Podcasts about ssl vpn

Enjoying the content? Let us know your feedback!This final episode of 2024, we recap the best the most listened to episodes of the year. And this year we have a great four back to back of the greatest of them all. Lets start with the first eisode 191 - Is The Browser The New Operating System? released on the 28th of September. Next is episode 172 - SSL VPN versus IPsec VPN - Part 1 and part 2 released 18th of May and 25 of May respectively.And finally Episode 191 - APIs and Webhooks released on the the 5th October.Enjoy and see you in the new year!Be sure to subscribe! You can also stream from https://yusufonsecurity.comIn there, you will find a list of all previous episodes in there too.

In this episode we continue with part 2 on comparing SSL VPN and IPsec VPN, two popular technologies used for secure remote access. As I said last week, understanding the nuances of these technologies is therefore crucial. We'll explore how each VPN works, their security features, performance differences, and the scenarios where each excels. Please listen to episode 172 before you listen to this episode.With that said, lets turn to a top trending news this week:- Microsoft's "Recall" feature raises privacy concern.- https://www.wired.com: Microsoft Recall AI May Be A Privacy Nightmare - https://en.wikipedia.org: Virtual_private_network- https://en.wikipedia.org: Transport Layer Securityhttps://www.bleepingcomputer.com: Norway Recommends Replacing SSL VPN To Prevent BreachesBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

In this week's episode  we're diving into the world of VPNs,  Specifically we will compare SSL VPN and IPsec VPN, two popular technologies used for secure remote access. In the post pandemic area, remote work become part of the new normal post. Understanding the nuances of these technologies is therefore crucial. We'll explore how each VPN works, their security features, performance differences, and the scenarios where each excels.Having said that and before we get into VPN, lets turn to a top trending news this week and they are:Recap of RSA Conference. The biggest security conference in the US.- https://en.wikipedia.org: Virtual_private_network- https://en.wikipedia.org: Transport Layer Securityhttps://www.bleepingcomputer.com: Norway Recommends Replacing SSL VPN To Prevent BreachesBe sure to subscribe! If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.comYou will find a list of all previous episodes in there too.

　独立行政法人情報処理推進機構（IPA）および一般社団法人JPCERT コーディネーションセンター（JPCERT/CC）は2月9日、Fortinet 製 FortiOS SSL VPN の脆弱性について発表した。影響を受けるシステムは以下の通り。

In this episode, we dive into the latest news in the K-12 technology world. We discuss who hacked into Fulton County, Georgia schools' computer systems, we touch on the FCC's Affordable Connectivity Program, and we trade thoughts on a Maine school that will begin biometric scanning for student attendance. We debrief the Clever MFA roadmap and how a student-friendly MFA could work. The main topic of the episode is an interview with the CEO of Rise Vision, Brian Loosbrock, where we discuss their digital displays and how they are revolutionizing the education industry. News stories mentioned in the episode: - New Fortinet RCE flaw in SSL VPN likely exploited in attacks - Student hacks Fulton County Georgia schools' computer systems - FCC's Affordable Connectivity Program consumer FAQ - Maine school will begin biometric scanning data collection for students - FTC order will require Blackbaud to delete unnecessary data, boost safeguards, settle charges of lax security https://www.youtube.com/@k12techtalk Join the K12TechPro.com Community. Buy our merch!!! Rise Vision Extreme Networks - Email dmayer@extremenetworks.com Fortinet - Email fortinetpodcast@fortinet.com NTP Oh, and... Email us at k12techtalk@gmail.com Tweet us err X us @k12techtalkpod Visit our LinkedIn page HERE

In this episode of The Cybersecurity Defenders Podcast, we discuss some cutting-edge intel coming out of LimaCharlie's community Slack channel. $35 million has reportedly been stolen from users of Atomic Wallet.On June 9th the Microsoft Azure Portal was down on the web as a result of suspected DDOS.The US Department of Justice has indicted 6 people for their involvement in a $6 million dollar business email compromise scam.CVE-2023-27997 was reported by Fortinet on June 13th (Fortinet hardening guide).Trend Micro recently discovered the use of heavily obfuscated batch files utilizing the advanced BatCloak engine.And a really cool PDF - the Cy-Xplorer 2023 report put out by Orange Cyberdefense.The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.

Kapitoly: 00:00 Úvod 00:47 Zranitelnost ve FortiOS SSL-VPN 03:53 Významné Narušení Bankovního Systému v Rusku 05:38 PoC pro Windows Local Privilege Escalation 06:37 Zranitelnost v Softwaru Cisco Secure Client 07:35 Update ze Světa Ransomware 08:22 Meme Of The Week Odkazy: Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now (bleepingcomputer.com) Sledujte nás na Twitteru @AlefSecurity #ITBezpecnost #IT #Novinky #Bezpecnost #Fotigate #Zranitelnost

Národní úřad pro kybernetickou a informační bezpečnost - Kybernetické incidenty pohledem NÚKIB - prosinec 2022 (nukib.cz) Analysis of FG-IR-22-398 – FortiOS - heap-based buffer overflow in SSLVPNd | Fortinet Blog

On this edition of the Research podcast, we talk to Satnam Narang and Claire Tills about the Security Response Team's recent research blog around SSL VPN vulnerabilities. That blog looked back at how three particular flaws in major VPNs are frequently exploited, so we look at when these vulnerabilities were disclosed, what the impact of them are, who has been attempting to exploit them and who the targets have been.Show references:Hold the Door: Why Organizations Need to Prioritize Patching SSL VPNs Zero-Day Vulnerability in SonicWall Secure Mobile Access (SMA) Exploited in the Wild Follow along for more from Tenable Research:Subscribe to the blogFollow Tenable's Zero Day team on Medium

Today's Headlines: Big jump in RDP attacks as hackers target staff working from home Fortinet fixes critical vulnerabilities in SSL VPN and web firewall Google Chrome Zero-Day Afflicts Windows, Mac Users Microsoft Says Its Services Not Used as Entry Point by SolarWinds Hackers     The Practitioner Brief is sponsored by: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub  Whistic: www.whistic.com/cyberhub   Whistic Solarwinds survey: https://www.whistic.com/solarwinds **** James Azar Host of CyberHub Podcast James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/channel/UCPoU8iZfKFIsJ1gk0UrvGFw Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.

Good Morning and Welcome to the ProactiveIT Cyber Security Daily number 300.  It is Monday February 8th 2021.  I am your host Scott Gombar and Morse Code Used in Phishing Attacks Unpatched WordPress Plugin Code-Injection Bug Afflicts 50K Sites Ransomware Attacks Hit Major Utilities Fortinet fixes critical vulnerabilities in SSL VPN and web firewall Mozilla fixes Windows 10 NTFS corruption bug in Firefox The Great Suspender Chrome extension's fall from grace Malicious extension abuses Chrome sync to steal users’ data SitePoint discloses data breach after stolen info used in attacks New phishing attack uses Morse code to hide malicious URLs Hackers post detailed patient medical records from two hospitals to the dark web Ramsey County and Crisp Regional Health Services Affected by Ransomware Attacks

Join Scott Young and Shaun Sturby from Optrics Engineering as they discuss the SSL certificate for Checkpoint VPN devices that has expired, the undocumented backdoor in Zyxel devices and a Solarwinds update from Bruce Schneier. For more IT tips go to: > www.OptricsInsider.com Timecodes: 0:00 - Intro 0:18 - Today's 3 topics 0:35 - Topic 1: Checkpoint SSL VPN Cert Expired 2:41 - Topic 2: Undocumented Zyxel Backdoor 7:38 - Topic 3: Solarwinds update from Bruce Schneier 13:41 - Closing remarks Learn more about Checkpoint's SSL Cert for their SSL VPN expiring here: > Happy New Year: Jan 1, 2021 security cert expiration causes havoc for some Check Point VPN users Learn more about the undocumented backdoor for Zyxel products here: > Undocumented user account in Zyxel products (CVE-2020-29583) Learn more about the latest Solarwinds update from Bruce Schneier here: > Schneier on Security: Latest on the SVR's SolarWinds Hack Learn more about getting a penetration test if you want to test the effectiveness of your network security, or if you think you've been hacked and need help with remediation: > www.Optrics.com/penetration-testing #OptricsInsider #ITSecurityTips #cybersecurity #technews #infosec --- Send in a voice message: https://anchor.fm/optrics-insider/message

This week we announce a subscriber giveaway. And Buu also goes through Q&A! DevCentral Content: Recent DevCentral Live Streams: April 16: Waiting Room via iRules, Security Response Hyperbole, & Q&A Post of the Week – https://www.youtube.com/watch?v=N-d7KdTGDxY April 9: Remote Access with F5 BIG-IP APM – https://www.youtube.com/watch?v=02UsdE0h-ZQ New DevCentral Videos: 3x videos on how to review your log files (tmsh, bash, config utility) – https://www.youtube.com/watch?v=t2kVEE2SjIU – https://www.youtube.com/watch?v=8wpMa4K6-gA – https://www.youtube.com/watch?v=0BQZOgS10wo VPN Split Tunneling overview – https://www.youtube.com/watch?v=25maiR0IeRw Renewing existing SSL certs and keys – https://www.youtube.com/watch?v=WU3C8W25vvE RDP using an SSL VPN – https://www.youtube.com/watch?v=NOytvWA0ZQw Tech News: K9412: The BIG-IP Release Matrix Includes builds, release dates, supported platforms, EUD & AOM versions. – https://support.f5.com/csp/article/K9412 Attack Signature Update (ASU) file for Advanced WAF and ASM versions 11.6.x, 12.1.x, 13.1.x, 14.1.x, and 15.x. – https://buzz.f5.com/kS1hT0470CO02MK5mz0RT0C APM News: Using APM for BIG-IP Management Access – https://techdocs.f5.com/en-us/bigip-14-0-0/big-ip-local-traffic-manager-implementations-14-0-0/implementing-apm-system-authentication.html K82063753: BIG-IP APM v15.1 (and later) with Modern Customization does not support DUO logon page integration. – https://support.f5.com/csp/article/K82063753 – According to F5 Support, the Duo engineering department is looking into updating their code to work with the new framework NGINX News: NGINX Controller v3.3.0 is RTW – https://docs.nginx.com/nginx-controller/releases/#nginx-controller-version-3-3-0 – Bug fixes and improvements. – Adds support for certificate chains for TLS connections. – Adds an API catalog for the Metrics API. – Adds new dimensions for filtering metrics on the Application Summary page. NGINX Service Mesh with Alan Murphy, on the Software Engineering Daily Podcast – https://softwareengineeringdaily.com/2020/04/16/nginx-service-mesh-with-alan-murphy/ Training: Free F5 Training Courses, “F5 Getting Started Series”  As we engage with customers virtually, don't forget to share free training courses we have for customers and partners. – https://f5.com/education/training/free-courses Cloud, Orchestration & Automation: F5CS Essential App Protect: Disabling Attach Signatures via API – https://clouddocs.f5.com/cloud-services/latest/f5-cloud-services-Essential.App.Protect-FAQ.html#q-how-do-i-globally-disable-an-attack-signature Security News: Four Risks to Consider with Expanded VPN Deployments From F5 Labs – https://www.f5.com/labs/articles/cisotociso/four-risks-to-consider-with-expanded-vpn-deployments San Francisco International Airport Discloses Data Breach – https://www.securityweek.com/san-francisco-international-airport-discloses-data-breach Google Sees Millions of COVID-19-Related Malicious Emails Daily – https://www.securityweek.com/google-sees-millions-covid-19-related-malicious-emails-daily   Subscribe to our YouTube channel! - https://www.youtube.com/darylandbuu?sub_confirmation=1 Daryl Montgomery and Buu Lam are the F5 Account Team covering valued clients in British Columbia, Northwest Territories, Yukon and Nunavut. Their weekly show covers recent topics in the world of F5. Please consider Subscribing and enabling Notifications. Weekly Update will be released at the beginning of each week. Buu's Hour Live Streams are released throughout the week. Instagram - https://www.instagram.com/buushour/ LinkedIn - https://www.linkedin.com/in/daryl-montgomery-8876752/ https://www.linkedin.com/in/buulam/ Buu's Hour B Roll Channel - https://www.youtube.com/channel/UCRSFdUbMRvX925MU7_knxSw Website - http://darylandbuu.com

MacOS GateKeeper Bypass https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass Fortinet FortiOS SSL VPN Vulnerabilities https://fortiguard.com/psirt Customizing NMAP Service Detection https://isc.sans.edu/forums/diary/Video+nmap+Service+Detection+Customization/24970/

MacOS GateKeeper Bypass https://www.fcvl.net/vulnerabilities/macosx-gatekeeper-bypass Fortinet FortiOS SSL VPN Vulnerabilities https://fortiguard.com/psirt Customizing NMAP Service Detection https://isc.sans.edu/forums/diary/Video+nmap+Service+Detection+Customization/24970/

If you enjoy listening to my podcast, please take a minute to leave a review here! As many of you know, I like to choose podcast topics that are at the forefront in the minds of my audience. I also like to interview leaders who inspire me. When I was looking for a new podcast guest for my show, I asked my CTO at RedZone, James Crifasi, if there was someone he knew in security that he really respected – that stood out for him as a leader in the industry. James recommended Dmitriy Ayrapetov, Executive Director of Product Management at SonicWall. Since RedZone has been a SonicWall partner for many years, I knew Dmitriy, and I knew that he represented most of the network security products that we work with. Luckily, he agreed to come on the show. My conversation with Dmitriy ranges from philosophical to tactical and technical especially with his positions on Machine Learning and AI with security. We discuss a variety of topics including, who are his mentors and what does a product manager do at a high-profile security company like SonicWall? One interesting discussion centered around the thought that, “Humans will always make mistakes – human mistakes are one of the main issues with security. Knowing that we will never fix 100% of the problems of security today, and that we have a massive likelihood of a security breach happening,” – I asked Dmitriy “How can you approach this problem?” Key Points of Interest in This Episode: How Dmitriy researches and keeps on the pulse of security How his mind works when he is thinking of how his customers will be impacted by security Who are his mentors? What would he focus on if he was a startup founder? How would I want to react if I was a customer? Are your security vendors as concerned about business continuity as you are? I think you will really appreciate Dmitriy’s philosophy for CIOs and CISOs – in particular, his thoughts on human mistakes. He believes that since human mistakes can’t be prevented, that you must realize the need for continuity of the business and be prepared for them. With this, I want to welcome you to my interview with Dmitriy Ayrapetov. Major Take-Aways From This Episode: In this podcast we discuss cutting edge strategies with security: sandboxing, block until verdict, remediation and roll back. What does a product manager do at a high-profile security company like SonicWall? o Find people’s problems and bring these engineered solutions to market Evolution of Security – Block first, then ask questions later. Staying current with security is imperative with a current approach centered on business continuation. New ways of thinking – Prevention vs. Continuity, continuous operations like auto-rollback functions. Supply Chain Attacks – Next Gen behavior analytics which led us into an industry education on old fashioned heuristics vs. machine learning and AI. Read Full Transcript Here About Dmitriy Ayrapetov: Dmitriy Ayrapetov has been with SonicWall for over 13 years. He is currently the Executive Director of Product Management at SonicWall, in charge of product security. Prior to this position, Dmitriy held product management and engineering roles at SonicWall and at enKoo Inc., an SSL VPN startup acquired by SonicWall in 2005. As a cybersecurity expert, he speaks at industry conferences including, RSA, Gartner Security Summit, Dell World and is a regular presence at SonicWall’s annual partner conference Peak Performance. Dmitriy holds an MBA from the Haas School of Business at U.C. Berkeley and a BA in Cognitive Science at UC Berkeley. You can see all the SonicWall products Dmitriy has had his hand on since the beginning. • Network Security • Firewalls • FTDMI – Automation and Security • SonicWall ips Series • Client Capture – rollback • Email Security How to get in touch with Dmitriy Ayrapetov LinkedIn Twitter Facebook Key Resources + Links Link to Dmitriy’s SonicWall blog page:  https://blog.sonicwall.com/authors/dmitriy-ayrapetov/ • Blog, pub. 9/12/2018: Botnets Targeting Obsolete Software • Blog, pub. 2/13/2017: Practical Defense for Cyber Attacks + Lessons from 2017 SonicWall Annual Threat Report Other SonicWall blog pages that cover suggested topics of discussion listed above: • Sonic Wall Threat Intelligence blog page: https://blog.sonicwall.com/categories/threat-intelligence/ • Annual and mid-year cyber threat reports: https://brandfolder.com/s/pix4u8-fllsa0-f5587c Other presentations and videos by Dmitriy Ayrapetov: SonicWall Roadmap and Industry Trends: https://www.youtube.com/watch?v=p0vAqko1E2s, pub. July 13, 2018 2018 SonicWall Cyber Threat Report – Webcast: https://www.sonicwallsales.com/Video.aspx?code=KJSCK7 RSA Presentation 2017: The Strategic Advantage of Adaptive Multi-Engine Advanced Threat Protection (this is a pdf file of the slide presentation) Learn How to Detect and Prevent Malicious Files with SonicWall Capture ATP: https://www.youtube.com/watch?v=55tw20crqhk, pub. Sept 1, 2017. Also, published as a webinar through BrightTALK, Sept 19, 2017 How SonicWall SuperMassive Next-Gen Firewall Series ensures that every byte of every packet coming into and going out of your network is inspected while maintaining high-performance and low latency: https://www.facebook.com/SonicWall/videos/10155323557848859/, pub. Aug 17, 2017 Other resources mentioned in the Podcast, provided by Dmitriy Ayrapetov: There are two people that Dmitriy mentioned as thought leaders in the field: one of them is well known, Bruce Schneier, an internationally renowned security technologist; while the other is less known, Dan Geer, CISO at In-Q-Tel. Bruce provides a lot of industry as well as practical advice on his website: https://www.schneier.com/. Dan’s keynote at Black Hat 2014 was, in my opinion, direction setting. It was one of the highest signal to noise ratio keynotes that I’ve ever heard and I still come back to it from time to time. It’s very dense, and is based on an essay that he authored. Black Hat Keynote: https://www.youtube.com/watch?v=nT-TGvYOBpI Essay: http://geer.tinho.net/geer.blackhat.6viii14.txt Dan has many other essays/keynotes and your listeners can find them on his website: http://geer.tinho.net/pubs The book that Dmitriy mentioned early in the podcast is Hacking Exposed –they’re on the 7th edition now. I’m not “recommending” the book, I just referenced it as something that piqued my curiosity in security early on. This episode is sponsored by the CIO Scoreboard, a powerful tool that helps you communicate the status of your IT Security program visually in just a few minutes. Credits: * Outro music provided by Ben’s Sound Other Ways To Listen to the Podcast iTunes | Libsyn | Soundcloud | RSS | LinkedIn Leave a Review If you enjoyed this episode, then please consider leaving an iTunes review here. Click here for instructions on how to leave an iTunes review if you’re doing this for the first time. About Bill Murphy Bill Murphy is a world renowned IT Security Expert dedicated to your success as an IT business leader. Follow Bill on LinkedIn and Twitter.

Topics: -One of Jerry's local clients needs assistance with updating the OS.  He ends up working on it off-site and doing his magic to bring it back to life. -The guys discuss working off-site vs in front of the client's eyes as well as keeping equipment like external monitors on hand -Sam talks about setting up Ubiquiti equipment in his office to be in his comfort zone and coming to the client with a fully configured Wi-Fi setup -Sam realizes a downside to having an office...spending money on lunch! -The topic of nutrition comes up again, when the work day gets away from you.  Sam likes the Clif Bars and Jerry is a fan of the Lara bars. -Jerry loves the podcast How I Built This and interestingly enough, they had Lara on to talk about how she started her business. https://www.npr.org/podcasts/510313/how-i-built-this -Right up to the start of the show, Sam was working on an iPhone with water damage with a good friend of the family.  An odd situation came up with relation to iCloud backups.  Jerry has a suggestion based on an old trick to resolve Time Machine backups.  Stay tuned to the next show to find out what happens! -A pet peeve of Jerry's is when he might shave off some time to be nice.  A client pays and then keeps you around to enter information in the register, delaying you even more. -Sam recalls that awkward moment when a client was opening a safe in front of you and trying to make sure you aren't able to see -As Jerry is running, he listens to podcasts.  He shares another pet peeve for playing sound effects that scares the heck out of you while running on the road. -Working with SonicWall is nothing new to Sam but he had a moment of frustration setting up the SSL VPN client on Windows 10 -While on the Windows topic, Jerry has problems with a computer that ended up being Windows Home Edition -The dreaded employee or friend that gives a client bad advice that makes them second guess you -Jerry deals with Windows 5?? (Windows NT) and trouble with UPS -Sam shares a funny story about hanging out with Adam Rice at ACEs and learning that Reachability actually does exist on the iPhone X!  Chalk that up to something he should have known. -We have probably all been there before: Jerry talks about a client that swears that a feature existed before when it actually didn't.