Podcasts about zerofox

Are you struggling to scale your cybersecurity sales team effectively while launching a disruptive new product? Wondering how to build a winning go-to-market culture, especially when working channel-first? Trying to figure out how to attract and enable the right channel partners to drive real revenue growth? This episode dives deep into the practical strategies for sales and marketing leaders navigating these exact questions.In this conversation we discuss: 

Caitlin Wood, Chief Customer Officer at ZeroFox, joins hosts ⁠⁠Kristi Faltorusso⁠⁠, ⁠⁠Jon Johnson⁠⁠, and ⁠⁠Josh Schachter⁠⁠. They discuss the intricacies of customer success in the cybersecurity industry, along with her unique insights into the challenges and triumphs of leading a customer success organization—especially in the realm of cybersecurity, where the ROI often means that nothing happens.Tune in as Caitlin uncovers how she approaches customer experience, the evolution of customer engagement models, and the balance between AI integration and the indispensable human element in achieving customer success.Timestamps0:00 - Preview, BS & Intros4:08 - Learn about ZeroFOX5:10 - Challenges in Proving ROI in Cybersecurity7:45 - Customer Engagement and Service Model10:57 - Lead Pass Process and CSQLs15:10 - Complexity and Simplicity in Incentives18:10 - Efforts to Mature Models and Remove Friction22:35 - Adaptation of Playbooks25:51 - Attitude, Aptitude, and Experience in Hiring30:56 - Integrating AI for Internal Teams & Tasks___________________________

Adam Darrah, Vice President of Intelligence at ZeroFox, is discussing how recent high-profile events have intensified the spread of false narratives and how the role of social media platforms may play in amplifying these issues, especially after the recent SCOTUS decision in Murthy vs. Missouri. Ben discusses the arrest of Telegram founder Pavel Durov in France. I look at the possibility of police officers using AI to write police reports. Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Arrest of Telegram's Durov inflames debate over online crime and free speech Police officers are starting to use AI chatbots to write crime reports. Will they hold up in court? Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our Caveat Briefing, a weekly newsletter available exclusively to N2K Pro members on N2K CyberWire's website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's Caveat Briefing covers the Department of Justice's lawsuit against RealPage, a property management software company, for allegedly using its pricing algorithm to facilitate unlawful coordination among landlords, raising rents, and limiting competition. Curious about the details? Head over to the Caveat Briefing for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of Unspoken Security, host AJ Nash welcomes Jeff Foley, founder and leader of the OWASP AMASS flagship project and Vice President and Distinguished Fellow of Research at ZeroFox. They dive into the critical importance of attack surface management (ASM) in cybersecurity, emphasizing the need for visibility from an adversarial perspective. Jeff explains how attackers spend most of their time on surveillance to deeply understand their targets; a vital component to improving the likelihood of being successful during any attack.AJ and Jeff discuss the transition from government to commercial cybersecurity - including the challenges and opportunities - and Jeff shares his insights on how the commercial sector can benefit from the disciplined and thorough approaches used in government cybersecurity. He stresses the importance of ASM as a form of intelligence, advocating for organizations to identify and manage their attack surfaces as attackers do proactively.The episode also covers the terminology and misconceptions surrounding ASM, with both AJ and Jeff agreeing that "attack surface management" may not fully capture the essence of the practice, suggesting "attack surface intelligence" as a more accurate term. They underscore the necessity for continuous monitoring and adaptation in a constantly evolving cyber threat landscape.Finally, as with all episodes of Unspoken Security, our guest (Jeff, in this case), reveals a secret...something that - to this point - has remained unspoken. Like every episode, Jeff doesn't disappoint!

In this episode of Unspoken Security, A.J. Nash and Adam Darrah (Senior Director of Dark Ops, ZeroFox) dive into the symbiosis between intelligence backgrounds and cybersecurity. With his roots in the CIA, Adam brings a nuanced perspective on transitioning these skills to private-sector cybersecurity, emphasizing the value of human insight and technical prowess.The conversation underscores the blend of experience and innovation, where Adam's journey from the CIA to ZeroFox exemplifies leveraging governmental training in entrepreneurial landscapes. It reflects on the essential role of people in cybersecurity, challenging the notion that technology alone can safeguard digital realms.Moreover, the dialogue navigates through the ethos of cybersecurity operations, highlighting the critical, yet often unappreciated, human element. It dispels the stereotype of cybersecurity work as purely technical, revealing the depth of human engagement in understanding and mitigating threats.Finally, as with all episodes of Unspoken Security, Adam reveals what has been "unspoken" in his life up to this point...and it's another great reveal.

Federal technology has paralleled the commercial world in its expansion to millions of endpoints. On one hand, this means better information from something like an intrusion sensor. On the other hand, it means the attack surface has just expanded exponentially. It has come to a point where there has been a normalization of breaches. Unfortunately, this does not mean one can neglect protecting your agency from external threats. ZeroFox specializes in understanding external threat security. They have been around since 2013 and “Zero” in on protecting apps, data, people, domains, and API's. During the interview, AJ Nash goes into considerable detail when he differentiates between the surface web, the deep web, and the dark web. He does not realize it, but he is a differentiator as well.   ZeroFox relies on leaders like AJ Nash who have considerable experience in the intelligence community and understand the levels of security that are necessary to protect sensitive federal systems. But they do not just stop at identification. AJ Nash continues his comments on something called “automated remediation. “ZeroFox can help your agency move to the next level and integrate with systems that can snap into action when a threat is detected. COVID, fast Internet connections, and small sensors have made the Internet infinitely more dangerous than it was even a few years ago. Understanding external threats can prevent takeovers and attacks. = = = Want to leverage you next podcast appearance? www.podscorecard.com Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

In this episode of the Cyber and Risk Leaders podcast, SureCloud's Matthew Davies welcomes special guest AJ Nash of ZeroFox about the role of intelligence in cybersecurity. We delve into the challenges of misinformation in the digital age, including the spread of disinformation and erosion of trust in institutions.Join us as we explore the impact of dis/mis/malinformation, the manipulation of social media and what to consider when it comes to news sources.Follow us on Linkedin:·       Matthew Davies - https://www.linkedin.com/in/matthew-daviespm·       AJ Nash - https://www.linkedin.com/in/nashaj·       SureCloud - https://www.linkedin.com/company/surecloud/

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by Senior Threat Intelligence Analyst (and PhD candidate) Freddy Murre. Freddy brings his years of intelligence and security experience across military service and consulting into a discussion about one of the most common challenges many of us face: demonstrating the value of Intelligence.Freddy and AJ discuss some of the consistent challenges they see in building intelligence-driven security programs, including educating leadership on the differences between data, information, and Intelligence, structured analytic techniques, and how to speak the language of leadership needed to secure and grow budgets. They go on to share their views on building trust and demonstrating value to leadership, as well as available tools to measure that value in objective, defensible ways.As always, the show wraps up with our guest revealing something that had, to this point, gone "unspoken." Freddy, like every guest, didn't disappoint with his candid answers.P.S. Freddy referenced his mind map project, so we wanted to ensure you could find it!- https://github.com/Errum/IntelArchitectureMap

Adam Darrah, Senior Director of Dark Ops at ZeroFox joins Tom and Megan talking about how 90 percent cyber security leaders feel world events could lead to catastrophic cyber event in next few years.

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by Roman Sannikov, the President of Constellation Cyber LLC. Before his current efforts conducting research and delivering Intelligence reports for various clients, Roman has led multiple teams focused on combatting threats in the Deep and Dark Web.Roman and AJ give a brief overview of what we all mean when we say "Deep Web" or "Dark Web" to ensure we're all speaking the same language and then discuss the subcultures and self-regulation within some of the busiest criminal marketplaces. Roman provided insights into things that have changed over the last couple of decades (and what has remained the same) as cybercriminals have become more structured and professionalized.The discussion turned to an exploration of things people often misunderstand when it comes to cybercriminal marketplaces and how easily people can go wrong in their choices for how to combat these threats. From there, the show focused on some of the myths and true stories from Roman's long and storied career as a resident within the cybercriminal underground, including some fascinating stories about his work on behalf of the FBI.As always, the show wraps up with our guest revealing something that had, to this point, gone "unspoken." While I don't want to give too much away, Roman didn't disappoint when he revealed his "unspoken" truth.

AJ Nash, Vice President of Intelligence for ZeroFox... a cybersecurity firm that tracks disinformation joins Megan Lynch discussing the high amount of fake photos and how do we know what to believe anymore. 

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by our first social media star...Gabrielle Hempel! Also known as LadyG on Twitter (@gabsmashh) - with over 100,000 followers - she also focuses on making the world a safer place as a Customer Solutions Engineer for LogRhythm.(NOTE: Gabrielle was actually recorded as AJ's second guest on Unspoken Security - way back in October! - but we saved her appearance until we built our own audience so we weren't just taking advantage of her following.)Gab and AJ have a fun and interesting conversation about Gabrielle's unusual path from working in an auto repair shop in Ohio - where she was almost stabbed! - to become an expert and influencer in cybersecurity. Gab shares how she grew from a shy child into a confident, powerful voice in cybersecurity, including some incredible stories of overcoming the opinions and assumptions of others. She learned how to assess risk and resolve conflicts in some dangerous real-world scenarios, and combined that with her incredible education (B.A., in Psychology, B.S. in Neuroscience, & MS in Global Security, Conflict, and Cybercrime from NYU).With all the things in her life - social media, public speaking, a cybersecurity career, and a family - Gab offers her lessons learned and advice (including the power of saying "no") to get closer to the work/life balance most people need to avoid burning out in an industry where it is so easy to do. AJ added some interesting insights and leadership tactics he's also used to help teammates maintain a more balanced life.This episode even had an additional special guest when AJ's dog Ryleigh couldn't resist meeting Gab! Ryleigh probably heard how much fun AJ and Gab were having and wanted to get some camera time, too.As always, the show wraps up with our guest revealing something that had, to this point, gone "unspoken." Download this episode to find out Gabrielle's secret because you will ABSOLUTELY want to give her (and probably AJ) a hard time after you hear this!

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by Brian Mohr, the founder and CEO of Reqfast, a technology startup dedicated to helping security teams document and prioritize their needs to better focus on work instead of workflow. Brian and AJ talk define what is meant when we talk about Intelligence requirements, why they are important, how to document requirements and use them to measure the value of intelligence (that all-important metric needed to justify investing in Intelligence, and their personal observations on the progress made when it comes to understanding and accepting the need for Intelligence requirements to justify spending and drive successful security practices.Finally, as always, the show wraps up with our guest revealing something that had, to this point, gone "unspoken." In Brian's case, his secret has to do with the novel way he has been keeping track of his passwords which is both simple and feels a bit James Bond-ish.

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by Lisa Ackerman, the Deputy Chief Information Security Officer for GSK (formerly known as GlaxoSmithKline, a British multinational pharmaceutical and biotechnology company.  Lisa and AJ talk about the value of building Intelligence-driven security programs, particularly the vital aspect of impacting decision-making. They also both shared the complicated - perhaps unusual? - ways that career Intelligence professionals think and communicate about threats, risks, and preparedness.Perhaps most interestingly, Lisa shares how she not only took her skills from the Intelligence Community (IC) into the private sector to build threat intelligence programs based on the IC's best practices, but has become one of the very few Intelligence professionals to become a leader in the CISO career path.Having transitioned from being a provider of Intelligence to being more of the consumer (on the CISO side), Lisa talked about how her perspective has changed, how it hasn't, and who she thinks CISOs trust the most these days…the “CISO Whisperer” is.Finally, as always, the show wraps up with Lisa revealing something that had, to this point, gone "unspoken”...and Lisa delivered some great stories and insights about how having the guts to leap into challenging situations can be a key to growing a career.

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash is joined by Brian Stack, the Vice President of Engineering and Dark Web Intelligence for Experian, a globally recognized leader in data analytics and consumer credit reporting.Brian and AJ take on the topic of ransomware, including talking about some criminal groups associated with this activity and the evolution from simple ransomware attacks up to complex double-, triple-, and quadruple-extortion tactics being used by some of the most industrious criminal groups that are always looking for new ways to pressure companies into paying these ever-growing ransoms.After examining the financial impact of these ransomware attacks, the conversation turns to recent changes to the laws in a handful of states - making it illegal to pay ransom - and what those changes could mean- What will the impact of these laws likely be?- Will criminals change their behavior? -- If so, will this create haves and have-nots among corporations that eventually require the U.S. to consider a national law?To prevent becoming a victim of a ransomware attack - or at least limit the harm of a ransomware attack should it happen - AJ and Brian provide recommendations for proactive defense, playbooks, and exercises that build organizational strength BEFORE things go wrong. As always, the show wraps up with Brian revealing something that had, to date, gone "unspoken." If you want to know the truth about some of the ugliest things you've ever heard about on the Dark Web...Brian's answer is one you'll absolutely want to hear.

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash (VP & Distinguished Fellow of Intelligence, ZeroFox) is joined by Tarah Wheeler, who is not only the CEO at Red Queen Dynamics, but also a Senior Fellow for Global Cyber Policy at the Council on Foreign Relations and Advisory Board Member for the Electronic Frontier Foundation (EFF).Tarah and AJ discuss some of the ongoing challenges facing small businesses as they attempt to defend themselves and their customers against cyber threats. Of particular interest in this conversation, Tarah has some passionate thoughts about a new Federal Trade Commission (FTC) regulation regarding breach reporting that is set to go into effect in May 2024. You're definitely going to want to hear what she has to say on this!(Spoiler Alert: Things are about to get a lot harder for small businesses!)Lastly, as with all episodes of Unspoken Security, AJ asks his guests to reveal something they had never talked about before (something "unspoken"). Tarah struggled with this one a bit (partially because she already shared a great secret earlier in the show) before giving a very cool answer that led to AJ and Tarah planning a road trip together.What a way to finish the show!

23andme tells us it's our fault they got pwnd. Yeah. Wickr is done, but why? ZeroFox won a big award, but what does that mean for the US government and identity? Some budget facts for 2024 thinking in cybersecurity. Another company refuses to pay their ransomware bounty, good or bad? Mandiant's X account got hacked and used for a crypto scam, lol.

In this episode of Unspoken Security (sponsored by ZeroFox), AJ Nash (VP & Distinguished Fellow of Intelligence, ZeroFox) and Lance James (CEO, Unit 221b) talk about leadership, corporate culture, work/life balance, and the challenges of processing grief and trauma in an industry that never really stops.This conversation goes beyond the superficial, digging deeper into the importance and impact of building a healthy and supporting culture around the needs of people instead of just talking about work/life balance while incentivizing prioritizing work over family and health (physical and mental).Lance and AJ each also share their personal stories of the tragic deaths of loved ones, how they grieved (in very different ways), and how the experiences changed them both personally and professionally. While there is no "right" way to grieve, these stories remind us that hardship is universal and we all benefit from knowing people who can empathize, understand, and support us when we need them most...especially during the holiday season.Lastly, as is customary on all episodes of Unspoken Security, AJ asks his guest to reveal something they had never talked about before (something "unspoken")...and Lance shares a great story that is sure to be interesting and amusing to anyone who hears it.

ZeroFox CEO Foster joined Steve Darling from Proactive to share the company's impressive financial results for the third quarter. ZeroFox continued its positive momentum, achieving robust top-line growth while simultaneously generating positive free cash flow for the second consecutive quarter. The financial highlights for the quarter include total revenue reaching an impressive $65.0 million, with annual recurring revenue (ARR) totaling $185.9 million. Gross margins were strong at 30%, while non-GAAP gross margin reached an even more impressive 38%. The GAAP subscription gross margin stood at 52%, with non-GAAP subscription gross margin reaching a remarkable 73%. Foster went on to mention the company's growing customer base, revealing that ZeroFox concluded the quarter with 1,330 subscription customers. Notably, there were 182 subscription customers with ARR exceeding $100,000, marking a substantial 27% increase year-over-year. The company also highlighted a significant achievement—the renewal and expansion of an 8-figure contract with a strategic U.S. federal agency focused on cybersecurity. ZeroFox's expertise in external cybersecurity is built on its robust platform, which incorporates advanced AI analytics, digital risk and privacy protection, comprehensive threat intelligence, and a suite of response capabilities for breaches, incidents, and takedowns. These financial results and achievements underscore ZeroFox's position as a leader in the cybersecurity industry, reflecting its commitment to innovation and its ability to provide comprehensive solutions to address evolving threats in the digital landscape. #proactiveinvestors #zerofoxholdings #nasdaq #zfox #cybersecurity #Cybersecurity #CEOInterview #Q3Results #DataProtection #DigitalSecurity #TechInnovation #RansomwareDefense #ThreatDetection #EnterpriseSecurity #DeepWebMonitoring #DarkWebSecurity #InfoSec #NetworkProtection #AIinSecurity #CyberThreats #OnlineSafety #ITSecurity #InnovationInTech #DigitalDefense #SecuritySolutions #BusinessProtection #DataPrivacy #ZeroFOXInsights #CyberAwareness#invest #investing #investment #investor #stockmarket #stocks #stock #stockmarketnews

Mike Price from ZeroFox sits down to discuss what 2023 phishing trends mean for the broader industry as we quickly approach 2024. Dave and Joe share a serious write in from listener Michelle who shares her pleads for her aunt, who she believes is being catfished. Listener Marc also writes in with an email that claims to be from "Walmart," that he is quite suspicious of. Joe's story follows Meta, and how they have designed products to target and harm kids. Dave's story is on bad bots and the dangers they pose with fake businesses that are maximizing their illicit earnings. Our catch of the day comes from listener Konstantin, who shares and email received from scammers claiming to be "McAfee," trying to get payment of almost $600. Links to the stories: Meta Designed Products to Capitalize on Teen Vulnerabilities, States Allege Breaking (Bad) Bots: Bot Abuse Analysis and Other Fraud Benchmarks Have a Catch of the Day you'd like to share? Email it to us at hackinghumans@thecyberwire.com.

Enjoy our panel discussion with executive leaders from ChaosSearch, Sentra and ZeroFox and discuss some best practices for secure data management and compliance in the cloud.Speakers:Thomas Hazel, CTO & Chief Scientist, ChaosSearchYoav Regev, CEO and Co-founder, SentraMike Price, Chief Technology Officer, ZeroFoxMark Terenzoni, Service Leader, AWS, Amazon Inspector and Amazon DetectiveTopics Include:Customers concerned about size of dataHow AWS manages large amounts of dataChallenges of compliance with data storagePeople challenges with data securityGetting security info from customers isn't always easyComplexity of security options still challenging to many customers

"Dark web" ir interneta daļa, kurai piekļūt no ierastajiem interneta pālūkiem nav iespējams. "Dark web" slēpj lietotāju identitāti un atrašanās vietu, kas ļauj veikt dažādas darbības, kas var būt arī nelegālas vai amorālas. Vienlaikus tā ir iespēja disidentiem un žurnālistiem anonīmi apmainīties ar informāciju. Podkāstā uzzinām, kā darbojas "dark web", kādi ir tā darbības riski un ieguvumi un kā pasargāt sevi. Pie Digitālo brokastu galda Ādams Darra, Tumšā tīmekļa operāciju vecākais direktors kiberdrošības uzņēmumā "Zerofox".

"Dark web" ir interneta daļa, kurai piekļūt no ierastajiem interneta pālūkiem nav iespējams. "Dark web" slēpj lietotāju identitāti un atrašanās vietu, kas ļauj veikt dažādas darbības, kas var būt arī nelegālas vai amorālas. Vienlaikus tā ir iespēja disidentiem un žurnālistiem anonīmi apmainīties ar informāciju. Podkāstā uzzinām, kā darbojas "dark web", kādi ir tā darbības riski un ieguvumi un kā pasargāt sevi. Pie Digitālo brokastu galda Ādams Darra, Tumšā tīmekļa operāciju vecākais direktors kiberdrošības uzņēmumā "Zerofox". Iespēja noklausīties interviju arī angļu valodā. Plašāk par tehnoloģiju jaunumiem lasi arī LSM portālā.

The time for #CyberMarketingCon2023 is fast approaching and we hope to see you in Austin in December. So mark those calendars and get your tickets, the conference will be from December 10th through 13th. It's filled with education, the best speakers, hands-on workshops, networking, networking, AND MORE networking.  Maria and Gianna cannot wait to see you. Enjoy this episode and be sure to get your ticket by clicking ➡️➡️➡️here! In this session, the focus was on understanding the dynamics of channel partner relationships in the cybersecurity industry. The two speakers, Amanda McLaughlin, Director of Mid-Atlantic Marketing at GuidePoint Security (Former Marketing Manager for GuidePoint Security), and David Brown, Head of Global Alliance and Partner Marketing at ReversingLabs (Former Director, Global Partner Marketing at ZEROFOX) are on a mission to educate and dispel misconceptions about VAR (Value-Added Reseller) and vendor relationships while also providing valuable tips and tricks on how to establish and maintain healthy VAR and vendor relationships.    Here are the key points covered: Promoting a better understanding of VAR and vendor relationships. Also highlighting their significance in the context of the cybersecurity industry. An in-depth explanation of what a VAR is: “entities that offer not only products but also their expertise and services in conjunction with solutions provided by solution providers.” The speakers used GuidePoint Security as an example as it is a cybersecurity VAR offering its services and expertise to clients. Addressing Misunderstandings: Amanda and David acknowledged that VAR and reseller relationships can be misunderstood, which is something similar to the classic sales and marketing relationship. But they also highlight how important it is to clear misunderstandings to establish effective partnerships. To close the session the speakers also went into what a successful vendor looks like to a VAR. The key metrics for success and some tips if you feel like your reseller relationship is not working? They also opened the floor for some questions!   More on #CyberMarketingCon2023 here, see you in Texas!

In this episode of Better Tech, we dive deep into the world of synthetic data, generative AI, and their impact on cybersecurity. Join us as we explore the technology, potential threats, ethical considerations, and the promising applications of generative AI. Our guest, Mike Price, the Chief Technology Officer at ZeroFox, shares his insights and experiences from his extensive career in cybersecurity. --- Send in a voice message: https://podcasters.spotify.com/pod/show/bettertech/message

Today on the Social-Engineer Podcast: The Security Awareness Series, Ryan and I are joined by Evan Blair. He is the General Manager for Searchlight Cyber, which brings industry leading dark web intelligence & security capabilities to the commercial and government sectors. Mr. Blair, a seasoned international cyber security executive, previously held the role of Chief Revenue Officer at the secure communications & data management firm HighSide, co-founded, led and exited the cyber security & threat intelligence firm ZeroFox and ran Accuvant's global partner solutions division. He has been a fixture on Capitol Hill, working to advance legislation and funding for Active Duty military and Veterans cyber protection as well as advanced fraud and cyber protections for the American taxpayer. Blending his cybersecurity expertise with a background in international economics, Mr. Blair helps businesses develop and launch value based cyber initiatives addressing both the concerns of the CISO and the CFO. [Sept 18, 2023]   00:00 - Intro 00:18 - Ryan Intro 01:26 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                04:39 - Evan Blair Intro 06:08 - An Opportunity That Couldn't Be Passed On 13:21 - The Dark Web: Why You Should Care 22:35 - Telegraphing the Attack 36:49 - Data for Defense 43:03 - Correlation of Actions 46:57 - Find Evan Blair Online -          LinkedIn: linkedin.com/in/evanblair/ -          Twitter: twitter.com/EvanLBlair -          Website: https://www.slcyber.io/ -          Guide Book: The Practitioner's Guide To The Dark Web 48:34 - Mentors -          John Abraham -          James Foster 54:02 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Sophos analyzes malvertising through purchased Google Ads. The MOVEit vulnerability is remediated faster than most. The DeliveryCheck backdoor is used against Ukrainian targets. SORM is under stress. Ukrainian police roll up another bot farm working in support of Russian influence operations. AJ Nash from ZeroFox provides insights on the White House cybersecurity labeling program. David Moulton from Palo Alto Networks Unit 42 introduces his new segment "Threat Vector." And we bid farewell to Kevin Mitnick. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/137 Selected reading. Bad ad fad leads to IcedID, Gozi infections (Sophos News) New research reveals rapid remediation of MOVEit Transfer vulnerabilities (Bitsight)  GRIT Ransomware Report-2023-Q2 (Guidepoint Security)  Russia's Turla hackers target Ukraine's defense with spyware (Record)  Russian Hackers Probe Ukrainian Defense Sector With Backdoor (Bank Info Security)  Russia's vast telecom surveillance system crippled by withdrawal of Western tech, report says (Record)  Ukraine's cyber police dismantled a massive bot farm spreading propaganda (Security Affairs) Kevin David Mitnick, August 6, 1963 - July 16, 2023. (Dignity Memorial)

Mis-, dis- and malinformation (MDM) are a significant threat to security leaders and their organizations. Find out more in this episode of The Security Podcast featuring AJ Nash, Vice President and Distinguished Fellow of Intelligence at ZeroFox.

ZeroFox secures your digital assets beyond the perimeter with end-to-end external cybersecurity, providing a unified solution to expose malicious activity and end cyber threats. Learn more at https://zerofox.com

Social engineering with generative AI. Mylobot and BHProxies. PureCrypter is deployed against government organizations and staged through Discord. Dish Network reports disruption. Third-party app and software as a service risk. Further assessments of the cyber phase of Russia's war so far, with warnings to stay alert. Are tough times coming in gangland? Comments on NIST's revisions to its Cybersecurity Framework are due this Friday. AJ Nash from ZeroFox on Mis/Dis/and Malinformation. Rick Howard digs into Zero Trust. And get this—AI is writing science fiction! For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/38 Selected reading. Social engineering with generative AI. (CyberWire) Who's Behind the Botnet-Based Service BHProxies? (KrebsOnSecurity) Mylobot: Investigating a proxy botnet (Bitsight) PureCrypter targets government entities through Discord (Menlo Security) PureCrypter malware hits govt orgs with ransomware, info-stealers (BleepingComputer) Uncovering the Risks & Realities of Third-Party Connected Apps: ‍2023 SaaS-to-SaaS Access Report (Adaptive Shield) Ukraine war anniversary likely to bring ‘disruptive' cyberattacks on West, agencies warn (Global News) How the Ukraine War Has Changed Russia's Cyberstrategy  (Foreign Policy)  A year of wiper attacks in Ukraine (WeLiveSecurity) Russia's yearlong cyber focus on Ukraine (Axios) A year after Russia's invasion, cyberdefenses have improved around the world (Washington Post) One year on, how is the war playing out in cyberspace? (WeLiveSecurity)  The Russia-Ukraine cyber war: one year later (IT World Canada)  Russia launched large-scale operations in cyberspace alongside war (euronews) WSJ News Exclusive | Hackers Extort Less Money, Are Laid Off as New Tactics Thwart More Ransomware Attacks (Wall Street Journal) AI-generated fiction is flooding literary magazines — but not fooling anyone (The Verge)

En este nuevo episodio de Fusiones y Adquisiciones, el podcast de Empresax.com, abordamos los siguientes temas: 👉 Este episodio cuenta con el apoyo de Datasite, líder mundial en la gestión integral de los procesos de M&A: https://bit.ly/3f3t6g7 - ¿Quién es María Rojo? - Estado de la industria de la ciberseguridad: ataques, impacto, verticales, consolidación... - ¿Qué hacen desde Enthec? ¿Por qué se decantó por la ciberinteligencia de entre todos los segmentos del sector? ¿Cuáles han sido los principales hitos hasta la fecha? ¿Y el roadmap? - Operaciones M&A y de Private Equity destacadas: racional de transacciones como la adquisición de RiskRecon por parte de Mastercard, RiskIQ y Microsoft, BitSight y Moodys o la verticalización de Zerofox con la adquisición de IDX. - Casos de éxito en España. - De Aranda de Duero a Málaga. La gran apuesta de la ciudad andaluza por convertirse en un hub tech y de ciberseguridad. María es fundadora y CEO de Enthec Solutions, empresa de desarrollo de soluciones de ciberseguridad y cibervigilancia. Ha desarrollado toda su carrera en el área de ciberseguridad de grandes empresas como BBVA, Santander, Indra or Airbus. Actualmente está cursando el Doctorado en Telemática con Máster e Ciberseguridad en la UC3M y ha publicado un libro sobre blockchain.

The FBI warns of malicious advertising. A new gang makes an unwelcome appearance in the holiday season. Ukraine will receive more Starlink terminals after all. Cyber phases of the hybrid war: a view from Kyiv–the bears and their adjuncts are opportunistic agents of chaos. Caleb Barlow thinks boards of directors need to up their cyber security game. Our guest is AJ Nash from ZeroFox with a look at legislative restrictions on TikTok. And reports say that US National Cyber Director Chris Inglis is preparing to retire. We wish him the best of luck. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/244 Selected reading. Cyber Criminals Impersonating Brands Using Search Engine Advertisement Services to Defraud Users (FBI) A sophisticated fraud ring is waging war on commerce, using rapidly changing tactics (Signifyd) Ukraine to Get Thousands More Starlink Antennas, Minister Says (Bloomberg) Ukraine's Cyber Units Aim to Retain Staff, Keep Services Stable as War Enters Year Two (Wall Street Journal) Top Biden cybersecurity adviser to step down (CNN) Chris Inglis to resign as national cyber director (CyberScoop). First-ever national cyber director Chris Inglis set to retire in coming months: sources (Axios). White House cyber adviser to resign  (The Hill) Chris Inglis, Biden's top cyber adviser, plans to leave government in coming months (POLITICO). White House Cyber Director Chris Inglis to Step Down (Bank Info Security)

AJ Nash from ZeroFox sits down with Dave to discuss Cybersecurity threats including social engineering attacks planned surrounding the Qatar 2022 World Cup. The research shares some of the key threats we might see while the World Cup is happening this year. Researchers say "During the World Cup, there will likely be threat actors aiming to acquire personal information or monetary value through phishing and scams." In the research we can find how the venue host is preparing for these claims of attacks. The research can be found here: Qatar 2022 World Cup Event Assessment

AJ Nash from ZeroFox sits down with Dave to discuss Cybersecurity threats including social engineering attacks planned surrounding the Qatar 2022 World Cup. The research shares some of the key threats we might see while the World Cup is happening this year. Researchers say "During the World Cup, there will likely be threat actors aiming to acquire personal information or monetary value through phishing and scams." In the research we can find how the venue host is preparing for these claims of attacks. The research can be found here: Qatar 2022 World Cup Event Assessment

Luna Moth's callback phishing offers an unpleasant and less familiar form of social engineering. New activity by China's Mustang Panda is reported. DEV0569 is using malvertising to distribute Royal ransomware. US indicts 10 in a business email compromise case. Developing a cyber auxiliary. Dave Bittner sits down with AJ Nash from ZeroFox to discuss holiday scams. Our own Rick Howard speaks with us about cloud security. And beware of Black Friday scams. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/223 Selected reading. Threat Assessment: Luna Moth Callback Phishing Campaign (Unit 42)  DEV-0569 finds new ways to deliver Royal ransomware, various payloads (Microsoft Security)  Earth Preta Spear-Phishing Governments Worldwide (Trend Micro)  EXCLUSIVE: Rounding up a cyber posse for Ukraine (The Record by Recorded Future)  Tech for good: How the IT industry is helping Ukraine (Computing)  10 Charged in Business Email Compromise and Money Laundering Schemes Targeting Medicare, Medicaid, and Other Victims (US Department of Justice)  Black Friday and Cyber Monday risks. (CyberWire)

Jeff Foley has over 20 years of industry experience focused on applied research & development and assessment of security in critical information technology and infrastructure. He is the Project Leader for Amass, an OWASP (Open Web Application Security Project) Foundation flagship project that performs in-depth attack surface mapping and asset discovery. Jeff is also an Adjunct Lecturer teaching Penetration Testing at the SUNY (State University of New York) Polytechnic Institute. Previously, he was the US Manager for Penetration Testing & Red Teaming at National Grid, a multinational electricity and gas utility company. Prior to this, Jeff served as the Director of Penetration Testing & Security Assessment at Northrop Grumman Corporation, an American global aerospace and defense technology company. Jeff is currently working as the Vice President of Attack Surface Protection at ZeroFox. In his spare time, Jeff enjoys experimenting with new blends of coffee and giving back to the information security community.In this episode, Jeff explained his journey of developing and maintaining Amass project - an open-source tool for In-depth DNS enumeration, attack surface mapping and external asset discovery.For more SecTools podcast episodes, visit https://infoseccampus.com

Brian Kime, VP of Intelligence Strategy and Advisory at ZeroFox, talks about all things threat intelligence this week. Brian explains why he chose threat intelligence as his focus, where he's seen opportunities for growth in recent years, and what challenges for cyber threat intelligence lie ahead. Using his intelligence experience developed first in the US Army Special Forces, Brian delivers his argument for intelligence-driven security, instead of the marketing-driven security industry we have today.   Timecoded Guide: [00:00] Diving into the VP of Intelligence Strategy role [05:25] Learning intelligence in the Army Special Forces [10:09] Seeing the past, present, & future of threat intelligence [19:31] Measuring efficacy & ROI of cyber threat data [25:18] Building your own cyber threat intelligence capabilities   Sponsor Links: Thank you to our sponsors Axonius and NetSPI for bringing this episode to life! The Axonius solution correlates asset data from existing solutions to provide an always up-to-date inventory, uncover gaps, and automate action — giving IT and security teams the confidence to control complexity. Learn more at axonius.com/hackervalley   A lot of folks shift from intelligence into other areas of cyber, what inspired you to continue down the intelligence route? After Brian graduated from Georgia Tech and the nation experienced the tragedy of 9/11, Brian felt called to enlist in the US Army Reserve. While the war in Afghanistan was not as short-lived as anyone expected, Brian found his calling in military intelligence, where he was inspired to put his experiences in IT and intelligence together. It turns out that fusion already existed in the form of cyber threat intelligence, and Brian wanted to focus on that completely. “I want to bring all these things together and really start pushing our customers and pushing the security community in general towards more intelligence-driven security. Mostly, what I see even today still just feels like marketing-driven security.”   Where are we today with threat intelligence technology, in terms of challenges and opportunities? Brian believes we're already in a really exciting place today in terms of threat intelligence technology. What feels especially opportune for him at the moment includes opportunities and technology that involve internal data from previous threats, freely available external data from sources like blogs, and third-party vendors. However, the challenges facing threat intelligence now involve how to make that technology available for small and medium businesses. “That's what I would love to see become the standard, that big corporations incorporate threat intelligence to the level that they can start to actually extend that value into their supply chain. That way, the whole system becomes more resilient, more secure.”   How does a security team measure the efficacy and ROI of intelligence? In Brian's opinion, most cybersecurity practitioners don't track the ROI of their intelligence vendors, or they fail to measure intelligence for effectiveness. The metrics cyber teams should focus on include number of new detections created, incidents discovered, adversary dwell time, and improved security decision making. Unfortunately, improved decision making is the hardest to measure because it requires practitioner feedback. “At the end of the day, if stakeholders are making security decisions based on intelligence that I'm providing, that's a really good measure of effectiveness. All the security decisions that were influenced by threat intelligence, that's what we're going for.”    When you don't have an intelligence capability and you want to create one, what is typically the first thing that an intelligence team member does? If you're intending to collect data from your customers (which almost every company out there is trying to do), then Brian believes that privacy and security need to be considered from the start. Critical security controls and a solid framework are key to early success for even the smallest security team. The best place to start? Software and hardware inventory. If you don't know what you have, you won't be able to secure your technology properly.  “At the beginning of the critical security controls, it's always software and hardware inventory. If I don't know what I have, then I really can't do anything well in security. I can't do incident response because I don't know where my data is.” --------------- Links: Keep up with our guest Brian Kime on LinkedIn and Twitter Learn more about ZeroFox on LinkedIn and the ZeroFox website Connect with Ron Eddings on LinkedIn and Twitter Connect with Chris Cochran on LinkedIn and Twitter Purchase a HVS t-shirt at our shop Continue the conversation by joining our Discord Check out Hacker Valley Media and Hacker Valley Studio

Data's stolen from a US "Defense Industrial Base organization." Major sideloading cryptojacking campaign is in progress. Nord Stream and threats to critical infrastructure. US Cyber Command describes "hunt forward" missions in Ukraine. Andrew Hammond from SpyCast speaks with hacker Eric Escobar about the overlap of traditional intelligence and cybersecurity. Our guest is AJ Nash from ZeroFox with an update on the current threat landscape. Fraud meets romance. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/192 Selected reading. Impacket and Exfiltration Tool Used to Steal Sensitive Information from Defense Industrial Base Organization (CISA) CISA: Multiple government hacking groups had ‘long-term' access to defense company (The Record by Recorded Future) US Govt: Hackers stole data from US defense org using new malware (BleepingComputer)  Side-Loading OneDrive for profit – Cryptojacking campaign detected in the wild (Bitdefender Labs) Drone-loaded seabed ship is latest weapon in Royal Navy's arsenal to counter Russian threat (The Telegraph) Opinion Undersea pipeline sabotage demands the West prepare for more attacks (Washington Post) Ukraine Hasn't Won the Cyber War Against Russia Yet (World Politics Review)  USCYBERCOM Executive Director David Frederick Outlines Cyber Threats & Highlights Importance of Industry Partnerships (GovCon Wire)  Romance scammer and BEC fraudster sent to prison for 25 years (Naked Security)

Finally, in the enterprise security news, Normalyze and Flow Security raise money to protect data, Axio and Lumu raise money to assess risk, Bitsight intends to acquire ThirdPartyTrust, Flashpoint acquires Echosec Systems, ZeroFox goes public, Rumble rebrands as runZero, Trusting Amazon with medical records, Taking cryptocurrency off the (payment) menu, AWS's CISO tells us why AWS is so much better than their competitors, and an ancient dial-up Internet service returns!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw284

Finally, in the enterprise security news, Normalyze and Flow Security raise money to protect data, Axio and Lumu raise money to assess risk, Bitsight intends to acquire ThirdPartyTrust, Flashpoint acquires Echosec Systems, ZeroFox goes public, Rumble rebrands as runZero, Trusting Amazon with medical records, Taking cryptocurrency off the (payment) menu, AWS's CISO tells us why AWS is so much better than their competitors, and an ancient dial-up Internet service returns!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw284

This week, we start off the show by welcoming Ryan Fried to discuss how Security analysts can move past traditional Indicators of Compromise from threat intel like domains, hashes, URLs, and IP addresses. These indicators typically aren't valid shortly after the incidents happen. Modern threat hunting by doing things like reading recent and relevant security articles, pull out behaviors that attackers are doing like commands such as net group "domain admins" or RDPing from workstation to workstation and translating those to threat hunting queries. Then, Joeseph Carson joins to discuss following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response. Finally, in the Enterprise Security News, Normalyze and Flow Security raise money to protect data, Axio and Lumu raise money to assess risk, Bitsight intends to acquire ThirdPartyTrust, Flashpoint acquires Echosec Systems, ZeroFox goes public, Rumble rebrands as runZero, Trusting Amazon with medical records, Taking cryptocurrency off the (payment) menu, AWS's CISO tells us why AWS is so much better than their competitors, and an ancient dial-up Internet service returns! Visit https://www.securityweekly.com/esw for all the latest episodes! Segment Resources: https://www.scythe.io/library/operationalizing-red-canarys-2022-threat-detection-report https://www.itbrew.com/stories/2022/05/09/quantum-ransomware-can-now-move-from-entry-to-encryption-in-under-four-hours?utm_campaign=itb&utm_medium=newsletter&utm_source=morning_brew&mid=1e3360a49c0b72a4c0e4550356ffee54 https://www.cisa.gov/uscert/ncas/alerts/aa22-181a Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw287

This week, we start off the show by welcoming Ryan Fried to discuss how Security analysts can move past traditional Indicators of Compromise from threat intel like domains, hashes, URLs, and IP addresses. These indicators typically aren't valid shortly after the incidents happen. Modern threat hunting by doing things like reading recent and relevant security articles, pull out behaviors that attackers are doing like commands such as net group "domain admins" or RDPing from workstation to workstation and translating those to threat hunting queries. Then, Joeseph Carson joins to discuss following in the footsteps of an attacker and uncovering their digital footprints, this episode will uncover an attacker's techniques used and how they went from zero to full domain admin compromise, which resulted in a nasty ransomware incident. It will also cover general lessons learned from Ransomware Incident Response. Finally, in the Enterprise Security News, Normalyze and Flow Security raise money to protect data, Axio and Lumu raise money to assess risk, Bitsight intends to acquire ThirdPartyTrust, Flashpoint acquires Echosec Systems, ZeroFox goes public, Rumble rebrands as runZero, Trusting Amazon with medical records, Taking cryptocurrency off the (payment) menu, AWS's CISO tells us why AWS is so much better than their competitors, and an ancient dial-up Internet service returns! Visit https://www.securityweekly.com/esw for all the latest episodes! Segment Resources: https://www.scythe.io/library/operationalizing-red-canarys-2022-threat-detection-report https://www.itbrew.com/stories/2022/05/09/quantum-ransomware-can-now-move-from-entry-to-encryption-in-under-four-hours?utm_campaign=itb&utm_medium=newsletter&utm_source=morning_brew&mid=1e3360a49c0b72a4c0e4550356ffee54 https://www.cisa.gov/uscert/ncas/alerts/aa22-181a Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw287

David Brown is the Director of Global Partner Marketing for ZeroFox, a computer and network security company based out of Baltimore, MD. David has over fifteen years of experience in the international B2B marketing field. He joins us as we discuss partnership channel marketing. David believes it's a positive direction for businesses to go in the future of marketing. Timecoded Guide:  In this podcast, David covers:  [1:06] The breakdown and variables of channel partner marketing [13:36] Where your program partners are and what they need from you [21:24] Tactics to enlist new partners for small companies [35:19] How David's early career prepared him for cybersecurity marketing   What is channel partner marketing? This fresh approach to marketing allows for a broader market and network, while also increasing revenue for the companies involved. When partnering with another company through channel partnership, both remain independent. They share the benefits of re-selling and distributing each other's products. Not only that, the partners act as influencers for each other's brands.   “Really, what we're looking at with partner marketing is working with another organization in order to amplify your sales and marketing capabilities.”   Why is channel partnership the future of marketing?  David thinks everyone can benefit from a channel marketing partnership, especially when it comes to inbound marketing. This may be his hot-take in the industry, but he has seen the growth and advantage of inviting other companies to endorse your products. With these channels comes influence, and David believes that influence is the new currency of business.   “And when the channel team in the partnership team is more integrated into sales, marketing, and product, it seems to be a lot more successful.”   How does this fit into sales? Your channels are out there building brand awareness, relationships, and networking. As they drive engagement up, leads will follow suit. It also gives the sales team more resources to get the job done. By creating a partnership program that works alongside your sales team, hitting target goals becomes much easier.   “My job, and people that I work with on the marketing team, is to take our limited resources and direct them at those partners that are starting to build that momentum and go out there.”  ______ Links:  If you have questions or want to chat, email David at dabrown@zerofox.com or message him on the Cybersecurity Marketing Society Slack! Find David Brown on LinkedIn. Follow Gianna on LinkedIn. Catch up with Maria on LinkedIn. Grab your ticket to the Cyber Marketing Con 2022. Join the Cybersecurity Marketing Society on our website, and keep up with us on Twitter. Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter.  Additional resources: ZeroFox, Crossbeam, Cybersecurity Marketing Con, Forrester, Menlo Security, Tierra Security  

In this episode we talk about China Surveillance, Cyber Bills, and Recon Tools… The episode was sponsored by ZeroFox and CrowdSec. Support the show: https://danielmiessler.com/support/ See omnystudio.com/listener for privacy information.

Summary:As threat volume and complexity grows, cyber attacks are quickly becoming one of the biggest concerns facing companies today. When the pandemic accelerated the shift towards digital, and employees around the world began logging in to work from anywhere, the threat of data being compromised only deepened. This is a big problem, not only for businesses, but for the stakeholders who put their trust in them. Cybercriminals are getting bolder, and cyber risks are always evolving. To protect your organization, you need a solution that evolves alongside the threat. Today's guest is doing the critically important work of developing effective cybersecurity solutions. James C. Foster is a world-renowned thought leader on cybersecurity, and founder and CEO of ZeroFOX. Foster has published over a dozen books, holds several patents, and has spoken on Capitol Hill about the increase in international cyber threats. Prior to founding ZeroFOX in 2013, Foster founded the cybersecurity company Ciphent which he grew to almost a hundred employees and a thousand customer before it was acquired by Accuvant in 2010. He's also worked with several high-growth cybersecurity organizations and executed on exit strategies for companies like  Foundstone, Guardent, and Information Security Magazine, and as an advisor for the United States Department of Defense.In this episode, I speak with Foster about pressing external cybersecurity concerns, ZeroFOX's recent public transaction with L&F Acquisition Corp, and where he sees market opportunity in the coming years.Highlights: Foster explains external cybersecurity, and how ZeroFOX works to eradicate those risks for businesses (02:52) Foster describes the effects the pandemic and the ongoing shift towards digital have had on the business (05:46) What is the market opportunity for external cybersecurity? (07:14) Foster explains the rate of cyberattack in recent years, and how a company like ZeroFOX can help ease the minds of execs (08:55) ZeroFOX's public transaction with L&F Acquisition Corp, and their acquisition of IDX (12:37) Foster talks through ZeroFOX's recurring revenue model (18:22) Who are ZeroFOX's clients, and where do they see opportunity in the market for expansion?(20:02) Foster comments on the way global events like Russia's invasion of Ukraine affect cybersecurity around the world (22:22) Links:ICR TwitterICR LinkedInICR WebsiteJames C. Foster LinkedInJames C. Foster TwitterJames C. Foster BioZeroFOX LinkedInZeroFOX WebsiteFeedback:If you have questions about the show, or have a topic in mind you'd like discussed in future episodes, email our producer, elizabeth@lowerstreet.co.

On today's podcast we talk cybersecurity with the ZeroFox CEO James Foster. ZeroFox is an enterprise software-as-a-service leader in external cybersecurity. On the show, Foster discusses: -What is so exciting about cybersecurity -The most important trends in cybersecurity that investors should learn more about -Details on the pending acquisition of IDX, a leading digital privacy protection and data -breach response services company -Key factors driving the company's forecast 30% revenue CAGR -And more  

This week, we speak with James C. Foster, CEO of cybersecurity firm, ZeroFox. ZeroFox entered into a $1.3 billion dollar combination agreement with L&F Acquisition Corporation in December. We discuss how the Russia-Ukraine war has ushered in a new era for cybersecurity and what types of companies face the biggest threats in this new environment. L&F CEO Adam Gerchen also joins us to discuss the investment side of the cybersecurity sector as well as what attracted it to ZeroFox over the long term.

ZeroFox CEO James Foster (LNFA) on crafting a successful SPAC IPO and landing one of the largest and most sensitive government security contracts. Bumble (BMBL) shares the hard facts of just how much love was lost during the pandemic. Despite significant struggles, Trean Insurance Group (TIG) says it has no plans to change its strategy moving forward. How Tidewater (TDW) is building a renewable energy empire across the globe. The Drill Down with Cory Johnson offers a regular look at the business stories behind stocks on the move. Learn more about your ad choices. Visit megaphone.fm/adchoices

Chief Technology Officer of ZeroFox Mike Price joined co-host Andy Bonillo to talk about the use of artificial intelligence in cyber security. Mr. Price also explains the difference between the dark web and the criminal underground, and the emerging threat landscape and the importance of digital risk protection. We finished up the show Mike giving his perspective on the impacts of the Log4J vulnerability. All this and much much more, on Episode #207 of Task Force 7 Radio.

Chief Technology Officer of ZeroFox Mike Price joined co-host Andy Bonillo to talk about the use of artificial intelligence in cyber security. Mr. Price also explains the difference between the dark web and the criminal underground, and the emerging threat landscape and the importance of digital risk protection. We finished up the show Mike giving his perspective on the impacts of the Log4J vulnerability. All this and much much more, on Episode #207 of Task Force 7 Radio.

In the Enterprise Security News for this week, ZeroFox has a $1.4 billion dollar blank check, Corellium raises a $25m series A, GreyNoise makes its data free to help out Log4j sufferers, AWS suffers its third outage in a month (coincidentally hindering GreyNoise's efforts), Ditching Unicorns for Dragons, Yet another easy way to become domain admin, thanks Microsoft, New report finds that current phishing training isn't effective and is even potentially harmful, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw255

This week, Dr. David Brumley from ForAllSecure is with us to discuss Bringing Autonomy to Appsec Then, in the enterprise security news, ZeroFox has a $1.4 billion dollar blank check, Corellium raises a $25m series A, GreyNoise makes its data free to help out Log4j sufferers, AWS suffers its third outage in a month (coincidentally hindering GreyNoise's efforts), Ditching Unicorns for Dragons, Yet another easy way to become domain admin, thanks Microsoft, New report finds that current phishing training isn't effective and is even potentially harmful. Finally, we'll take a look at some of the biggest stories and interviews we discussed this year on ESW and will wrap with our thoughts and hopes for 2022.   Show Notes: https://securityweekly.com/esw255 Segment Resources: Article on competition: https://www.darpa.mil/about-us/timeline/cyber-grand-challenge Technical article on approach: https://spectrum.ieee.org/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them Example vulns discovered: https://forallsecure.com/blog/forallsecure-uncovers-critical-vulnerabilities-in-das-u-boot https://github.com/forallsecure/vulnerabilitieslab   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week, Dr. David Brumley from ForAllSecure is with us to discuss Bringing Autonomy to Appsec Then, in the enterprise security news, ZeroFox has a $1.4 billion dollar blank check, Corellium raises a $25m series A, GreyNoise makes its data free to help out Log4j sufferers, AWS suffers its third outage in a month (coincidentally hindering GreyNoise's efforts), Ditching Unicorns for Dragons, Yet another easy way to become domain admin, thanks Microsoft, New report finds that current phishing training isn't effective and is even potentially harmful. Finally, we'll take a look at some of the biggest stories and interviews we discussed this year on ESW and will wrap with our thoughts and hopes for 2022.   Show Notes: https://securityweekly.com/esw255 Segment Resources: Article on competition: https://www.darpa.mil/about-us/timeline/cyber-grand-challenge Technical article on approach: https://spectrum.ieee.org/mayhem-the-machine-that-finds-software-vulnerabilities-then-patches-them Example vulns discovered: https://forallsecure.com/blog/forallsecure-uncovers-critical-vulnerabilities-in-das-u-boot https://github.com/forallsecure/vulnerabilitieslab   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

In the Enterprise Security News for this week, ZeroFox has a $1.4 billion dollar blank check, Corellium raises a $25m series A, GreyNoise makes its data free to help out Log4j sufferers, AWS suffers its third outage in a month (coincidentally hindering GreyNoise's efforts), Ditching Unicorns for Dragons, Yet another easy way to become domain admin, thanks Microsoft, New report finds that current phishing training isn't effective and is even potentially harmful, & more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw255

ZeroFOX is an enterprise software-as-a-service (SAAS) leader in external cybersecurity. James C. Foster, Founder and CEO of ZeroFOX, discusses the significance of cybersecurity in the current market. He also talks about how ZeroFOX is to go public via SPAC merger with L&F Acquisition Corp. He then goes over how ZeroFOX is to acquire Digital Privacy Protection Platform IDX. Tune in to find out more.

In this Intel Conversations in the Cloud audio podcast: James Carnall from ZeroFOX joins host Jake Smith to talk about AI-powered digital risk protection across the internet, including text, images and video, to identify threats ranging from deep fakes and fraud to potential cyberattacks. James explains why the ZeroFOX team worked directly with Intel for […]

James Carnall from ZeroFOX joins host Jake Smith to talk about AI-powered digital risk protection across the internet, including text, images and video, to identify threats ranging from deep fakes and fraud to potential cyberattacks. James explains why the ZeroFOX team worked directly with Intel for over a year to optimize their processes, such as improving inference performance with OpenVINO. James and Jake talk about how the rising volume of disinformation can have a negative financial impact on companies of all kinds and explain the limitations of relying on biometrics to thwart theft. For more information, visit: https://builders.intel.com/docs/aibuilders/zerofox-uses-intel-ai-technologies-to-protect-businesses-against-targeted-social-and-digital-attacks.pdf Follow Jake on Twitter at: https://twitter.com/jakesmithintel

In this Intel Conversations in the Cloud audio podcast: James Carnall from ZeroFOX joins host Jake Smith to talk about AI-powered digital risk protection across the internet, including text, images and video, to identify threats ranging from deep fakes and fraud to potential cyberattacks. James explains why the ZeroFOX team worked directly with Intel for […]

In this Intel Conversations in the Cloud audio podcast: James Carnall from ZeroFOX joins host Jake Smith to talk about AI-powered digital risk protection across the internet, including text, images and video, to identify threats ranging from deep fakes and fraud to potential cyberattacks. James explains why the ZeroFOX team worked directly with Intel for […]

In this Intel Conversations in the Cloud audio podcast: James Carnall from ZeroFOX joins host Jake Smith to talk about AI-powered digital risk protection across the internet, including text, images and video, to identify threats ranging from deep fakes and fraud to potential cyberattacks. James explains why the ZeroFOX team worked directly with Intel for […]

This week we spoke to the very personable Cyber Sales Leader David Brown (who has worked at Gentrack, Security Matters/Forescout & ZeroFox). We heard his insights on the OT domain - where he's headed up both IPOs and acquisitions, what really keeps CISOs up at night, alternative models for industry events, how to recognise the potential in new hires and that's just the tip of the iceberg.

It might seem counterintuitive, but the most heavily armed and trained Americans are also the most frequent victims of identity theft. Scamming of military members has become big business. Adam Darrah, the director of intelligence services at threat intelligence firm ZeroFOX, has studied this problem in great detail. He discussed his findings on Federal Drive with Tom Temin.

APT31 casts its net into some waters that aren't yet phished out. Vulnerabilities in the NicheStack TCP/IP stack are reported. LemonDuck may be outgrowing its beginnings as a cryptojacking botnet. A large marketing database is found exposed. NSA and CISA offer advice on securing Kubernetes clusters. Adam Darrah from ZeroFox checks in from the floor at BlackHat. Our guests are Nic Fillingham and Natalia Godyla from Microsoft's Security Unlocked podcast. David Dufour from Webroot on the hidden costs of ransomware. And Huawei's CFO returns to court as her extradition hearings enter their endgame. For links to all of today's stories check out our CyberWire daily news briefing: https://www.thecyberwire.com/newsletters/daily-briefing/10/149

Outbrain, a recommendation platform connecting advertisers with open web consumers, has announced its raise of $200 million in a private equity round from The Baupost Group at an undisclosed valuation. The fundraising comes a week after it filed a proposal for the IPO of its common stock with the US Securities and Exchange Commission.Lidya, a digital financial services platform, has raised $8.3 million in a pre-Series B funding round led by Alitheia Capital with participation from Bamboo Capital Partners, Accion Venture Lab and Flourish Ventures, reports state.Localyze, a Y-Combinator-backed startup aiding cross-border employee relocation, has raised €10M ($12M) from Blossom Capital in Series A. Its previous round (Seed) was closed in 2020, and with this funding, Localyze plans to accelerate expanding into other markets besides its base, Germany.Juni, an e-commerce platform, has announced the raise of $21.5M in a Series A funding round, co-led by DST Global and Felix Capital. The company had only launched in 2020 and raised its seed round funding around November last year. The proceeds from this funding would be used in product development and hiring across teams.San Francisco's mmhmm has announced the raise of $100 million in its Series B funding led by SoftBank Vision Fund 2, exactly a year after its private beta launch. Since its launch in 2020, mmhmm has raised about $136 million in four funding rounds in less than a year, with the most recent Series A and debt financing round in October 2020, where it raised $35 million collectively, as per Crunchbase. Sequoia Capital, Mubadala Capital, Human Capital, World Innovation Lab (WiL), and many earlier investors participated in the round.Dataminr has bought WatchKeeper, a situational awareness platform, for an unknown sum. With the purchase of WatchKeeper and its integration with Dataminr Pulse, Dataminr will grow its global corporate customer base. As part of an early access program, business customers will be able to utilize the integrated version of Dataminr Pulse later this year. The broader release is slated for early 2022.ZeroFox, external threat intelligence and security firm, has bought Vigilante, a dark web threat intelligence firm. Vigilante will be incorporated into ZeroFox right away, giving customers a one-of-a-kind Dark Ops solution. Vigilante will provide clients with information and security resources, allowing them to make better decisions.Hopin, a platform for event management, has announced the purchase of Attendify to strengthen and expand its event marketing capabilities. Hopin will soon provide Campaign Manager with Attendify, allowing event marketers to leverage a strong email engine. Attendify's products, such as Audience CRM, a complete attendance data platform, will enhance Hopin's portfolio in various ways.Unit21, a no-code risk, fraud, and compliance software, received a $34 million Series B investment round led by Tiger Global Management. The money will be utilized to expand the engineering, R&D, and go-to-market teams within the firm. Unit21 was formed because the current method of fraud prevention and detection, which relied on “black box” machine learning, was flawed.Opaque, a company that helps businesses analyze encrypted cloud data, has received $9.5 million in a seed round sponsored by Intel Capital. With Opaque, clients can work with secure data on the cloud while guaranteeing that the data isn't exposed. Secure hardware enclaves and cryptographic fortification are part of Opaque, which is a mix of two essential technologies built on top of state-of-the-art cloud security.  Repeat has secured $6 million in a Series A round of funding led by Battery Capital. The funds will be used to grow the company's operations. Client purchasing patterns are tracked by the platform, which alerts them when it's time to repurchase. It then builds a personalized shopping basket for each, which makes replenishing a breeze.Cloverly has raised $2.1 million from TechSquare Ventures in a seed round. Customers may purchase carbon offsets from public markets to offset their carbon footprints while also utilizing technology to develop solutions. Cloverly monitors the offset market to ensure that the providers are trustworthy and continuously looking for new ones.Fountain9, an AI-driven company that focuses on predictive inventory planning, has raised $1.9 million in a seed round. The money will be used to improve the intelligence of the startup's demand sensing engine, increase its product offerings, and expand into new areas.San Francisco's r2C, a software security startup, has announced the raise of $27 million in a Series B funding led by Felicis Ventures with participation from existing investors Redpoint Ventures and Sequoia Capital. Alongside the funding, it announced on its official blog that its open-source product, Semgrep, would now integrate with GitLab.Seattle's WellSaid Labs has announced the raise of $10 million Series A funding led by FUSE, with participation from Voyager, Qualcomm Ventures LLC and GoodFriends. The company would use the fresh capital to enhance its AI-generated synthetic voice business.San Francisco's Renegade Partners has announced the close of its first fund, $100 million, to partner with companies going through a critical inflection point, which it cites as a supercritical stage, in their venture and help them become outliers. The VC firm made its announcement in a series of tweets.

ZeroFox, a cybersecurity startup that helps companies detect risks found on social media and digital channels, has announced it has acquired dark web threat intelligence company Vigilante.  Vigilante — not to be confused with the controversial crime reporting app — scours the dark web to source intelligence that helps to protect organizations from cyberattacks. The […]

ZeroFox, a cybersecurity startup that helps companies detect risks found on social media and digital channels, has announced it has acquired dark web threat intelligence company Vigilante.  Vigilante — not to be confused with the controversial crime reporting app — scours the dark web to source intelligence that helps to protect organizations from cyberattacks. The […]

McAfee describes Operation Diànxùn, a probable Chinese collection effort directed against telecoms and 5G technology. Organizations around the world continue to work to thwart exploitation of Exchange Server vulnerabilities. What’s a webshell, and what can it do? Ben Yelin looks at cell phone data gathered from the US Capitol riot. Our guest is Ross Rustici from ZeroFOX on the evolution of ransomware. And how much does it cost to redirect all your SMS messages to some goon? Said goon needs only sixteen bucks. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/50

In this episode of the Virtual Coffee with Ashish edition, we spoke with Sam Small, Chief Security Officer, Zerofox Host: Ashish Rajan - Twitter @hashishrajan Guest: Sam Small - Linkedin @samsmallphd In this episode, Sam & Ashish spoke about What was your path into your current role? What are Digital Risk and Digital Threats? How do you identify Digital Risk? what are the broad categories? How is Digital Risk different at an organisation level? Is Digital Risk Protection the same as Cyber Threat intelligence? What risks does Digital Risk Protection (DRP) protect organisations against? What can organisations do as part of Digital Risk Protection (DRP) apart from seeking legal actions? Is there an overlap between social engineering and digital risk protection? Are digital risk threats on the rise? How do we respond to attacks where social media is being social engineered? How do you assess the maturity of DRP in an organisation? ShowNotes and Episode Transcript on www.cloudsecuritypodcast.tv Twitter - @kaizenteq @hashishrajan If you want to watch videos of this and previous episodes: - Twitch Channel: https://lnkd.in/gxhFrqw - Youtube Channel: https://lnkd.in/gUHqSai

In this episode of Intel on AI guest Jerome Pesenti, Head of AI at Facebook, joins host Abigail Hing Wen to talk about the different ways the company uses AI technology. Jerome and Abigail discuss the three areas Facebook is focusing on for AI development, the challenges of creating systems that feel natural to users, and how social media platforms impact our lives. Also in this episode, Abigail talks with Sam Small, Chief Security Officer at ZeroFox, about using AI for risk protection across social media. Follow Jerome on Twitter at: twitter.com/an_open_mind Follow Abigail on Twitter at: twitter.com/abigailhingwen Learn more about the future of AI at: intel.com/ai

In this episode of Intel on AI guest Jerome Pesenti, Head of AI at Facebook, joins host Abigail Hing Wen to talk about the different ways the company uses AI technology. Jerome and Abigail discuss the three areas Facebook is focusing on for AI development, the challenges of creating systems that feel natural to users, and how social media platforms impact our lives. Also in this episode, Abigail talks with Sam Small, Chief Security Officer at ZeroFox, about using AI for risk protection across social media. Follow Jerome on Twitter at: twitter.com/an_open_mind Follow Abigail on Twitter at: twitter.com/abigailhingwen Learn more about the future of AI at: intel.com/ai

Twitter sustained a major incident in which celebrity accounts were hijacked yesterday. It seems to have been a social engineering caper, but it’s motivation, nominally financial, remains unclear. British authorities call out Russia for an influence campaign mounted during last year’s elections. Cozy Bear is back, and sniffing for COVID-19 biomedical intelligence. Craig Williams from Cisco Talos on Dynamic Data Resolver, a plugin that makes reverse-engineering malware easier. Our guest is Ashlee Benge, formerly from ZeroFox, on emerging and persistent digital attack tactics facing the financial services industry. And Chinese intelligence services are spearphishing Hong Kong Catholics. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/9/137

This week in the Enterprise Security News, Breach-and-Attack Simulation Firm SafeBreach Raises $19 Million, F-Secure launches protection and response service to protect remote workers, Swimlane acquires Syncurity to spur growth and affirm commitment to SOAR market, DefenseCode ThunderScan SAST 2.1.0 supports Go and ABAP languages, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

This week in the Enterprise Security News, Breach-and-Attack Simulation Firm SafeBreach Raises $19 Million, F-Secure launches protection and response service to protect remote workers, Swimlane acquires Syncurity to spur growth and affirm commitment to SOAR market, DefenseCode ThunderScan SAST 2.1.0 supports Go and ABAP languages, and more!   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode180

#Brian Reed, Chief Mobility Officer at NowSecure As NowSecure Chief Mobility Officer, industry veteran Brian Reed brings over a 15 years of experience in mobile, security and risk including NowSecure, Good Technology, BlackBerry, BoxTone, and ZeroFOX working with Fortune 2000 global customers, mobile trailblazers and government agencies. With more than 25 years driving innovative solutions and securing customer success, Brian is a dynamic speaker and compelling storyteller who brings unique insights and global experience. Brian is a frequent speaker at events including DevOpsWorld, DevOps Days, RSA, OWASP, Droidcon, FS-ISAC, Gartner, Mobile World Congress, and numerous vertical industry events. Brian is a graduate of Duke University.

On today's Tech Trailblazers: Chief Trailblazer, Rose Ross speaks with Evan Blair, Co-founder and Global VP Channel Sales at Zerofox, a previous winner of the Security Trailblazers. Evan shares more about Zerofox and the company's journey since winning this leading industry recognition. More about Zerofox at www.Zerofox.com. Host: Rose Ross You can contribute to Tech Trailblazers by sending an email to innovate@techtrailblazers.com. More on the Tech Trailblazers at www.techtrailblazers.com.

This week, we talk Enterprise News, to talk about Salt Security API Protection Explained, Thycotic Leads the Way for Cloud-based Privileged Access Management, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, Elastic Stack 7.6 delivers automated threat analysis and response, and 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks! In our second segment, we welcome David Waugh, Chief Revenue Officer at Managed Methods, to discuss how K-12 schools are victims of lateral phishing campaigns! In our final segment, we welcome Jeff Deininger, Principal Sales Engineer for the Cloud at ExtraHop, to discuss How to Secure Cloud Workloads & Reduce Friction with Cloud-Native Network Detection & Response!   Show Notes: https://wiki.securityweekly.com/ESWEpisode172 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise News, Paul and Matt cover the following stories: Insight Completes Venture Acquisition of Armis, Salt Security API Protection Explained, RSA NetWitness Platform Bolsters Threat Detection and Incident Response, Thycotic Leads the Way for Cloud-based Privileged Access Management, Deep learning cybersecurity co Deep Instinct raises $43m, LogicHub launches MDR+ to provide flexible end-to-end detection and response, CipherCloud CASB+ for Slack: Visibility, protection and control of all user activity on Slack, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks, Elastic Stack 7.6 delivers automated threat analysis and response, and Tufin SecureCloud Enables Companies to Secure Hybrid Cloud Environments Without Compromising Business Speed or Agility. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode17  

This week, we talk Enterprise News, to talk about Salt Security API Protection Explained, Thycotic Leads the Way for Cloud-based Privileged Access Management, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, Elastic Stack 7.6 delivers automated threat analysis and response, and 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks! In our second segment, we welcome David Waugh, Chief Revenue Officer at Managed Methods, to discuss how K-12 schools are victims of lateral phishing campaigns! In our final segment, we welcome Jeff Deininger, Principal Sales Engineer for the Cloud at ExtraHop, to discuss How to Secure Cloud Workloads & Reduce Friction with Cloud-Native Network Detection & Response!   Show Notes: https://wiki.securityweekly.com/ESWEpisode172 Visit https://www.securityweekly.com/esw for all the latest episodes!   Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly

This week in the Enterprise News, Paul and Matt cover the following stories: Insight Completes Venture Acquisition of Armis, Salt Security API Protection Explained, RSA NetWitness Platform Bolsters Threat Detection and Incident Response, Thycotic Leads the Way for Cloud-based Privileged Access Management, Deep learning cybersecurity co Deep Instinct raises $43m, LogicHub launches MDR+ to provide flexible end-to-end detection and response, CipherCloud CASB+ for Slack: Visibility, protection and control of all user activity on Slack, ZeroFOX launches AI-powered Advanced Email Protection for Google and Microsoft platforms, 12,000+ Jenkins servers can be exploited to launch, amplify DDoS attacks, Elastic Stack 7.6 delivers automated threat analysis and response, and Tufin SecureCloud Enables Companies to Secure Hybrid Cloud Environments Without Compromising Business Speed or Agility. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/ESWEpisode172

In this Intel on AI podcast episode: Today, social media is among the primary business and communication platforms for modern organizations, yet, social media networks are incredibly large platforms with some of the most complex security challenges. Increasingly attackers hide attacks with embedded images and video manipulation which evade traditional detection methods and are very […]

In this Intel on AI podcast episode: Today, social media is among the primary business and communication platforms for modern organizations, yet, social media networks are incredibly large platforms with some of the most complex security challenges. Increasingly attackers hide attacks with embedded images and video manipulation which evade traditional detection methods and are very […]

In this Intel on AI podcast episode: Today, social media is among the primary business and communication platforms for modern organizations, yet, social media networks are incredibly large platforms with some of the most complex security challenges. Increasingly attackers hide attacks with embedded images and video manipulation which evade traditional detection methods and are very […]

Black Friday and Cyber Monday-related scams are nothing new - but researchers warn that this year,  they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data. A research report released Tuesday by ZeroFOX uncovered some of the threats that attackers are using to tap into the Black Friday shopping craze, including social media scams, domain impersonation scams, and malware.

Special guest host Graham Cluley joins Dave while Joe takes a short break. Dave shares the success of the FBI's reWired campaign which has apprehended alleged scammers around the world. Graham describes a website hoping to spare users the hardship of multifactor authentication. The catch of the day involves a generous soccer star. Our guest is Matt Price from ZeroFOX with insights on Deep Fake technology. Links to today's stories: https://www.fbi.gov/news/stories/operation-rewired-bec-takedown-091019 https://dontduo.com/ https://www.smashingsecurity.com/ Thanks to our show sponsor KnowBe4.  

Joe shares the tale of a prisoner running a variety of romance scams from the inside. Dave outlines direct deposit scams. The catch of the day is a clever variation from (where else?) Nigeria. Our guest is Sam Small from ZeroFox. Links to stories: https://hubpages.com/politics/The-Games-That-Inmates-Play https://ogletree.com/shared-content/content/blog/2018/january/diverting-employees-payroll-direct-deposits-the-latest-wave-of-phishing-scams https://www.kansas.com/news/local/crime/article223873805.html Thanks to our sponsors at KnowBe4.  

Key Points From This Episode:Learn more about Mike, his background in the industry and his role at ZeroFOX.Find out why security never appears to be top of mind when it comes to social.Are people more welcoming of digital intruders versus in-person intruders?Mike shares his views on social interaction from an enterprise perspective.How ZeroFOX assists companies who are being harmed by behavior on social.Why is crypto mining such a big issue right now and are consumers at a security risk?Is the home becoming a new target for hackers and how consumers can protect themselves?Discover whether Mike sees a battle betweenAIML and data privacy.And much more!

Cybersecurity is the hot topic this month and Gavin Cameron from Zerofox and David Sanders from Ideal share top tips for securing your social media from hackers and phishers, while Nigel Morgan from GDPR123 tells businesses how to make sure their data is compliant with the new GDPR laws. Plus two very doggy businesses pitch in the Business Show elevator. With Natasha Steel.

Reporter Tim Curtis of The Daily Record speaks with James Foster, CEO of ZeroFox.

Black Hat 2017 has wrapped up, and by all accounts it was another successful conference, with an active trade show floor, exciting keynotes and engaging, informative educational sessions on a variety of topics. There was business being done, with hopeful entrepreneurs and investors alike looking to identify the next big thing in cyber security.  In this CyberWire special edition, we’ve rounded up a handful of presenters and one investor for a taste of Black Hat, to help give you a sense of the event.    Patrick Wardle is Chief Security Researcher at Synack, and creator of objective-see, an online site where he publishes the personal tools he’s created to help protect Mac OS computers. He’ll be telling us about his research on the FruitFly malware recently discovered on Mac OS.  https://objective-see.com/   Hyrum Anderson is technical director of data science at Endgame, he will discuss research he released on stage at Black Hat showing the pros and cons of using machine learning from both a defender and attacker perspective.  https://www.endgame.com/our-experts/hyrum-anderson   Zack Allen, Manager of Threat Operations, and Chaim Sanders, Security Lead, of ZeroFOX will be speaking about their Black Hat presentation on finding regressions in web application firewall (WAF) deployments.  https://www.linkedin.com/in/zack-allen-12749a76 https://www.linkedin.com/in/chaim-sanders-a7a23713/   And we’ll wrap it up with some insights from Alberto Yepez, founder and managing director of Trident Cybersecurity, on the investment environment and the changes he’s seen in the market in the last year.  https://www.linkedin.com/in/albertoyepez/

ZeroFOX, Deep Instinct, Flashpoint, Symantec acquired Skycure for an undisclosed amount, RiskLens and Nok Nok Labs raised $8M series D. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode47 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

ZeroFOX, Deep Instinct, Flashpoint, Symantec acquired Skycure for an undisclosed amount, RiskLens and Nok Nok Labs raised $8M series D. Full Show Notes: https://wiki.securityweekly.com/SSWEpisode47 Visit http://securityweekly.com/category/ssw/ for all the latest episodes!

While we have been busy concentrating on viruses, malware, firewalls, phishing attempts, and ransomware, how many of you think about social media attacks and social media cyber crimes? James Foster, ZeroFOX’s CEO, discusses the growing issue of social media cybercrime. He also highlights specific attacks/scams plaguing Twitter, Facebook and LinkedIn, respectively, and explains his company’s role in keeping users safe. Foster also talks about what companies and individuals should be doing to protect themselves and what’s on the horizon in terms of future social media attacks. ZeroFox ZeroFOX was named "2017 Red Herring Top 100 North America Winner Leader in Social Media and Digital Security Recognized for Technical Innovation and Financial Performance" About James Foster: Foster is a prominent thought-leader on cybersecurity, having spoken on Capitol Hill about the increase in international cyber threats. Prior to his role at ZeroFOX, he founded cyber security firm Ciphent in 2006, which he led to a three-year growth rate of 8900% with 100 employees and 1000 customers by 2010 when it was acquired by Accuvant.

In this CyberWire 2017 RSA Conference special edition, we wrap up our show coverage with insights from experts, about the trends they’re seeing, the products they’re pitching, and where they think we, as an industry, need to go. Guests include: Mark Dufresne, Director, Threat Research and Adversary Prevention, Endgame https://www.linkedin.com/in/mark-dufresne-b3275610a/   James Lyne, Global Head of Security Research, Sophos https://www.linkedin.com/in/jameslyne/   Emily Mossburg, Principal, Cyber Risk Services Leadership Team, Deloitte & Touche https://www.linkedin.com/in/emilymossburg/   Mark Nunnikhoven, Vice President, Cloud Research, Trend Micro https://www.linkedin.com/in/marknca/   Levi Gundert, Vice President of Intelligence and Strategy, Recorded Future https://www.linkedin.com/in/levigundert/   Carl Leonard, Principal Security Analyst, Forcepoint https://www.linkedin.com/in/carl-leonard-5486405/   Evan Blair, Founder, ZeroFOX https://www.linkedin.com/in/evanblair/   Gabby Nizri, Founder and CEO, Ayehu Software Technologies https://www.linkedin.com/in/gabbynizri/   Jason Porter, Vice President Security Solutions, AT&T https://www.linkedin.com/in/jason-porter-4a604757/  

Oneon one with Brian Reed of ZeroFOX by DMN One-on-One

Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Zack-Allen-Rusty-Bower-Malware-In-Gaming.pdf Malware in the Gaming Micro-economy Zack Allen Lead Research Engineer, ZeroFOX Rusty Bower Information Security Engineer Microeconomics focuses on how patterns of supply and demand determine price and output in individual markets [1]. Within recent years, micro-economies have flourished within the Audio game industry. Companies like Valve rely heavily on a business model that depends on gamers making purchases for in-game items. Players can trade these items in bulk for a rare item, make bets on a competitive gaming match or gift the item for a charity event. While originally well-intentioned, creating these micro-economies also created an incentive for criminals to scam and even steal from unsuspecting victims. Traditional scams date as far back to games like Diablo or Runescape where players were duped in trade windows and in game messaging systems were used to steal items. These low-tech strategies are effective, but recently a new, high-tech scam strategy has emerged relying upon malware specifically targeting the Steam micro-economy. Over the last year, we have collected and reversed dozens of samples of malware that target Steam users. Pieces of malware can be sophisticated RAM scrapers that pilfer an item in memory and send trade requests through the Steam trading API, or as simple as a remote login service. The end result is the same - the hacker loots the victim’s backpack of in game items to sell them on the market for profit. This talk focuses on the techniques we have found in these samples, surveys of victims of these scams and the distribution of money lost from them (up to the $1000s of dollars for users in some cases) and the defenses Steam has put in place to combat this hacker underground. Zack Allen is an RIT graduate, majoring in Information Security. He is also an alum of the Advanced Course for Engineering (ACE) held at AFRL every summer. After working for a government contractor, he joined the exciting startup world and is currently a Research team lead at ZeroFOX. His security specialties include research and development, threat intelligence, tool creation and red teaming. Rusty Bower graduated from the Rochester Institute of Technology with a degree in Information Security. He has been employed at Lockheed Martin and Palantir Technologies tackling a variety of security challenges. His experience is mainly focused in security operations, incident response, tool development, and infrastructure management. He is currently an Information Security Engineer in the Los Angeles area, tackling security challenges at scale.

Betamore is a 2 and a half year old Technology Incubator, co-working space and education center located in Baltimore, Maryland. In it’s short life Betamore has become a cornerstone of technology innovation in the area and has  already seen one of it’s incubated companies Zerofox a social media security firm, leave the incubator and  thrive in the wild.   Jen has an extensive background in the technology startup world as well as being an expert in regional economic development. She took on the role of CEO at Betamore The BetaCity event which will feature demos from 20 startups and VC pitches from 8 companies is set for October 1, 2015.  For this event they have partnered with Plank Industries, the private investment firm controlled by UnderArmor CEO Kevin Plank.   BetaCity will take place at the brand new City Garage, a part of the ambitious Under Armor Headquarters campus that is now being developed in the Port Covington area of South Baltimore.     If you are interested in being in the pulse of the Baltimore Startup scene BetaCity is a Must attend event.