Look for any podcast host, guest or anyone
Showing episodes and shows of

Audra Streetman

Shows

Breaking Badness
Breaking BadnessFrom Newsroom to Threat Room: Audra Streetman’s Journey into CybersecurityIn this episode of Breaking Badness, Kali Fencl sits down with Audra Streetman, a former journalist turned threat intelligence analyst at Splunk. Audra shares her journey from local newsrooms to the frontlines of cybersecurity, detailing how her storytelling skills translate directly into threat research. Audra walks us through how ransomware attacks like JBS Foods and the Excellion breach sparked her pivot into cyber. She dives deep into persistent threat tactics, such as file transfer appliance exploitation, the growing risk of cloud infrastructure attacks, and North Korean IT worker scams. If you're a cybersecurity professional, a curious career switcher, or someone...
2025-07-0316 minThe Security Detail
The Security DetailEp. 5: Browser Security with Fletcher Oliver, Chrome Browser Customer EngineerBrowser security is crucial for protecting personal information and preventing malicious attacks, ensuring safe and private online experiences. In Episode 6 of The Security Detail, Chrome browser customer engineer Fletcher Oliver shares some of the top browser security risks and how to defend against them. We also discuss SURGe research that examines security risks associated with Chrome browser extensions.    Links: - Chrome Safety: https://www.google.com/chrome/safety/ - Chrome Safe Browsing: https://support.google.com/chrome/answer/9890866 - Chrome Enhanced Safe Browsing: https://support.google.com/accounts/answer/11577602...
2024-10-0217 minThe Security Detail
The Security DetailEp. 4: Application Security with Tanya Janca, head of community and education at SemgrepApplication security is crucial for protecting sensitive data and ensuring the integrity and trustworthiness of software systems against cyber threats. In this episode, Tanya Janca, head of community and education at Semgrep discusses the importance of “shifting left” in the software development lifecycle, along with the best and worst practices in DevSecOps. Tanya has been coding and working in IT for more than 25 years and is the best-selling author of the book ‘Alice and Bob Learn Application Security’. You can follow Tanya on social media under the handle @SheHacksPurple.   Resources:  Semgrep website: https://semgrep.de...
2024-09-0447 minThe Security Detail
The Security DetailEp. 3: International Law and Cyber Operations with François Delerue, Assistant Professor of Law at IE UniversityInternational law establishes norms and frameworks to ensure that States conduct their activities in a manner consistent with principles of sovereignty, responsibility, and human rights. In this episode, François Delerue, Assistant Professor of Law at IE University, discusses the application of international law to cyber operations, including the challenges with attribution and the threshold for cyberwarfare.  Resources:  - François Delerue's biography: https://francoisdelerue.eu/ - Cyber Operations and International Law: https://www.cambridge.org/core/books/cyber-operations-and-international-law/74D210E76E46531542AD27CECF07ABDE - Tallinn Manual 2.0: https://www.cambridge.org...
2024-08-0752 minThe Security Detail
The Security DetailEp. 2: LLM Research and CISO Liability with Liz Wharton, founder of Silver Key StrategiesIn episode two of The Security Detail, Audra interviews Liz Wharton, founder of Silver Key Strategies, about her research on using large language models (LLMs) to analyze SEC 8-K filings and other public reporting to gain cybersecurity insights. Liz is an attorney who has two decades of legal, public policy, and business experience, including in cybersecurity. The interview also covers the heightened liability security executives face when reporting material incidents to the US Securities and Exchange Commission (SEC).    Resources:  SURGe Minicon talks at .conf24: https://conf.splunk.com/sessions/catalog.html?search=minicon#/
2024-07-2426 minThe Security Detail
The Security DetailEp. 1: Veterans in Cybersecurity with Tom Marsland, board chair of VetSecVeterans bring invaluable skills in leadership, problem-solving, and discipline to the field of cybersecurity, making them highly sought-after candidates in the industry. In this episode, Tom Marsland, board chair of VetSec, explains how the non-profit helps veterans and transitioning military members find employment in the industry.  Resources:  VetSec: https://vetsec.org/ Veterans Affairs locations: https://www.va.gov/find-locations/ Til Valhalla Project: https://tilvalhallaproject.com/ Operation Code: https://operationcode.org/ Hiring our Heroes: https://www.hiringourheroes.org/ USO Careers: https://www.uso.org/careers/ ...
2024-07-1024 minThe Security Detail
The Security DetailEp. 9: Top Cybersecurity Skills According to Past Interview GuestsIn episode 9 of The Security Detail, hear from past interview guests about what they consider to be the most important cybersecurity skill for future practitioners.   
2024-04-2410 minThe Security Detail
The Security DetailEp. 8: Emerging Technology Predictions from Past Interview GuestsIn episode 8 of The Security Detail, hear from past interview guests about their predictions for emerging technology, like artificial intelligence and quantum computing.  Resources:  Cipher Brief article: https://www.thecipherbrief.com/how-ai-is-helping-the-u-s-unravel-chinas-dangerous-hacking-operation  
2024-04-1014 minThe Security Detail
The Security DetailEp. 7: MITRE ATT&CK framework featuring Adam Pennington, MITRE ATT&CK LeadThe MITRE ATT&CK framework provides a standardized taxonomy and knowledge base of adversary tactics, techniques, and procedures (TTPs), enabling organizations to enhance threat detection, response, and mitigation strategies effectively. In this episode, Adam Pennington tells us about the origins of the ATT&CK project, how organizations can effectively leverage it, and the journey that led Adam to his current role as the project's leader.     Resources:  Mitre ATT&CK website: https://attack.mitre.org/ .conf24 agenda: https://conf.splunk.com/  ATT&CKCon Presentations: https://attack.mitre.org/resources/learn-more-about-attack/ ATT&CK Evaluations Program: https://mitre...
2024-03-2736 minThe Security Detail
The Security DetailEp. 6: Electric featuring Robert M. Lee, CEO and Co-Founder of DragosCybersecurity is crucial for the electric sector to safeguard critical infrastructure from cyber threats and potential disruptions, ensuring the reliable and secure delivery of electricity to homes, businesses, and essential services. In episode 6, Robert M. Lee, CEO and Co-Founder of Dragos provides an overview of the top cyber threats facing electric utilities and the role that Dragos plays in strengthening ICS and OT resilience.   Resources:  Dragos Community Defense Program: https://www.dragos.com/community/community-defense-program/ Dragos 2023 OT Cybersecurity Year in Review report: https://www.dragos.com/ot-cybersecurity-year-in-review/ SANS Instructor Biography: https://www.sans.org/pr...
2024-03-1354 minThe Security Detail
The Security DetailEp. 5: Food and Agriculture featuring Jonathan Braley, director of the Food and Ag-ISACThe food and agriculture industry is a critical sector that represents nearly a fifth of US economic activity. Businesses in this sector also rely on other important industries such as water, transportation, and energy. In this episode, Jonathan Braley, director of the Food and Ag-ISAC shares the top cyber threats facing the industry, as well as the various services offered through the ISAC.    Resources:  Food and Agriculture ISAC website: https://www.foodandag-isac.org/ Cybersecurity Guide for Food and Ag Small and Medium Enterprises: https://www.foodandag-isac.org/resources CISA publication on Chinese-manufactured UAS: https://www...
2024-02-2821 minThe Security Detail
The Security DetailEp. 4: Elections with Marci Andino, senior director, Election Infrastructure Information Sharing and Analysis Center (EI-ISAC)In this episode of The Security Detail, we explore the complex domain of election cybersecurity with Marci Andino, senior director of the Election Infrastructure Information Sharing and Analysis Center (EI-ISAC). From international interference threats to localized phishing attacks, discover the varied challenges election offices face and the strategies deployed to safeguard the integrity of electoral processes.   Resources: EI-ISAC Resources: https://www.cisecurity.org/ei-isac Marci Andino Bio: https://safeelections.org/marci-andino/ EI-ISAC's Essential Guide to Election Security: https://essentialguide.docs.cisecurity.org/en/latest/index.html How Investigators Solved the Biden Deepfake Robocall Mystery (B...
2024-02-1423 minThe Security Detail
The Security DetailEp. 3: Media with Runa Sandvik, security researcher and founder of GranittCybersecurity is crucial for journalists and newsrooms to safeguard sensitive information, protect sources, and ensure the integrity of their reporting in an increasingly digital and interconnected media landscape. Episode 3 of The Security Detail features an interview with Runa Sandvik, a security researcher and founder of Granitt, a consulting firm that focuses on digital security for journalists and other at-risk people.   Resources:  Granitt Website Runa's Website Follow Runa on X Runa's blog posts Tor Project Google Summer of Code Security Expert: Apple's Lockdown Mode Still Defeats Commercial Spyware Columbia Journalism Review profile on Runa Citizen La...
2024-01-3121 minThe Security Detail
The Security DetailEp. 2: Water with CISA's Amy Thomas, cyber risk analyst and Noah Powers, RVA program lead, penetration testing capabilitiesWater treatment facilities are part of the critical infrastructure that supports essential services. A cyberattack on these facilities could disrupt the supply of clean water, leading to severe consequences for public health, safety, and the economy. In this episode, two representatives from the US Cybersecurity and Infrastructure Security Agency, or CISA, share strategies to defend the water sector from cyberattacks. They also provide an update on CISA's investigation into an Iranian-linked campaign targeting Israeli-made Programmable Logic Controllers (PLCs) at a number of US water utilities. Resources:  CISA Risk and Vulnerability Assessments program CISA Security Advisors Top Ten Cybersecurity M...
2024-01-1721 minThe Security Detail
The Security DetailEp. 1: Tour of Cyber Coalition 2023, NATO’s flagship cyber defence exerciseSeason 2 of The Security Detail kicks off with an inside look at Cyber Coalition 2023, NATO's flagship cyber defence exercise. Audra Streetman traveled to Tallinn, Estonia to tour the exercise and interview creators and participants about the knowledge and collaboration needed to defend the Alliance from cyber threats.    Links:  Cyber Coalition 2023 NATO Blog
2024-01-0310 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Kirsty PaineJoin Ryan Kovar and special guest Kirsty Paine, Field CTO and Strategic Advisor at Splunk, for a conversation about her career in cybersecurity, including with her work on technical standards and emerging technologies, including artificial intelligence, IoT, and quantum computing.  Links:  - Cryptographically Relevant Quantum Computers (CRQCs) & The Quantum Threat  - Quantum-Safe Cryptography & Standards: QSC, PQC, QKD & More! - The Quantum Threat: Options for Migrating to Quantum Safe Cryptography  - Kirsty’s Blog Posts - Cyber Security for Consumer Internet of Things (ETSI EN 303 645) - Indicators of Compromise (IoCs) and Their Role i...
2023-12-1931 minThe Security Detail
The Security DetailEp. 14: Cybersecurity Career Advice from Past Interview GuestsWrapping up Season 1 of The Security Detail, episode 14 features interviews with a number of past guests about the best advice they've received in their career along with the failures they've learned the most from.  Stay tuned for Season 2 of The Security Detail, which kicks off on January 3, 2024 with an episode about Cyber Coalition 2023, NATO's flagship cyber defense exercise. Audra Streetman traveled to Tallinn, Estonia to tour the exercise and interview creators and participants about the knowledge and collaboration needed to defend the Alliance from cyber threats. 
2023-12-1322 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 12-DEC-2023 Kyivstar Cyberattack, Water Utilities Hacked, Log4j ExploitedGrab a cup of coffee and join Mick Baccio, Katie Brown and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Ukraine’s top mobile internet company is down, blames Russian cyberattack - IRGC-Affiliated Cyber Actors Exploit PLCs in Multiple Sectors, Including U.S. Water and Wastewater Systems Facilities - North Korean hackers using Log4J vulnerability in global campaign Audra and Katie also competed in a charity challenge to share what they consider to be the largest cyber incident of...
2023-12-1228 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Eric McGinnisJoin Audra Streetman and special guest Eric McGinnis, Senior Threat Researcher at Splunk, for a conversation about Detection as Code and how it helps to streamline the threat detection process, especially at scale.    Links:  https://github.com/splunk/attack_range https://atomicredteam.io/ https://github.com/splunk/attack_data https://github.com/splunk/security_content https://github.com/splunk/contentctl
2023-12-0521 minThe Security Detail
The Security DetailEp. 13: Energy featuring Joe Slowik, threat intelligence manager at HuntressCybersecurity in the energy sector is crucial for safeguarding critical infrastructure, preventing potential disruptions to power grids, and mitigating the risk of cyberattacks that could have severe economic, environmental, and societal consequences. In this episode, Joe Slowik, threat intelligence manager at Huntress, discusses the top cyber threats to the energy sector.    Resources:  Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology (Mandiant) Attaining Focus: Evaluating Vulnerabilities In The Current Threat Environment Exorcising the Ghost in the Machine: Debunking Myths Around Supply Chain Intrusions Assessing The...
2023-11-2921 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: NCSC Annual Review, ENISA Threat Landscape, Netherlands Cyber AssessmentGrab a cup of coffee and join Ryan Kovar, Kirsty Paine, and Floris Ladan for a special EMEA edition of Coffee Talk with SURGe. The team from Splunk will compare highlights and similarities across recent cyber threat reports, including:  - UK NCSC Annual Review 2023 - ENISA Threat Landscape 2023 - Cyber security assessment of the Netherlands 2023  Ryan and Floris also competed in a 60 second charity challenge to explain the importance of red teaming.
2023-11-2938 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Cat SelfJoin David Bianco and special guest Cat Self, Principal Adversary Emulation Engineer at MITRE and macOS/Linux Lead for ATT&CK, for a conversation about Cat’s career journey from military intelligence to cybersecurity along with her current work at MITRE.  Links:  - Mitre Engenuity CTID Project - Blog: "A Deep Dive into the OceanLotus Adversary Emulation for macOS & Linux" - Defensive guidance in an enterprise environment: OBTS v6 presentation, “Dropping Lotus Bombs: ATT&CK in macOS Purple Team Operations” by Cat Self & Megan Carney - CTID Adversary Emulation Library
2023-11-2145 minThe Security Detail
The Security DetailEp. 12: Defence with Luke O’Brien, principal engineer for cyber defence at NATOCybersecurity is crucial for the defence industry as it safeguards sensitive information, intellectual property, and critical infrastructure from cyber threats, ensuring the integrity and resilience of military technologies. In this episode, Luke O’Brien, NATO's principal engineer for cyber defence explains NATO’s unique approach to cybersecurity.   Resources:  NATO Cyber Defence NATO Malware Information Sharing Platform (MISP) NATO Crisis Management Exercise 2023 (CMX23) 2023 NATO Summit in Vilnius NATO Rapid Reaction Team Albania weighed invoking NATO’s Article 5 over Iranian cyberattack (Politico)
2023-11-1517 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-NOV-14 ICBC Ransomware, Sandworm Cuts Power in Ukraine, Volt TyphoonGrab a cup of coffee and join Mick Baccio, Ryan Kovar, and Audra Streetman for another edition of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - LockBit says ICBC paid ransom over hack that disrupted US Treasury market  https://www.reuters.com/technology/cybersecurity/icbc-paid-ransom-after-hack-that-disrupted-markets-cybercriminals-say-2023-11-13/ - Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology - The NSA Seems Pretty Stressed About the Threat of Chinese Hackers in US Critical Infrastructure https://ww...
2023-11-1440 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring John HultquistJoin Mick Baccio and special guest John Hultquist, Chief Analyst at Mandiant Intelligence, for a conversation about John’s career in cybersecurity, his advice for aspiring CTI analysts, and what to expect at CYBERWARCON 2023 on Nov. 9. The link to register is: https://lnkd.in/gsDkmy2u.
2023-11-0849 minThe Security Detail
The Security DetailEp. 11: Geopolitics with Dmitri Alperovitch, executive chairman at Silverado Policy AcceleratorCybersecurity has become a critical element in geopolitics, shaping international relations as nations grapple with the challenges of protecting their digital infrastructures and safeguarding national security in an interconnected world. In this episode, Dmitri Alperovitch, Executive Chairman at Silverado Policy Accelerator, discusses the intersection between cybersecurity and geopolitics and the evolving role of cyber in modern conflict.   Resources: World on the Brink: How America Can Beat China in the Race for the Twenty-First Century Geopolitics Decanted podcast by Silverado Follow Dmitri on X Infamous Chisel report
2023-11-0135 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-10-31 SEC SolarWinds Complaint, Biden’s Executive Order on AIGrab a cup of coffee and join Mick Baccio, Ryan Kovar, and Audra Streetman for a spooky Halloween edition of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - SEC Charges SolarWinds and Chief Information Security Officer with Fraud, Internal Control Failures - President Biden Issues Executive Order on Safe, Secure, and Trustworthy Artificial Intelligence Mick and Ryan also competed in a charity challenge benefitting World Central Kitchen to share the lessons learned from Cybersecurity Awareness Month.
2023-10-3142 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Michael RodriguezJoin Mick Baccio and special guest Michael Rodriguez, Principal Strategic Consultant for Google Public Sector, for a conversation about Michael’s career path into cybersecurity, the origin of his nickname “Duckie,” and his work as a cybersecurity subject matter expert for Google Space.
2023-10-2443 minThe Security Detail
The Security DetailEp. 10: Aviation featuring Richard Waine, head of SecOps at easyJetCybersecurity in aviation is paramount as it safeguards critical systems, ensuring the safety of passengers and the integrity of flight operations. In this episode, Richard Waine, head of SecOps at easyJet, discusses the aviation cyber threat landscape and how easyJet is tackling a range of technical and policy issues.  Resources:  easyJet.com Aviation ISAC
2023-10-1817 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-OCT-17 Cisco IOS XE, Signal Zero-Day Rumor, Conflict DisinformationGrab a cup of coffee and join Mick Baccio, Ryan Kovar, and Katie Brown for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Cisco Discloses ‘Critical’ Zero-Day Vulnerability In IOS XE - Signal Pours Cold Water on Zero-Day Exploit Rumors - European Commission demands X account for disinformation in wake of Hamas attacks
2023-10-1744 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Patrick GrayJoin Shannon Davis and special guest Patrick Gray, host of the Risky Biz podcast, for a discussion about Patrick's cybersecurity reporting career and the work behind the scenes to produce each episode. You can listen to Risky Biz at risky.biz or wherever you get your podcasts. 
2023-10-1020 minThe Security Detail
The Security DetailEp. 9: Education featuring Brett Callow, threat analyst at EmsisoftThe cyber threat landscape for education has evolved rapidly, with ransomware attacks and data breaches targeting schools and universities, highlighting the critical need for robust cybersecurity measures in the sector. In this episode, Brett Callow, threat analyst at Emsisoft, shares his observations about the cybercrime ecosystem and how schools and universities can best defend against these attacks.    Resources:  Unpacking the MOVEit Breach: Statistics and Analysis (Emsisoft) The State of Ransomware in the US: Report and Statistics 2022 (Emsisoft) Protecting Our Future: Partnering to Safeguard K-12 Organizations from Cybersecurity (CISA)
2023-10-0427 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-OCT-03 WS_FTP RCE, Exim Scope, ChatGPT, Cybersecurity Awareness MonthGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044) - Exim patches three of six zero-day bugs disclosed last week - Exploit released for Microsoft SharePoint Server auth bypass flaw - Developments in ChatGPT capabilities  - Tom Hanks warns fans about ‘AI version of me’ promoting dental plan Mick and Ry...
2023-10-0354 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Sherrod DeGrippoJoin Ryan Kovar and special guest Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, for a discussion about crimeware, threat actor naming conventions, and Sherrod's essay in a new book by SURGe titled, "Bluenomicon: The Network Defender's Compendium."
2023-09-2642 minThe Security Detail
The Security DetailEp. 8: Cloud Security featuring Sean Heide, technical research director at Cloud Security AllianceCloud security is essential to safeguarding sensitive data and ensuring the reliability of digital services in an increasingly interconnected and data-driven world. In this episode, Sean Heide shares some of the top threats to cloud computing that he's seeing as technical research director at the Cloud Security Alliance.    Resources: CSA's 2022 Top Threats to Cloud Computing report CIS Critical Security Controls Shared Responsibility Model in the Age of Cloud 
2023-09-2023 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-SEPT-19 Data Leaks, Casino Breaches, Ransom Demands, Big Yellow TaxiGrab a cup of coffee and join Audra Streetman and special guests Haylee Mills, Katie Brown and Drew Church for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  Microsoft's Xbox plans revealed in emails tied to FTC case 38TB of data accidentally exposed by Microsoft AI researchers Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says All thanks to ‘Big Yellow Taxi’: How State discovered Chinese hackers reading its emails
2023-09-2046 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Derrick LawsonJoin Ryan Kovar and special guest Derrick Lawson, Staff Sales Engineer at Splunk, for a discussion about M-21-31, a US memorandum establishing an event logging maturity model for federal government agencies. They’ll discuss strategies and tools that can help agencies with compliance.
2023-09-1619 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Jamie WilliamsJoin Ryan Kovar and special guest Jamie Williams, MITRE ATT&CK for Enterprise Lead and Principal Adversary Emulation Engineer, for a discussion about MITRE ATT&CK use cases and Jamie's essay in a new book by SURGe titled, "Bluenomicon: The Network Defender's Compendium."   Download Bluenomicon
2023-09-1239 minThe Security Detail
The Security DetailEp. 7: Financial Services featuring Paul Trueman, executive VP of segments in cyber and intelligence at MastercardCybersecurity in the financial sector is of paramount importance due to the highly sensitive and valuable nature of the data and transactions involved. In this episode, Paul Trueman, the executive vice president of segments in cyber and intelligence at Mastercard, shares insights from his extensive experience in the industry and provides advice on navigating challenges.  Resources:  FS-ISAC's Navigating Cyber 2023 report Digital Intelligence Index Digital Trust at the World Economic Forum Oxford Cyber Security for Business Leaders Programme
2023-09-0621 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-SEPT-05 Mudge Joins CISA, Qakbot Takedown, Infamous Chisel MalwareGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Famed hacker and Twitter whistleblower Peiter 'Mudge' Zatko is joining the Biden administration https://www.washingtonpost.com/politics/2023/09/05/cisa-makes-big-name-hire-its-crusade-against-insecure-products/ - FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown https://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown - Infamous Chisel Malware Analysis Report https://www.cisa.gov/news-events/analysis-reports/ar23-243a Mick and Ryan competed in a...
2023-09-0545 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Rick HollandJoin Ryan Kovar and special guest Rick Holland, VP and CISO at ReliaQuest, for an interview about Rick’s career journey, his advice for cybersecurity leaders, and his contribution to the SURGe team’s new book titled, “Bluenomicon: The Network Defender’s Compendium.” Follow Rick on Twitter  Download the Bluenomicon PDF
2023-08-3134 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-AUG-22 Ivanti, Citrix, Space Industry, Tesla Insider Threat, QuantumGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Ivanti: Customers ‘impacted’ by new zero-day vulnerability - Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability - Joint Advisory on Safeguarding the US Space Industry - Tesla says data breach impacting 75,000 employees was an insider job - CISA Factsheet on Quantum Readiness - Kirsty's Blog: Cryptographically Relevant Quantum Computers (CRQCs) & The Quantum Threat in 20...
2023-08-2257 minThe Security Detail
The Security DetailEp. 6: Retail and Hospitality featuring Suzie Squier, president of RH-ISACThe cyber threat landscape for the retail and hospitality sector is marked by persistent and sophisticated attacks, targeting both customer data and financial information. With the widespread adoption of e-commerce and digital payment systems, threat actors exploit vulnerabilities in online platforms and point-of-sale systems to steal sensitive data and execute financial fraud. Additionally, the interconnected nature of supply chains in these industries presents further risks, demanding heightened cybersecurity measures to safeguard customer trust and protect against potential disruptions to business operations. In this episode, Suzie Squier, president of the Retail and Hospitality ISAC, shares the top concerns...
2023-08-2218 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Jake WilliamsJoin Audra Streetman and special guest Jake Williams (@MalwareJake) for a discussion about hiring in cybersecurity, interview advice, the challenges associated with vulnerability prioritization, Microsoft's Storm-0558 report, and Jake's take on the future of AI and LLMs in cybersecurity.
2023-08-1730 minThe Security Detail
The Security DetailEp. 5: Healthcare featuring Zach Nelson, assistant VP of Health-ISAC’s Threat Operations CenterThreat actors continue to exploit vulnerabilities in healthcare systems, leading to data breaches, ransomware incidents, and disruptions in critical medical services. The sector's increased reliance on interconnected devices and electronic health records has amplified the risks, necessitating robust cybersecurity measures and constant vigilance to safeguard patient information and maintain the integrity of healthcare operations. In this episode, Zach Nelson, Assistant Vice President of Health-ISAC's Threat Operations Center, shares his insight on the top cyber threats to the healthcare sector.   Resources:  H-ISAC website FDA Guidance regarding cybersecurity in medical devices ...
2023-08-0920 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-AUG-01 Ivanti EPMM, SEC Reporting Rules, Black Hat, DefconGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Threat Actors Exploit Ivanti EPMM Vulnerabilities  - Splunk Threat Research Team analytic story  - Strengthening Cybersecurity: Can The SEC’s Landmark New Rules Be Enforced? - Senator calls on DOJ to investigate alleged China hack of Microsoft cloud tools - U.S. Hunts Chinese Malware That Could Disrupt American Military Operations Mick and Ryan also shared their top a...
2023-08-0256 minThe Security Detail
The Security DetailEp. 4: The Public Sector featuring Dan Tripovich, assistant director-general standards, technical advice & research at the Australian Cyber Security CentreIn this episode of The Security Detail, Kirsty and Audra take a look at the cyber threat landscape for the public sector from an Australian perspective. The episode features an interview with Dan Tripovich, who is currently the Assistant Director-General Standards, Technical Advice and Research (STAR) within the Australian Signals Directorate’s Australian Cyber Security Centre Group. STAR Branch delivers ACSC’s flagship publications, including the Australian Government Information Security Manual, the Essential Eight and Protective Cyber Security guidance to the Australian public. Dan is also responsible for the delivery of the ACSC’s Research, International Standards and Technical Advice...
2023-07-2629 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: the Interview Series featuring Eva GalperinJoin Audra Streetman and special guest Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, for an interview about data privacy, stalkerware, artificial intelligence, and the recent rise in deepfake sextortion schemes. You can follow Eva on Twitter @evacide and learn more about her work at EFF.org.
2023-07-2522 minCoffee Talk with SURGe
Coffee Talk with SURGeSURGe author panel on Bluenomicon: The Network Defender’s CompendiumJoin Mick Baccio and Ryan Kovar as they interview several Splunk cybersecurity experts at .conf23 whose essays are featured in Bluenomicon: The Network Defender’s Compendium. The authors include Sydney Howard, Principal Threat Hunter at Splunk, Jason Lee, Splunk CISO, and Paul Kurtz, Splunk's Chief Cybersecurity Advisor. To order a free copy of Bluenomicon, visit: https://www.splunk.com/en_us/form/the-network-defenders-compendium.html. 
2023-07-2434 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: APT Tradecraft and Data Privacy with Jake Williams and Eva GalperinJoin Ryan, Mick, and Audra for a special edition of Coffee Talk with SURGe, live from .conf23 in Las Vegas. This episode, the trio from Splunk is joined by cybersecurity experts Jake Williams and Eva Galperin to discuss the trends in tradecraft they've observed among APT groups along with the topic of data privacy. 
2023-07-2442 minThe Security Detail
The Security DetailEp. 3: Manufacturing featuring Tim Chase, program director at the Global Resilience FederationThe manufacturing sector faces targeted attacks on critical infrastructure, including supply chain attacks and industrial espionage, which can lead to production disruptions and intellectual property theft. In this episode, Tim Chase, Program Director at the Global Resilience Federation (GRF), shares threat trends he’s observed from his leadership of the manufacturing ISAC.   Resources:  MFG-ISAC: https://www.mfgisac.org/ CPG Supply Chain Security Guides: https://www.mfgisac.org/cpg-supply-chain-security-guides Global Resilience Federation: https://www.grf.org/ CyManII: https://cymanii.org/ Recorded Future 2022 Report: https://www.recordedfuture.com...
2023-07-1219 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-JULY-11 Meta’s Threads, US/EU Data Sharing, MOVEit Update, iOS PatchGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Threads Becomes Most Rapidly Downloaded App, Raising Twitter’s Ire - U.S. and E.U. Finalize Long-Awaited Deal on Sharing Data - Three new MOVEit bugs spur CISA warning as more victims report breaches - Apple Ships Urgent iOS Patch for WebKit Zero-Day Mick and Ryan competed in a 60 second charity challenge benefitting the Malala Fund to sha...
2023-07-1147 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-JUNE-27 SolarWinds SEC, Iran Hack-and-Leak, MOVEit Fallout, Cyber ForceGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream here.    The team from Splunk will discuss the latest security news, including:  - SolarWinds says SEC investigation ‘progressing to charges’ - The potent cyber adversary threatening to further inflame Iranian politics - Siemens Energy, UCLA latest confirmed victims in MOVEit hack - Turn your phone off every night for five minutes, Australian PM tells residents -  Cyber Force for the...
2023-06-2851 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Alex PintoJoin Ryan Kovar and special guest Alex Pinto, Senior Manager of Threat Intelligence at Verizon for an interview about the key takeaways from the 2023 Verizon Data Breach Investigations Report (DBIR). You can watch the livestream of this episode here. Read the DBIR report Follow Alex on Twitter    
2023-06-2856 minThe Security Detail
The Security DetailEp. 2: Telecommunications featuring Ian Keller, cybersecurity advisor and former CISOThe telecommunications industry is responsible for our modern communications, including internet service providers, cable companies, and mobile operators. In this episode, cybersecurity advisor and ex-CISO Ian Keller explains why this sector is such an attractive target for state-sponsored adversaries along with his advice for CISOs. Ian Keller's website: https://iankeller.online/ The Troublemaker CISO blog: https://iankeller.online/blog/the-ciso-blog/
2023-06-2719 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-JUNE-13 Fortinet, Barracuda, MOVEit Transfer, CISA Directive, DPRKGrab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream of this episode here. The team from Splunk will discuss the latest security news, including: - Fortinet fixes critical RCE flaw in Fortigate SSL-VPN devices, patch now - Barracuda Urges Replacing — Not Patching — Its Email Security Gateways - MOVEit Transfer Vulnerability Advisory from CISA - STRT Analytic Story for MOVEit Transfer vulnerability - Americans should prepare for cyber sabotage from Chin...
2023-06-1450 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: the Interview Series featuring Scott RobertsJoin Mick Baccio and special guest Scott Roberts, head of threat research at Interpres Security for an interview about Scott's career journey, how he's seen cybersecurity evolve over time, and his essay featured in the SURGe team's new book, Bluenomicon: The Network Defender’s Compendium. You can watch the livestream of this episode here. 
2023-06-1447 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: Volt Typhoon, CosmicEnergy, Pentagon Cyber Strategy, AI RiskGrab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream here. The team from Splunk will discuss the latest security news, including: - Volt Typhoon targets US critical infrastructure with living-off-the-land techniques - COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises - Real-world experience' informs new Pentagon cyber strategy - Lender OneMain fined $4.25 million for cybersecurity lapses  - A.I. Poses ‘Risk of Extinction,’ Industry Leaders Warn  
2023-06-1455 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: the Interview Series featuring Sydney HowardJoin Audra Streetman and special guest Sydney Howard, Principal Threat Hunter at Splunk for an interview about her career journey, why she thinks purple teaming is so important, and her approach to threat hunting. Links: - Introducing the PEAK Threat Hunting Framework  - Hypothesis-Driven Hunting with the PEAK Framework  - Model-Assisted Threat Hunting (M-ATH) with the PEAK Framework  - SCYTHE Purple Team Exercise Framework 
2023-06-1418 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: Telegram Vulnerability, Dallas Ransomware Attack, Dragos, Snake MalwareGrab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream of this episode here.    The team from Splunk will discuss the latest security news, including: - Software engineer publicly discloses Telegram vulnerability - Dallas says it 'will likely take weeks to get back to full functionality' after ransomware attack  - Hackers attempt to extort Dragos and its executives in suspected ransomware attempt - Joint advisory on Hunting Russian Intelligence “Snake” Malware Mick...
2023-06-1437 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: the Interview Series featuring DomainToolsJoin David Bianco and special guest Aaron Gee-Clough, Senior Data Engineer at DomainTools for an interview about their collaboration for a research project evaluating the trustworthiness of certificate authorities (CAs) by analyzing five billion TLS certificates using Splunk. Watch the livestream of this episode here.  Listen to the talk at RSA Conference 2023 RSA slides DomainTools 2021 report  
2023-06-1438 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-MAY-02 SolarWinds, US Marshals Service, OT Threat Sharing, Bluesky, RSAGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream of this episode here.   The team from Splunk will discuss the latest security news, including:  - The DOJ Detected the SolarWinds Hack 6 Months Earlier Than First Disclosed - US Marshals Service still recovering from February ransomware attack affecting system used by fugitive hunters - Industrial security vendors partner to share intelligence about critical infrastructure threats Ryan and Mick competed in a...
2023-06-1442 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-APR-18 NSO Group, LockBit macOS Encryptors, AI in CTI, MSFT TaxonomyGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream of this episode here.   The team from Splunk will discuss the latest security news, including:  - Citizen Lab releases report on NSO Group's new zero-click exploit chains - LockBit ransomware encryptors found targeting Mac devices - Did someone really hack into the Oldsmar, Florida, water treatment plant? New details suggest maybe not.   Mick and Ryan competed in a 60 sec...
2023-06-1445 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: The Interview Series featuring Michael HaagJoin Coffee Talk with SURGe for our bi-weekly interview series. This week, Audra Streetman interviews Michael Haag, Senior Threat Researcher at Splunk. They'll discuss his YouTube show, Atomics on a Friday, along with the Living off the Land Drivers project, which aims to consolidate vulnerable and malicious drivers into a centralized location.   Links: Episode livestream Splunk Threat Research Team Splunk blog about certificate abuse Splunk blog about IIS Modules Splunk content on Windows drivers LOLDrivers Project Form to submit drivers Atomic R...
2023-06-1428 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 3CX Supply Chain Compromise, Medical Device SBOMs, Italy bans ChatGPTGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news, including:  -The Splunk Threat Research Team releases a blog with insights into the 3CX supply chain compromise -Medical device manufacturers in the US must soon provide SBOMs -Italy's data protection agency temporarily bans ChatGPT Audra and Mick competed in a 60 second charity challenge on whether or not they see...
2023-06-1448 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-MAR-21 Oakland Ransomware Attack, BreachForums, Acropalypse, GPT-4Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news, including: - Oakland could be dealing with a second ransomware attack in two months - Notorious hacking forum shuts down after administrator gets arrested - Google Pixel flaw allowed recovery of redacted, cropped images   Mick and Ryan shared their takes on responding to 0day vulnerabilities and the...
2023-06-1450 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-FEB-21 Twitter SMS 2FA, Ukraine Cyber Threat Landscape, Pyramid of PainGrab a cup of coffee and join David Bianco, Shannon Davis, and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including:  - Twitter plans to remove access to SMS 2FA for non-subscribing users https://blog.twitter.com/en_us/topics/product/2023/an-update-on-two-factor-authentication-using-sms-on-twitter - Google TAG, Mandiant, and Google Trust & Safety release a report analyzing how the war in Ukraine has impacted the cyber threat landscape https://blog.google/threat-analysis-group/fog-of-war-how-the-ukraine-conflict-transformed-the-cyber-threat-landscape/ David Bianco and Shannon Davis also competed in a c...
2023-06-1425 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-FEB-07 ESXi servers, Royal Mail ransomware, Gamaredon, Bard AIGrab a cup of coffee and join Ryan Kovar, Audra Streetman, and special guest David Bianco for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.   The team from Splunk will discuss the latest security news, including:  - VMware warns admins to patch ESXi servers, disable OpenSLP service - LockBit ransomware group threatens Royal Mail with data leak deadline - Russia-backed hacker group Gamaredon attacking Ukraine with info-stealing malware David and Ryan also competed in a 60 second charity challenge to share their ta...
2023-06-1456 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-JAN-24 Ticketmaster, Apple Hardware Security Keys, Ukraine, BiasGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.   The team from Splunk will discuss the latest security news, including:  - Ticketmaster says a cyberattack disrupted Taylor Swift ticket sales - Apple iOS 16.3 arrives with support for hardware security keys - Ukraine signs an agreement to join the NATO cyber defense center - Google will stop exempting campaign email from automated spam detection Mick and Ry...
2023-06-1439 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2023-JAN-10 LastPass, Slack, CircleCI, Chick-fil-A, CISA, ChatGPTGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. The team from Splunk will discuss the latest security news, including: - LastPass, Slack, and CircleCI notify customers of security incidents. - Chick-fil-A investigates reports of hacked customer accounts - CyberScoop reports: Insiders worry CISA is too distracted from critical cyber mission  Mick and Ryan competed in a 60 second charity challenge to share their opinion of ChatGPT and its impact o...
2023-06-1444 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-NOV-29 RansomBoggs, Log4Shell, Medibank Update, Twitter E2EE MessagingGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news, including: - ESET Research identifies a wave of ransomware attacks targeting organizations in Ukraine that they're calling #RansomBoggs - Cincinnati State College is added to Vice Society's leak site - Iranian Hackers use Log4Shell to mine crypto on a US Federal computer system - The extortion site used in...
2023-06-1440 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-NOV-08 Election Security, OpenSSL, Medibank, Azov Ransomware, MastodonGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news, including: - CISA reminds voters that there is no credible threat to voting equipment for the U.S. midterm elections. - Splunk released a blog last week about the OpenSSL vulnerabilities, which were downgraded from critical to high severity. - Medibank says it will not pay the ransom after data fo...
2023-06-1429 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-OCT-25 DOJ China Espionage, Drizly Complaint, Text4Shell, U.S. MidtermsGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news, including:  - The DOJ announces charges against two Chinese intelligence officers accused of trying to subvert a U.S. criminal investigation involving a China-based telecom.  - The FTC is taking action against Drizly, an online alcohol delivery service, for failing to take steps to protect consumer data. - Why Text4Shell is n...
2023-06-1443 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-OCT-11 EU Data, Vice Society Ransomware, KillnetGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.   The team from Splunk will discuss the latest security news, including:  - President Joe Biden signs an executive order outlining a new data transfer framework between the EU and US.  - Ransomware attacks disrupt programming for three Brazilian broadcasters and a bank in Brazil reportedly paid $950,000 in Bitcoin to a LockBit affiliate.  - Healthcare providers associated with CommonSpirit Health are stil...
2023-06-1439 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-SEPT-27 Ukraine, GRU Hactivist Coordination, Network Monitoring, OptusGrab a cup of coffee and join Audra Streetman and special guests David Bianco and Haylee Mills for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The trio will discuss the latest cybersecurity news, including: - Officials in Ukraine say they believe the Kremlin is planning "massive cyberattacks on critical infrastructure"  - Mandiant researchers at Google see Russia coordinating with hacktivists in cyberattacks tied to the Ukraine war  - VICE reports on an internet monitoring tool purchased by the U.S. military ...
2023-06-1436 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-SEPT-13 Mudge Testimony, Albania Cyberattacks, Vice SocietyGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk discussed the latest cybersecurity news, including: - Twitter’s former head of security, Peiter Zatko, testified in a Senate committee hearing about security concerns he claims the company ignored.  - Albania reports a second cyberattack that officials attribute to the Iranian government. - CISA issues an alert about the Vice Society ransomware group targeting the education secto...
2023-06-1441 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-AUG-30 Twitter Whistleblower, Roasting Oktapus, Montenegro CyberattackGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk will discuss the latest security news including: - Twitter whistleblower Peter Zatko will testify at a Senate hearing on Sept. 13. - Group-IB published a blog about a phishing campaign targeting Okta identity credentials that they're calling "Roasting Oktapus."  - Montenegro is dealing with cyberattacks targeting critical infrastructure.  - Lloyd's plans to exclude catastrophic nation-backed cybe...
2023-06-1439 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-AUG-16 Signal, FTC Data Privacy Rules, Conti Ransomware, E2EEGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    This week the team from Splunk discussed Signal's response to the Twilio breach, the FTC's effort to create new data privacy rules, and a $10 million reward for information about a suspected Conti ransomware operator. Mick and Ryan competed in a 60 second charity challenge benefiting The Hunger Project. They each took turns explaining the importance of encrypted comms following news of Facebook testing end-to-end encrypted messages on th...
2023-06-1431 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-AUG-10 Live from Black HatJoin Mick and Ryan as they travel to the desert to experience Hacker Summer Camp 2022. They'll discuss what exciting new cyber thought leadership they've picked up in a day or two, the heat, how much they miss Audra, and what's happened in the world since .conf22. You can watch the episode livestream here. 
2023-06-1422 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-JUNE-28 Iran Steel Industry, Killnet DDoS, LockBit 3.0, PowerShellGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk discussed the latest security news, including: Check Point Research's analysis of cyberattacks targeting Iran's steel industry  Killnet launches DDoS attacks against Lithuanian government websites in response to EU sanctions affecting Kaliningrad LockBit announces a bug bounty program and the release of LockBit 3.0 Conti shuts down its Tor servers as affiliates infiltrate other ransomware operations ...
2023-06-1433 minCoffee Talk with SURGe
Coffee Talk with SURGeLIVE from .conf22: Coffee Talk with SURGe: 2022-JUNE-16 Snoop Dogg Concert, Security Session RecapJoin Ryan Kovar, Mick Baccio, and Audra Streetman live at .conf22 for a recap of the Splunk Insider Minicon and Boss of the SOC VII. The trio also highlights some of the security sessions at .conf22. You don't want to miss it! You can watch the episode livestream here.
2023-06-1416 minCoffee Talk with SURGe
Coffee Talk with SURGeLive from .conf22: Coffee Talk with SURGe: 2022-JUNE-15 Highlights and Security SessionsJoin Mick Baccio, Tony Iacobelli, and Audra Streetman live at .conf22 for a recap of the Splunk Insider Minicon and Boss of the SOC VII. The trio also highlights some of the security sessions at .conf22. You don't want to miss it! You can watch the episode livestream here. 
2023-06-1419 minCoffee Talk with SURGe
Coffee Talk with SURGeLive from .conf22: Coffee Talk with SURGe: 2022-JUNE-14 Insider Minicon, Boss of the SOC VIIJoin Ryan Kovar, Mick Baccio, and Audra Streetman live at .conf22 for a recap of the Splunk Insider Minicon and Boss of the SOC VII. The trio also highlights some of the security sessions at .conf22. You don't want to miss it! You can watch the episode livestream here. 
2023-06-1420 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-JUNE-09 RSA, Karakurt, Apple Passwords, Confluence, Follina/MSDTJoin the SURGe Team with a guest from the land down under, a recap of important news in the security landscape, a discussion on RSA, and a special interview with Danielle Jablanski of Nozomi Networks! You can watch the episode livestream here.    This week Ryan Kovar, Audra Streetman, Mick Baccio, and Shannon Davis discussed CISA advisories about China state-sponsored threat actors and the data extortion group Karakurt plus an update on the Confluence and MSDT/Follina zero-days. Mick and Ryan competed in a 60 second charity challenge regarding Apple's plan to replace passwords with biometric authentication me...
2023-06-1426 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-MAY-31 Follina MSDT Zero-Day, Ransomware Roundup, Supply Chain RiskGrab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk broke down the Follina/MSDT zero day vulnerability (CVE-2022-30190), rounded up the latest ransomware activity, and discussed supply chain risk related to Python and PHP libraries. Mick and Ryan competed in a 60 second charity challenge to explain LOLBins before taking a deep dive into the 2022 Verizon Data Breach Investigations Report. Microsoft Blog on CVE-2022-30190 REvil prosecution re...
2023-06-1432 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-MAY-17 Conti Hits Costa Rica, Cardiologist Ransomware, CISA MSP AlertGrab a cup of coffee and join Audra Streetman, Mick Baccio, and special guest Haylee Mills for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    The team from Splunk discussed a ransomware attack that prompted Costa Rica to issue a state of emergency, a cardiologist in Venezuela accused of building ransomware tools, and an alert from CISA warning about cyber threats to MSPs. This week Audra and Haylee competed in a 60 second charity challenge on "certs vs. degrees" in cybersecurity before taking a deep dive into Splunk Risk-Based Alerting....
2023-06-1425 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe! 2022-MAY-03 CISA Top Vulnerabilities, Mandiant Zero-Days, State of SecurityGrab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    This week the team from Splunk discussed CISA's list of the top exploited vulnerabilities for 2021, Mandiant's analysis of 80 zero-days exploited in the wild last year, and signs the ransomware group REvil may be back in operation. Mick and Ryan competed in a 60 second charity countdown on how to solve the talent crisis in cybersecurity before taking a deep dive into the topic of zero-days and vulnerability mi...
2023-06-1430 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-APR-19 MS-RPC Vulnerability, Lazarus, PipedreamGrab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    This week the team from Splunk discussed the latest security news, including the MS-RPC vulnerability CVE 2022 26809, a CISA alert about the North Korean state-sponsored Lazarus Group, and Sunday's 60 Minutes episode on the threat of Russian cyberattacks targeting U.S. critical infrastructure. Mick and Ryan also competed in a 60 second charity challenge to explain why Americans should be concerned about the potential for a Russian cyberattack targeting U...
2023-06-1431 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-APR-05 State Department, Elections, Spring4Shell, Certs, Lapsus$, RSACGrab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here.    This week the team discussed the takedown of Hydra, the U.S. State Department's new Bureau of Cyberspace and Digital Policy, and a coordinated phishing campaign aimed at targeting U.S. election officials in the lead up to the 2022 midterm elections. Mick and Ryan both competed in a 60 second charity challenge to explain the current situation regarding the Spring4Shell vulnerability. They also discussed the recent ar...
2023-06-1431 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-MAR-22 Government Cyber Statements, Okta Breach, WiCySBring a cup of coffee and tune in to join the SURGe security team for a recap of cybersecurity news and events, our 60-second charity challenge, and another topic deep dive! You can watch the episode livestream here.  This week Audra Streetman, Mick Baccio, and Ryan Kovar discussed a recent warning from the Biden administration about Russian cyberattacks against the U.S. CISA and the FBI also released a joint advisory warning about possible threats to SATCOM networks in the U.S. and abroad. The trio also discussed claims that the Lapsus$ hacking group breached Okta along w...
2023-06-1431 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-MAR-08 War in Ukraine, Attack Reporting, Ransomware, Days of Our LivesJoin Splunk's SURGe team for the latest in cybersecurity news, a deep-dive lesson into something near and dear to our hearts, and of course a 60-second charity challenge. You can watch the episode livestream here.    In this episode, Audra Streetman, Mick Baccio, and Ryan Kovar discuss the war in Ukraine along with the latest cybersecurity guidance from Splunk. The trio also talked about the chat log leak tied to the Conti ransomware group and a Senate bill that would require critical infrastructure organizations to report cyberattacks to CISA within 72 hours. Mick and Ryan explained the be...
2023-06-1430 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-FEB-22 Russia/Ukraine Conflict, CISA, and CNEIt's time for another recap of cybersecurity news, a 60-second explanation of security concepts benefitting a charity, and plenty of banter between SURGe's Mick Baccio, Ryan Kovar, and Audra Streetman! You can watch the episode livestream here.  The team from Splunk discussed the latest security news, including: - What the Russia-Ukraine conflict means for network defenders with information from CISA and others - CISA's new online resource hub for free tools - Major chat channel outage causes issues around the world 60 second charity challenge: - Mick and R...
2023-06-1430 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-FEB-08 Cyber Safety Review Board, News Corp, VBA MacrosJoin Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe where they'll discuss the new DHS Cyber Safety Review Board, a cyberattack targeting News Corp along with Microsoft's decision to block internet VBA macros by default in Office 365 apps. Mick and Ryan competed in a 60 second charity challenge to define a macro and explain how it can be used to deploy malware. They also discussed whether geopolitics should influence how organizations approach security and how the Diamond Model framework can help organizations with intrusion analysis.
2023-06-1429 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-JAN-25 SANS CTI Summit, DHS Bulletin, Analysis of Competing HypothesesThis week the Splunk security team was joined by two guest speakers: Rick Holland, Co-Chair of SANS CTI Summit and Scott R., head of threat hunting and cyber threat intelligence at Splunk. Audra Streetman provided an overview of the new memorandum signed by President Joe Biden aiming to improve cybersecurity for U.S. defense and intelligence agencies. The group also discussed a DHS bulletin, first reported by CNN that warns of the potential of a Russian cyberattack against the U.S. due to rising tensions in Ukraine. CISA also issued an alert regarding the threat of Russian state-sponsored cyberattacks...
2023-06-1430 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2022-JAN-11 Log4Shell, FIN7 BadUSBs, Global Risks ReportJoin Ryan Kovar, Mick Baccio, and Audra Streetman for this week's Coffee Talk with SURGe where they'll discuss an update from CISA and the FTC regarding Log4Shell and a warning from the FBI about FIN7 packages with BadUSBs. The trio will also discuss the 2022 Global Risks Report from the World Economic Forum. Mick and Ryan compete in a charity countdown to explain if they think cyber issues should be part of a "global risk" report. Finally, Mick and Ryan discuss the need for more risk analysis within organizations.
2023-06-1428 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2021-DEC-14 Ed Skoudis Interview about SANS Holiday Hack ChallengeJoin Audra Streetman, Mick Baccio, and Ryan Kovar for another edition of Coffee Talk with SURGe featuring an interview with Dave Herrald and Ed Skoudis about what to expect in this year's SANS Holiday Hack Challenge.   You can watch the full interview with Ed and Dave here. 
2023-06-1428 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2021-NOV-12 CYBERWARCON Interview with John HultquistCoffee Talk with SURGe, live at CYBERWARCON! We had some onsite technical difficulties but Mick Baccio and Ryan Kovar were able to overcome and give 25ish minutes of great content, including: - Audra Streetman interviews John Hultquist, founder of CYBERWARCON and vice president of intelligence analysis at Mandiant - 60 second charity countdown for VetSec charity (in honor of Veteran’s day) on “attribution.” - A quick run down of talks from CYBERWARCON that morning with a focus on Christopher Krebs‘ keynote. - Call out for our upcoming Coffee Talk with SURGe episodes...
2023-06-1423 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2021-NOV-03 BlackMatter, NSO Group, 5G NetworksJoin Audra Streetman, Ryan Kovar, and Mick Baccio for another episode of Coffee Talk with SURGe where they'll discuss the latest security news including BlackMatter's farewell, NSO Group, 5G networks, and Splunk's work to integrate CVE details into security content.
2023-06-1425 minCoffee Talk with SURGe
Coffee Talk with SURGeCoffee Talk with SURGe: 2021-OCT-21 .conf21, Spicy Cybersecurity Hot TakesOn this episode of Coffee Talk with the SURGe, Mick Baccio, Ryan Kovar, and Audra Streetman discuss cyber news and Splunk .conf21. Mick and Ryan also attempt to discuss internet cybersecurity hot takes while eating increasingly hot sauce on tofu in a new segment called "Burning Questions."   You can watch the episode livestream here.
2023-06-1426 minThe Security Detail
The Security DetailEp. 1: The Public Sector featuring Paul Kurtz, chief cybersecurity advisor at SplunkAs Splunk’s Chief Cybersecurity Advisor, Paul Kurtz is well-versed in today’s cyber threat landscape. In this episode, Kurtz shares lessons learned from his cybersecurity career, which began in the early 1990s in the US government, where he served at the White House on the National Security Council and Homeland Security Council.  Resources:  Paul Kurtz bio: https://www.splunk.com/en_us/blog/author/pkurtz.html Code Red virus: https://www.nsf.gov/discoveries/disc_videos.jsp?org=NSF&cntn_id=100075&media_id=51501 Nimda worm: https://www.sans.org/white-papers/95/ ...
2023-06-1221 min