forth with the target in the middle of the cc: string. The idea is to provide (fake) social proof.    Sponsor Memo: SBTTC This podcast is sponsored by the Small Biz Thoughts Technology Community. Check us out at https://www.SmallBizThoughts.org Forms, templates, and checklists are just the start. Our Community includes ALL of the best-selling books on managed services in all available formats, plus free training, members-only programs, and the best business training available to managed service providers anywhere. Plus, we have weekly live members-only Zoom calls. The average member saves more than 200% of their membership cost each year. We are totally dedicated to YOUR success.  Just because you're in business for yourself doesn't mean you have to go it alone. Join us today at https://www.SmallBizThoughts.org :-)    

The CyberWire
Notes from the hybrid war: nuisance-level DDoS, cyberespionage, and the possibility of financially motivated hacking. US policy on the software supply chain, and notes from the underworld.

The CyberWire

Play Episode Listen Later Sep 15, 2022 35:20 Very Popular


Nuisance-level DDoS and cyberespionage continue to mark Russia's cyber campaign in the hybrid war. There's a US Presidential memorandum on software supply chain security. Webworm repurposes older RATs. Trends in cyber insurance claims. OriginLogger may be the new Agent Tesla. The SparklingGoblin APT described. Mathieu Gorge of VigiTrust describes cyber vulnerabilities in the hospitality industry. Dinah Davis from Arctic Wolf explains a PayPal phishing attack. And Royal funeral phishbait. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/178 Selected reading. Pro-Russia hackers claim to have temporarily brought down Japanese govt websites (Asia News Network) Gamaredon APT targets Ukrainian government agencies in new campaign (Cisco Talos) Russia-linked Gamaredon APT target Ukraine with a new info-stealer (Security Affairs) Fears grow of Russian spies turning to industrial espionage (The Record by Recorded Future) Enhancing the Security of the Software Supply Chain through Secure Software Development Practices (The White House) Enhancing the Security of the Software Supply Chain to Deliver a Secure Government Experience (The White House) White House releases post-SolarWinds federal software security requirements (Federal News Network) Webworm: Espionage Attackers Testing and Using Older Modified RATs (Threat Hunter Team Symantec) Coalition Releases 2022 Cyber Claims Report: Mid-year Update (GlobeNewswire News Room) OriginLogger: A Look at Agent Tesla's Successor (Unit 42)  You never walk alone: The SideWalk backdoor gets a Linux variant (WeLiveSecurity) [Scam site harvests credentials] (Proofpoint) Current, former social media execs address national security issues at Senate hearing (Fox Business) Senators Have Stopped Embarrassing Themselves at Tech Hearings (Slate Magazine)

What the Shell?
022 - Solar Winds

What the Shell?

Play Episode Listen Later Sep 14, 2022 35:17


Let's talk about the biggest supply chain, when Russia hacked Solar Winds which in turned hacked the government. Discord: https://discord.gg/mBPbWcVRYR   Website: https://whattheshellpod.com  Store: https://store.whattheshellpod.com  

Malicious Life
Software Bill of Materials (SBOM) [ML B-side]

Malicious Life

Play Episode Listen Later Aug 31, 2022 25:20 Very Popular


In May 2021, Following the Solarwinds and the Colonial Pipeline attacks, the Biden administration published a presidential Executive Order mandating the use of SBOMs - Software Bill of Materials - in all government agencies. What are SBOMs and how useful are they in cybersecurity? Nate Nelson talks to two experts: Allan Friedman (CISA) and Chris Blask (Cybeats).

Protecting People
Five Minute Forecast for the week of 8/29/2022

Protecting People

Play Episode Listen Later Aug 29, 2022 Transcription Available


Five Minute Forecast for the week of August 29th. All the cyber security news you need to stay ahead, from Proofpoint's Protecting People podcast. Quantum computing is nearly here and quantum-enabled cyber criminals won't be far behind The attacker behind SolarWinds casts a “MagicWeb” Lockbit bites back after last week's distributed denial of service attack And threat research manager Daniel Blackford joins us to discuss seasonality in the cyber crime landscape.

Around The Empire
Ep 268 One Nation Under Blackmail: The Enterprise, PROMIS and Casolaro feat Whitney Webb

Around The Empire

Play Episode Listen Later Aug 26, 2022 51:40


Guest: Whitney Webb. We discuss her new book “One Nation Under Blackmail: The Sordid Union between Intelligence and Organized Crime that gave rise to Jeffrey Epstein.” We focus on the story of the PROMIS software and the “Enterprise Network” that Danny Casolaro was investigating for his story about “The Octopus”. In a bonus segment we discuss the surprising roles played by Israel and China during the Clinton presidency years.  Whitney Webb is an author and an investigative journalist. Her highly anticipated books will be published in September (Volume 1) and October (Volume 2) by the publisher, Trine Day. Ebooks and audio book versions will also be available. Subscribe to her mailing list for all the latest updates on her writing and the book.  FOLLOW Whitney on Twitter @_whitneywebb subscribe to her mailing list, subscribe to her podcast and read her work at her website Unlimited Hangout. Around the Empire aroundtheempire.com is listener supported, independent media. SUBSCRIBE/FOLLOW on Rokfin rokfin.com/aroundtheempire, Patreon patreon.com/aroundtheempire, Paypal paypal.me/aroundtheempirepod, YouTube youtube.com/aroundtheempire, Spotify, iTunes, iHeart, Google Podcasts FOLLOW @aroundtheempire and @joanneleon.  Join us on TELEGRAM https://t.me/AroundtheEmpire Find everything on http://aroundtheempire.com  and linktr.ee/aroundtheempire Recorded on August 23, 2022. Music by Fluorescent Grey. Reference Links: One Nation Under Blackmail (Volumes 1 and 2, Bundle) Around the Empire: Ep 87 Newsguard & the “Trust Industry” feat Whitney Webb Around the Empire: Ep 117 The Mega Group and the Epstein Affair feat Whitney Webb Around the Empire: Ep 170 Biotech Industrial Complex feat Whitney Webb Around the Empire: Ep 170 EXTRA Biotech Industrial Complex feat Whitney Webb Around the Empire: Ep 121 Epstein and the Clintons feat Whitney Webb Around the Empire: Ep 202 Solar Winds, Dark Winter feat Whitney Webb Around the Empire: Ep 202EXTRA Beyond the 2020 Election and the WEF Agenda feat Whitney Webb  

Future of Agriculture
FoA 323: The Changing Venture Capital Landscape with Mark Blackwell of Builders VC

Future of Agriculture

Play Episode Listen Later Aug 10, 2022 39:23 Very Popular


Visit our quarterly presenting sponsor: www.CalgaryAgBusiness.com Builders VC: https://www.builders.vc FoA 169: Investing in Farmland with Carter Malloy of AcreTrader https://player.captivate.fm/episode/2d02dd15-9faa-469b-8b5d-5b99233a3a53 FoA 188: Fintech Meets Agtech to Invest in Farmland https://player.captivate.fm/episode/44a98802-07c3-4295-87c0-e0965881e5b2 Joining us on today's episode is Mark Blackwell of Builders VC. Mark is actually based in Calgary, but Builders is a Silicon Valley - based venture fund that focuses on modernizing antiquated industries. So they focus in not only agriculture, but also healthcare, industrials, real estate and construction. They have a portfolio of over 60 companies, investing from seed to series a. The team has a long history of investing in agtech before they founded Builders when they invested as part of Kosla Ventures in companies such as Granular and the Climate Corp.  Mark and I talk a lot about the current state of venture capital, and what areas of agtech he's most excited to invest in companies with bold visions and strategic plans. I'll warn you, this episode gets a little into the weeds of venture capital. I'm by no means any sort of an expert on this, but if you're unfamiliar, here's a quick and very basic primer:  Venture capitalists start and manage funds to invest in startup companies. They are backed by investors, called limited partners or LPs that give them money to place these bets. When VCs have money from their investors that they have not yet deployed to startups, they call that money dry powder. VCs do take a management fee from those investments, but the real money is made when a company exits. In other words it is sold or goes public. That is why we'll talk about M&A activity which is mergers and acquisitions. When companies in their portfolio exits, that is when the VC can return the fund, or provide returns to their investors and themselves. We also reference SPACs at one point in this conversation, which could be a whole other podcast, but just know that stands for special purpose acquisition company and it is a vehicle that allows companies to go public that was super popular a year ago, but has fallen out of favor based on a number of factors I won't get into here.  Ok hopefully that provides good context for this insightful conversation with Mark Blackwell. Mark is a general partner and lead of the Canadian Office at Builders. Previously, he was a product manager at SolarWinds which he joined when they acquired GNS3 Technologies where Mark had been the COO. He also had a background in venture capital and investment banking before that.

Malicious Life
Andrew Ginter: A 40-Years-Old Backdoor [ML B-Side]

Malicious Life

Play Episode Listen Later Aug 1, 2022 29:18


Ken Thompson is a legendary computer scientist who also made a seminal contribution to computer security in 1983, when he described a nifty hack that could allow an attacker to plant an almost undetectable malicious code inside a C compiler. Surprisingly, it turns out a very similar hack was also used in the Solarwinds attack.

Modern Wisdom
#503 - Brett Johnson - The United States' Most Wanted Hacker

Modern Wisdom

Play Episode Listen Later Jul 23, 2022 79:42


Brett Johnson is referred to by the United States Secret Service as "The Original Internet Godfather", he was the Founder and Leader of Counterfeit Library and Shadow Crew and has been a central figure in the cybercrime world for almost 20 years. Brett has been a lifelong criminal, he was committing crimes from inside the Secret Service's own offices, then after being sent to prison he escaped from prison and went on the run to Disneyland, all while defrauding millions. This story is one of the wildest things I've ever heard. Expect to learn what it feels like to be on the FBI's Most Wanted list, what actually happened with the Solar Winds hack, how Brett was involved in the origins of the darknet, his thoughts on Ross Ulbricht and Silk Road, the closest calls Brett had to being killed, how he evaded capture for so long, whether he thinks Julian Assange is a criminal or a hero and much more... Sponsors: Get the Whoop 4.0 for free and get your first month for free at http://join.whoop.com/modernwisdom (discount automatically applied) Get 83% discount & 3 months free from Surfshark VPN at https://surfshark.deals/MODERNWISDOM (use code MODERNWISDOM) Extra Stuff: Check out Brett's website - https://www.anglerphish.com/  Follow Brett on Twitter - https://twitter.com/GOllumfun  Get my free Reading List of 100 books to read before you die → https://chriswillx.com/books/ To support me on Patreon (thank you): https://www.patreon.com/modernwisdom - Get in touch. Instagram: https://www.instagram.com/chriswillx Twitter: https://www.twitter.com/chriswillx YouTube: https://www.youtube.com/modernwisdompodcast Email: https://chriswillx.com/contact/