Podcasts about Trend Micro

Nvidia built a chip to comply with American export rules. This week, those rules changed. Markets reacted dramatically, but chances are that the $2.5 trillion chipmaker can stand the hit. (00:21) Anthony Schiavone and Mary Long discuss Nvidia's $5.5 billion charge and earnings from Prologis. Then, (12:31), Ricky Mulvey talks with Kevin Simzer, COO of Trend Micro, about AI's impact on the cybersecurity space. Companies mentioned: NVDA, PLD, AOT Host: Mary Long Guests: Anthony Schiavone, Ricky Mulvey, Kevin Simzer Engineer: Dan Boyd Learn more about your ad choices. Visit megaphone.fm/adchoices

A cyberattack targeting Oracle Health compromises patient data. The DOJ nabs over $8 million tied to romance scams. Trend Micro examines a China-linked APT group conducting cyber-espionage. A new Android banking trojan called Crocodilus has emerged. North Korea's Lazarus Group targets job seekers in the crypto industry. CISA IDs a new malware variant targeting Ivanti Connect Secure appliances. Maria Varmazis, host of N2K's T-Minus Space Daily show chats with Jake Braun, former White House Principal Deputy National Cyber Director and chairman of DEF CON Franklin. They discuss designating space as critical infrastructure. Nulling out your pizza payment.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Maria Varmazis, host of N2K's T-Minus Space Daily show sits down with Jake Braun, former White House Principal Deputy National Cyber Director and chairman of DEF CON Franklin, and they discuss designating space as critical infrastructure and sharing an overview of its attack surface. Selected Reading Oracle Health breach compromises patient data at US hospitals (Bleeping Computer) Oracle Warns Health Customers of Patient Data Breach (Bloomberg) Critical Condition: Legacy Medical Devices Remain Easy Targets for Ransomware (SecurityWeek) U.S. seized $8.2 million in crypto linked to 'Romance Baiting' scams (Bleeping Computer) DOJ Seizes USD 8.2M Tied to Pig Butchering Scheme (TRM Labs) Earth Alux Hackers Employ VARGIET Malware to Attack Organizations (Cyber Security News)  'Crocodilus' Android Banking Trojan Allows Device Takeover, Data Theft (SecurityWeek) ClickFake Interview – Lazarus Hackers Exploit Windows and macOS Users Fake Job Campaign (Cyber Security News)  CISA Analyzes Malware Used in Ivanti Zero-Day Attacks (SecurityWeek) How A Null Character Was Used to Bypass Payments (System Weakness on Medium)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

XWiki Search Vulnerablity Exploit Attempts (CVE-2024-3721) Our honeypot detected an increase in exploit attempts for an XWiki command injection vulnerablity. The vulnerability was patched last April, but appears to be exploited more these last couple days. The vulnerability affects the search feature and allows the attacker to inject Groovy code templates. https://isc.sans.edu/diary/X-Wiki%20Search%20Vulnerability%20exploit%20attempts%20%28CVE-2024-3721%29/31800 Correction: FBI Image Converter Warning The FBI's Denver office warned of online file converters, not downloadable conversion tools https://www.fbi.gov/contact-us/field-offices/denver/news/fbi-denver-warns-of-online-file-converter-scam VMWare Vulnerability Broadcom released a fix for a VMWare Tools vulnerability. The vulnerability allows users of a Windows virtual machine to escalate privileges within the machine. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25518 Draytek Reboots Over the weekend, users started reporting Draytek routers rebooting and getting stuck in a reboot loop. Draytek now published advise as to how to fix the problem. https://faq.draytek.com.au/docs/draytek-routers-rebooting-how-to-solve-this-issue/ Microsoft Managemnt Console Exploit CVE-2025-26633 TrendMicro released details showing how the MMC vulnerability Microsoft patched as part of its patch tuesday this month was exploited. https://www.trendmicro.com/en_us/research/25/c/cve-2025-26633-water-gamayun.html

Tech Industry Alliance is proud to announce the official launch of TechFest 2025, the South West's leading technology conference, bringing together industry pioneers, AI experts, and business leaders to explore how artificial intelligence, space innovation, and tech talent are shaping our future. TechFest is the Alliance's annual flagship technology conference and will be held at Rochestown Park Hotel, Cork, from 08:00 am on May 15, 2025. This year's theme, "Tech, AI & Humanity - Shaping Our Future," will examine the profound impact of AI on society, business, and the workforce of tomorrow. Tickets for the main conference are now on sale here. TechFest 2025 is delighted to welcome internationally acclaimed neuroscientist, broadcaster, and author Dr. Hannah Critchlow as the keynote speaker. Named a "Rising Star in Life Sciences" by Nature, Dr. Critchlow is a Fellow at Magdalene College, University of Cambridge, and a respected voice in neuroscience and AI. With frequent appearances on BBC, ABC, and global media, including The Life Scientific, Tomorrow's World Live, and BBC Radio 4's Destiny and the Brain, Dr. Critchlow will explore the intersection of neuroscience, AI, and human potential. Keeping the energy high and discussions insightful, Jonathan McCrea, an acclaimed science communicator and AI master trainer, will guide attendees through the event. Passionate about harnessing AI to drive productivity and innovation, Jonathan will ensure an engaging and thought-provoking experience. Other expert speakers on the day include Dan Rapp Chief AI and Data Officer - Proofpoint, Dr. Laura Maye - UCC Lecturer specialising in human-computer interaction and inclusive technology design, Rory Fitzpatrick - CEO of the National Space Centre, Cormac O' Sullivan from Mbyronics, Dr. Niall Smith - Head of Research at Munster Technological University, Tim Crowe, Co-Founder and CEO of WrxFlo, Emily Brick - Founder of Athena Analytics, plus many more. This year's conference will feature four engaging tracks addressing the biggest challenges and opportunities in tech: Tech, AI & Humanity - How Will Artificial Intelligence Reshape Society? The Future of Tech Talent - What Skills Will Define the Workforce of Tomorrow? Showcasing Evolving Tech Companies - Meet the Innovators Transforming the South West's Tech Sector Space & the Future of Humanity - Exploring the Next Frontier of Innovation Gerry Murphy, Tech Industry Alliance Chairperson, commented: "We are delighted to be announcing TechFest 2025, which will feature rare content, rich dialogue, and facilitate real connections. This event would not be possible without the vital support of our sponsors, who all recognise the importance of our sector to the Munster region. Following a highly successful TechFest last year, we are thrilled with this year's incredible lineup of speakers and the even greater opportunities to network with colleagues and businesses across the South West region." With over 400 attendees expected, TechFest 2025 will be an unparalleled opportunity to network, connect, and collaborate. Given the high demand, attendees are encouraged to secure their tickets early, as the event is expected to be a sell-out. TechFest 2025 sponsors - Tech Industry Alliance Skillnet, AIB, Proofpoint, PepsiCo Ireland, Skillnet Innovation Exchange, FIT (Fastrack into Information Technology), Barden, Trend Micro, Park Place Technologies, CyberSkills, NetApp, Aspen Grove, Deloitte, Cork City Council, Cork County Council, We are Cork, Kerry County Council, Discover Kerry, Voxxify, MTU, Nimbus Secure Your Spot Now: TechFest 2025 is THE must-attend event for tech professionals, business leaders, startups, and innovators who want to stay ahead of the curve. Register today and secure your spot.

Python Bot Delivered Through DLL Side-Loading A "normal", but vulnerable to DLL side-loading PDF reader may be used to launch additional exploit code https://isc.sans.edu/diary/Python%20Bot%20Delivered%20Through%20DLL%20Side-Loading/31778 Tomcat RCE Correction To exploit the Tomcat RCE I mentioned yesterday, two non-default configuration options must be selected by the victim. https://x.com/dkx02668274/status/1901893656316969308 SAML Roulette: The Hacker Always Wins This Portswigger blog explains in detail how to exploit the ruby-saml vulnerablity against GitLab. https://portswigger.net/research/saml-roulette-the-hacker-always-wins Windows Shortcut Zero Day Exploit Attackers are currently taking advantage of an unpatched vulnerability in how Windows displays Shortcut (.lnk file) details. Trendmicro explains how the attack works and provides PoC code. Microsoft is not planning to fix this issue https://www.trendmicro.com/en_us/research/25/c/windows-shortcut-zero-day-exploit.html

Hello folks, welcome to program 381 of the technology blog and podcast series. We are going to start with an interesting video with Trend Micro that talks about customer success. Making sure customers are happy is the key to having a successful company, and this does not matter what the business is. Next, in our first article we're going to talk about, we're talking about one that should really have more of a punishment than 10 years. The article talks about a guy who basicly sabotoged his former employer after he got terminated. Thinking that he wouldn't be caught at whatever he got caught doing, he put in a kill switch which disabled the company computer network. If you read the article titled Developer">https://www.bleepingcomputer.com/news/security/developer-guilty-of-using-kill-switch-to-sabotage-employers-systems/">Developer guilty of using kill switch to sabotage employer's systems from Bleeping Computer, what did you think of it? Do you agree with the 10 years he ould get if found guilty? Why or why not? Email, imessage, text, WhatsApp or call and leave a comment on the comment line. Let me know if your comments should be aired. Microsoft">https://krebsonsecurity.com/2025/03/microsoft-6-zero-days-in-march-2025-patch-tuesday/">Microsoft: 6 Zero-Days in March 2025 Patch Tuesday comesfrom Krebs On security as we have a segment on Windows Update. If you can, get those updates going. Email/Imessage tech at menvi.orgtext/WhatsApp: 804-442-6975Leave a message or talk to me: (888) 405-7524 or (818) 527-4754. Enjoy the program!

With the trivia, note that we can accept multiple answers today. Those who guessed already can't change their answers.Welcome to program 230 of the Security Box. I can't believe we've made it to program 230, but here we are. Between this milestone, and the relaunch of the tech podcast releasing 380, this is going to get very interesting. On this edition of the program, we're going to hear from Preston in regards to one of the newsletters from Kim Komando. We're going to hear from Trend Micro about the threat landscape thanks to one of their podcasts through Youtube, and we also have an interesting video about a London Story with a guy climbing Big Ben. Yes, its not security related, but you'll see why we've included it here and i'll talk about it for those who did not see it. If you'd like to watch this, let us know what's going on. We know it is a demonstration and I have no problem with it, but doing this with no shoes? Here">https://www.youtube.com/watch?v=SIkowhcFdfE">Here is the video from a news source if you wish to take a look. Phishing">https://technology.jaredrimer.net/2025/02/20/phishing-as-a-service-darcula-may-become-the-next-best-thing/">Phishing as a service Darcula may become the next best thing is the blog post that leads to the article in which we're going to use. This is one of a few items that we will need to watch.If you'd like to support our efforts on what this podcast is doing, you can feel free to donate">http://www.jaredrimer.net/donations.html">donate to the network, subscribing">https://www.986themix.com/mailman/listinfo/thesecuritybox_986themix.com">subscribing to the security box discussion list or sending us a note through contact information throughout the podcast. You can also find contact details on our blog">https://technology.jaredrimer.net/contact-admins/">blog page found here. Thanks so much for listening, reading and learning! We can't do this alone.

The CISA and FBI warn that Ghost ransomware has breached organizations in over 70 countries. President Trump announces his pick to lead the DOJ's National Security Division. A new ransomware strain targets European healthcare organizations. Researchers uncover four critical vulnerabilities in Ivanti Endpoint Manager. Microsoft has patched a critical improper access control vulnerability in Power Pages. The NSA updates its Ghidra reverse engineering tool. A former U.S. Army soldier admits to leaking private call records. Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. The pentesters' breach was simulated — their arrest was not.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Stephen Hilt, senior threat researcher at Trend Micro, sharing the current state of the English cyber underground market. Learn more in the report.  Selected Reading CISA and FBI: Ghost ransomware breached orgs in 70 countries (Bleeping Computer) Trump to nominate White House insider from first term to lead DOJ's National Security Division (The Record) New NailaoLocker ransomware used against EU healthcare orgs (Bleeping Computer) PoC Exploit Published for Critical Ivanti EPM Vulnerabilities (SecurityWeek) Microsoft Patches Exploited Power Pages Vulnerability (SecurityWeek) NSA Added New Features to Supercharge Ghidra 11.3 (Cyber Security News) Army soldier linked to Snowflake extortion to plead guilty (The Register) Katie Arrington Returns to Pentagon as DoD CISO (GovInfo Security) Penetration Testers Arrested by Police During Authorized Physical Penetration Testing (Cyber Security News) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Slide, a new backup and disaster recovery appliance designed for managed service providers, was introduced by former Datto founders Austin McCord and Michael Fass at the right-of-boom cybersecurity conference in Las Vegas. The appliance, which is slightly larger than an Apple Mac Studio, boasts a storage capacity of up to 16 terabytes and operates at speeds capable of saturating a 10-gigabit network connection. McCord emphasized the appliance's speed and efficiency, claiming it is significantly faster than existing market solutions. The founders aim to foster a culture of connection and support, allowing users to easily cancel their service with a single click, which they view as a reflection of a customer-centric philosophy.Apple has unveiled its first in-house cellular modem, the C1, which will debut in the iPhone 16E, marking a significant step away from reliance on Qualcomm chips. The C1 modem is touted as the most power-efficient modem ever included in an iPhone, promising reliable 5G connectivity. While the iPhone 16 and 16 Pro will continue to use Qualcomm technology for the time being, Apple is strategically testing the C1 modem in a budget model to assess its performance without risking issues for premium users. This move aligns with Apple's broader goal of controlling its hardware stack and optimizing performance across its devices.In the realm of artificial intelligence, xAI has launched Grok 3, a new model that boasts enhanced capabilities and has been trained on a significantly larger dataset. Grok 3 has achieved impressive scores on various benchmarks, including math performance, and features a deep search capability that enhances its reasoning. However, early testing has revealed some limitations, such as citation accuracy and humor comprehension. The company plans to open-source Grok 2 to address previous criticisms regarding biases, while also introducing a new subscription plan for Grok 3.Lastly, the podcast discusses potential acquisition talks surrounding Trend Micro, a Japanese cybersecurity firm, which is reportedly valued at approximately $8.54 billion. The discussions involve several private equity firms, and if the acquisition goes through, it could lead to significant changes in Trend Micro's product roadmap and support structure. Additionally, Sophos has announced a partnership with Pax8 to streamline security management for service providers, indicating a trend towards consolidating vendor relationships in the cybersecurity space. This partnership aims to simplify access to a wide range of security solutions, although it remains to be seen whether Sophos can effectively compete with existing offerings in the marketplace. Four things to know today 00:00 Cancel Anytime with One Click? Slide's Backup Solution Calls Out the Industry's Biggest Flaws04:21 Apple Unveils C1 Modem in iPhone 16e, Taking First Steps Away from Qualcomm06:19 xAI's Grok 3 Hits the Scene with More Power, More Data, and… More Questions08:37 Big Money Meets Big Security: Trend Micro Buyout Talks Heat Up While Sophos Joins the Pax8 Party Supported by:  https://www.huntress.com/mspradio/https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

AI has been a major factor in cybersecurity strategies in 2024, and that will continue into 2025. However, cybercriminals are also continuing to pursue traditional phishing and social engineering methods to exploit vulnerable users. Jon Clay, Trend Micro's VP of Threat Intelligence, offers insights into how organizations can strengthen their defenses and protect their data in the coming year. 

In this episode of the mnemonic security podcast, Robby is joined by Dustin Childs, Head of Threat Awareness at Trend Micro's Zero Day Initiative (ZDI). Dustin explains the ZDI's role in purchasing and analysing vulnerabilities to provide early protection for customers and how zero days – previously unknown vulnerabilities – become "n-days" once disclosed or patched.The conversation highlights the critical importance of timely patching, the risks posed by bad patches, and the concept of virtual patching as a defence strategy. Dustin also delves into attack surface monitoring, the evolving threat landscape, and the ongoing challenges of balancing security and usability in modern networks.Send us a text

With Chinese New Year just around the corner, festive shopping and reunion dinner preparations are in full swing – but so are scammers. With the rush to secure deals, the risk of online scams is surging. Meta’s recent report of 9,000 phishing URLs in Singapore highlights the growing threat of fraudulent promotions. Now more than ever, consumers must stay vigilant against these evolving dangers. On The Big Story, Hongbin Jeong speaks to Tim Falinski, Vice President of Consumer Business, Trend Micro, to find out how to remain vigilant from scams this festive period. Presented by: Hongbin Jeong Produced and Edited by: Alexandra Parada (alexparada@sph.com.sg) Want to get featured on our show? Drop me an email today!See omnystudio.com/listener for privacy information.

Welcome to the CanadianSME Small Business Podcast! In a world where digital threats are becoming more sophisticated, understanding cybersecurity is more critical than ever for businesses of all sizes.Today, we're joined by Greg Young, Vice President of Cybersecurity at Trend Micro. With an impressive career spanning over 35 years, Greg's expertise includes enterprise security, network protection, and safeguarding data integrity. Having served as a research vice president at Gartner, Greg has guided countless organizations on best practices for secure business operations. His extensive experience as a CISO, security architect, and military intelligence officer brings unparalleled insights into the evolving cybersecurity landscape.This episode highlights:The Evolving Threat Landscape: Greg sheds light on the most pressing cybersecurity threats facing businesses today and how to address them effectively.Best Practices for Small Businesses: Practical advice for building a strong cybersecurity foundation, even with limited resources.Trends in Cybersecurity Technology: A deep dive into the innovations and tools reshaping the field of cybersecurity.Leadership and Cybersecurity: How Greg's leadership journey informs his approach to securing digital assets and fostering a culture of security awareness.Join us for an enlightening conversation as we explore actionable strategies to help small businesses navigate the complexities of cybersecurity and protect their digital assets in the face of ever-evolving threats.Special thanks to our partners:RBC: https://www.rbcroyalbank.com/dms/business/accounts/beyond-banking/index.htmlUPS: https://solutions.ups.com/ca-beunstoppable.html?WT.mc_id=BUSMEWAConstant Contact: https://www.constantcontact.com/landing1/new-marketer?utm_campaign=canadiansme&utm_medium=sponsorlogo&utm_source=brandIHG Hotels and Resorts: https://businessedge.ihg.com/s/registration?language=en_US&CanSMEGoogle: https://www.google.ca/For more expert insights, subscribe to the CanadianSME Small Business Magazine at www.canadiansme.ca. Join us next time as we continue bringing valuable strategies to help your business grow.

Europol dismantles the Manson cybercrime market. Operation Destabilise stops two major Russian-speaking money laundering networks. New details emerge on China's attacks on U.S. telecoms. Black Lotus Labs uncovers a covert campaign by the Russian-based threat actor “Secret Blizzard”. Cisco issues patches for a high impact bootloader vulnerability. Trend Micro researchers uncovered Earth Minotaur targeting Tibetan and Uyghur communities. Payroll Pirates target HR payroll systems to redirect employee funds .Pegasus spyware may be more prevalent than previously believed. Our guest today is Jon France, CISO at ISC2, with insights from the ISC2 2024 Workforce Study. How businesses can lose customers one tip at a time.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest today is Jon France, CISO at ISC2, sharing the ISC2 2024 Workforce Study. You can read the press release about the report here and dig into the details of the report itself here.  Selected Reading 50 Servers Linked to Cybercrime Marketplace and Phishing Sites Seized by Law Enforcement (SecurityWeek) UK's NCA Disrupts Multibillion-Dollar Russian Money Launderers (Infosecurity Magazine) The White House reveals at least 8 U.S. telecom firms impacted by China's Salt Typhoon cyberattack (Fast Company) Senators implore Department of Defense to expand the use of Matrix (Element) Snowblind: The Invisible Hand of Secret Blizzard (Lumen) Frequent freeloader part I: Secret Blizzard compromising Storm-0156 infrastructure for espionage (Microsoft Security) Russian Hackers Exploit Rival Attackers' Infrastructure for Espionage (Infosecurity Magazine) Bootloader Vulnerability Impacts Over 100 Cisco Switches (SecurityWeek) MOONSHINE Exploit Kit and DarkNimbus Backdoor Enabling Earth Minotaur's Multi-Platform Attacks (Trend Micro) Hunting Payroll Pirates: Silent Push Tracks HR Redirect Phishing Scam (Silent Push) iVerify Mobile Threat Investigation Uncovers New Pegasus Samples (iVerify) How a Russian man's harrowing tale shows the physical dangers of spyware (CyberScoop) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

A WIRED investigation uncovers the ease of tracking U.S. military personnel. Apple releases emergency security updates to address actively exploited vulnerabilities. Latino teenagers and LGBTQ individuals are receiving disturbing text messages spreading false threats. Crowdstrike says Liminal Panda is responsible for telecom intrusions. Oracle patches a high-severity zero-day vulnerability. Trend Micro has disclosed a critical vulnerability in its Deep Security 20 Agent software. A rural hospital in Oklahoma suffers a ransomware attack. A leading fintech firm is investigating a security breach in its file transfer platform. Researchers deploy Mantis against malicious LLMs.  Ben Yelin from the University of Maryland Center for Health and Homeland Security discusses AI's bias in the resume screening process. Tracking down a lost Lambo.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we have Ben Yelin, Program Director, Public Policy & External Affairs at the University of Maryland Center for Health and Homeland Security and our Caveat podcast co-host, discussing AI's racial and gender bias in the resume screening process. You can read about it here. Selected Reading Anyone Can Buy Data Tracking US Soldiers and Spies to Nuclear Vaults and Brothels in Germany (WIRED) GAO recommends new agency to streamline how US government protects citizens' data (The Record) Apple Issues Emergency Security Update for Actively Exploited Flaws (Infosecurity Magazine) Texts threatening deportation and 're-education' for gays stoke both fear and defiance (NBC News) Chinese APT Group Targets Telecom Firms Linked to BRI (Infosecurity Magazine) Oracle Patches Exploited Agile PLM Zero-Day (SecurityWeek) Trend Micro Deep Security Vulnerability Let Attackers Execute Remote Code (Cyber Security News) Oklahoma Hospital Says Ransomware Hack Hits 133,000 People (GovInfo Security) Fintech Giant Finastra Investigating Data Breach (Krebs on Security) AI About-Face: 'Mantis' Turns LLM Attackers Into Prey (Dark Reading) Hackers Steal MLB Star Kris Bryant's $200K Lamborghini By Rerouting Delivery (Carscoops) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

En este episodio de La Última Frontera, Santi Siri y Emilse Garzón reciben a Julio Cella, Security Client Leader Argentina Paraguay y Uruguay de IBM, para hablar sobre el #DesarrolloCuántico. Julio trabajó en las principales marcas de #tecnología desde LATAM como Autodesk, Kaspersky, Symantec, Trend Micro o Microsoft. Por eso, cuenta con experiencia en el desarrollo de forecast y en el manejo de equipos de alto desempeño, además de ejecución efectiva de proyectos. ¿En qué sectores o industrias se espera que tenga un mayor impacto la #ComputaciónCuántica? ¿Cuáles son los principales desafíos técnicos y científicos que enfrenta? ¿Qué oportunidades tiene América Latina en el desarrollo de tecnologías cuánticas? También, hablan sobre videojuegos desarrollados en Argentina, Qiskit, Genexus Enterprise AI, entre otros temas. Y como cada semana, las principales #noticias e innovaciones en #tecnología, #IA, #Cripto y #tendencias.

Uveka Rangappa (standing in for Relebogile Mabotja) speaks to Emmanuel Tzingakis the Technical Lead, African Cluster at Trend Micro about mobile cybersecurity.See omnystudio.com/listener for privacy information.

The IRISSCERT Cyber Crime Conference (IRISSCON) returns on November 6th at the Aviva Stadium, where global cybersecurity leaders will explore AI's revolutionary role in defending against, and contributing to, cyber threats. As Ireland's longest-standing cybersecurity conference, IRISSCON 2024 will dive into AI's impact on how it both enhances security and enables cybercriminals to scale and automate attacks. With generous support from diamond sponsors ESET, Symantec, and BH Consulting, the event will highlight cutting-edge AI strategies while equipping attendees with insights into managing AI-driven threats. IRISSCON 2024 will examine AI's role in threat detection, response automation, and defence optimisation, while exploring the risks posed by adversarial AI applications, such as automated phishing, impersonation through deepfakes, and highly targeted attacks. Featured speakers from top organisations, such as the Irish National Cyber Security Centre (NCSC), An Garda Siochana, ESET, Symantec, ForeScout, and Trend Micro, will share their expertise on how organisations can anticipate and counter AI-powered cyber threats. "AI holds immense promise as both a powerful defense tool and a potential threat amplifier," said Brian Honan, founder of IRISSCERT. "This year's IRISSCON will enable cybersecurity professionals to better understand how to leverage AI in protecting their organisations, while also preparing for the risks posed by AI fuelled attacks. We're incredibly grateful for the support of our sponsors ESET, Symantec, and BH Consulting, who make this important event possible." IRISSCON 2024 will also cover topics in cyber regulation such as NIS2, global cooperation, and best practices for preventing, detecting, and responding to cybersecurity attacks. See more stories here.

This evening we look at market moves with PSG Wealth, Renergen's CEO joins us to discuss their half-year financial update, we speak to 27four about its new benchmark to address diversity, equity and inclusion in the asset management sector, Trend Micro joins us to discuss the rise of phone hacking and the importance of mobile cybersecurity, and in our SME of the Week segment, we speak to XTLS Dreadlocks, a KZN-based one-stop-shop for all things dreadlocks. SAfm Market Update - Podcasts and live stream

Bernie Wu is VP of Business Development for MemVerge. He has 25+ years of experience as a senior executive for data center hardware and software infrastructure companies including companies such as Conner/Seagate, Cheyenne Software, Trend Micro, FalconStor, Levyx, and MetalSoft. Boosting LLM/RAG Workflows & Scheduling w/ Composable Memory and Checkpointing // MLOps Podcast #270 with Bernie Wu, VP Strategic Partnerships/Business Development of MemVerge. // Abstract Limited memory capacity hinders the performance and potential of research and production environments utilizing Large Language Models (LLMs) and Retrieval-Augmented Generation (RAG) techniques. This discussion explores how leveraging industry-standard CXL memory can be configured as a secondary, composable memory tier to alleviate this constraint. We will highlight some recent work we've done in integrating of this novel class of memory into LLM/RAG/vector database frameworks and workflows. Disaggregated shared memory is envisioned to offer high performance, low latency caches for model/pipeline checkpoints of LLM models, KV caches during distributed inferencing, LORA adaptors, and in-process data for heterogeneous CPU/GPU workflows. We expect to showcase these types of use cases in the coming months. // Bio Bernie is VP of Strategic Partnerships/Business Development for MemVerge. His focus has been building partnerships in the AI/ML, Kubernetes, and CXL memory ecosystems. He has 25+ years of experience as a senior executive for data center hardware and software infrastructure companies including companies such as Conner/Seagate, Cheyenne Software, Trend Micro, FalconStor, Levyx, and MetalSoft. He is also on the Board of Directors for Cirrus Data Solutions. Bernie has a BS/MS in Engineering from UC Berkeley and an MBA from UCLA. // MLOps Swag/Merch https://mlops-community.myshopify.com/ // Related Links Website: www.memverge.com Accelerating Data Retrieval in Retrieval Augmentation Generation (RAG) Pipelines using CXL: https://memverge.com/accelerating-data-retrieval-in-rag-pipelines-using-cxl/ --------------- ✌️Connect With Us ✌️ ------------- Join our slack community: https://go.mlops.community/slack Follow us on Twitter: @mlopscommunity Sign up for the next meetup: https://go.mlops.community/register Catch all episodes, blogs, newsletters, and more: https://mlops.community/ Connect with Demetrios on LinkedIn: https://www.linkedin.com/in/dpbrinkm/ Connect with Bernie on LinkedIn: https://www.linkedin.com/in/berniewu/

According to research conducted by Gartner, B2B sales reps forget 87% of what they learn within 30 days of training. So how can you build effective learning programs that foster continuous development? Shawnna Sumaoang: Hi, and welcome to the Win-Win podcast. I am your host, Shawnna Sumaoang. Join us as we dive into changing trends in the workplace and how to navigate them successfully. Here to discuss this topic is Tom Brandon, the Director of Sales Enablement at OneSpan. Thank you for joining us, Tom. I would love for you to tell us about yourself, your background, and your role. Tom Brandon: Thanks for having me. I’m excited to be here. So I’m Tom Brandon. I’m the director of sales enablement at OneSpan, which is a workforce authentication, banking authentication, and digital agreements company. I’ve been in the training and enablement field for way too long. I don’t want to say how many years it’s been, but started out as a technical trainer, doing all of the. Microsoft training, MCSC, MCP, MCT, Cisco training, delivering all of those, and eventually became a global trainer for a cybersecurity company, Trend Micro, took on their training teams, took on their development teams, and ran their global education department, was there for about 10 years. Then moved on to another cyber security company, WebSense, which became Forcepoint, and took on their global education department, and eventually we branched off the sales and technical, and I continued on with their technical education and building out their programs. For almost 10 years as well. Then moved on again to another cyber security company, ReliaQuest, and was their VP of learning at ReliaQuest University. And then finally here at OneSpan. I’ve been at OneSpan now for about a year and a half, really enjoying working with this company and the sellers and building out a true enablement. SS: I love that. Well, Tom, thank you again for joining us. You have extensive experience in designing and delivering learning programs. So what are some of your considerations when developing programs for these different teams across go-to-market like revenue and customer success teams?  TB: That’s a great question because each team always has a unique focus and spin that you have to be aware of, but for me it really comes down to five main things. What do they need to know? Why do they need to know it? When do they need to know it? How do they do it? And then who do they go to for any questions? And so everything that we’re doing focuses on those five main areas. And whether it be a simple microlearning, whether it be a full-fledged training, or it’s a communication that we’re sending out, those are things that I always focus on because. If a sales rep or a customer success manager doesn’t know why a change was implemented or why pricing has gone up or when things go into effect or how to actually do something for our PS and our SE organizations, then they’re at a disadvantage and they’re not going to look good in front of their customers. So those are the things that I usually focus on. Anytime we’re building out any type of communication enablement or training program. SS: I think that’s great advice. Now, one thing that did catch my eye on LinkedIn was that you mentioned you actually rebuilt the onboarding program at one span to a flipped classroom model. For those that are maybe a little less familiar, can you explain what a flipped classroom model is? And can you tell us more about this effort and how your team brought it to life?  TB: Absolutely. In traditional education, think about when you’re going to a university course, you go into the lecture and you have the professor that’s up there and they’re delivering their lecture content. They probably delivered that hundreds of times for different classes. And it’s the exact same thing every time. And the students, then they take that information and then they go and they have to read some more. They have to do some worksheets and everything. And it’s It’s a one way data transfer, and it’s really not a great way for the students to learn and apply that information. Whereas with the flipped classroom, the idea is that you give the students content ahead of time. You give them all of that, that learning, that book study that they need to be doing, and they prepare for the in-class session with all of that content. Now, when they’ve done that, the time with that expert, with that SME, now can be used for deeper engagement, for communication, for role plays, for a practical application of that content that they have just read about and they’ve gone through all that self-paced learning. And then after class, this is where they can do some additional application of what they have practiced. in class, whether they have discussion forums or assessments or additional learning opportunities. And so it’s a way to not only get the information across, but have a two way communication with the students, which is going to help them to remember the content. It also allows them an opportunity to practice in a safe environment and then gives them further opportunities outside of class to apply that knowledge. SS: Amazing. Well, I think it’s really cool what you guys are doing on that front. And you actually leverage the certifications in your onboarding program, as well as other ongoing learning programs. How have you used certifications to motivate learners and validate skills? TB: Well, the validation, that’s the easy part, right? That’s what certifications are all about, is validating that somebody knows a fact or is aware of a process or whatever it may be. The motivation, that’s the hard part, is trying to figure out how you can not only validate or assess but also get people excited about what they are learning about. And this is really where things like setting up achievements for people, having specific goals that they can achieve, and then having some sort of reward for them, whether it’s digital or physical, whatever it might be. And this is also where you can start talking about. The idea of gamification or serious gaming as well. For me, I’ve never been a big one on gamification. Let’s just put something into a game just so that people will go through the content and the game has nothing to do with the content that they’re going through. But serious gaming, something that is a practical application, something that is an experiential-based learning opportunity for them that then gives them an achievement once they have actually shown that they can perform some action, whether it’s delivering a pitch or whatever it might be. But It shows them that they can be confident in what they are learning, that they are actually making progress and achieving. And so, you know, for me, it’s finding ways that you can do this serious gaming and provide achievements along the way. SS: I absolutely love that. Definitely, progress is a motivator, I think, for a lot of people. As you think about reps or go-to-market teams, oftentimes they are on the move and extremely busy. So how do you incorporate microlearning and agile curriculum methodologies into your learning programs? TB: We have all seen a decrease in our attention spans over the last several years. We’re so used to the quick hits and ever-changing content that’s put in front of us by social media that the traditional approach To lengthy training programs is not appropriate for our current audiences. And so, looking at, one, an agile development framework is absolutely important, because if you look at the traditional approach for planning out curriculum development, it could take 3, 6, 9 months for a full-fledged course to be developed. In today’s fast-paced world, in 3, 6, 9 months, that product may not even be around anymore. Nonetheless, people are interested in purchasing that product. And so the Agile development process, taking those Agile principles from software development and applying it to what we’re doing in curriculum development is absolutely critical. Setting up sprints and working very closely with development teams or with marketing teams and making sure that we are in lockstep together and releasing things at very short intervals. And those things that you’re releasing in those short intervals, whether it be one or a two-week sprint, now become those micro-learning pieces. And this is something that again, You know, with people’s attention spans, we need to be able to get quick hits out to people with the most important information and be able to share that with them on a continued basis so that they know that more information is coming. And that leads to kind of that idea of the just-in-time training as well. Get that information in front of people as they need it so that they can be prepared for whatever situation they’re facing. SS: Absolutely. What role would you say your enablement platform Highspot plays in helping you land these strategies? TB: Highspot has been fantastic for this. One, it’s been our consolidation point for all of the content that we’ve had. I’m sure everybody that’s listening to this, they are facing this problem where you have content that is spread across so many different places, and sellers are saying, I don’t know where to go to find information. And so having one definitive location where people can go and find the content has been a lifesaver for us. Second, is that it helps us with creating smaller micro-learning content and making that available to our sellers in an easy-to-consume format. And the third thing then is that it provides us with rich analytics so that we can see what is working and what isn’t. We can see who is accessing it, who is not accessing it, and how well they’re performing. And it’s not just about the people taking it. But it’s helping us to determine if our content really hitting the mark. Is there something that we need to go back and revisit? There’s something missing or something that was mistaken in there. And so from an enablement standpoint, not only is it a vehicle for us to get that content in front of our users, but it’s also a mechanism for us to ensure that we’re providing the best quality that we can to those people who are taking our enablement content. SS: Absolutely. I want to shift gears a little bit because I know that in order for enablement to be successful, you really have to have effective partnerships with key stakeholders across the organization. I know for you as well, that one of the things that was important was transitioning enablement from being an order taker to really a consultative partner for the key stakeholders across the organization. How have you built effective partnerships with your stakeholders as you’ve implemented these learning programs? TB: That’s a great question. One, as an enablement leader, I struggled with for a long time, is trying to get away from that order-taker mentality where people just come and say, we need training on this, go and create this training for us, to being that true consultative partner, where we are working hand in hand, with different departments to understand their needs and then to provide our recommendations for how we can help them to achieve those goals and needs that they have. And when I came into OneSpan, we were really order takers. It was just people telling the enablement team, to go and make these trainings. And what we’ve had to do is we’ve had to transition in three main areas. One is that we have to prove our value. We have to show that we are true professionals in our craft and that we know what we’re doing. Second, we have to build trust, and that means that we have to be working arm-in-arm with those leaders in other departments. We have to be there providing input, and we have to be listening to them as they’re telling us about their needs. And third, and perhaps the most important one, and this is one that I’ve really been focusing on the last several years, is that we have to become the communication hub. There’s a lot of siloed information in every company, and that information is critical for the success of the company. We have to get it in front of the go-to-market teams. And so I see my role as a sales enablement expert here to find that information in the silos and then to share it out. And what that does is it allows us to get better visibility into what’s happening in the organization. It allows us to ferret out where those problem areas are and to get the different departments working closer together. as well. And it all comes from that communication hub mentality. SS: Absolutely. I love that approach for gaining stakeholder buy-in and trust. You know, I know you talked a lot about how important kind of having that data and analytics set is along the way. In what ways do data and analytics also help you to enhance your continuous learning and reinforcements with your team? TB: So I’d say there are two main parts here. One is leveraging a model that gives us more information than just the smiley sheets at the end of training. We’re implementing the Kirkpatrick model of evaluations. It’s a four-level model. And, you know, really quick, you know, the idea here is that at level one, you have your basic reactions, those smiley sheets, and people like the training. And usually, it’s, did they like the trainer rather than the training? The second level Is did they actually learn something? And this is where you can have quizzes that can determine this, or you can start looking at confidence and you can start doing things like before and after surveys. And so you can see if there was an increase in confidence. in attendees’ confidence in a particular subject. This is a subjective measure, but at least you can start getting into the minds of those people who have been taking your training to see, did it made an impact. The third level then is behavioral change. Did they take that information that they learned about in the training and have they taken it back on the job? Are they actually doing the things that they learned about? And then finally, the last one is driving business results. So the people who went through the training, who’ve seen this confidence change, who are implementing it on the job, are they now performing better than those who have not gone through this training? And is it making a material impact on the business? Is it bringing more money in? Are they making more sales? And so, Leveraging a model like this that gets away from that, did you like your trainer smiley sheet and starts getting into the minds and actions of the sellers is absolutely critical. The second is the system Highspot is allows us to dig in-depth and get an analysis on what is working, and who is succeeding, and allows us then to create a model for others to emulate so that they can then have the same success as those who have gone through and are now providing that material business impact. SS: Now you said the word impact a few times. I would love to learn from you. What impact have your learning programs had on your team so far? And do you have any wins you can share? TB: Yeah, we’ve probably had maybe three key impacts. When I first came into OneSpan, we were rolling out a new first call deck that our sellers use when they get with customers for the first time. And we did a First call deck certification program where we built out not only self-study around the first call deck but then had sessions to actually do role plays with our sellers and work with them on key scenarios and key customer profiles so that they could then actually do a certification role play with their managers. And go through that. And the sellers by far were more prepared and engaged than they have ever been in any deck certification training. And we got every seller through. They all passed with an 80 percent certification or higher in that program. A second one that we’ve had, we call it our one spark, a sales kickoff. At the start of 2023, we had a change in CEO and we were supposed to have A in-person sales kickoff, but with that change in CEO and a lot of changes that were happening around the company, they decided to cancel the in-person sales kickoff, but our team in conjunction with our business unit leaders decided it’s still critical for us to create a program to start getting people the information they need to On the goals and trajectory of the company for this year, 2024. So we, the enablement team, created a week long virtual sales kickoff program, and we did this within one month period of time, and we were able to leverage the technology. Not only the content that we had, but then our systems like Highspot to help us get this information out to our sellers, held multiple webinars, and it was by far one of the most successful kickoffs that we’ve had, even though it was virtual. The final one, I know I could ramble about this for days and days, but was our revamped onboarding and really taking this old school onboarding program that was really an ad hoc for every single individual as they came in onboarding to a consistent program that’s the flipped classroom program that allows more interaction time with SMEs, with the instructor, gives the new hires an opportunity to role-play in that safe environment and gives them opportunities then to apply their knowledge outside of the classroom as well. SS: Those are some amazing wins, Tom. Continue to move forward and optimize everything that you are doing. What will be your primary focus areas for continuing to enhance One Span’s learning programs? TB: I have to say, I’m going to stick with the number three. I’ll give you three of them that we have. One is microlearning. Have to continue with the microlearning approach. I don’t see us going back to week-long, two-week-long, month-long training courses. There are situations where that may be beneficial, but working in a global company with a global go-to-market sales force, we have to leverage the technology that we have. And microlearning is a key aspect for us. The second thing that I really want to start focusing on is user-generated content. We’re a small enablement team, and we don’t have time to handle every single thing that we’d like to do. And we’re not the experts because we’re not in front of the customer every single day on some things. And so, getting Users to actually generate some content that then can be leveraged within our programs. Not only help us to create broader programs and, ones that are, are more effective, but it also gives a little bit more credence to it because it’s sellers sharing with sellers. And it helps other sellers to see that this is something that’s important. And so user-generated content is something that I’m looking to really start working on in 2025. And finally, communications. I know I’ve talked a lot about communications already, but that is one key area that really has to be focused on. I, early in my career, used to tell people, I was not a marketeer. I don’t do marketing, but you have to be able to effectively tell people what’s happening, what is available, why it’s important, and get that in front of them on a continuous basis. SS: Tom, last question for you. For organizations aiming to create effective learning programs for teams across the revenue engine, what’s maybe one piece of advice you would give them to set them up for success? TB: I’m going back to communicate. You have to use all channels that are available. I refer to it as guerrilla marketing. You have to be able to tell people not only what you are doing, but the effect it has and the benefits of it. And find new and unique ways of getting information in front of people. Start creating a microlearning series. We just started one called Behind the Curtain that takes a look at specific customer profiles and how they’re leveraging our products. We’re also doing one on cyber security awareness this month, and we’re getting things out every other day to our sellers, key aspects that they could be talking to their customers about. But the communication aspect, people may not know all the great work that enablement teams are doing. Unless they’re told about it, you have to let people know. So communicate. SS: I love that advice. Thank you again, Tom, so much for joining us and sharing your advice through this podcast. I really appreciate it. TB: Thanks for having me. SS: To our audience. Thank you for listening to this episode of the Win-Win podcast. Be sure to tune in next time for more insights on how you can maximize enablement success with Highspot.

In this episode, Spencer and Brad discuss a recent Trend Micro research project and associated white paper "Red Team Tools in the Hands of Cybercriminals and Nation States". Spencer and Brad dig into what red teaming is, what red team tools (often referred to as offensive security tools) are and why they are used. They also cover the abuse of red team tools, the speed of exploitation after public release and supply chain attacks against red team tools.From Defense to Offense: The Misuse of Red Teaming Tools by Cybercriminals | Trend Micro (US)Blog: https://offsec.blog/Youtube: https://www.youtube.com/@cyberthreatpovTwitter: https://twitter.com/cyberthreatpovWork with Us: https://securit360.com

SecTor, Canada's largest cybersecurity conference, today announced the release of its full schedule of Summits for SecTor 2024. The live, in-person event will take place from October 22 to October 24 at the Metro Toronto Convention Centre in downtown Toronto. Summits will take place on Tuesday, October 22 and include:SecTor Executive Summit – This Summit will offer CISOs and other cybersecurity executives an opportunity to hear from industry experts helping to shape the next generation of information security strategy. Sponsors include: Armis, Sysdig, Cyera, and Trend Micro. To apply, please visit blackhat.com/sector/2024/executive-summit.html.Inaugural AI Summit at SecTor – This Summit will take place as part of The AI Summit Series, a global conference and expo series focusing on practical applications of AI technologies. This Summit will underscore the importance of artificial intelligence (AI) as an organization's newest and greatest weapon within the ever-evolving cybersecurity landscape. Passes can be purchased here: blackhat.com/sector/2024/ai-summit.html.Cloud Security Summit at SecTor – This Summit is Canada's leading cloud security event featuring keynote speakers, panel discussions, and networking opportunities, and provides an invaluable opportunity for every security professional to engage with leaders and discuss the future of cloud security. Sponsors include: CrowdStrike, Cyera, Kyndryl, Okta, OpenText, StrongDM, Sysdig, and Lookout. Passes can be purchased here: blackhat.com/sector/2024/cloud-summit.html.Note: This story contains promotional content. Learn more.ResourcesLearn more and catch more stories from SecTor Cybersecurity Conference Toronto 2024: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canadaLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

SecTor, Canada's largest cybersecurity conference, today announced the release of its full schedule of Summits for SecTor 2024. The live, in-person event will take place from October 22 to October 24 at the Metro Toronto Convention Centre in downtown Toronto. Summits will take place on Tuesday, October 22 and include:SecTor Executive Summit – This Summit will offer CISOs and other cybersecurity executives an opportunity to hear from industry experts helping to shape the next generation of information security strategy. Sponsors include: Armis, Sysdig, Cyera, and Trend Micro. To apply, please visit blackhat.com/sector/2024/executive-summit.html.Inaugural AI Summit at SecTor – This Summit will take place as part of The AI Summit Series, a global conference and expo series focusing on practical applications of AI technologies. This Summit will underscore the importance of artificial intelligence (AI) as an organization's newest and greatest weapon within the ever-evolving cybersecurity landscape. Passes can be purchased here: blackhat.com/sector/2024/ai-summit.html.Cloud Security Summit at SecTor – This Summit is Canada's leading cloud security event featuring keynote speakers, panel discussions, and networking opportunities, and provides an invaluable opportunity for every security professional to engage with leaders and discuss the future of cloud security. Sponsors include: CrowdStrike, Cyera, Kyndryl, Okta, OpenText, StrongDM, Sysdig, and Lookout. Passes can be purchased here: blackhat.com/sector/2024/cloud-summit.html.Note: This story contains promotional content. Learn more.ResourcesLearn more and catch more stories from SecTor Cybersecurity Conference Toronto 2024: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canadaLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

Video Episode: https://youtu.be/7et_7YkwAHs In today’s episode, we dive into the alarming rise of malware delivery through fake job applications targeting HR professionals, specifically focusing on the More_eggs backdoor. We also discuss critical gaming performance issues in Windows 11 24H2 and the vulnerabilities in DrayTek routers that expose over 700,000 devices to potential hacking. Lastly, we address the urgent exploitation of a remote code execution flaw in Zimbra email servers, emphasizing the need for immediate updates to safeguard against evolving threats. Links to articles: 1. https://thehackernews.com/2024/10/fake-job-applications-deliver-dangerous.html 2. https://www.bleepingcomputer.com/news/microsoft/microsoft-warns-of-windows-11-24h2-gaming-performance-issues/ 3. https://thehackernews.com/2024/10/alert-over-700000-draytek-routers.html 4. https://www.bleepingcomputer.com/news/security/critical-zimbra-rce-flaw-exploited-to-backdoor-servers-using-emails/ Timestamps 00:00 – Introduction 01:14 – Zimbra RCE Vulnerability 02:17 – 700k DrayTek Routers Vulnerable 04:36 – Recruiters Targeted with Malware 06:14 – Microsoft blocks updates for gamers 1. What are today’s top cybersecurity news stories? 2. How is More_eggs malware targeting HR professionals? 3. What vulnerabilities exist in DrayTek routers? 4. Why did Microsoft block Windows 11 24H2 upgrades? 5. What is the impact of the Zimbra RCE flaw? 6. How do fake job applications spread malware? 7. What security measures can protect against More_eggs malware? 8. What are the latest gaming issues with Windows 11? 9. How can DrayTek router vulnerabilities be mitigated? 10. What are the latest tactics used by cybercriminals in email attacks? More_eggs, Golden Chickens, spear-phishing, credential theft, Microsoft, Windows 11, Asphalt 8, Intel Alder Lake+, DrayTek, vulnerabilities, exploits, cyber attackers, Zimbra, RCE, vulnerability, exploitation, # Intro HR professionals are under siege as a spear-phishing campaign disguised as fake job applications delivers the lethal More_eggs malware, leading to potentially devastating credential theft. Powered by the notorious Golden Chickens group, this malware-as-a-service targets recruiters with chilling precision. **How are recruitment officers unknowingly downloading malicious files, and what methods are threat actors using to bypass security measures?** “Microsoft is blocking Windows 11 24H2 upgrades on some systems due to critical gaming performance issues like Asphalt 8 crashes and Easy Anti-Cheat blue screens. The company is scrambling to resolve these problems that uniquely impact devices with Intel Alder Lake+ processors.” How can gamers with affected systems work around these issues until Microsoft releases a fix? Over 700,000 DrayTek routers are currently vulnerable to 14 newly discovered security flaws, with some critical exploits that could be used to take full control of the devices and infiltrate enterprise networks. Despite patches being released, many routers remain exposed, creating a lucrative target for cyber attackers. How can these vulnerabilities impact businesses that rely on DrayTek routers for network security? Hackers are leveraging a critical Zimbra RCE vulnerability to backdoor servers through specially crafted emails that execute malicious commands, revealing widespread exploitation just days after a proof-of-concept was published. Notable security experts warn of attackers embedding harmful code in the email’s CC field, which the Zimbra server inadvertently executes. How are attackers camouflaging their malicious emails to slip through security measures unnoticed? # Stories Welcome back to our podcast. Today, we’re talking about a new cyber threat targeting HR professionals. Researchers at Trend Micro have uncovered a spear-phishing campaign where fake job applications deliver a JavaScript backdoor called More_eggs to recruiters. This malware, sold as malware-as-a-service by a group known as Golden Chickens, can steal credentials for online banking, email accounts, and IT admin accounts. What’s unique this time is that attackers are using spear-phishing emails to build trust, as observed in a case targeting a talent search lead in engineering. The attack sequence involves downloading a ZIP file from a deceptive URL, leading to the execution of the More_eggs backdoor. This malware probes the host system, connects to a command-and-control server, and can download additional malicious payloads. Trend Micro’s findings highlight the persistent and evolving nature of these attacks, which are difficult to attribute because multiple threat actors can use the same toolkits. The latest insights also connect these activities to known cybercrime groups like FIN6. Stay vigilant, especially if you work in HR or recruitment. 1. **Spear-Phishing**: – **Definition**: A targeted phishing attack aiming at specific individuals or companies, typically using information about the victim to make fraudulent messages more convincing. – **Importance**: This method is specifically dangerous because it can trick even tech-savvy users by exploiting personalized details, leading to significant security breaches like credential theft. 2. **More_eggs**: – **Definition**: A JavaScript backdoor malware sold as a malware-as-a-service (MaaS) with capabilities to siphon credentials and provide unauthorized access to infected systems. – **Importance**: Due to its ability to latently steal sensitive information and its widespread use by various e-crime groups, More_eggs represents a significant threat to corporate cybersecurity. 3. **Malware-as-a-Service (MaaS)**: – **Definition**: A business model where malicious software is developed and sold to cybercriminals who can then use it to conduct attacks. – **Importance**: This model lowers the barrier of entry for cybercriminals, allowing even those with limited technical skills to launch sophisticated attacks using pre-made malware. 4. **Golden Chickens**: – **Definition**: A cybercriminal group (also known as Venom Spider) attributed with developing and distributing the More_eggs malware. – **Importance**: Understanding threat actors like Golden Chickens can help cybersecurity professionals anticipate and defend against specific threat tactics. 5. **Command-and-Control (C2) Server**: – **Definition**: A server used by threat actors to maintain communications with compromised systems within a target network to execute commands and control malware. – **Importance**: Disrupting C2 servers is crucial because it can cut off the attacker's control over their malware, mitigating the threat. 6. **LNK File**: – **Definition**: A shortcut file in Windows that points to another file or executable. – **Importance**: Misuse of LNK files in phishing campaigns can lead to automated execution of malicious payloads, making them an effective vector for malware distribution. 7. **PowerShell**: – **Definition**: A task automation framework from Microsoft consisting of a command-line shell and scripting language. – **Importance**: PowerShell is often used by attackers to execute and conceal malicious scripts due to its powerful capabilities and integration with Windows. 8. **Tactics, Techniques, and Procedures (TTPs)**: – **Definition**: The behavior patterns or methodologies used by cyber threat actors to achieve their goals. – **Importance**: Identifying TTPs helps security professionals understand, detect, and mitigate specific attack strategies used by threat actors. 9. **Obfuscation**: – **Definition**: The process of deliberately making code or data difficult to understand or interpret. – **Importance**: Obfuscation is commonly used by malware developers to conceal malicious activities and bypass security mechanisms. 10. **Cryptocurrency Miner**: – **Definition**: Software used to perform the computational work required to validate and add transactions to a blockchain ledger in exchange for cryptocurrency rewards. – **Importance**: Unauthorized cryptocurrency mining (cryptojacking) can misuse system resources for financial gain, leading to performance degradation and security vulnerabilities. — On today’s tech update: Microsoft has blocked upgrades to Windows 11 version 24H2 on certain systems due to gaming performance issues. Players of Asphalt 8 may encounter game crashes, while some systems running Easy Anti-Cheat might experience blue screens. These problems mainly affect devices with Intel Alder Lake+ processors. Until Microsoft resolves these issues, impacted users are advised not to manually upgrade using tools like the Media Creation Tool. Microsoft is working on fixes and will include them in upcoming updates. 1. **Windows 11 24H2**: A version of Microsoft’s Windows 11 operating system, released in the second half (H2) of 2024. It is significant because it represents Microsoft’s ongoing update cycle aimed at improving system performance and user experience, though it also highlights the challenges of software compatibility and stability. 2. **Asphalt 8 (Airborne)**: A popular racing video game often used for showcasing graphical and processing capabilities of devices. Its relevance lies in exposing potential software and hardware compatibility issues when new operating systems are released. 3. **Easy Anti-Cheat**: A software tool designed to detect and prevent cheating in multiplayer games. It is crucial for maintaining fair play and integrity in online gaming environments but can pose compatibility challenges with system updates. 4. **Blue Screen of Death (BSoD)**: An error screen displayed on Windows computers following a system crash. It is important as it signals serious software or hardware issues that could affect system stability and data integrity. 5. **Intel Alder Lake+ processors**: A generation of Intel’s microprocessors known for their hybrid architecture design. Understanding these chips is important for recognizing which systems might be more susceptible to the reported compatibility issues. 6. **vPro platform**: A set of Intel technologies aimed at enhancing business security and manageability. It’s critical to cybersecurity professionals because it allows for hardware-level encryption and more robust security management, but compatibility with OS updates can be problematic. 7. **MEMORY_MANAGEMENT error**: A specific type of error indicating system memory management problems, often leading to system crashes. It is crucial for cybersecurity and IT professionals as it affects the stability and reliability of a system. 8. **Compatibility holds (Safeguard IDs)**: Mechanisms employed by Microsoft to prevent system upgrades when known issues are detected. These are essential for protecting users from potential system failures and ensuring a stable computing environment. 9. **Media Creation Tool**: A Microsoft utility used for installing or upgrading Windows OS. It's important for IT professionals as it provides a means to manually deploy Windows updates, though it highlights the risks of bypassing automatic update safeguards. 10. **KB5043145 (Preview Update)**: A specific Windows update known to cause issues such as reboot loops and connection failures. Understanding these updates is crucial for maintaining system stability and ensuring that deployed systems are free from vulnerabilities and bugs. — In a recent cybersecurity alert, over 700,000 DrayTek routers have been identified as vulnerable to hacking due to 14 newly discovered security flaws. These vulnerabilities, found in both residential and enterprise routers, include two rated critical, with one receiving the maximum CVSS score of 10.0. This critical flaw involves a buffer overflow in the Web UI, potentially allowing remote code execution. Another significant vulnerability is OS command injection via communication binaries. The report highlights the widespread exposure of these routers’ web interfaces online, creating a tempting target for attackers, particularly in the U.S. DrayTek has released patches to address these vulnerabilities, urging users to apply updates, disable unnecessary remote access, and utilize security measures like ACLs and two-factor authentication. This development coincides with international cybersecurity agencies offering guidance to secure critical infrastructure, emphasizing the importance of safety, protecting valuable OT data, secure supply chains, and the role of people in cybersecurity. 1. **Vulnerability**: A weakness in a system or software that can be exploited by hackers. – **Importance**: Identifying vulnerabilities is crucial in cyber security because it helps protect systems from attacks. 2. **Router**: A device that routes data from one network to another, directing traffic on the internet. – **Importance**: Routers are essential for internet connectivity and their security is vital to prevent unauthorized access to networks. 3. **Buffer Overflow**: A coding error where a program writes more data to a buffer than it can hold, potentially leading to system crashes or unauthorized code execution. – **Importance**: Buffer overflows are common vulnerabilities that can be exploited to gain control of a system. 4. **Remote Code Execution (RCE)**: A type of vulnerability that allows an attacker to execute code on a remote system without authorization. – **Importance**: RCE vulnerabilities are highly critical as they enable attackers to take over affected systems. 5. **Cross-site Scripting (XSS)**: A web security vulnerability that allows attackers to inject malicious scripts into content from otherwise trusted websites. – **Importance**: XSS can be used to steal information, deface websites, and spread malware. 6. **Adversary-in-the-Middle (AitM) Attack**: An attack where the attacker secretly intercepts and possibly alters the communication between two parties who believe they are directly communicating with each other. – **Importance**: AitM attacks can lead to data theft, man-in-the-middle proxy attacks, and unauthorized access to sensitive information. 7. **Denial-of-Service (DoS)**: An attack intended to shut down a machine or network, making it inaccessible to its intended users. – **Importance**: DoS attacks disrupt the availability of services and can cause significant downtime and financial loss. 8. **Access Control List (ACL)**: A list of permissions attached to an object that specifies which users or system processes can access the object and what operations they can perform. – **Importance**: ACLs are crucial for implementing security policies to control access to resources. 9. **Two-Factor Authentication (2FA)**: A security process in which the user provides two different authentication factors to verify themselves. – **Importance**: 2FA improves security by adding an additional layer of verification, making it harder for attackers to gain unauthorized access. 10. **Operational Technology (OT)**: Hardware and software that detects or causes changes through direct monitoring and control of physical devices, processes, and events in an enterprise. – **Importance**: OT security is critical for the functioning and safety of critical infrastructure systems, such as those in manufacturing, power generation, and transportation. — Today, we’re discussing a critical remote code execution (RCE) vulnerability in Zimbra email servers, tracked as CVE-2024-45519, which hackers are actively exploiting. This flaw allows attackers to trigger malicious commands simply by sending specially crafted emails, which are processed by Zimbra’s post journal service. First flagged by Ivan Kwiatkowski of HarfangLab and confirmed by Proofpoint, the exploit involves spoofed emails with commands hidden in the “CC” field. Once processed, these emails deliver a webshell to the server, giving attackers full access for data theft or further network infiltration. A proof-of-concept exploit was released by Project Discovery on September 27, prompting immediate malicious activity. Administrators are urged to apply security updates released in Zimbra’s latest versions—9.0.0 Patch 41 and later—or disable the vulnerable postjournal service and ensure secure network configurations to mitigate the threat. Stay vigilant and update your Zimbra servers immediately to protect against this critical vulnerability. 1. **Remote Code Execution (RCE)** – **Definition**: A type of security vulnerability that enables attackers to run arbitrary code on a targeted server or computer. – **Importance**: This flaw can be exploited to gain full control over the affected machine, leading to data theft, unauthorized access, and further network penetration. 2. **Zimbra** – **Definition**: An open-source email, calendaring, and collaboration platform. – **Importance**: Popular among organizations for its integrated communication tools, making it a significant target for cyberattacks due to the sensitive data it handles. 3. **SMTP (Simple Mail Transfer Protocol)** – **Definition**: A protocol used to send and route emails across networks. – **Importance**: Integral to email services, its exploitation can deliver malicious content to servers and users, forming a vector for cyber-attacks. 4. **Postjournal Service** – **Definition**: A service within Zimbra used to parse incoming emails over SMTP. – **Importance**: Its vulnerability can be leveraged to execute arbitrary commands, making it a crucial attack point for hackers. 5. **Proof-of-Concept (PoC)** – **Definition**: A demonstration exploit showing that a vulnerability can be successfully taken advantage of. – **Importance**: PoC exploits serve as proof that theoretical vulnerabilities are practical and dangerous, necessitating urgent security responses. 6. **Base64 Encoding** – **Definition**: A method of encoding binary data into an ASCII string format. – **Importance**: Often used to encode commands within emails or other data streams to evade basic security detections. 7. **Webshell** – **Definition**: A type of malicious script that provides attackers with remote access to a compromised server. – **Importance**: Webshells afford attackers sustained control over a server, allowing for ongoing data theft, disruptions, and further exploits. 8. **CVE (Common Vulnerabilities and Exposures)** – **Definition**: A list of publicly known cybersecurity vulnerabilities and exposures, identified by unique CVE IDs. – **Importance**: Helps standardize and track security issues, facilitating communication and management of vulnerabilities across the cybersecurity community. 9. **Patch** – **Definition**: An update to software aimed at fixing security vulnerabilities or bugs. – **Importance**: Patching vulnerabilities is critical for protecting systems from attacks exploiting known security flaws. 10. **Execvp Function** – **Definition**: A function in Unix-like operating systems that executes commands with an argument vector, featuring improved input sanitization. – **Importance**: By replacing vulnerable functions like ‘popen,’ ‘execvp’ helps prevent the execution of malicious code, thus enhancing system security. —

On this episode of The Cybersecurity Defenders Podcast we talk about some of the common pitfalls faced by founders with Andrew Plato, Founder & CEO of Zenaciti.Andrew is an experienced CEO, founder, author, and cybersecurity expert. In 1995, Andrew founded Anitian, one of the earliest cybersecurity companies on record, where he pioneered innovations in intrusion detection, endpoint security, and cloud security. He led the development of a revolutionary automated platform for secure cloud environments, and under his leadership, Anitian formed strategic partnerships with major tech companies like AWS, Microsoft, and Trend Micro before he exited the company in 2022. Andrew also leads Zenaciti, providing business and security intelligence, and recently founded Screenopolis, focusing on media analysis. He is also the author of The Founder's User Manual: Practical Strategies for the Startup Leader.

The US is set to propose a ban on Chinese software and hardware in connected cars. Dell investigates a breach of employee data. Unit 42 uncovers a North Korean PondRAT and a red team tool called Splinter. Marko Polo malware targets cryptocurrency influencers, gamers, and developers. An Iranian state-sponsored threat group targets Middle Eastern governments and telecommunications.The alleged Snowflake hacker remains active and at large. German officials quantify fallout from the CrowdStrike incident. Apple's latest macOS update has led to widespread issues with cybersecurity software and network connectivity. Our guest is Vincenzo Ciancaglini, Senior Threat Researcher from Trend Micro, talking about the uptick in cybercrime driven by the generative AI explosion. Supercharging your graphing calculator.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Our guest is Vincenzo Ciancaglini, Senior Threat Researcher from Trend Micro, talking about the uptick in cybercrime driven by the generative AI explosion. Read their blog "Surging Hype: An Update on the Rising Abuse of GenAI" here.  Selected Reading Exclusive: US to propose ban on Chinese software, hardware in connected vehicles (Reuters) Dell investigates data breach claims after hacker leaks employee info (Bleeping Computer) North Korea-linked APT Gleaming Pisces deliver new PondRAT backdoor via malicious Python packages (Security Affairs) Global infostealer malware operation targets crypto users, gamers (Bleeping Computer) Iranian-Linked Group Facilitates APT Attacks on Middle East Networks (Security Boulevard) Hacker behind Snowflake customer data breaches remains active (CyberScoop) Discovering Splinter: A First Look at a New Post-Exploitation Red Team Tool (Palo Alto Networks) Organizations are changing cybersecurity providers in wake of Crowdstrike outage (Help Net Security) Cybersecurity Products Conking Out After macOS Sequoia Update (SecurityWeek) Secret calculator hack brings ChatGPT to the TI-84, enabling easy cheating (Ars Technica) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

IN THIS EPISODE...This episode features Zach Evans, the Chief Technology Officer at Xsolis. Xsolis is an AI-driven health tech company known for its human-centered approach. Zach leads the development and implementation of Dragonfly, a scalable platform that enhances market delivery and supports payer-provider interoperability. Under his leadership, Dragonfly modernized Xsolis' cloud-native architecture, focusing on cybersecurity, utilizing Trend Micro and AWS for secure data management and exchange, thereby advancing the company's technology and client services.In today's discussion, Zach reveals his approach to leading tech teams with empathy, underscoring the need to align engineers with the mission and manage rapid tech changes. Also, he recounts the Dragonfly transition's challenges, emphasizing rebuilding with client impact in mind and learning from involving frontline staff.------------Full show notes, guest bio, links to resources mentioned, and other compelling episodes can be found at http://LeadYourGamePodcast.com. (Click the magnifying icon at the top right and type “Zach”)Love the show? Subscribe, rate, review, and share! Learn more about us! https://shockinglydifferent.com/-------------WHAT TO LISTEN FOR:1. How should technical teams be led to create high-performing groups?2. How can we effectively prioritize when faced with constraints?3. What are the key challenges and successes during a platform transition?4. What lessons can be learned from a transition, particularly regarding change management?5. What does leading with courageous agility entail, and how can it be applied to significant changes?------------FEATURED TIMESTAMPS:[02:41] Zach's Background and Personal Life[05:13] Zach's Career Journey[10:12] Zach's Approach to Leading Technical Teams[13:35] Signature Segment: Zach's entry into the LATTOYG Playbook: The Art of Prioritization[17:25] What is Dragonfly?[23:44] Transition to Dragonfly Platform[38:01] Signature Segment: Zach's LATTOYG Tactic of Choice: Leading with Courageous Agility------------ADDITIONAL RESOURCES FOR YOU:Overview: Our Signature Leadership Development Experience: http://bit.ly/DevelopYourGame

No episódio de hoje, vamos discutir o preocupante aumento de ferramentas baseadas em inteligência artificial disponíveis na dark web. Segundo uma pesquisa recente da Trend Micro, criminosos estão aproveitando IA Generativa para lançar ataques em larga escala com mais facilidade e precisão, usando táticas como deepfakes e golpes de engenharia social. Para falar sobre esse assunto eu recebo hoje aqui no Podcast Canaltech o Daniel Zan, Sales Engineer da Trend Micro. E mais: Quanto cada investidor do X perdeu com a gestão de Elon Musk; YouTube lança ferramenta parental para monitorar atividade de adolescentes; Daylist | Playlist do Spotify que muda ao longo do dia chega ao Brasil; Meta notifica usuários brasileiros sobre coleta de dados para treinar IA; VPN pode ser usada de forma legal no Brasil, dizem advogados. Acesse o site do Canaltech Receba notícias do Canaltech no WhatsApp Entre nas redes sociais do Canaltech buscando por @Canaltech nelas todas Entre em contato pelo nosso e-mail: podcast@canaltech.com.br Entre no Canaltech Ofertas Este episódio foi roteirizado e apresentado por Gustavo Minari. O programa também contou com reportagens de Bruno De Blasi, André Lourenti Magalhães e Guilherme Haas. Edição por Natália Improta. A trilha sonora é uma criação de Guilherme Zomer e a capa deste programa é feita por Erick Teixeira.See omnystudio.com/listener for privacy information.

Inteligência Artificial em pauta hoje no Start Eldorado, que traz duas entrevistas sobre o tema. No primeiro bloco, o apresentador Daniel Gonzales recebe Daniel Zan, da Trend Micro, que explica o uso crescente da IA em golpes virtuais, as ferramentas mais recentes utilizadas por criminosos da deep web e como as proteções estão avançando, também com IA, para conter essas ameaças. No segundo bloco, o Start conversa com Bernardo Bezerra, diretor da plataforma de Energia e Regulação da Serena, que traz um tema muito importante: o crescimento da demanda de energia para rodar tecnologias como IA e o papel fundamental das empresas geradoras e distribuidoras nesse contexto, bem como os projetos para utilização de geração renovável nos datacenters, desenvolvidos pela empresa. O programa vai ar às 21h em FM 107,3 para toda a Grande São Paulo e no app, site e Alexa, todas as quartas-feiras.See omnystudio.com/listener for privacy information.

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and code quality over rushing products to market. Overall, the hosts express concerns about the frequency of security vulnerabilities and the potential impact on customer trust. Other topics of discussion include the Innovators and Investors Summit at Black Hat, the potential sale of Trend Micro, layoffs in the industry, and the controversy surrounding room searches at DEF CON. They also touch on the concept of time on the moon and its implications for future lunar missions. Devo, the security analytics company, recently launched data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements. Enterprise security teams are struggling with growing data volumes—and they're also up against headcount and budget constraints. These solutions offer security teams data control, cost optimizations, and efficient automation for better security outcomes. Segment Resources: https://www.devo.com/defend-everything/ This segment is sponsored by Devo. Visit https://securityweekly.com/devobh to learn more about how Devo's new solutions can streamline your security operations. As security monitoring has gotten more mature over the years, remediating security vulnerabilities is still stuck in the dark ages requiring mountains of CVE reports and thousands of manual tasks to be done by network engineers at the wee hours of the nights and weekends. Cyber resilience requires a more continuous approach to remediation, one that does not depend on manual work but also one that can be trusted not to cause outages. This segment is sponsored by BackBox. Visit https://securityweekly.com/backboxbh to learn more about them! Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. These attacks are becoming all too common. Disruptions can lead to life-and-death situations with massive impacts on patient care. All industries, especially healthcare, have to better prepare for ransomware attacks. Are you ready to turn the tables on threat actors? Marty Momdjian, Semperis EVP and General Manager provides advice on how hospitals can regain the upper hand. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! The annual report details the latest ransomware attack trends and targets, ransomware families, and effective defense strategies. Findings in the report uncovered an 18% overall increase in ransomware attacks year-over-year, as well as a record-breaking ransom payment of US$75 million – nearly double the highest publicly known ransomware payout – to the Dark Angels ransomware group. Segment Resources: For a deeper dive into best practices for protecting your organization and the full findings, download the Zscaler ThreatLabz 2024 Ransomware Report Link below - https://zscaler.com/campaign/threatlabz-ransomware-report This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-372

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and code quality over rushing products to market. Overall, the hosts express concerns about the frequency of security vulnerabilities and the potential impact on customer trust. Other topics of discussion include the Innovators and Investors Summit at Black Hat, the potential sale of Trend Micro, layoffs in the industry, and the controversy surrounding room searches at DEF CON. They also touch on the concept of time on the moon and its implications for future lunar missions. Devo, the security analytics company, recently launched data orchestration, a data analytics cloud, and security operations center (SOC) workflow enhancements. Enterprise security teams are struggling with growing data volumes—and they're also up against headcount and budget constraints. These solutions offer security teams data control, cost optimizations, and efficient automation for better security outcomes. Segment Resources: https://www.devo.com/defend-everything/ This segment is sponsored by Devo. Visit https://securityweekly.com/devobh to learn more about how Devo's new solutions can streamline your security operations. As security monitoring has gotten more mature over the years, remediating security vulnerabilities is still stuck in the dark ages requiring mountains of CVE reports and thousands of manual tasks to be done by network engineers at the wee hours of the nights and weekends. Cyber resilience requires a more continuous approach to remediation, one that does not depend on manual work but also one that can be trusted not to cause outages. This segment is sponsored by BackBox. Visit https://securityweekly.com/backboxbh to learn more about them! Many cybersecurity experts are calling recent attacks on healthcare more sophisticated than ever. One attack disrupted prescription drug orders for over a third of the U.S. and has cost $1.5 billion in incident response and recovery services. Separately, an operator of over 140 hospitals and senior care facilities in the U.S. was also victimized. These attacks are becoming all too common. Disruptions can lead to life-and-death situations with massive impacts on patient care. All industries, especially healthcare, have to better prepare for ransomware attacks. Are you ready to turn the tables on threat actors? Marty Momdjian, Semperis EVP and General Manager provides advice on how hospitals can regain the upper hand. This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them! The annual report details the latest ransomware attack trends and targets, ransomware families, and effective defense strategies. Findings in the report uncovered an 18% overall increase in ransomware attacks year-over-year, as well as a record-breaking ransom payment of US$75 million – nearly double the highest publicly known ransomware payout – to the Dark Angels ransomware group. Segment Resources: For a deeper dive into best practices for protecting your organization and the full findings, download the Zscaler ThreatLabz 2024 Ransomware Report Link below - https://zscaler.com/campaign/threatlabz-ransomware-report This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerbh to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-372

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and code quality over rushing products to market. Overall, the hosts express concerns about the frequency of security vulnerabilities and the potential impact on customer trust. Other topics of discussion include the Innovators and Investors Summit at Black Hat, the potential sale of Trend Micro, layoffs in the industry, and the controversy surrounding room searches at DEF CON. They also touch on the concept of time on the moon and its implications for future lunar missions. Show Notes: https://securityweekly.com/esw-372

In this conversation, the hosts discuss patchless patching, vulnerabilities in the Windows TCP/IP stack, and the trustworthiness of Microsoft. They highlight the challenges of marketing in the cybersecurity industry and the importance of building trust with customers. The conversation also touches on the need for vendors to prioritize security and code quality over rushing products to market. Overall, the hosts express concerns about the frequency of security vulnerabilities and the potential impact on customer trust. Other topics of discussion include the Innovators and Investors Summit at Black Hat, the potential sale of Trend Micro, layoffs in the industry, and the controversy surrounding room searches at DEF CON. They also touch on the concept of time on the moon and its implications for future lunar missions. Show Notes: https://securityweekly.com/esw-372

Despite concerns of a potential recession, economic indicators suggest continued growth, with the National Bureau of Economic Research indicating positive job growth and stable personal income.  This despite Wall Street's reaction to weak job data.Dave Sobel delves into the IT sector, citing the 2024 Information Week US IT Salary Report, which reveals job stress and layoffs among IT professionals. Tech employment in the U.S. saw a decline in July 2024, with losses in certain sectors offsetting gains in others. The Managed Service Provider (MSP) market experienced a slowdown in revenue growth, but profitability remained strong, particularly for private equity-backed MSPs.The episode also covers earnings calls from major tech companies like Microsoft, Amazon, and Apple. Microsoft's cloud growth slowed, while Amazon Web Services reported a significant revenue increase. Apple's Q3 earnings exceeded expectations, with strong revenue growth in the iPhone and iPad divisions. The cloud infrastructure market saw substantial growth driven by AI interest, with Microsoft, Amazon, and Google Cloud leading the market share.Intel's leadership crisis and restructuring efforts take center stage as Sobel discusses the company's significant earnings miss and workforce reduction plans. Intel's struggles in the AI sector and product quality issues have led to a decline in value and market competitiveness. The episode also touches on private equity moves, including EQT's acquisition of Acronis and Trend Micro's exploration of a sale, highlighting the evolving landscape of cybersecurity and managed services providers. Four things to know today00:00 Wall Street Jitters Amid Weak Job Data; Tech Employment Faces Decline but Remains Resilient05:26 Tech Giants' Earnings Underscore Cloud Power Play, But MSPs and Smaller Players Stay the Course09:37 Intel's Leadership Crisis Deepens with Earnings Miss, AI Setbacks, and Major Cost-Cutting12:14 Private Equity Moves: EQT Targets Acronis Growth, Trend Micro Eyes Potential Buyout  Supported by:  https://trinitycyber.com/msp4/  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessoftech.bsky.social

How safe are we in the age of AI PCs? As AI technology becomes increasingly integrated into our everyday devices, the promise of faster, more personalized computing comes with a critical question: Are we truly prepared for the security and privacy challenges that follow? In this episode, I sit down with Eric Shulze, VP of Product Management at Trend Micro, to explore the rapidly evolving landscape of AI PCs. With chip makers in a race to innovate, these new devices promise unparalleled speed and privacy by running generative AI locally on specialized neural processing units (NPUs). But as AI's role expands, so do the concerns over data security and privacy. Eric shares his insights on the potential risks associated with on-device AI, including the threat of compromised data and the spread of misinformation. We delve into the steps consumers can take to protect themselves, from choosing reputable vendors to implementing additional security layers. Eric also reveals how Trend Micro is stepping up to the challenge, with plans to roll out cutting-edge tools to safeguard AI PC users. But it's not all about the risks. We also explore the excitement surrounding AI innovation—how it's transforming personalization and accessibility in tech, and why ethical considerations must be at the forefront of this revolution. Plus, Eric offers a unique glimpse into his own career journey, from studying zoology and working as a dolphin trainer to becoming a leader in the tech industry. As AI PCs move from concept to mainstream reality, what do you need to know to stay safe and informed? Tune in to find out, and join the conversation on how we can balance innovation with privacy in the digital age. What are your thoughts on the future of AI PCs? Let us know!

Trend Micro's Avril Ronan spills the tea to Gareth O'Callaghan and has ideas to keep you safe. Hosted on Acast. See acast.com/privacy for more information.

While the private sector makes a lucrative target for threat actors, the public sector is also under constant threat of cyber attacks.In October 2023, the British Library was hit by a major ransomware attack and the founder and CEO of the National Cyber Security Centre (NCSC) Ciaran Martin told the BBC that recent attacks on the UK's National Health Service were not surprising given its outdated systems and cyber policies.But what might these updates look like? And on a national level, what can be done to protect the public sector from further attacks?In this episode, Jane and Rory speak to Jonathan Lee, public sector lead at Trend Micro, to discuss the attacks targeting the public sector and what can be done to stop them.

Chief Marketing Officer of Macquarie Technology Group, Anthony Emmanouil, joins Shahin on the pod to chat about Macquarie Telecom's successful customer experience program. This episode also covers... The beginning of Macquarie TelecomThe importance of brutal transparencyHow to attract the right teamWhere to start on a CX journey About Tony... Anthony is a veteran of the Australian IT&T sector, having held leadership positions in sales and marketing over the last 25 years.  With a career spanning cloud services, cybersecurity, software, networks, and AI, he has worked with world-leading industry names including Optus, Ericsson, Trend Micro and Gartner.  Anthony now serves as CMO of ASX 200 leader Macquarie Technology Group, where he works closely with the company's senior leadership and board to drive Macquarie's brand narrative around customer experience, technological innovation, and workplace culture.  Anthony is a renowned speaker and corporate spokesperson with many years' of experience hosting, engaging and educating audiences on how to drive business success through marketing. Resources mentioned in this episode: Customer Magic - Joseph MichelliThe Ultimate Question - Fred ReichheldGood to Great - Jim CollinsOh, the Places You'll Go! - Dr SeussMacquarie Telecom Video _________________

In today's episode, we discuss a 20% rise in ransomware activity in Q2 2023, driven primarily by the ransomware group LockBit and impacting U.S.-based businesses most heavily, as reported by Reliaquest. We also explore Void Banshee APT's exploitation of CVE-2024-38112 to spread Atlantida malware via spear-phishing campaigns, and the NullBulge group's data breach of Disney in protest against AI-generated artwork. Finally, we cover Microsoft's announcement of new checkpoint cumulative updates for Windows to improve update efficiency. URLs: https://www.cybersecuritydive.com/news/ransomware-leak-site-increase/721480/ https://www.helpnetsecurity.com/2024/07/16/cve-2024-38112-void-banshee/ https://www.bleepingcomputer.com/news/microsoft/microsoft-announces-new-windows-checkpoint-cumulative-updates/ https://www.theguardian.com/technology/article/2024/jul/16/hackers-claim-disney-data-theft-in-protest-against-ai-generated-artwork 00:00 - Intro 01:14 - Hackers Leak Disney Data Over AI Art 02:58 - Microsoft Unveils Efficient 'Checkpoint' Updates 04:18 - Void Banshee Exploits Windows Flaw, Microsoft Fumbles 06:05 - LockBit Surge Drives 20% Ransomware Spike Video Episode: https://youtu.be/lRuQiv-KWnQ Sign up for digestible cyber news delivered to your inbox: https://news.thedailydecrypt.com Thanks to Jered Jones for providing the music for this episode. https://www.jeredjones.com/ Logo Design by https://www.zackgraber.com/ Tags: Ransomware, attacks, LockBit, organizations, Void Banshee, APT, MSHTML vulnerability, Trend Micro, Microsoft, Checkpoint, cumulative updates, bandwidth, NullBulge, hacktivists, Disney, AI-generated artwork Search Phrases: What are today's top cybersecurity news stories? How did ransomware group LockBit contribute to the spike in ransomware attacks during May? Ransomware attacks on organizations in Q2 Void Banshee APT exploits CVE-2024-38112 vulnerability Trend Micro's Zero Day Initiative findings on MSHTML vulnerability Microsoft checkpoint cumulative updates for Windows Benefits of Microsoft's new cumulative updates NullBulge hacktivists' breach of Disney's network AI-generated artwork controversy in cybersecurity Latest trends in hacktivism and digital protests

In this episode of The Lazy CEO Podcast, the host welcomes Louise McEvoy, VP of US Channel Sales at Trend Micro, to discuss the growth of channel ecosystems and her experience as an Everest summiteer. McEvoy elaborates on Trend Micro's mission to secure endpoints, data services, and cloud data for businesses of all sizes. Highlighting the relentless nature of cyber threats, she discusses the importance of AI in enhancing security measures and the significant processing power required to stay ahead of cybercriminals. She also addresses the complexities of ransomware and the dark web, shedding light on the extensive underground networks involved in cybercrime and the necessity for businesses to maintain vigilant and comprehensive security practices. McEvoy also shares insights into Trend Micro's channel sales strategy, emphasizing the importance of partnering with specialized firms to extend their sales reach and expertise. She explains that while Trend Micro could employ a large direct sales team, leveraging channel partners allows the company to focus its resources on core activities such as threat intelligence and zero-day research. Furthermore, McEvoy advises both businesses and individuals to be cautious about sharing personal information, pushing back against unnecessary data collection, and ensuring robust cybersecurity measures are in place to protect sensitive data.

GUEST 1 OVERVIEW: Eric has close to two decades of hands-on Security Architecture and Network Infrastructure experience, Eric joined Trend Micro in 2014 with "an extraordinary wealth of broad security-domain expertise that contributes to architecting IT Security Systems for numerous Fortune Global 500 companies." GUEST 2 OVERVIEW: As Chief Technology Officer for APJ, the Middle East and Africa, as well as Digital Evangelist and Value Pathfinder, Vijay leads a team of experts that, as IFS explains, empower organisations to become truly connected enterprises.

Featured on Cybersecurity Ventures' list of Cybersecurity Pundits, Alan Wallace's public relations career began with his role as the tour publicist for Chuck Norris' film "Sidekicks.” He then co-founded the first PR, advertising, and online marketing firm for the internet. His background includes Panda Software, ICANN, Microsoft, Trend Micro, and Afilias. Wallace consults under the brand of PressContact, LLC, and represents tech and cybersecurity-focused companies. In this episode, he joins host Scott Schober to discuss public relations for cybersecurity companies.• For more on cybersecurity, visit us at https://cybersecurityventures.com

In der heutigen Folge von “Alles auf Aktien” sprechen die Finanzjournalisten Anja Ettel und Holger Zschäpitz über einen enttäuschenden Ausblick bei Bath&Body Works, die bittere Indien-Überraschung und ein attraktives Nordlicht fürs Depot. Außerdem geht es um Hewlett Packard, Bavarian Nordic, Novo Nordisk, Sanofi, Wisdomtree Cybersecurity (A2QGAH), IBM, Booz Allen Hamilton, Bechtle, Gen Digital, Trend Micro, Check Point Software, Fastly, Cloudflare, Zscaler, Fortinet, Cisco Systems, Palo Alto Networks, Microsoft, IBM, Sentinel One, Rapid7, Zscaler, Okta, Datadog, Cyberark Software, iShares Digital Security ETF (WKN: A2JMGE), Rize Cybersecurity & Data Privacy (A2PX6V), L&G Cyber Security ETF (WKN: A14WU5), und First Trust Nasdaq Cybersecurity (WKN: A2P4HV). Eure Sprachnachrichten für die 1000. Folge schickt ihr bitte an die Nummer: 0170/3753558. Wir freuen uns an Feedback über aaa@welt.de. Ab sofort gibt es noch mehr "Alles auf Aktien" bei WELTplus und Apple Podcasts – inklusive aller Artikel der Hosts und AAA-Newsletter. Hier bei WELT: https://www.welt.de/podcasts/alles-auf-aktien/plus247399208/Boersen-Podcast-AAA-Bonus-Folgen-Jede-Woche-noch-mehr-Antworten-auf-Eure-Boersen-Fragen.html. Disclaimer: Die im Podcast besprochenen Aktien und Fonds stellen keine spezifischen Kauf- oder Anlage-Empfehlungen dar. Die Moderatoren und der Verlag haften nicht für etwaige Verluste, die aufgrund der Umsetzung der Gedanken oder Ideen entstehen. Hörtipps: Für alle, die noch mehr wissen wollen: Holger Zschäpitz können Sie jede Woche im Finanz- und Wirtschaftspodcast "Deffner&Zschäpitz" hören. Außerdem bei WELT: Im werktäglichen Podcast „Das bringt der Tag“ geben wir Ihnen im Gespräch mit WELT-Experten die wichtigsten Hintergrundinformationen zu einem politischen Top-Thema des Tages. +++ Werbung +++ Du möchtest mehr über unsere Werbepartner erfahren? Hier findest du alle Infos & Rabatte! https://linktr.ee/alles_auf_aktien Impressum: https://www.welt.de/services/article7893735/Impressum.html Datenschutz: https://www.welt.de/services/article157550705/Datenschutzerklaerung-WELT-DIGITAL.html

Trend Micro Incorporated ( TYO: 4704 ; TSE: 4704 ), a global cybersecurity leader, announced plans to demo a new data center solution, using NVIDIA technology, for security-conscious business and government customers harnessing the power of AI. This is just one of multiple AI security solutions being shown for the first time at COMPUTEX 2024. Innovent Biologics, Inc. (HKEX: 01801), a world-class biopharmaceutical company announced that results from the pivotal Phase 2 TRUST-I study conducted in China evaluating taletrectinib, next-generation ROS1 tyrosine kinase inhibitor (TKI), were published in the Journal of Clinical Oncology (JCO) and will be highlighted in an oral presentation at the 2024 American Society of Clinical Oncology (ASCO) Annual Meeting. For more information, please visit StockDayMedia.com

In today's episode, we explore the FlyingYeti campaign exploited by using a WinRAR vulnerability (CVE-2023-38831) to deliver COOKBOX malware in Ukraine, detailed by Cloudflare's Cloudforce One: https://thehackernews.com/2024/05/flyingyeti-exploits-winrar.html. Next, we discuss the unprecedented mystery malware attack that destroyed 600,000 routers from ISP Windstream, reported by Black Lotus Labs: https://arstechnica.com/security/2024/05/mystery-malware-destroys-600000-routers-from-a-single-isp-during-72-hour-span/. Finally, we dive into the Trend Micro study on CISOs facing pressure from corporate boards to downplay cyber risk: https://www.cybersecuritydive.com/news/cisos-pressure-boards-downplay-cyber-risk/717497/. Tags: WinRAR, COOKBOX, FlyingYeti, Cloudflare, cyber warfare, Ukraine, phishing attacks, malware, routers, ISP, threat actor, Trend Micro, CISOs, cyber risks, organizational security Search Phrases: WinRAR vulnerability explained COOKBOX malware detection and removal FlyingYeti cyber attack details Cloudflare security advisories Protecting against phishing attacks Malware impact on routers ISP security breach cases Trend Micro cybersecurity reports CISO corporate board pressure Organizational cybersecurity best practices May31 An unknown threat actor recently unleashed a devastating malware attack that obliterated over 600,000 routers from a single internet service provider in just 72 hours. Forcing the company to replace all of the affected devices, leaving their patrons in digital darkness. What the heck happened here and how will we recover from this? Under mounting pressure from corporate boards, nearly four and five chief information security officers or CSOs are being pushed to downplay the severity of cyber risks. As revealed by a recent trend micro study.. How can CSOs navigate the pressure from corporate boards while also maintaining robust security posture? And finally, sometimes I pick stories simply because the name is too good. So flying Yeti is exploiting a WinRAR vulnerability to deliver cookbook malware in Ukraine marking another alarming chapter in Russia, aligned cyber warfare. You're listening to the daily decrypt.. And just over 72 hour time period malware called Chalubo Rendered more than 600,000 routers permanently unusable. All of these routers belonged to a single internet service provider named Windstream. And this ISP is now forced to replace every single one of these routers. Now that is not a small task. And a lot of these routers live in rural areas, which would be a long drive for. ISP technicians to make. And there were only so many ISP technicians. Out there. Sure they can ship you these routers, but that's going to take a long time because no supply chain is equipped to handle a random 600,000. Product order. Overnight. So who knows how long these people will be without internet? The specific routers that were affected are action tech T 3,200 and Sage com. And users are reporting a static red light on their routers, which indicates failure. Wow. Black Lotus labs utilize the census search engine. To track these affected router models and noted that. Throughout that 72 hour time period. There was a 49% drop in connections for these routers. So almost half of these routers on the public internet. Went offline. And I had mentioned that a lot of these routers lived in rural areas. But the spread of this disaster is, is pretty wide and vast because. This internet service provider provided service specifically to. Rural areas. And what is out in rural areas, a lot of farming and agriculture. So who knows what sort of impact this will have? Over. Our food source in the coming months. ' cause even tractors nowadays rely on wifi. Which is a whole nother wormhole. That I won't get to on this episode, but if you're interested, go ahead and look up John Deere wifi. And cloud connectivity because I believe they actually locked down these devices. And you have to be connected to the cloud to use them or something crazy like that. And this will also affect emergency services, which are few and far between. Out in rural areas already. Which is just unfair. But I hope this ISP is doing okay. And has a solid disaster recovery plan for how to get. Their patrons back online. It's. As far as I can tell, pretty much not feasible to get 600,000 devices out to patrons in any sort of reasonable amount of time. So. Hopefully. They can provide their patrons with maybe Amazon gift cards and instructions on how to connect. Routers purchased on Amazon or best buy to the ISP network or, or some, some sort of creative solution to get internet back online. As of right now, researchers have not identified how the routers were initially infected. Some possible methods could include exploiting, unknown vulnerabilities or abusing weak credentials. Or even maybe accessing exposed administrative panels. And I'm sure we'll hear some more from security researchers in the coming weeks on how this happened. But it's pretty hard to pin down because routers are widely. Insecure. And unpatched and it could be a myriad of ways. That they were compromised. And on that note, how do you prevent this? Make sure your routers are regularly updated. It is probably not updating itself. So you're going to have to go in and you're going to have to find. That update button. I'm sorry. That totally sucks, but just do it. This is about the worst case that can happen other than being spied on. And in fact, I was actually traveling out of town and staying with a friend recently. And I asked his permission to go into his router just to see what was going on. I like to poke around and make sure my friends are secure. And I, while I was in there. Updated his router had never been updated. Wasn't automatically updating. And I went ahead and showed him how to do it himself. According to a study recently done by trend micro. Almost four and five CSOs report feeling pressured by corporate boards to downplay their company's cyber risk. Which is a conflict between executives and security professionals that we've seen a lot in the past, but we're really hoping. Is being remediated due to all the visibility on cybersecurity risk. But this study is showing that we still have a lot of work to do. According to this study, 43% of security leaders feel they are perceived as nagging. Or repetitive while 42% feel seen as overly negative about their cyber risk. In the United States, the sec mandates that publicly traded companies disclose significant cybersecurity incidents within four business days, which is only going to add pressure to these CSOs. To manage their board's expectations while also complying with regulations. That is not a job that I envy. In fact, the sec charged solar winds and its top cyber risk executives for misleading investors about their cyber resilience. Now any study done relies on the opinions and questions asked to the specific participants, right? So this. Is kind of contradicted by a similar study done by proof point earlier this year that shows that 84% of CSOs now feel aligned with their boards on cyber risk. Which would indicate the opposite of this study. Ear, regardless. If you're a CSO or if you're an aspiring CSO. It's hard. To confront the people that pay you and write your checks. But you owe it to yourself and you owe it to your company. And you owe it to cybersecurity as a whole to take a stand. And. Make sure that the cyber risk you're dealing with is identified and. Addressed to the best of your ability. Uh, my favorite leadership tactic or strategy or principle is. To not be afraid or to recognize that it would be your proudest moment to be fired for standing up for something you believe in. Which is almost the way you have to approach leadership. Nowadays, you're going to get a lot of pressure from above and you're going to get a lot of pressure from below. So unless you know what you stand for. You're probably going to pick the wrong side. So pick something, stand for it. Hopefully it follows moral grounds and make it your life's honor to get fired for standing up for what you believe in. So we all know what phishing is. And with the invent of generative AI and machine learning, et cetera, phishing is only on the rise. People are being. Provided with more and more tools that will help them fish more efficiently. So of course fishing is going to be on the rise. It's a very effective hacking technique. Well, further proof of that. Comes when. CloudFlare disrupted a phishing campaign by a Russia aligned group called flying Yeti. That has been targeting Ukraine with quote cook box malware. Lots of good visuals there. The attackers use debt themed, lures exploiting concerns over housing and utilities to trick victims. Once the fishing victim clicks the link. They're directed to a get hub page that mimics cube Coleman, Alta, which is a leading malicious RAR archive. Download. The cook box malware then uses PowerShell to control the infected system. Connecting to a DDNS domain for command and control. Flashpoint also noted that Russian apt groups are refining their tactics and expanding their targets. Using malware, like agent Tesla and snake key logger. To accomplish their cyber crime goals. And as I mentioned in the intro, I mostly picked this story because of the fun visuals of a flying Yeti. But. Keep yourself up to date on fishing tactics, know what to look for and how to avoid getting fished yourself. I was talking to a friend yesterday who was showing me an example of a phishing email that his company came across. And it looked really good. I couldn't actually identify it as a phishing email. So, what do you do in that case? You should be skeptical of any link you click in any email. Never click a link without first thinking about what you're clicking. It's a really hard habit, but it will save you a lot of time and money. By not getting fished. Right. So first thing, check the email address it was sent from. I think it was my dad recently who sent me an email that he thought might be fishing, but couldn't tell. And so he just forwarded it to me. And yeah, the first thing I did was open up and see the email address sent. Sometimes it'll show like an alias, like Facebook marketing, but then the actual email address is something different and yeah, in. In this case. It was something like cutie pie, thirty6@gmail.com. Sending an email. Requesting to reset your password on Facebook or something like that. Like that's never going to happen. It'll come from, I mean, Facebook does use some pretty sneaky domains. That look like fishing. So Hey, knock that off Facebook. But it'll never be from a Gmail. It'll always be from a Facebook or fb.me or something like that. And if the email looks legit, You can always. Google. Malware sandbox or something like that and find a service they're free and you can copy the link, paste it in there and see what it does. I did this for my dad's email as well. It was a PDF and I got to actually watch the PDF. On a screen like this, this virtual machine opened up the PDF. And I got to watch it, try to ex execute other programs. In the background. It was super cool. But yeah. Try to use a safe environment to open up that link, or if it's not necessary. To click the link. Like if you have to reset your Facebook password, you can just go log into Facebook and go to your settings and reset your own password. You don't have to click the link for convenience. If it's like pay your bill. Now you can just go to your account by typing in the URL yourself. And pay the bill. Don't click the link. Just try to avoid clicking links as much as you possibly can.

Apple warns targeted users of mercenary spyware attacks. CISA expands its Malware Next-Gen service to the private sector. US Cyber Command chronicles their “hunt forward” operations. Taxi fleets leak customer data. Trend Micro tracks DeuterBear malware. The BatBadBut vulnerability enables command injection on Windows. Cybercriminals manipulate GitHub's search functionality. Scully Spider may be utilizing AI generated Powershells scripts. A study from ISC2 shed's light on salary disparities. On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights. And AI music sings the license.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests On our Threat Vector segment, host David Moulton, Director of Thought Leadership at Unit 42, welcomes Donnie Hasseltine, VP of Security at Second Front Systems and a former Recon Marine, as they delve into the indispensable role of a military mindset in cybersecurity. You can listen to the full conversation here.  Guest Dr. Sasha Vanterpool, Cyber Workforce Consultant with N2K, introducing the new podcast series Cyber Talent Insights that is launching on Friday, April 12, 2024. You can read more about Cyber Talent Insights here. Selected Reading iPhone users in 92 countries received a spyware attack warning from Apple (Engadget) CISA to expand automated malware analysis system beyond government agencies (The Record) US Cyber Force Assisted Foreign Governments 22 Times in 2023 (SecurityWeek) Taxi software vendor exposes personal details of nearly 300K (The Register) Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear (Trend Micro) BatBadBut: You can't securely execute commands on Windows (Flatt) New Technique to Trick Developers Detected in an Open Source Supply Chain Attack (Checkmarx) Malicious PowerShell script pushing malware looks AI-written (Bleeping Computer) Women make less than men in US cyber jobs — but the gap is narrowing (CyberScoop) Permission is hereby granted (Suno)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

The Cyber Safety Review Board hands Microsoft a scathing report. Jackson County, Missouri declares a state of emergency following a ransomware attack. The concerning growth of Chinese brands in U.S. critical infrastructure. Malware campaigns make use of YouTube. OWASP issues a data breach warning. Trend Micro tracks LockBit's faltering rebound. India's government cloud service leaks personal data. ChatGPT jailbreaks spread on popular hacker forums. On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1. And you can no longer just walk out of an Amazon grocery store.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Learning Layer segment, host Sam Meisenberg and Joe Carrigan continue their discussion of Joe's CISSP study journey and focus on the when and how of studying for Domain 1.  Resources for this session:  Effect of sunlight exposure on cognitive function among depressed and non-depressed participants: a REGARDS cross-sectional study Selected Reading Scathing federal report rips Microsoft for shoddy security, insincerity in response to Chinese hack (AP News) Missouri county declares state of emergency amid suspected ransomware attack (Ars Technica) Forescout research finds surge in Chinese-manufactured devices on US networks, including critical infrastructure (Industrial Cyber) YouTube channels found using pirated video games as bait for malware campaign (The Record) OWASP issues data breach alert after misconfigured server leaked member resumes (ITPro) Trend Micro: LockBit ransomware gang's comeback is failing (TechTarget) Indian government's cloud spilled citizens' personal data online for years (TechCrunch) ChatGPT jailbreak prompts proliferate on hacker forums (SC Media) Amazon Ditches 'Just Walk Out' Checkouts at Its Grocery Stores (Gizmodo)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

A SIM-swapper faces prison and fines. Here come the class action suits against UnitedHealth Group. Aviation and Aerospace find themselves in the cyber crosshairs. A major mortgage lender suffers a major data breach. A look at election misinformation. The UK shares guidance on migrating SCADA systems to the cloud. Collaborative efforts to contain Smoke Loader. Trend Micro uncovers Earth Krahang. Troy Hunt weighs in on the alleged AT&T data breach. Ben Yelin unpacks the case between OpenAI and the New York Times. And fool me once, shame on you… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Ben Yelin, Program Director at University of Maryland's Center for Health and Homeland Security and cohost of our Caveat podcast, discusses the article on how “OpenAI says New York Times ‘hacked' ChatGPT to build copyright lawsuit.”   Selected Reading District of New Jersey | Former Telecommunications Company Manager Admits Role in SIM Swapping Scheme (United States Department of Justice) Cash-Strapped Women's Clinic Sues UnitedHealth Over Attack (Gov Info Security) Nations Direct Mortgage Data Breach Impacts 83,000 Individuals (SecurityWeek) Preparing Society for AI-Driven Disinformation in the 2024 Election Cycle (SecurityWeek) NCSC Publishes Security Guidance for Cloud-Hosted SCADA (Infosecurity Magazine) Unit 42 Collaborative Research With Ukraine's Cyber Agency To Uncover the Smoke Loader Backdoor (Palo Alto Networks Unit 42) Prolific Chinese Threat Campaign Targets 100+ Victims (Infosecurity Magazine) Troy Hunt: Inside the Massive Alleged AT&T Data Breach (Troy Hunt) Kids' Cartoons Get a Free Pass From YouTube's Deepfake Disclosure Rules (WIRED) Ransomware Groups: Trust Us. Uh, Don't. (BankInfoSecurity) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Consumer Electronics Show kicks off with big news from Nvidia and many more. (00:21) Jason Moser and Deidre Woollard discuss: - Announcements from CES. - What could make Apple's Vision Pro successful. - The relevance of Twilio's CEO switch. (17:42) Ricky Mulvey interviews Kevin Simzer, Chief Operating Officer of Trend Micro, about cybersecurity in the cloud and the new threats facing electric cars. Companies discussed: AAPL TWLO, NVDA, AMD, OTC: TMICY Claim your Epic Bundle discount here: www.fool.com/epic198 Host: Deidre Woollard Guests: Jason Moser, Ricky Mulvey, Kevin Simzer Producers: Mary Long, Ricky Mulvey Engineers: Dan Boyd, Desiree Jones Learn more about your ad choices. Visit megaphone.fm/adchoices