Podcasts about trisis

  • 13PODCASTS
  • 31EPISODES
  • 26mAVG DURATION
  • ?INFREQUENT EPISODES
  • Apr 11, 2022LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about trisis

Latest podcast episodes about trisis

@BEERISAC: CPS/ICS Security Podcast Playlist
Episode 319 - OT Cybersecurity - In conversation with Robert Lee, CEO & Founder of Dragos

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Apr 11, 2022 26:51


Podcast: Cyber Security Weekly Podcast (LS 38 · TOP 2.5% what is this?)Episode: Episode 319 - OT Cybersecurity - In conversation with Robert Lee, CEO & Founder of DragosPub date: 2022-04-10We attended the opening of the Dragos office in Melbourne, Australia and met with CEO and Founder, Robert Lee.Robert Lee is a recognized pioneer in the industrial security incident response and threat intelligence community. He gained his start in security as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency where he built a first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure. He went on to build the industrial community's first dedicated monitoring and incident response class at the SANS Institute (ICS515) and the industry recognized cyber threat intelligence course (FOR578).Forbes named Robert to its 30 under 30 (2016) list as one of the “brightest entrepreneurs, breakout talents, and change agents” in Enterprise Technology. He is a business leader but also technical practitioner. Robert helped lead the investigation into the 2015 cyber attack on Ukraine's power grid, he and his team at Dragos helped identify and analyze the CRASHOVERRIDE malware that attacked Ukraine's grid in 2016 and the TRISIS malware deployed against an industrial safety system in the Middle East in 2017.Robert is routinely sought after for his advice and input into industrial threat detection and response. He has presented at major security conferences such as SANS, BlackHat, DefCon, and RSA and has testified to the Senate's Energy and National Resources Committee. As a non-resident national security fellow at New America, Robert works to inform policy related to critical infrastructure cyber security and is regularly asked by various governments to brief to national level leaders.Recorded April 7, 2022Video version available at https://youtu.be/i2H3YndP8gsFor more information visit www.dragos.com#otcybersecurity #cybersecurity #dragos #ukraine #cyberattack #crashoverrideThe podcast and artwork embedded on this page are from MySecurity Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Cyber Security Weekly Podcast
Episode 319 - OT Cybersecurity - In conversation with Robert Lee, CEO & Founder of Dragos

Cyber Security Weekly Podcast

Play Episode Listen Later Apr 10, 2022


We attended the opening of the Dragos office in Melbourne, Australia and met with CEO and Founder, Robert Lee.Robert Lee is a recognized pioneer in the industrial security incident response and threat intelligence community. He gained his start in security as a U.S. Air Force Cyber Warfare Operations Officer tasked to the National Security Agency where he built a first-of-its-kind mission identifying and analyzing national threats to industrial infrastructure. He went on to build the industrial community's first dedicated monitoring and incident response class at the SANS Institute (ICS515) and the industry recognized cyber threat intelligence course (FOR578).Forbes named Robert to its 30 under 30 (2016) list as one of the “brightest entrepreneurs, breakout talents, and change agents” in Enterprise Technology. He is a business leader but also technical practitioner. Robert helped lead the investigation into the 2015 cyber attack on Ukraine's power grid, he and his team at Dragos helped identify and analyze the CRASHOVERRIDE malware that attacked Ukraine's grid in 2016 and the TRISIS malware deployed against an industrial safety system in the Middle East in 2017.Robert is routinely sought after for his advice and input into industrial threat detection and response. He has presented at major security conferences such as SANS, BlackHat, DefCon, and RSA and has testified to the Senate's Energy and National Resources Committee. As a non-resident national security fellow at New America, Robert works to inform policy related to critical infrastructure cyber security and is regularly asked by various governments to brief to national level leaders.Recorded April 7, 2022Video version available at https://youtu.be/i2H3YndP8gsFor more information visit www.dragos.com#otcybersecurity #cybersecurity #dragos #ukraine #cyberattack #crashoverride

The CyberWire
Epistemic closure in a hybrid war. Wiper used against VIasat modems. US Treasury sanctions more Russian actors. Remediating Spring4shell. Notes from law enforcement. And we're not joking.

The CyberWire

Play Episode Listen Later Apr 1, 2022 25:46 Very Popular


Attempting to evolve rules of cyber conduct during a hot hybrid war. Waiting for major Russian cyber operations. Viasat terminals were hit by wiper malware. Patches and detection scripts for Spring4shell. Warning of ransomware threat to local governments. Emergency data requests under Senatorial scrutiny. NSA employee charged with mishandling classified material. Andrea Little Limbago from Interos on Bots, Warriors and Trolls. Rick Howard speaks with Maretta Morovitz on cyber deception. And no April Foolin' here For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/63 Selected reading. Russia's War Lacks a Battlefield Commander, U.S. Officials Say (New York Times)  Putin may be self-isolating from his military advisers, says White House (The Telegraph)  Confronting Russian Cyber Censorship (Wilson Center)  Zelensky Fires Two Generals (Wall Street Journal)  French intelligence chief Vidaud fired over Russian war failings (BBC News)  Cyber War Talks Heat Up at UN With Russia at Table (Bloomberg.com) Foreign Ministry statement on continued cyberattack by the “collective West” (Ministry of Foreign Affairs of the Russian Federation)  New Protestware Found Lurking in Highly Popular NPM Package (Checkmarx.com) Russia targeting Ukraine, countries opposing war in cyberspace (Jerusalem Post) Conti Leaks: Examining the Panama Papers of Ransomware (Trellix)  British intelligence agencies: Moscow continuously attacks Ukraine in cyberspace (The Times Hub) AcidRain | A Modem Wiper Rains Down on Europe (SentinelOne) SentinelOne finds ties between Viasat hack and Russian actor (SC Magazine) ExtraHop CEO: Expect a Russian cyber response to sanctions (Register) Treasury sanctions Russian research center blamed for Trisis malware (CyberScoop)  Treasury Targets Sanctions Evasion Networks and Russian Technology Companies Enabling Putin's War (U.S. Department of the Treasury) Evgeny Viktorovich Gladkikh – Rewards For JusticeArtboard 4Artboard 4 (Rewards for Justice)  Spring confirms ‘Spring4Shell' zero-day, releases patched update (The Record by Recorded Future)  Spring4Shell (CVE-2022-22965): Are you vulnerable to this Zero Day? (Cyber Security Works)  Ransomware Attacks Straining Local US Governments and Public Services (IC3)  Senate's Wyden Probes Use of Forged Legal Requests by Hackers (Bloomberg)  NSA Employee Charged with Mishandling Classified Material (Military.com) National Security Agency Employee Indicted for Willful Transmission and Retention of National Defense Information (US Department of Justice)  National Security Agency Employee Facing Federal Indictment for Willful Transmission and Retention of National Defense Information (US Department of Justice)

@BEERISAC: CPS/ICS Security Podcast Playlist
Manufacturing sector is increasingly a target for adversaries. [Research Saturday]

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jan 17, 2021 25:47


Podcast: The CyberWire Daily (LS 59 · TOP 0.5% what is this?)Episode: Manufacturing sector is increasingly a target for adversaries. [Research Saturday]Pub date: 2021-01-16Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations. Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations. Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives. Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve. The research can be found here:ICS Threat Activity on the Rise in Manufacturing SectorThe podcast and artwork embedded on this page are from CyberWire, Inc., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Research Saturday
Manufacturing sector is increasingly a target for adversaries.

Research Saturday

Play Episode Listen Later Jan 16, 2021 25:47


Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations.  Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.  Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives.  Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve.  The research can be found here: ICS Threat Activity on the Rise in Manufacturing Sector

The CyberWire
Manufacturing sector is increasingly a target for adversaries. [Research Saturday]

The CyberWire

Play Episode Listen Later Jan 16, 2021 25:47


Guest Selena Larson, senior cyber threat analyst at Dragos, Inc., joins us to discuss their research into recent observations of ICS-targeting threats to manufacturing organizations.  Cyber risk to the manufacturing sector is increasing, led by disruptive cyberattacks impacting industrial processes, intrusions enabling information gathering and process information theft, and new activity from Industrial Control Systems (ICS)-targeting adversaries. Dragos currently publicly tracks five ICS-focused activity groups targeting manufacturing: CHRYSENE, PARISITE, MAGNALLIUM, WASSONITE, and XENOTIME in addition to various ransomware activities capable of disrupting operations.  Manufacturing relies on ICS to scale, function, and ensure consistent quality control and product safety. It provides crucial materials, products, and medicine and is classified as critical infrastructure. Due to the interconnected nature of facilities and operations, an attack on a manufacturing entity can have ripple effects across the supply chain that relies on timely and precise production to support product fulfillment, health and safety, and national security objectives.  Ransomware adversaries are adopting ICS-aware functionality with the ability to stop industrial related processes and cause disruptive – and potentially destructive – impacts. Dragos has not observed ICS-specific malware targeting manufacturing operations on the same scale or sophistication as that used in the disruptive TRISIS and CRASHOVERRIDE malware attacks that targeted energy operations in Saudi Arabia and Ukraine, respectively. However, known and ongoing threats to manufacturing can have direct and indirect impact to operations. This report provides a snapshot of the threat landscape as of October 2020 and is expected to change in the future as adversaries and their behaviors evolve.  The research can be found here: ICS Threat Activity on the Rise in Manufacturing Sector

The CyberWire
Russian research institute sanctioned for its role in Triton/Trisis. Coordinated inauthenticity in Myanmar. Clean Network program update. Major data breach in Finland.

The CyberWire

Play Episode Listen Later Oct 26, 2020 26:21


The US Treasury Department sanctions a Russian research institute for its role in the Triton/Trisis ICS malware attacks. Coordinated inauthenticity with a commercial as well as a political purpose. The Clean Network project gains ground in Central and Eastern Europe. Rob Lee from Dragos on insights on the recent DOJ indictments of Russians allegedly responsible for the Sandworm campaign. Rick Howard explores SD-WANs. Data breaches afflict a large Finnish psychiatric institute. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/207

@BEERISAC: CPS/ICS Security Podcast Playlist

Podcast: Darknet DiariesEpisode: 68: TritonPub date: 2020-06-23A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world.A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us.SponsorsThis episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25.This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project.Sources https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html https://dragos.com/wp-content/uploads/TRISIS-01.pdf Video S4 TRITON - Schneider Electric Analysis and Disclosure Video S4 TRITON - Mandiant Analysis at S4x18 Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos Video S4 TRITON - A Report From The Trenches Video - Safety Orientation video for the Chemical Plant Learn more about your ad choices. Visit megaphone.fm/adchoicesThe podcast and artwork embedded on this page are from Jack Rhysider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Darknet Diaries
68: Triton

Darknet Diaries

Play Episode Listen Later Jun 23, 2020 73:48


A mysterious mechanical failure one fateful night in a Saudi Arabian chemical plant leads a cast of operational technology researchers down a strange path towards an uncommon, but grave, threat. In this episode, we hear how these researchers discovered this threat and tried to identify who was responsible for the malware behind it. We also consider how this kind of attack may pose a threat to human life wherever there are manufacturing or public infrastructure facilities around the world. A big thanks to Julian Gutmanis, Naser Aldossary, Marina Krotofil, and Robert M. Lee for sharing their stories with us. Sponsors This episode was sponsored by IT Pro TV. Get 65 hours of free training by visiting ITPro.tv/darknet. And use promo code DARKNET25. This episode was sponsored by Linode. Linode supplies you with virtual servers. Visit linode.com/darknet and when signing up with a new account use code darknet2020 to get a $20 credit on your next project. Sources https://www.fireeye.com/blog/threat-research/2019/04/triton-actor-ttp-profile-custom-attack-tools-detections.html https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html https://www.fireeye.com/blog/threat-research/2018/10/triton-attribution-russian-government-owned-lab-most-likely-built-tools.html https://dragos.com/wp-content/uploads/TRISIS-01.pdf Video S4 TRITON - Schneider Electric Analysis and Disclosure Video S4 TRITON - Mandiant Analysis at S4x18 Video S4 TRITON - Reverse Engineering the Tricon Controller by Dragos Video S4 TRITON - A Report From The Trenches Video - Safety Orientation video for the Chemical Plant Learn more about your ad choices. Visit megaphone.fm/adchoices

Splunk [Industrial IoT | Mobile | SignalFx | VictorOps] 2019 .conf Videos w/ Slides
Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Splunk [Industrial IoT | Mobile | SignalFx | VictorOps] 2019 .conf Videos w/ Slides

Play Episode Listen Later Dec 23, 2019


Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146263 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

speaker data conference videos streaming threats ot industrial internet of things environments sis slides splunk threat intelligence dragos industrial iot threat hunting industrial control systems ics level good splunk enterprise security trisis xenotime track internet product splunk enterprise security
Splunk [Internet of Things Track] 2019 .conf Videos w/ Slides
Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Splunk [Internet of Things Track] 2019 .conf Videos w/ Slides

Play Episode Listen Later Dec 23, 2019


Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146207 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

speaker threats ot industrial internet of things environments sis slides splunk threat intelligence dragos industrial iot threat hunting industrial control systems ics level good splunk enterprise security trisis xenotime track internet product splunk enterprise security
Splunk [All Products] 2019 .conf Videos w/ Slides
Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Splunk [All Products] 2019 .conf Videos w/ Slides

Play Episode Listen Later Dec 23, 2019


Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146225 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

speaker threats ot industrial internet of things environments sis slides splunk threat intelligence dragos industrial iot threat hunting industrial control systems ics level good splunk enterprise security trisis xenotime track internet product splunk enterprise security
Splunk [Enterprise Security] 2019 .conf Videos w/ Slides
Threat Hunting in Industrial (ICS\OT) Environments [Splunk Enterprise Security, Splunk for Industrial IoT]

Splunk [Enterprise Security] 2019 .conf Videos w/ Slides

Play Episode Listen Later Dec 23, 2019


Industrial operations comprise a diverse blend of technology that run critical processes. The proliferation of automation and networking has increased the sophistication of Industrial Control Systems (ICS), also known as Operational Technology (OT) environments.Threats targeting OT are increasing in both frequency and sophistication. Dragos tracks 9 OT-targeting activity groups, the most significant of which, XENOTIME, was responsible for the TRISIS malware that targeted safety systems (SIS) resulting in multiple plant shutdowns and the potential to cause harm to human operators.Traditional IT threat hunting is not well-suited to OT environments. This session will outline the differences between IT and OT assessments, highlight the most significant threats facing OT, and review best practices for OT-specific threat hunting engagements, including techniques that empower defenders to detect and respond more efficiently to existing and future threats, therefore reducing adversary dwell time. Speaker(s) Amy Bejtlich, Threat Intelligence, Dragos Marc Seitz, Threat Analyst, Dragos Slides PDF link - https://conf.splunk.com/files/2019/slides/IOT1641.pdf?podcast=1577146235 Product: Splunk Enterprise Security, Splunk for Industrial IoT Track: Internet of Things Level: Good for all skill levels

speaker data conference videos streaming threats ot industrial internet of things environments sis slides splunk threat intelligence dragos industrial iot threat hunting industrial control systems ics level good splunk enterprise security trisis xenotime track internet product splunk enterprise security
Threat Wire
RAMBleed Steals Crypto Keys; Yubikeys Recalled - ThreatWire

Threat Wire

Play Episode Listen Later Jun 18, 2019 10:00


US Infrastructure is Targeted by attackers, RAMBleed can steal cryptokeys, and Yubikeys get recalled! All that coming up now on ThreatWire. #threatwire #hak5 Links:Support me on alternative platforms! https://snubsie.com/support https://www.youtube.com/shannonmorse?sub_confirmation=1 -- subscribe to my new channel! Hacking Power Grids:https://dragos.com/blog/industry-news/threat-proliferation-in-ics-cybersecurity-xenotime-now-targeting-electric-sector-in-addition-to-oil-and-gas/https://dragos.com/wp-content/uploads/TRISIS-01.pdfhttps://www.zdnet.com/article/this-most-dangerous-hacking-group-is-now-probing-power-grids/https://www.cyberscoop.com/trisis-xenotime-us-electric-sector/https://www.wired.com/story/triton-hackers-scan-us-power-grid/https://arstechnica.com/information-technology/2019/06/hackers-behind-dangerous-oil-and-gas-intrusions-are-probing-us-power-grids/   Yubikeys Vulnerable:https://www.yubico.com/support/security-advisories/ysa-2019-02/https://www.zdnet.com/article/yubico-to-replace-vulnerable-yubikey-fips-security-keys/https://www.yubico.com/replaceorder/   RAMBleed, shoutout to CypherDragon:https://access.redhat.com/articles/1377393https://rambleed.com/https://rambleed.com/docs/20190603-rambleed-web.pdfhttps://arstechnica.com/information-technology/2019/06/researchers-use-rowhammer-bitflips-to-steal-2048-bit-crypto-key/https://threatpost.com/rambleed-side-channel-privileged-memory/145629/https://thehackernews.com/2019/06/rambleed-dram-attack.html   Photo credit: https://live.staticflickr.com/6179/6173837649_2d77becc9b_b.jpg -----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆Our Site → https://www.hak5.orgShop → https://www.hakshop.comSubscribe → https://www.youtube.com/user/Hak5Darren?sub_confirmation=1Support → https://www.patreon.com/threatwireContact Us → http://www.twitter.com/hak5Threat Wire RSS → https://shannonmorse.podbean.com/feed/Threat Wire iTunes → https://itunes.apple.com/us/podcast/threat-wire/id1197048999 Host: Shannon Morse → https://www.twitter.com/snubsHost: Darren Kitchen → https://www.twitter.com/hak5darrenHost: Mubix → http://www.twitter.com/mubix-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆-----☆

WIRED Security: News, Advice, and More
A Peek Into the Toolkit of the Dangerous 'Triton' Hackers

WIRED Security: News, Advice, and More

Play Episode Listen Later Apr 11, 2019 8:02


When the malware known both as Triton and Trisis came to light in late 2017, it quickly gained a reputation as perhaps the world's most dangerous piece of code: the first ever designed to disable the safety systems that protect industrial facilities from potentially lethal physical accidents. But Triton hackers still have to engage in a far more common forms of hacking to plant that code, in some cases spending close to a year digging their way through IT networks before they reach their targets.

@BEERISAC: CPS/ICS Security Podcast Playlist
Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex.

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 20:01


Podcast: The CyberWireEpisode: Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex.Pub date: 2018-10-24In today's podcast, we hear that US Cyber Command has been reaching out to tell the trolls Uncle Sam cares. Industrial control system security suffers from poor asset management practices. FireEye looks at the Triton malware and says the Russians did it, but of course things are complicated. Are hostile intelligence service hackers superheroes, salaryman nebbishes, or something in between? How threat intelligence drives threat evolution. The risk of shadow web-apps. Apple speaks on privacy. Ben Yelin from the University of Maryland Center for Health and Homeland Security talks with us about the EFF coming out against license plate sharing between retailers and law enforcement. Our UK correspondent Carole Theriault speaks with ESET’s Lysa Meyers about overcoming the cyber skills shortage and attracting new talent to the industry. For links to all the stories in today's podcast, check out today's Daily Briefing: https://thecyberwire.com/issues/issues2018/October/CyberWire_2018_10_24.htmlThe podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
AllScripts works to remediate ransomware in medical apps. Group 123 hits ROK targets. Triton/Trisis zero-day. Dark Caracal espionage op. Section 702 renewed. GhostTeam ejected from Play Store.

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 25:11


Podcast: The CyberWireEpisode: AllScripts works to remediate ransomware in medical apps. Group 123 hits ROK targets. Triton/Trisis zero-day. Dark Caracal espionage op. Section 702 renewed. GhostTeam ejected from Play Store.Pub date: 2018-01-19In today's podcast we hear about ransomware afflicting a healthcare IT provider. Group 123 phishes in South Korean waters. Schneider Electric describes the zero-day Triton/Trisis exploited. The Dark Caracal spyware campaign is attributed to Lebanon's intelligence service. The US Congress will extend Section 702 surveillance authority for six years. GhostTeam-infected apps are booted from the Play Store. Jonathan Katz from the University of Maryland ponders "uncrackable" quantum encryption. Graham Cluley from the Smashing Security podcast drops by for a chat about the state of the industry. And is there ever a good reason to write down a password? The podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
TRISIS Malware: Fail-safe fail — Research Saturday

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 35:18


Podcast: The CyberWireEpisode: TRISIS Malware: Fail-safe fail — Research SaturdayPub date: 2018-01-06Robert M. Lee. is CEO of Dragos Security, a company that specializes in the protection of industrial control systems. He’s describing his team's research on TRISIS, tailored ICS malware infecting safety instrumented systems (SIS), so far found only in the middle east. It's only the fifth known incident of malware targeting ICS systems.  The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Learn more at https://www.hewlett.org/cyber/The podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
Zealot and Monero mining. Bitfinex DDoS. Triton/Trisis shows risks of committing safety and control to the same systems. Bitcoin crime. M&A news. Hair of the dog.

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 14:18


Podcast: The CyberWireEpisode: Zealot and Monero mining. Bitfinex DDoS. Triton/Trisis shows risks of committing safety and control to the same systems. Bitcoin crime. M&A news. Hair of the dog.Pub date: 2017-12-18In today's podcast, we hear how the Zealot campaign uses ShadowBrokers' exploits to install a Monero miner on victim systems. Bitfinex suffers another DDoS attack as Bitcoin valuations remain high. Triton attack on industrial safety systems shows the risk of mixing control with safety. Exposed database of California voters investigated. Thales will buy Gemalto. Johannes Ullrich from SANS and the Internet Storm Center podcast, on scammers profiteering from natural disasters. And suffering from social media hangover? Try a little hair of the dog that bit you (say social media vendors). The podcast and artwork embedded on this page are from The CyberWire, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
Episode 16: Cybersecurity Threats and Awareness with Dan Nagala

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 29:43


Podcast: Pipeliners PodcastEpisode: Episode 16: Cybersecurity Threats and Awareness with Dan NagalaPub date: 2018-03-26In this episode of the Pipeliners Podcast, Russel Treat welcomes Daniel Nagala of UTSI International Corporation to discuss the latest cybersecurity threats and awareness issues facing the pipeline industry. The conversation focuses on what Mr. Nagala has seen in the field -- both domestically and internationally -- to identify the various challenges facing pipeline operators. Included is how to integrate new system capabilities with legacy systems without exposing operators to security risks. Also included in this episode is a discussion of what was learned from the TRISIS malware attack and how to address vulnerabilities. Download this episode to become more aware of cybersecurity issues facing operators!The podcast and artwork embedded on this page are from Russel Treat, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

WIRED Security: News, Advice, and More
Russia Linked to Disruptive Industrial Control Malware

WIRED Security: News, Advice, and More

Play Episode Listen Later Oct 29, 2018 6:44


In December, researchers spotted a new family of industrial control malware that had been used in an attack on a Middle Eastern energy plant. Known as Triton, or Trisis, the suite of hacking tools is one of only a handful of known cyberweapons developed specifically to undermine or destroy industrial equipment. Now, new research from security firm FireEye suggests that at least one element of the Triton campaign originated from Russia.

The CyberWire
Trolling the trolls. Triton/Trisis attributed to Russia. Asset management in ICS. Threat intelligence drives threat evolution. Shadow web-apps. Apple likes GDPR, hates the Data-Industrial Complex.

The CyberWire

Play Episode Listen Later Oct 24, 2018 20:01


In today's podcast, we hear that US Cyber Command has been reaching out to tell the trolls Uncle Sam cares. Industrial control system security suffers from poor asset management practices. FireEye looks at the Triton malware and says the Russians did it, but of course things are complicated. Are hostile intelligence service hackers superheroes, salaryman nebbishes, or something in between? How threat intelligence drives threat evolution. The risk of shadow web-apps. Apple speaks on privacy. Ben Yelin from the University of Maryland Center for Health and Homeland Security talks with us about the EFF coming out against license plate sharing between retailers and law enforcement. Our UK correspondent Carole Theriault speaks with ESET’s Lysa Meyers about overcoming the cyber skills shortage and attracting new talent to the industry. For links to all the stories in today's podcast, check out today's Daily Briefing: https://thecyberwire.com/issues/issues2018/October/CyberWire_2018_10_24.html

Risk & Repeat
Risk & Repeat: Are ICS threats being overblown or ignored?

Risk & Repeat

Play Episode Listen Later May 31, 2018


In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.

Risk & Repeat
Risk & Repeat: Are ICS threats being overblown or ignored?

Risk & Repeat

Play Episode Listen Later May 31, 2018


In this week's Risk & Repeat podcast, SearchSecurity editors discuss dangers to critical infrastructure in the wake of a new report on the threat actors behind the Trisis malware.

news risk threats cybersecurity compliance repeat risk management overblown trisis searchsecurity healthcare security & compliance
The CyberWire
VPNFilter and battlespace preparation. XENOTIME may be back, and after industrial systems. GDPR updates. Following Presidential Tweets.

The CyberWire

Play Episode Listen Later May 24, 2018 19:58


In today's podcast, we hear that VPNFilter, described by Cisco's Talos research unit, looks like battlespace preparation for Fancy Bear. The FBI may have succeeded in impeding its operation. Dragos describes XENOTIME, the threat actor behind the TRISIS industrial safety system attacks, and they say we can expect them back. GDPR is coming tomorrow, and a company has found a way of letting worried CISOs sleep at night. And your right to follow theRealDonaldTrump on Twitter has now been secured by the US Federal Court for the Southern District of New York. Enjoy. Dr. Charles Clancy from the Hume Center at VA Tech, discussing how cell towers track you even when you have location services disabled (and why that’s a good thing). Guest is Erez Yalon from Checkmarx with their research on Amazon Echo eavesdropping vulnerabilities. 

Pipeliners Podcast
Episode 16: Cybersecurity Threats and Awareness with Dan Nagala

Pipeliners Podcast

Play Episode Listen Later Mar 26, 2018 29:43


In this episode of the Pipeliners Podcast, Russel Treat welcomes Daniel Nagala of UTSI International Corporation to discuss the latest cybersecurity threats and awareness issues facing the pipeline industry. The conversation focuses on what Mr. Nagala has seen in the field -- both domestically and internationally -- to identify the various challenges facing pipeline operators. Included is how to integrate new system capabilities with legacy systems without exposing operators to security risks. Also included in this episode is a discussion of what was learned from the TRISIS malware attack and how to address vulnerabilities. Download this episode to become more aware of cybersecurity issues facing operators!

WIRED Security: News, Advice, and More
Menacing Malware Shows the Dangers of Industrial System Sabotage

WIRED Security: News, Advice, and More

Play Episode Listen Later Jan 19, 2018 5:37


A recent digital attack on the control systems of an industrial plant has renewed concerns about the threat hacking poses to critical infrastructure. And while security researchers offered some analysis last month of the malware used in the attack, called Triton or Trisis, newly revealed details of how it works expose just how vulnerable industrial plants—and their failsafe mechanisms—could be to manipulation.

The CyberWire
AllScripts works to remediate ransomware in medical apps. Group 123 hits ROK targets. Triton/Trisis zero-day. Dark Caracal espionage op. Section 702 renewed. GhostTeam ejected from Play Store.

The CyberWire

Play Episode Listen Later Jan 19, 2018 25:11


In today's podcast we hear about ransomware afflicting a healthcare IT provider. Group 123 phishes in South Korean waters. Schneider Electric describes the zero-day Triton/Trisis exploited. The Dark Caracal spyware campaign is attributed to Lebanon's intelligence service. The US Congress will extend Section 702 surveillance authority for six years. GhostTeam-infected apps are booted from the Play Store. Jonathan Katz from the University of Maryland ponders "uncrackable" quantum encryption. Graham Cluley from the Smashing Security podcast drops by for a chat about the state of the industry. And is there ever a good reason to write down a password? 

Research Saturday
TRISIS Malware: Fail-safe fail.

Research Saturday

Play Episode Listen Later Jan 6, 2018 39:54


Robert M. Lee. is CEO of Dragos Security, a company that specializes in the protection of industrial control systems. He’s describing his team's research on TRISIS, tailored ICS malware infecting safety instrumented systems (SIS), so far found only in the middle east. It's only the fifth known incident of malware targeting ICS systems. 

The CyberWire
TRISIS Malware: Fail-safe fail — Research Saturday

The CyberWire

Play Episode Listen Later Jan 6, 2018 35:18


Robert M. Lee. is CEO of Dragos Security, a company that specializes in the protection of industrial control systems. He’s describing his team's research on TRISIS, tailored ICS malware infecting safety instrumented systems (SIS), so far found only in the middle east. It's only the fifth known incident of malware targeting ICS systems.  The CyberWire's Research Saturday is presented by the Hewlett Foundation Cyber Initiative. Learn more at https://www.hewlett.org/cyber/

The CyberWire
Zealot and Monero mining. Bitfinex DDoS. Triton/Trisis shows risks of committing safety and control to the same systems. Bitcoin crime. M&A news. Hair of the dog.

The CyberWire

Play Episode Listen Later Dec 18, 2017 14:18


In today's podcast, we hear how the Zealot campaign uses ShadowBrokers' exploits to install a Monero miner on victim systems. Bitfinex suffers another DDoS attack as Bitcoin valuations remain high. Triton attack on industrial safety systems shows the risk of mixing control with safety. Exposed database of California voters investigated. Thales will buy Gemalto. Johannes Ullrich from SANS and the Internet Storm Center podcast, on scammers profiteering from natural disasters. And suffering from social media hangover? Try a little hair of the dog that bit you (say social media vendors).