Shows
CyberScoop RadioOptiv + ClearShark's Michael Saintcross discusses 'zero standing privilege'As identity sprawl grows, Optiv + ClearShark’s Michael Saintcross says cybersecurity leaders must pivot from traditional ICAM strategies to solutions that offer granular control and "zero standing privilege" to defuse advanced threats.2025-07-1715 min
CyberScoop RadioTrinity Cyber's Mike Denning on the power of Full Content Inspection technologyAs AI-driven assaults add a new dimension to the escalating volume of cyberattacks, chief information security officers— and the traditional cybersecurity tools they rely on — are struggling to keep up. Trinity Cyber Chief Product Officer Mike Denning breaks down how Full Content Inspection shifts cyber defense from endless alerts to automated, in-line threat disruption. This podcast was produced by Scoop News Group, for CyberScoop, and sponsored by Trinity Cyber.2025-07-0810 min
CyberScoop RadioLenovo’s Nima Baiati and SentinelOne’s Melissa K. Smith on the necessity of endpoint securityAs AI-enabled workloads introduce complex and unseen security vulnerabilities, Lenovo’s Nima Baiati and SentinelOne’s Melissa K. Smith say securing the endpoint is paramount for IT professionals. This podcast was produced by Scoop News Group for CyberScoop and underwritten by Lenovo and SentinelOne.2025-06-3021 min
Pressing MattersMatt Kapko, Reporter, CyberScoopAre you ready for RSA 2025? Matt Kapko of CyberScoop is, and he definitely doesn't want to hear about AI, although he and I–and everyone listening to the podcast today–all know he will. In addition to AI, Matt joined us to talk about his early days singing in a punk rock band in Orange County, his time in a string of hyperlocal newspapers, and more of what he expects from RSA for our annual conference preview episode of Pressing Matters from Big Valley Marketing, the podcast that brings you conversations with the top media and influencers in B2B te...2025-04-2232 min
Inside The Media MindsInside the Media Mind of Greg Otto: CyberScoopIn the latest episode of #IMM, Christine and Madison speak with Greg Otto, Editor-in-Chief at CyberScoop.2025-04-0134 min
CyberWire DailyPAN-ic mode: The race to secure PAN-OS.Palo Alto Networks confirms a recently patched firewall vulnerability is being actively exploited. CISA warns of an actively exploited iOS vulnerability. Juniper Networks has issued a critical security advisory for an API authentication bypass vulnerability. The acting commissioner of the Social Security Administration (SSA) resigns after Elon Musk’s team sought access to sensitive personal data of millions of Americans. The EagerBee malware framework is actively targeting government agencies and ISPs across the Middle East. Proofpoint researchers document a new macOS infostealer. A new phishing kit uses timesheet notification emails to steal credentials and two-factor authentication codes. JPMorgan Chase wi...2025-02-1835 minCyberWire DailyFederal agencies in power struggle crossfire.Federal agencies become battlegrounds in an unprecedented power struggle. XE Group evolves from credit-card skimming to exploiting zero-day vulnerabilities. WhatsApp uncovers a zero-click spyware attack linked to an Israeli firm.Texas expands its ban on Chinese-backed AI and social media apps. Data breaches expose the personal and medical information of over a million people.NVIDIA patches multiple critical vulnerabilities. Arm discloses critical vulnerabilities affecting its Mali GPU Kernel Drivers and firmware. The UK government aims to set the global standard for securing AI. Tim Starks from CyberScoop has the latest from Senate confirmation hearings. The National Cryptologic Museum rights...2025-02-0332 min
CyberScoop RadioThe evolving landscape of detection in a zero-trust environment | ThreatLocker's Danny JenkinsEpisode 5 of 5: Behavior-based detection and dynamic threat intelligence are essential to enhancing security operations and reducing cyber threat response times, says ThreatLocker CEO Danny Jenkins. This episode is part of a 5-episode series produced by Scoop News Group for CyberScoop and sponsored by ThreatLocker.2025-01-2509 minCyberScoop RadioManaging the risks of local administrator privileges | ThreatLocker's Danny JenkinsThreatLocker CEO Danny Jenkins emphasizes the importance of limiting local administrator privileges. He also advocates for Enterprise Privilege Management (EPM) solutions and effective user communication to balance security with productivity.2025-01-1006 minCyberWire DailyRansomware as a public health crisis.At the U.N. Anne Neuberger frames ransomware as a growing public health crisis. Amazon confirms a MOVEit-related data breach. SAP provides patches and mitigations for a variety of flaws. Researchers identify North Korean hackers embedding malware in macOS applications. Form I-9 Compliance reports a data breach impacting over 193,000 individuals. Hot Topic confirms a breach affecting over 54 million customers. Halliburton reports a $35 million ransomware event. Ymir ransomware follows in the footsteps of RustyStealer. Threat actors prepare for a second Trump presidency. A Venezuelan man gets 25 years for romance scam kidnappings. Our guest is Tim Starks from CyberScoop sharing what h...2024-11-1235 min
The CyBUr Smart Morning News UpdateOctober 21, 2024Welcome to the October 21, 2024 edition of the CyBUr Smart Morning News Update.
Your morning cyber news hit with some education and opinion thrown in for good measure.
Listens and shares are appreciated.
Feel free to email comments, suggestions, criticisms, or tips to darren@thecyburguy.com
The articles referenced in this podcast:
https://cybernews.com/news/meta-instagram-prevent-teen-sextortion-content-creator-partnership/
https://www.darkreading.com/cloud-security/cisos-throwing-cash-tools-detect-breaches
https://cyberscoop.com/iranian-hackers-are-going-after-critical-infrastructure-sector-passwords-agencies-caution/
https://cyberscoop.com/national-public-data-usdod-data-breach-arrested/
https://cyberscoop.com/sec-twitter-hack-arrest-sim-swapping/
https://www.bleepingcomputer.com/news/sec...2024-10-2014 minCyberWire DailyAuthorities bring down another hacker.Brazilian authorities arrest the alleged “USDoD” hacker. The DoJ indicts the alleged operators of Anonymous Sudan. CISA and its partners warn of Iranian brute force password attempts. A new report questions online platforms’ ability to detect election disinformation. Recent security patches address critical vulnerabilities in widely-used platforms. North Korean threat actors escalate their fake IT worker schemes. CISA seeks comment on Product Security Bad Practices. Dealing effectively with post-breach stress. Tim Starks, Senior Reporter at CyberScoop, joins us to discuss “What’s new from this year’s Counter Ransomware Initiative summit.” Redbox DVD rental machines get a reboot. Remember to l...2024-10-1734 min
Safe Mode PodcastMandiant’s Michael Barnhart on the North Korean IT worker crisisSince 2022, Mandiant has tracked North Korean IT workers who, posing as non-North Koreans, secure employment in various industries to fund DPRK's weapons programs, often engaging in cyber intrusions with the help of foreign facilitators. In this episode, CyberScoop Editor-in-Chief Greg Otto talks with Mandiant’s Michael Barnhart on what is going on in terms of North Korea’s goals, and how organizations can take precautions to prevent remote worker fraud. Greg also talks to CyberScoop reporter AJ Vicens on the latest LockBit takedown, which was conducted by a host of different countries.
LINK: https://cyberscoop.com/russian-cybercrime-raids-cryptex-uaps/2024-10-0338 minCyberWire DailyMic, camera, and more at risk.Cisco Talos discovers vulnerabilities in Microsoft applications for macOS. OpenAI disrupts an Iranian influence campaign. Jewish Home Lifecare discloses a data breach affecting over 100,000. Google tests an auto-redaction feature in Chrome for Android. Unicoin informs the SEC that it was locked out of G-Suite for four days. House lawmakers raise concerns over China-made WiFi routers. Moody’s likens the switch to post-quantum cryptography to the Y2K bug. Diversity focused tech nonprofits grapple with flagging support. Tim Starks of CyberScoop is back to discuss his investigation of a Russian hacking group targeting human rights groups. Smart phones get some st...2024-08-1930 minCyberWire DailyA high-stakes swap.Notorious Russian cybercriminals head home after an historic prisoner exchange. An Israeli hacktivist group claims responsibility for a cyberattack that disrupted internet access in Iran. The U.S. Copyright Office calls for federal legislation to combat deep fakes. Cybercriminals are using a Cloudflare testing service for malware campaigns. The GAO instructs the EPA to address rising cyber threats to water and wastewater systems. Claroty reports a vulnerability in Rockwell Automation’s ControlLogix devices. Apple has open-sourced its homomorphic encryption (HE) library. CISA warns of a high severity vulnerability in Avtech Security cameras, and the agency appoints its first Chief AI...2024-08-0241 min
Cyber FocusSpyware and Cyber Regulation with Cyberscoop's Tim StarksTim Starks is a senior reporter at CyberScoop with over two decades of experience in cyber reporting. In this episode he dives into the landscape of spyware, highlighting its impact on national security and individual privacy. The discussion with Frank Cilluffo also touches on the actions taken by the U.S. and Poland to address spyware threats, the significance of BGP (Border Gateway Protocol) in internet security, and the regulatory approaches to cybersecurity. Tim provides insights into the complexities of cyber threats, the role of policy, and the importance of a comprehensive understanding of cybersecurity issues. Main...2024-07-2434 min
Cyber Coffee HourEpisode #025: [MoCF] Emerging Cyber Threats within the Food and Agriculture SectorJoin the Master of Cyber Farms [MoCF], Alfredzo Nash as he reviews CyberScoop article pertaining to the Farm and Food Cybersecurity Act.
Moreover, MoCF discusses emerging cyber threats to the Food and Agriculture sector and overlap within the Water Sector.
Considering this coffee chat is near to MoCF heart, he has included his research notes below:
Vasquez, C. (2024, May 30). House Republicans sounds the alarm on threats to the food and agriculture sector. https://cyberscoop.com/food-agriculture-cyber-finstad/
Bracken, M. (2024, January 25). Bill seeks cyber protections for food...2024-06-0310 min
Inside The Media MindsInside the Media Mind of Matt Bracken: Fedscoop and CyberscoopIn the latest episode of #IMM, Christine speaks with Matt Bracken, Managing Editor of FedScoop and CyberScoop.2024-03-1227 min
The Clown Town Chronicle5: Fat Bear WeekWokies under fire, halal harassment, Trump hate, live button production, Illuminati Legos. Opening Music https://youtu.be/L9xat50ntEE?feature=shared Trump Wishes You a Happy Thanksgiving https://www.youtube.com/watch?v=OIO6IoJy10M Gay Furries Hack Nuclear Research Lab https://cyberscoop.com/idaho-national-laboratory-siegedsec/ https://cyberscoop.com/tag/siegedsec/ Bear Steals Candy from a Gas Station https://www.youtube.com/watch?v=xApoL_UdFvM Fat Bear Week https://www.nbcnews.com/now/video/alaska-bear-grazer-wins-fat-bear-week-195021893924 Nerd Watches Aquaman Trailer https://www.youtube.com/watch?v...2023-11-292h 08
Firewalls Don't Stop Dragons PodcastCybersecurity Awareness MonthOctober is national Cybersecurity Awareness Month here in the US. One of the four key themes this year is Recognizing and Reporting Phishing. We just discussed this at length with Nick Oles, but I wanted to give my perspective and tell you how to report phishing emails to the proper authorities.
In other news: cheap Android TV boxes come laced with malware and fraud software; 23andMe investigating massive data breach; US agencies caught using location data illegally; Meta proposes subscription plans in Europe for Facebook and Instagram; FBI warns of 'phantom hacker' scams targeting elderly; new Microsoft AI tool can...2023-10-091h 06
Safe Mode PodcastThe venture capital landscape for cybersecurity startups and how Elon Musk broke Twitter's privacy protectionsA slowing U.S. economy has taken a brutal toll on cybersecurity companies. A deteriorating economic environment has resulted in cutbacks in security spending, rising interest rates have placed pressure on venture-backed start-ups and many cybersecurity firms have conducted lay-offs. On this episode of Safe Mode, Roger Thornton, a cybersecurity-focused venture capitalist and a partner at Ballistic Ventures sits down with Senior Editor Elias Groll to discuss the investment climate for cybersecurity start-ups, the state of the broader industry and how the AI revolution is affecting both big and small players in the security field. CyberScoop reporter Tonya Riley...2023-09-2130 min
Safe Mode PodcastTen years of I Am the Cavalry, a Microsoft mystery revealed and Trickbot sanctionsJosh Corman and Beau Woods, the founders of I Am the Cavalry, join CyberScoop Senior Editor to discuss the ten-year anniversary of their grassroots hacking group and their efforts to address the crisis in computer security. CyberScoop reporter AJ Vicens joins the podcast to talk about sanctions against the Trickbot hacking gang. And a mystery will be revealed: how a sensitive Microsoft encryption key was likely stolen by hackers based in China2023-09-1442 minSafe Mode PodcastHow to delete yourself from the internet, data brokers and mental health in cybersecurityGiving up personal data is one of the tradeoffs of using the internet. And once you give it up, it’s suddenly everywhere thanks to a massive data economy that trades in information about everyone and everything. But there are some steps you can take to limit your exposure. Yael Grauer, an investigative technology journalist and a program manager for Security Planner at Consumer Reports, joins the show to talk about all the ways people are tracked online by data brokers – and what the average internet user can do to increase their privacy online and strip their personal information off...2023-09-0731 minSafe Mode PodcastBig ideas for solving the cyber skills gap, hacking AI and furries at DEF CONIt’s been called the cybersecurity poverty line. Many organizations just don’t have the money to afford a skilled cybersecurity team to protect themselves from hackers. But there’s a movement afoot to change that dynamic through cybersecurity clinics that can support organizations in need. The Center for Long-Term Cybersecurity at the University of California, Berkeley, is at the forefront of developing cyber clinics and its executive director, Ann Cleveland, talks about the center’s approach with Safe Mode host Mike Farrell. CyberScoop senior editor Elias Groll also joins the show to discuss his recent trip to DEF CON wher...2023-08-3141 min
The technology blog and podcast and TSBThe Security box, podcast 158: The 1.3B Facebook fineWelcome to podcast 158 of the Security Box. On today's podcast, we've got at least one moron, we've got an interesting topic that deals with Facebook getting fined, again, and of course we'll cover the landscape and what has been read and blogged as of late.
The You Stupid Fuck award section
Who the hell is Global phishing 16 service? Well, someone or multiple someones have been picked up. Karma Catches Up to Global Phishing Service 16Shop comes to us from Krebs on Security and...2023-08-242h 43
Safe Mode PodcastLive from Black Hat: Juan Andres Guerrero-Saade on Microsoft’s recent cybersecurity problemsA string of breaches involving Microsoft infrastructure has left many within the security community frustrated with the company’s approach to securing its systems. CyberScoop Senior Editor Elias Groll sat down at the Black Hat security conference in Las Vegas with Juan Andres Guerrero-Saade, a principal threat researcher at SentinelOne, to discuss the key role Microsoft products play in the computing ecosystem and why breaches involving its infrastructure have such devastating consequences. Also on the episode, CyberScoop reporter talks about a newly active hacker group calling itself Kitten Sec.2023-08-2456 minSafe Mode PodcastLive from Black Hat: Juan Andres Guerrero-Saade on Microsoft’s recent cybersecurity problemsA string of breaches involving Microsoft infrastructure has left many within the security community frustrated with the company’s approach to securing its systems. CyberScoop Senior Editor Elias Groll sat down at the Black Hat security conference in Las Vegas with Juan Andres Guerrero-Saade, a principal threat researcher at SentinelOne, to discuss the key role Microsoft products play in the computing ecosystem and why breaches involving its infrastructure have such devastating consequences. Also on the episode, CyberScoop reporter talks about a newly active hacker group calling itself Kitten Sec.---------Show Timestamps:(00:00) AJ Vicens on th...2023-08-2456 minSafe Mode PodcastFormer National Cyber Director Chris Inglis from Black Hat in Las VegasChris Inglis led the Office of the National Cyber Director until February of this year and helped steer national policy on some of the most pressing national security issues. He talks with CyberScoop senior editor Elias Groll from Black Hat in Las Vegas. CyberScoop reporter Tonya Riley joins the show to discuss how the White House may attempt to curtail the “surveillance economy.”2023-08-1751 minSafe Mode PodcastFormer National Cyber Director Chris Inglis from Black Hat in Las VegasBefore he departed the White House earlier this year, National Cyber Director Chris Inglis helped craft the National Cybersecurity Strategy. He talks with CyberScoop senior editor Elias Groll about the importance of that plan, what was left out of the document and what it’ll take to implement some of its most transformative elements. From the floor of the recent Black Hat cybersecurity conference, he also gets into the 2024 election, Ukraine and the recent Microsoft hack. CyberScoop reporter Tonya Riley also talks with Safe Mode host Mike Farrell about why the White House is increasingly interested in the data br...2023-08-1751 minSafe Mode PodcastFBI surveillance and the fight in Washington over FISA Section 702Section 702 of the Foreign Intelligence Surveillance Act is a controversial spying tool that allows U.S. law enforcement and intelligence agencies to gather data on non-U.S. citizens. Yet, Americans’ information and communications is often swept up in the process. That provision is set to expire at the end of 2023 unless Congress reauthorizes it. And there’s a growing debate in Washington over whether to end the program, reform it or reinstate it without changes. Sean Vitka is deeply involved in the debate through his work as senior policy counsel at Demand Progress and joins Safe Mode to talk abou...2023-08-1042 min
The technology blog and podcast and TSBThe Security box, podcast 156: What have we learned from the Russia/Ukraine war and how to protect ourselves?Hello folks, welcome to the Security Box. This is program number 156. On this episode of the program, we're going to talk about a very interesting article that was published back in April on what we've learned about stopping Russia's hackers since the war has started. Also, this program will have news, notes, the landscape and much more.
Morons of thde podcast
The following two articles are related and one may have more than the other. Is possible sentencing guidelines enough that fit the crimes?
2023-08-102h 24Safe Mode PodcastHow Troy Hunt knows if you’ve been hacked and Washington tries to understand AIHave you been hacked? Probably. The website Have I Been Pwned is one of the first places to check to see if you’ve been part of a data breach. And chances are you have been. Troy Hunt joins Safe Mode to talk about why he started the public database of breaches and how he hopes it will help people become more secure online. Elias Groll, CyberScoop senior editor, and Mike Farrell, CyberScoop’s editor-in-chief, discuss recent moves in Washington to convince Big Tech to prioritize safety and security when developing artificial intelligence technology. And we get into Elon Musk...2023-07-2736 minSafe Mode PodcastBruce Schneier on thinking like hackers, AI and rebuilding US democracyThinking like a hacker means finding creative solutions to big problems, discovering flaws in order to make improvements and often subverting conventional thinking. Bruce Schneier, a cryptographer, security professional and author, talks about the benefits for society when people apply that kind of logic to issues other than computers. In an interview with CyberScoop Editor-in-Chief Mike Farrell, he talks about the need to hack Democracy to rebuild it, how to get ahead of the potential peril from AI and the future of technology – both the good and bad. Elias Groll joins the show to discuss the story of a Ch...2023-07-2044 minSafe Mode PodcastVictor Zhora on the frontlines of digital war between Ukraine and RussiaCyberattacks have played a significant role in the war in Ukraine. Officials in Washington and Kyiv have blamed Russian hackers for targeting satellite systems and using digital assaults to execute disinformation and psychological warfare campaigns. Victor Zhora, the deputy chairman of the State Service of Special Communications and Information Protection of Ukraine, is actively involved in defending against those attacks and talks to Safe Mode about the evolution of cyberwar in Ukraine. CyberScoop reporter AJ Vicens also joins the show to talk about his reporting on the cybercrime underworld and hacker forums such as BreachForums. ---------2023-07-1341 minSafe Mode PodcastWhite House cyber adviser Anne Neuberger on AI, disinformation and Russian hackersThere’s growing concern about the existential dangers of AI. At the same time, there’s boundless optimism about its potential for good.
Anne Neuberger, White House deputy national security adviser for cyber and emerging technology, sits down with Elias Groll, CyberScoop senior editor, to talk about how the administration thinks about the best approaches to limit AI harms without getting in the way of innovation.
CyberScoop reporter Tonya Riley joins Safe Mode host Mike Farrell to discuss a recent lawsuit involving OpenAI, the company behind ChatGPT, as well as White House cyber priorities and an approach to regulating AI that...2023-07-0632 minSafe Mode PodcastWhite House cyber adviser Anne Neuberger on AI, disinformation and Russian hackersThere’s growing concern about the existential dangers of AI. At the same time, there’s boundless optimism about its potential for good. Anne Neuberger, White House deputy national security adviser for cyber and emerging technology, sits down with Elias Groll, CyberScoop senior editor, to talk about how the administration thinks about the best approaches to limit AI harms without getting in the way of innovation. CyberScoop reporter Tonya Riley joins Safe Mode host Mike Farrell to discuss a recent lawsuit involving OpenAI, the company behind ChatGPT, as well as White House cyber priorities and an approach to regulating AI t...2023-07-0632 minSafe Mode PodcastHow the FBI fights ransomwareEpisode Description: When the FBI seized the website earlier this year operated by the Hive ransomware group, it was the result of the bureau's efforts to infiltrate the infrastructure that cybercrime groups rely on to carry out their attacks. The bureau has set out to get inside these group’s networks, destroy them from the inside, help victims and prevent ransomware. Cynthia Kaiser, deputy assistant director within the FBI’s Cyber Division, joins Safe Mode to talk about the Hive takedown and what else the bureau is doing to fight cybercrime. CyberScoop reporter Tonya Riley joins Safe Mode host Mike...2023-06-2931 minSafe Mode PodcastWhy pig butchering is the worst kind of online scamPig butchering has become an all-too-common online con that costs victims millions of dollars annually. And there’s little remedy for a growing number of victims. But Erin West, a California prosecutor, has made it her mission to fight back against these scams and the people executing them. She talks with CyberScoop Editor-in-Chief Mike Farrell about the origin of pig butchering, how scammers dupe their victims and what tech companies can do to help prevent the schemes from proliferating. Elias Groll, CyberScoop Senior Editor, also joins the episode to talk about the week’s headlines, discussing the MOVEit breach, the Cl0p...2023-06-2233 minSafe Mode PodcastWhy pig butchering is the worst kind of online scamPig butchering has become an all-too-common online con that costs victims millions of dollars annually. And there’s little remedy for a growing number of victims. But Erin West, a California prosecutor, has made it her mission to fight back against these scams and the people executing them. She talks with CyberScoop Editor-in-Chief Mike Farrell about the origin of pig butchering, how scammers dupe their victims and what tech companies can do to help prevent the schemes from proliferating. Elias Groll, CyberScoop Senior Editor, also joins the episode to talk about the week’s headlines, discussing the MOVEit breach, the...2023-06-2233 minFirewalls Don't Stop Dragons PodcastGo Forth, Do Good DeedsI launched my mission to improve people’s privacy and security almost ten years ago now. It’s been quite a journey and I’ve learned a lot in that time. One thing I’ve realized is that there’s only so much I can do on my own. And so I’ve encouraged the more technically savvy members of my audience to help others where they can. One downside to being a podcaster is that I don’t have much insight into the effectiveness of my exhortations. I have no idea how many people are going forth to do good deeds nor...2023-06-1950 min
The technology blog and podcast and TSBThe Security Box, podcast 143: Let's discuss the relationship between Ransomware and PhishingWelcome to the security box, podcast 143. Today, we're going to have a very interesting discussion about the Relationship between Ransomware and Phishing. We know of at least one moron of the podcast, and there is possibly going to be one more. Of course, we'll have news, notes and any questions from the Clubhouse audience.
Morons of the Podcast
First Moron, a Russian on the Run
There are two different articles out there about this one...2023-05-112h 51CyberWire DailyWhat’s now being traded in the C2C markets. CISA would like comments on its software self-attestation form. And in Russia’s hybrid war, are there cyber war crimes, or real hacktivists?Cl0p and LockBit exploit PaperCut vulnerability in ransomware campaigns. Infostealer traded in the C2C market. All ads are trying to get your money, but some just take it. CISA requests comment on software self-attestation form. Our guest is Marcin Kleczynski, CEO of Malwarebytes, sharing thoughts on the current threat landscape, attacks on students and academic institutions. Betsy Carmelite from Booz Allen, discussing themes from the RSAC tied into critical infrastructure resilience. Ukraine argues that cyberattacks against civilian infrastructure should be classified as war crimes. And are there any genuine disinterested hacktivists on Russia's side, or are they...2023-04-2828 min
The technology blog and podcast and TSBThe Security Box, podcast 141: Dark Bit, a new threat that starts with a grudgeWelcome to the Security box, podcast 141. On this podcast, Cyberscoop is along to help us diagnose yet another ransomware group. They actually start by attacking Israeli schools, but will it stop there?
Besides that, we'll have the news, notes from around the landscape, possibly some morons, and of course your thoughts.
Our topic today comes from this Cyberscoop article titled New cybercrime group calling itself DarkBit attacks Israeli university which we sent to the list in mind February.
While we've not seen anything else...2023-04-273h 46Inside The Media MindsInside the Media Mind of AJ Vicens: CyberScoopIn the latest episode of #IMM, Christine speaks with AJ Vicens, Reporter at CyberScoop2023-04-0428 min
The technology blog and podcast and TSBThe Security box, podcast 128: What's going on with CISA?Welcome to the Security box, podcast 128. On this podcast, we probably have two morons of the podcast, one of which should've gotten it before we came up with the idea. We also ask the question, What's going on over at CISA? This acronuym stands for Cybersecurity and Infrastructure Security Agency.
Seems as though they don't know what's going on, or at least might be confused.
Moron of the podcast
We have listed both morons of the podcast by listing the basics of the story and links to the stories themselves.
1. It seems as though T-Mobile has had yet another breach...2023-01-262h 19Inside The Media MindsInside the Media Mind of Mike Farrell: CyberScoopIn the latest episode of #IMM, Christine speaks with Mike Farrell, Editor-In-Chief at CyberScoop2022-12-1326 minFirewalls Don't Stop Dragons PodcastYour TV is Watching YouThis is going to sound bonkers, even though you're used to so many things tracking you... web pages, emails, and apps... but I'm here to tell you that while you're watching your TV, your TV is also watching you. Or I guess more accurately, your TV is watching what you're watching. Even if you're not using the built-in smart apps, if you're just piping pixels in from an external box, your TV can recognize the movies and shows being displayed. And it's taking meticulous taking notes and selling that data. It's called Automatic Content Recognition and "post-purchase monetization". It's sorta...2022-10-241h 09
Tech Policy LeadersFight against TX social media law heads to Fifth Circuit Court of Appeals; Abortion advocates push back against "people search" sites; Ads for top brands appeared next to child abuse content on Twitter -- Tech Law & Policy This Week Tech sector asks Fifth Circuit to stop Texas’s social media law from taking effect The State of Texas’s social media law which stops tech companies from taking down hate speech and misleading information has reached the Fifth Circuit in a motion that this organization – WashingTech – has participated in amicus filings for. We agree with NetChoice and the Computer and Communications Industry Association (CCIA) that this law impinges on platforms’ First Amendment rights and the discretion Section 230 of the Communications Decency Act affords them to moderate content posted by third parties. It would al...2022-09-3002 min
The technology blog and podcast and TSBThe Security box, podcast 94: EDR's real or fakeWelcome to podcast 94 of the security box. On this edition of the program, we're going to talk about emergency direct requests (EDR's) as there are now actors out there that will use Fake EDR's for getting what they want.
There are two articles, both which I read.
Twitter may have given user's private data to a ransomware hacker, who then ran a researcher offline Cyberscoop
Fighting Fake EDRs With ‘Credit Ratings’ for Police Krebs on Security
I read the Krebs article first, and some time later, I found the Cyberscoop article which was quite interesting.
Besides that, we'll be seeing what...2022-05-121h 48
Cyber Security TLDRCyber Security News // Weekly Recap (04/03/22 to 04/09/22)This episode provides a recap of Cyber Security news with expert analysis.TOP HEADLINES:https://www.bleepingcomputer.com/news/security/new-borat-remote-access-malware-is-no-laughing-matter/https://www.theregister.com/2022/04/01/nsa_employee_secret_data_leak/https://threatpost.com/cyberattackers-ups-backup-power-critical-environments/179169/https://www.theverge.com/2022/4/3/23008658/data-leak-russian-delivery-app-dining-habits-secret-police-yandex-foodhttps://therecord.media/state-department-launched-new-cyber-bureau/https://www.cyberscoop.com/debate-u-s-cyber-command-lose-cyber-ops-authorities/https://www.bleepingcomputer.com/news/legal/germany-takes-down-hydra-worlds-largest-darknet-market/https://therecord.media/doj-charges-russian-national-with-operating-worlds-largest-darknet-market/https://www.cybersecurity-insiders.com/anonymous-leaks-all-personal-details-of-russian-soldiers-invading-ukraine/?utm_source=feedly&utm_medium=rss&utm_campaign=anonymous-leaks-all-personal-details-of-russian-soldiers-invading-ukrainehttps://www.cyberscoop.com/war-crimes-phishing-attempts-russia-ukraine/https://www.securityweek.com/cashapp-says-ex-employee-stole-customer-stock-trading-datahttps://www...2022-04-1026 min
SecurityMetrics NewsUkraine vs Russia: Hackers Take Sides | SecurityMetrics NewsSubscribe to our Weekly Threat Intelligence Center News Feed!The battles between Russia and Ukraine rage even in the cyberverse, and hackers are taking sides. Tune in this week as Heff and Noah run you down with the latest cyber news this week.Also included:-Elon Musk gives Starlink to Ukraine-Hacker rally under the Anonymous banner-Russian electric car charging stations hackedHosted by Matthew Heffelfinger (Director of SIEM Operations, GSTRT, CyRP (Pepperdine), GRCP, SSAP, ITIL4-F, GISF, PECB) and Noah Pack (Threat Hunter/Security Operations Center...2022-03-0439 min
Percepticon.deCyber Konflikt zwischen Russland und der Ukraine, Hot take 25.02.2022Ein Hot Take über die aktuellen Cyber Dynamiken im Kontext der russischen Invasion der Ukraine. Eine kurze Chonologie dessen, was gerade so passiert. Das basiert zum Teil auf Quellen, die nicht verifzieren kann, deswegen bleibt kritisch. Im Nebel des Krieges ist immer unklar, was genau passiert. Informationen können morgen schon wieder anders aussehen. Also bitte bleibt aufmerksam.
Dankle an alle CrowdsourcerInnen, die beim Info sammeln geholfen haben!
Shownotes
Max Smeets on Twitter: https://twitter.com/Maxwsmeets/status/1496875873852530689https://www.bleepingcomputer.com/news/security/ransomware-used-as-decoy-in-data-wiping-attacks-on-ukraine/https://twitter.com/YourAnonOne/status/1496965766435926039https://www.reuters.com/world/exclusive-ukraine-calls-hacker-underground-defend-against-russia-2022-02-24/https://www.de...2022-02-2520 min
The technology blog and podcast and TSBThe Security box, podcast 74: Log4JHello folks,
This is still developing and there are more articles than listed here. We'll provide the show notes as is, and check the blog and future podcasts for more. Thanks so much for listening!
Welcome to the Security Box, podcast 74. On this podcast, something breaking this week called Log4j. We'll break down three different articles that talk about this. Instead of me doing news notes, we'll ask listeners if they have any thoughts on what they have read. There may be questions, comments and other topics not mentioned here for you to enjoy too.
Topic
Log4J
CISA...2021-12-161h 57
The technology blog and podcast and TSBThe Security box, podcast 72: A Linux vulnerability, news notes and moreWelcome to the security box, podcast 72. On this program, we're going to play with Linux a little bit as we discuss a vulnerability in the way it works as it can cause DNS cache poisoning. We'll also have news, notes, commentary and more if people have things they want to share.
Our Linux Vulnerability
Linux has a serious security problem that once again enables DNS cache poisoning Ars Technica
News Notes
The ‘Zelle Fraud’ Scam: How it Works, How to Fight Back Krebs On Security
Tech CEO Pleads to Wire Fraud in IP Address Scheme Krebs On Security
SMS About Bank...2021-12-023h 50
PEBCAK Podcast: Information Security News by Some All Around Good PeopleEpisode 34 - Ransomware Evolves Again, US Government Misses MFA Deadline, US Blocks NSO Group, Elon Musk Trolls United NationsWelcome to this week's episode of the PEBCAK Podcast! We’ve got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW)
Follow us on Instagram @pebcakpodcast
PEBCAK - Acronym of “problem exists between chair and keyboard.”
Visit Costa Rica!
https://www.visitcostarica.com/en
https://www.lonelyplanet.com/costa-rica
The rise of ransomware's quadruple extortion
https://krebsonsecurity.com/2021/10/conti-ransom-gang-starts-selling-access-to-victims/
https://www.bleepingcomputer.com/news/security/fbi-hellokitty-ransomware-adds-ddos-attacks-to-extortion-tactics/
2021-11-1541 min
The technology blog and podcast and TSBThe Security box, podcast 68: NCSAM Extra! Social Media and other aspects to go along with itWelcome to the Security Box, podcast 68. On this edition of the program, let's talk about social media and phone line issues as it relates to cyberbullying and other related topics. We'll also have news, notes and more.
Social Media discussion
In a very interesting turn of events, I wasn't necessarily going to put anything in to this section because I was going to do a full vocal discussion. But when I saw my own digest on my blog, I saw a very interesting post dealing with Social Media and other things related that I'll link here. I'll still do vocal...2021-11-042h 40
The technology blog and podcast and TSBThe Security Box, podcast 67: Protecting Your Children OnlineWelcome to Week 4 of NCSAM. This week, we're going to cover protecting your children online. Notations are taken from a presentation I heard about the topic, and I've summarized it to tell possibly some stories that may be similar to something you've heard or seen. We'll also have news, notes and other comments as the program gets started.
Protecting Our Children online
Protecting your kids online. Including topics like grooming, cyberbullying and more.
News Notes
The following are some of the items that have been read within the past week. Feel free to read the ones that are of interest...2021-10-282h 47
The technology blog and podcast and TSBThe Security box, podcast 65: Twitch, NCSAM, News Notes and moreA few technical issues, but what is a show without those? In this 3 hour episode, we've got quite a lot for you, so sit back and check out the links to the following items for your perusal.
Welcome to the Security Box, podcast 65. On this podcast, let's discuss an article we read after the release of last week's program in regards to Twitch and their recent breach we were alerted to during the live taping of the program. After that, we're going to cover more NCSAM and even have some news notes. We'll do news notes the same as we...2021-10-143h 07
The technology blog and podcast and TSBThe Security box, podcast 63: Psychology of passwords 2021, ransomware paid or not, news notes and moreWelcome to podcast number 63 of the Security Box series. On this podcast, come and learn about the password trends of 2021, thanks to lastpass's article. Next, a 5.9 million dollar ransomware paid by a farming co-op and a very interesting discussion I heard recently about this. We'll definitely have some news and notes from around the landscape, and even some commentary from any guests that participated through Clubhouse on the live program as well as anyone else through email, imessage and other contact points.
Topics
New Report: 2021 Psychology of Passwords Lastpass
$5.9 million ransomware attack on farming co-op may cause food shortage Ars...2021-09-302h 06
The technology blog and podcast and TSBThe Security box, podcast 61: CSAM gets updated by Apple as they listened to some stuff from the security industry and much moreWelcome to the Security Box, podcast 61. On this podcast, let's discuss the updates on CSAM as it pertains to Apple. We'll have news, notes and more.
Topics
Under fire from privacy advocates, Apple delays controversial photo scanning plan Cyberscoop
News Notes
“FudCo” Spam Empire Tied to Pakistani Software Firm Krebs On Security
15-Year-Old Malware Proxy Network VIP72 Goes Dark Krebs on Security
Microsoft: Attackers Exploiting Windows Zero-Day Flaw Krebs o...2021-09-192h 16
The technology blog and podcast and TSBThe Security box, podcast 59: Scott Schober, the q2 intelligence report and moreHello folks, welcome to the Security box, podcast 59. On this edition of the program we have two different prerecorded segments for you.
First, we interview Scott Schober of Berkeley Varitronics Systems, Inc. He's written various books which we talk about, as well as some of what is going on in the security landscape.
Next, we have a talk that was done by Phishlabs, who did the Quarter 2 Phishing Trends report.
To top it all off, we'll have news and notes from around the landscape as well as questions and comments after each segment if any.
>2021-09-034h 25
The technology blog and podcast and TSBThe Security Box, podcast 58: What the hell is up with T-mobile?The Security Box, podcast 58: What's the matter with T-mobile? Why are system failures on the rise? News Notes and More
Hello Everyone, welcome to the Security Box, podcast 58. Question: what the hell is going on with T-Mobile and their inconsistancies of containing breaches and lying about what they were going to do when they were granted the murger with Sprint? Who is ENISA and why are they saying that system failures are on the rise? Finally, what is the Chaos Ransomware and why could it have impacts beyond a proof of concept? We explore all of these topics, as well...2021-08-262h 45
The technology blog and podcast and TSBThe Security box, podcast 56: The Life Cycle of a breached database and government cybersecurityOriginally released on August 11th, we found out that I put it up in download form but not RSS. Sorry about that!
Welcome to the security box, podcast 56. Two comments will start us off as someone commented on the replay of our show from last week. Both are good comments worth bringing up. Next, we've got a topic that might be of interest talking about the lifecycle of a breached database. Next, let's find out how the government is doing with their Cyber Security. What did the senate report find? Find out in our second topic. We'll have news notes...2021-08-262h 39
The technology blog and podcast and TSBThe Security box, podcast 57: the name game of Ransomware Gangs, Windows Update, and CSAM and apple productsWelcome to the security box, podcast 57. We have three topics for you today, and I hope that you will enjoy them. The first topic for this podcast will be talking about the name game of the ransomware gangs we have out there. The second topic which was totally forgotten is of course Windows Update and what is happening with that operating system. Finally, probably the most contravercial topic we have to date, Apple and how they're handling the images that people may have that are backed up in to icloud that deal with children and the potential of abusive images...2021-08-192h 06
The technology blog and podcast and TSBThe Security Box, podcast 55: Who Is PlugWalk Joe?Welcome to the security box, podcast 55. On this edition of the podcast we've got two Sans News Bites headlines, topics including a very interesting story on someone named "PlugwalkJoe" I.E. Joseph O'Connor, a topic on a new ransomware gang called Black Matter, and we've also got several news items including one that isn't an article but intrigued me when listening to the TWIT network. All of this plus anyone who had questions, comments or took part in the discussion, as podcast 55 gets started.
Topics
Here are the topics for today.
PlugwalkJoe Does the Perp Walk Krebs on Security
Threat...2021-08-052h 01
The technology blog and podcast and TSBThe Security box, podcast 54: Scammers Will Stop At NothingHello Everyone! Welcome to podcast 54 of the Security Box. On this edition of the program, learn about Windows 11, the latest Microsoft operating system and what scammers are doing to monitize even while this version is still in beta. Next, come with us and learn about the latest in the average ransomware payments as it looks like they are declining, for now. We'll have news, notes, hopefully calls with questions or discussion throughout. If you want to leave feedback and you're listening through the podcast, call 602-887-5198 or email, imessage, whats app, or text your thoughts. The lines of communication...2021-07-282h 16
The technology blog and podcast and TSBThe Security box, podcast 53: Better Get Your Windows Update on ... especially if you printHello everyone, welcome to the security box, podcast 53. On this edition, we'll be talking about some of the things that articles talk about in regards to Windows Update that came out the week of July 16, 2021. Seems like we had good success with last week where we opened the phone lines for others to participate in an open forum, so we'll do that again and see what happens and if people participate or not. You can always comment after the fact by calling our voice mail line at 602-887-5198 and letting me know you want your comments aired. We'll also...2021-07-223h 21
The technology blog and podcast and TSBThe Security box, podcast 52: What is going on with the water supply hacks? Password discussion, news notes and moreWelcome to the security box, podcast 52. On this podcast, let's talk about the water supply hacks and the growing threat of them through the help of an interesting article by Last Pass. After that, we'll see if people partook in an open forum of topics they want to talk about and of course news, notes and highlights from the landscape that have been read.
Topic: The Water Supply and the landscape
The Growing Threat of Water Supply Hacks Trend Micro
News Notes
Below, find links to items that are of interest we've read from around the landscape.
Intuit to Share...2021-07-152h 47
The technology blog and podcast and TSBThe Security box, podcast 51: domains and their security, an email mistake and moreHello folks, welcome to the security box, podcast 51. On this edition of the program, we continue with Phishlabs and their q1 Phishing and intellegence report talking about Top Level Domains and certificate abuse. Next, Michael in Tennessee sent me an article talking about one email which exposed hundreds of email addresses. We'll also have news and notes, people can call and comment as usual, and we'll see where the show takes us.
Topics
Breaking Down Phishing Site TLDs and Certificate Abuse in Q1 Phishlabs
An email sent by One Medical exposed hundreds of customers’ email addresses Tech Crunch
News Notes
In...2021-07-071h 29
Inside The Media MindsInside the Media Minds Episode 53 - Tonya Riley - CyberScoopIn the latest episode of #IMM, Christine speaks with Tonya Riley, reporter at CyberScoop2021-07-0726 min
The technology blog and podcast and TSBThe Security box, podcast 50: 62% of free services are abusedWelcome to the security box, podcast 50. On the big 50th episode, we've got quite a bit of news notes to cover this week. Besides that, we're continuing with Phishlabs and their ongoing rundown of the Q1 Intelligence Report, this time, talking about free tools and their abuse. We hope that users find this of interest like I did. Of course, the lines of communication are always open whether on the show or podcast.
Topic:
62% of Phishing Sites Abuse Free Tools or Services Phishlabs
Sans News Bites
Sans News Bites for June 25th, 2021 covers tons of stuff including Del, Vmware and...2021-07-012h 04
The technology blog and podcast and TSBthe Security Box, podcast 48: Can you believe what is going on with Russia?Thank you Michael in Tennessee for being our guest throughout the program! We really appreciate it.
Welcome to the Security Box, podcast 48. On this edition of the podcast, we've got two topics for you. The first is probably one you can file in the "I can't believe I read this crap" department, while the second deals with Windows Update and what we had to look forward to there. We've got news notes with quite a number of very interesting items, as well as taking your calls, voice messages and stories to boot.
Topics
Adventures in Contacting the Russian FSB Krebs...2021-06-172h 27
The technology blog and podcast and TSBThe Security box, podcast 47: Security in the forefront of everything we doWelcome to the security box, podcast 47. On this podcast, we're going to talk about Security. A video which I found on Ted Talk's youtube channel will lead this discussion. We're also going to talk about an article from Lastpass talking about protecting your business from data breach trends. It talks about something we've talked about, supply chain attacks. Speaking of supply chain attacks, Jennifer talks about our top story from our show notes, and we'll address any concerns from that as well. We'll have news, notes, questions, comments and more. Want to leave a message by phone? Call 602-887-5198...2021-06-101h 37
You've Already Been HackedREvil took down one-fifth of US beef Production, The NYC MTA got hacked, Amazon wants your networkAs 2021 goes on, the attack on critical infrastructure continues at a rapid pace.- www.zdnet.com: FBI attributes JBS ransomware attack to REvil- www.bleepingcomputer.com: FBI: REvil cybergang behind the JBS ransomware attack- www.cyberscoop.com: Meat chain JBS says US production is returning after ransomware attack- www.bleepingcomputer.com: Chinese threat actors hacked NYC MTA using Pulse Secure zero-day- www.bleepingcomputer.com: Swedish Health Agency shuts down SmiNet after hacking attempts- www.cyberscoop.com: Sensitive medical, financial data exposed...2021-06-0617 min
The technology blog and podcast and TSBTThe Security box, podcast 46: q-link wireless updates, ransomware isn't going anywhere, billions of dollars and moreWelcome to podcast 46 of the Security Box. On this podcast, Michael in Indiana is along with an update about a company we talked about in News Notes on podcast 39. We've got a topic dealing with a company that has been able to take advantage of the dark marketplace as they dominated this space very quietly since 2018. We've got a topic also on Ransomware forcing a major speaker manufacturer you all may be aware of, Bose. We'll have news, notes, questions, comments and more.
During the program, it was announced that we would be switching telephone companies. Our new number is 602...2021-06-032h 39
ShadowTalk: Powered by ReliaQuestSpecial: Jeff Stone Discusses His Origin Story, Interviewing Cybercriminals, and More!Digital Shadows CISO Rick hosts this edition of ShadowTalk. He’s joined by special guest and friend Jeff Stone, Editor at CyberScoop News. They discuss: - Jeff's origin story - Parallels between journalism and threat intelligence - How journalists validate sources - Why "It's better to be right than first"- The go-to defense lawyer for Russian and Eastern European cybercriminals- The nuance around interviewing cybercriminals***Resources from this special podcast*** Find Jeff on Twitter: https://twitter.com/jeffstone500 CyberScoop:https://www.cyberscoop.com/ https://twitter.com/CyberScoopNews CyberScoop CyberTalks Virtual Summit https://www.cyberscoop.com/events/cybertalks/ "How Arkady Bu...2021-05-2545 min
Cybersecurity: Amplified And IntensifiedEpisode 10 - Unrestricted warfare - Vol. IWith the increase of ransomware activity across the US, every incident may be an act of war. Eric Taylor | LinkedIn Twitter: barricadecyber Youtube: barricade cyber solutions - YouTube www.barricadecyber.com Shiva Maharaj | LinkedIn Twitter: kontinuummsp www.kontinuum.com Brian J. Weiss | LinkedIn ITECH Solutions: Overview | LinkedIn www.itech-solutions.com Articles referenced; Pipeline Cyberattack: Colonial remains mostly closed, working to restore service (cnbc.com) Colonial pipeline shutdown highlights need for better OT cybersecurity practices | CSO Online Dark Reading | Security | Protect The Business Ryuk Ransomw...2021-05-1246 minYou've Already Been HackedPulse Secure VPNs get bypassed, REvil takes on Apple, Ethernet/IP Stack problems in Industrial Systems, and 10 years for a guru- www.fireeye.com: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day- www.darkreading.com: University Suspends Project After Researchers Submitted Vulnerable Linux Patches- www.bleepingcomputer.com: REvil gang tries to extort Apple, threatens to sell stolen blueprints- www.cyberscoop.com: Codecov dev tool hit in another supply chain hack- thehackernews.com: Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems- www.cyberscoop.com: FIN7 'technical guru' sentenced to 10 years in prison3Share that link...2021-04-2518 min
The technology blog and podcast and TSBThe Security Box, podcast 38: we've got Facebook in the spotlight, news, notes and moreWelcome to the Security box, podcast 38. This week, we had planned to go back to DKIM and have a discussion on it, but we aren't going to do that. Why? It looks like news has gotten about Facebooks's 2019 breach and 535 million people whose information may now be out there on the free Internet as well as it already being sold to the dark web when the initial breach occurred. We'll have news, notes and more as well as your thoughts and comments to boot. Enjoy the program!
Topic: Has Facebook done it again?
Michael in Tennessee sent me an article...2021-04-081h 50You've Already Been HackedDHS emails hacked by SolarWinds, DPRK Actors created a Fake security Company, Space X gets encryptedLots happening this week, as I welcome in my new students to this term. Solarwinds fall out still happening, along with changes at the company, multi university hacks reported, North Korea is still being tricky, another water treatment plan was hacked (although in the past), Ubiquity has a whistle blower, and Space X encrypted their data streams.- thehill.com: Hackers accessed emails of top DHS officials as part of SolarWinds breach: report- www.cyberscoop.com: US to publish details on suspected Russian hacking tools used in SolarWinds espionage...2021-04-0420 minYou've Already Been HackedYet another Cyber Nightmare, potentially 100,000s exchange servers compromised world wideThis week focused heavily on the hack of 2021, at least 10 APTs are exploiting Microsoft Exchange Server vulnerabilities across the globe, oh and 150,000 security cameras were also breached...- www.cyberscoop.com: At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns- www.cyberscoop.com: Amid widespread Exchange Server attacks, Microsoft issues patch for older versions- arstechnica.com: Critical 0-day that targeted security researchers gets a patch from Microsoft- www.darkreading.com: Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day- www.bleepingcomputer.com: Microsoft's MSERT tool now finds web shells from Exchange Server attacks- krebsonsecurity.com: At Least 30,000 U...2021-03-1416 minYou've Already Been HackedSolarwinds breeched US Courts, Insider Threat impacts PPE, and 4 Breaches for T-Mobile in 3 yearsSites for the News References- krebsonsecurity.com: Sealed U.S. Court Records Exposed in SolarWinds Breach- www.fedscoop.com: CISA updates guidance on SolarWinds compromise- www.zdnet.com: SolarWinds: The more we learn, the worse it looks- www.theverge.com: SolarWinds hack may be much worse than originally feared- duo.com: SolarWinds Attackers Accessed, But Did Not Modify, Microsoft Source Code- www.zdnet.com: CISA updates SolarWinds guidance, tells US govt agencies to update right awa- threatpost.com...2021-01-1015 min
Cup of CyberCreating A Strong Remote Workforce!- Cup of CyberStrong Remote Workforce!- Cup of Cyber - October 8th, 2020 Join us for an inside view of today’s Cyber News and why it matters.
————————— News ————————————-
Hackers exploit Trump's COVID-19 diagnosis to spread a different kind of virus
https://www.cyberscoop.com/trump-coronavirus-sickness-hacking-virus/ (https://www.cyberscoop.com/trump-coronavirus-sickness-hacking-virus/)
GitHub rolls out new Code Scanning security feature to all users
https://www.zdnet.com/article/github-rolls-out-new-code-scanning-security-feature-to-all-users/ (https://www.zdnet.com/article/github-rolls-out-new-code-scanning-security-feature-to-all-users/)
37% of remote employees have no security restrictions on corporate devices
https://www.helpnetsecurity.com/2020/10/07/security-restrictions-on-corporate-devices/ (https://www.helpnetsecurity.com/2020/10/07/security-restrictions-on-corporate-devices/)
Expert series: New normal: Remote work forces call for strong IT security strategies
http...2020-10-0855 minCup of CyberNIST SP 800-53 Revision 5 ReleasedCup of Cyber - September 24th, 2020 - NIST SP 800-53 Revision 5 Released Join us for an inside view of today’s Cyber News and why it matters.
————————— News ————————————-
Nigerian scammer sentenced for defrauding targets out of $1 million in office supplies
https://www.cyberscoop.com/nigerian-scammer-sentence-office-supplies/ (https://www.cyberscoop.com/nigerian-scammer-sentence-office-supplies/)
Shopify's Employee Data Theft Underscores Risk of Rogue Insiders
https://www.darkreading.com/risk/shopifys-employee-data-theft-underscores-risk-of-rogue-insiders/d/d-id/1339001 (https://www.darkreading.com/risk/shopifys-employee-data-theft-underscores-risk-of-rogue-insiders/d/d-id/1339001)
NIST 800-53 R5
https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final (https://csrc.nist.gov/publications/detail/sp/800-53/rev-5/final)
NIST 800-53B (DRAFT)
https://csrc.nist.gov/publicat...2020-09-2400 min
The technology blog and podcast and TSBThe Security box, episode 7Welcome to podcast 7 of the Security Box. This week, let's peruse some topics, I'll link to some articles, and you can comment as usual. News, Notes, and much more. Thanks for listening!
Election officials have been warned about Typosquatting domains and how they can be used to bring trouble to their particular candidate. Typosquatting is a big problem, and in a future podcast, we'll look in to what this is. In an article entitled Feds warn election officials of potentially malicious ‘typosquatting’ websites you'll learn what is the danger in the election scheme of things.
I think its time to real...2020-08-282h 26
The technology blog and podcast and TSBThe Security Box, podcast 2 for July 22, 2020Welcome to the security box, podcast 2. On this podcast, Twitter takes center stage as it suffered a very interesting security problem they need to solve. People have said it was a big time breach, but as you'll soon find out, unless you read the tech blog, there is more to the breach. Yes, accounts got breached, but we know there is other info. Articles are listed here for you to review. Besides that, find out about a big time breach article which was a two year look at many different breaches within a two year period. Also, find out about...2020-07-232h 57
The technology blog and podcast and TSBThe technology podcast, podcast 345: parcel track and cat fishingWelcome to podcast 345 of the technology podcast series. This time, no covid-19 material as I have quite something different lined up for this podcast. I'm sorry its taken this long to release, I've not been feeling well, but the wait is worth it, as you'll see.
What type of app do you use to track your packages? Just before podcast 344's release, I had a hair, and decided to go searching for a replacement. Parcel Track was found and demoed. Some things including notification fixes were pushed out after the recording, the basic demo will give you an idea on...2020-05-211h 11
CyberScoop RadioHow do you find a ransomware gang on the dark web?In this episode, Greg Otto talks with Adam Darrah, director of intelligence at Vigilante, about hacker gangs on the dark web, how they run their ransomware operations, and if the cybersecurity community get ever get past the mindset of shaming victims when they are hit with a breach.2020-03-2720 min
CyberScoop RadioWhat happened with the Vault 7 trial?Right before the world drastically changed due to the COVID-19 pandemic, the craziest story in cybersecurity was the Vault 7 trial. With that ending in a mistrial, Greg Otto and Jeff Stone look at how the government failed to get a conviction, what we learned about the CIA and when, if ever, we could see a new trial.2020-03-2527 min
incident podcast018 incident podcast pre 13.týždeňZoznam komentovaných správ:
Flash News
čas 1:40
Google
The EU fines Google $1.69 billion for bundling search and advertising
https://arstechnica.com/tech-policy/2019/03/google-fined-1-69-billion-by-the-eu-for-anti-competitive-advertising-practices/
čas 4:04
ASUS
https://www.incident.sk/hackeri-zneuzili-asus-software-update-na-instalaciu-zadnych-vratok/
čas 5:10
Microsoft
Microsoft ships antivirus for macOS as Windows Defender becomes Microsoft Defender
https://arstechnica.com/gadgets/2019/03/microsoft-ships-anti-virus-for-macos-as-windows-defender-becomes-microsoft-defender/
čas 8:20
Pwn2Own
Apple...2019-03-2845 min
Inside The Media MindsInside the Media Minds Episode 21: Jeff Stone, CyberScoop @RSAIn this special episode of #IMM, Christine and Stephen catch up with Jeff Stone at the RSA Conference in San Francisco, where they discuss Jeff's reporting focus, his predictions for what will drive media coverage in the future and much more.
Jeff Stone is an associate editor at CyberScoop, covering cyber in government. Previously, he has contributed to The Wall Street Journal, The Christian Science Monitor and several other publications.2019-03-1912 min
CyberScoop RadioHow to embrace zero trust into network security with John Kindervag from Palo Alto NetworksThe creator behind the zero-trust network model, John Kindervag, talks about why “trust” has become a vulnerability that needs to be mitigated like other vulnerabilities and where to start. Sponsored by Palo Alto Networks.
Guest: John Kindervag, VP and principal analyst2019-02-0110 min
CyberScoop RadioEpisode 2 - Upguard's Chris Vickery and Mike BaukesOne of the bigger stipulations in GDPR is that third-party service providers, including companies who run the ever-ubiquitous cloud, will also be responsible for following the correct protocols when it comes to protecting EU citizen data.
Yet just as companies keep throwing everything into the cloud, we keep seeing errors in the way companies are safeguarding personally identifiable data.
If you have been following the work of Chris Vickery, you know how easily these errors can be found. Vickery, Director of Cyber Risk Research for California-based Upguard, has been finding misconfigured cloud instances all over the internet.
Just in the pa...2018-03-0118 min
CyberScoop RadioHow Identity Can Control Shadow IT with Okta's Chris NiggelIn the latest CyberScoop Radio podcast, Chris Niggel, Okta's director of security and compliance talks about how identity management can be the catalyst to turn shadow IT into distributed IT. By implementing a strong tool, users can get their work done at any time from any place, while security teams can be confident their enterprise's data stays where it should. Sponsored by Okta.
Guest: Chris Niggel, director of security and compliance2018-02-2508 min
CyberScoop RadioEpisode 1 - Thomas FischerGlobal Security Advocate Thomas Fischer talks with CyberScoop's Greg Otto about the mind shift companies are going to have to embrace if they want to be in tune with GDPR once it goes into effect in May.2018-02-1637 min
CyberScoop RadioOpen source's security scalability and flexibility with Hortonworks' Henry SowellHenry Sowell, Technical Director for Hortonworks spoke with CyberScoop on how open source systems allow for that flexibility and scalability, especially at a time where the onslaught of threats has never been greater. Sponsored by Hortonworks.
Guest: Henry Sowell, technical director2018-01-0406 min
CyberScoop RadioHow to make threat intelligence actionable, explains Alaska Airlines' security architecture directorWith millions of indicators contained in threat intelligence data, it's important for analysts to stay focused on worthwhile information that could indicate a data breach for their particular organizations, says Jessica Ferguson, director of security architecture at Alaska Airlines. Sponsored by Anomali.
Guest: Jessica Ferguson, director of security architecture2017-11-1013 min
CyberScoop RadioSecurity strategies that merge with modernizationWith massive networks at federal government agencies, a workforce clamoring for the ability to work collaboratively and pushes from Congress to move away from legacy systems, cybersecurity is monumental concern.
Nearly every federal organization struggles with cost-effective cybersecurity risk management against the backdrop of today’s advanced threats, the shortage of skilled cybersecurity talent, and countless compliance regulations and security mandates. So can agencies fix their problems with adversaries pounding away at their systems every day?
Two Cisco executives, Will Ash and Doug Cowan, talked with CyberScoop Managing Editor Greg Otto about the challenges that must be faced when dealing wi...2017-10-2615 min
CyberScoop RadioHow threat intelligence leads to counterintelligence, explains Anomali's Travis FarralTravis Farral, director of security strategy for Anomali, talks about the many benefits of threat intelligence and what is being done to disrupt adversaries through counterintelligence initiatives. Sponsored by Anomali.2017-10-0610 min
CyberScoop RadioThe Value of Threat IntelligenceLarry Ponemon, chairman and founder of the Ponemon Institute, talks with Wyatt Kash about the growing need for enterprises to leverage the right kind of threat intelligence.2017-09-1111 min