Shows
Future of Threat IntelligenceCyware’s Jawahar Sivasankaran on Automating Threat-Centric OperationsIn this special RSA 2025 episode of The Future of Threat Intelligence, David speaks with Jawahar Sivasankaran, President of Cyware, about their partnership with Team Cymru to democratize threat intelligence. Jawahar outlines how their CTI program in a box approach enables organizations to implement comprehensive threat intelligence capabilities in weeks rather than months.
Jawahar offers a unique perspective on industry progress and remaining challenges in collaborative defense. This conversation explores the practical realities of operationalizing threat intelligence for organizations beyond the most mature security teams, the current implementation of AI in security operations, and a thoughtful assessment of h...2025-05-2008 min
Security Weekly Podcast Network (Video)Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on iden...2025-05-122h 14
Security Weekly Podcast Network (Audio)Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on iden...2025-05-122h 14
Security Weekly (Download Only)Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on iden...2025-05-122h 14
Enterprise Security Weekly (Audio)Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on iden...2025-05-122h 14
Enterprise Security Weekly (Video)Secrets and their role in infrastructure security - Jawahar Sivasankaran, Chas Clawson, Sergey Gorbaty, Fernando Medrano - ESW #406Segment 1 - Secrets and their role in infrastructure security From API keys and tokens to environment variables and credentials, secrets are foundational—and often overlooked—attack surfaces in cloud-native and distributed systems. We break down the risks tied to poor secret hygiene, discuss emerging patterns for secure secret management at scale, and shares insights on integrating secrets management into systems design. This segment is sponsored by Fastly. Visit https://securityweekly.com/fastly to learn more about them! Segment 2 - Weekly Enterprise News In this week's enterprise security news, we have: Funding, mostly focused on iden...2025-05-122h 14
Dauntless LeadHERship#11 - If You’re Not Replaceable, You’re Not Promotable (Featuring Joe Aurilia, Sr. VP of Operations, Cyware)Welcome to Episode #11 of the Dauntless LeadHERship Podcast! In this episode, Lisa Kent (Host) chats with Joe Aurilia, Sr. VP of Operations, Cyware.We believe in the transformative power of women leading boldly. Our mission is to inspire, support, and empower women at all stages of their leadership and life journey. Whether you’re an emerging leader or a seasoned executive, we provide the resources, community, and opportunities to help you thrive.Join us for weekly episodes about business, entrepreneurship, and stories about women making a difference in the world.Website:https://da...2025-04-1540 min
Hyperdrive MindsTactical RevOps & Strategic Cybersecurity Operations w/ Joe Aurilia - Hyperdrive Minds Podcast 13Joe Aurilia is the SVP of Operations for Cyware, a threat intelligence sharing platform, SOAR platform, and cybersecurity managed servicing provider. He serves as the COO and CIO reporting directly to the CEO. He has over 20 years in technology, operations, and strategic planning, guiding teams and organizations to peak performance across diverse industries. He is an expert in building and scaling all aspects of company operations to meet mission and goals. He serves as an Executive Member and Membership Board Member for SIM (Society for Information Management) and a Executive Member and Raleigh (RDU) Steering Committee Leader for Pavilion...2025-02-221h 03
C-Level Up PodcastTransforming Leadership in Cybersecurity - guest Rick HowardWelcome to C-Level Up, where we delve into the minds of industry leaders to uncover their strategies, insights, and stories. In today’s episode, we’re honored to host Rick Howard, a true visionary in the cybersecurity world.
Rick is the President of the Cybersecurity Canon—think of it as the Hall of Fame for cybersecurity literature, or the "Cyber Pulitzer." With a career spanning decades across military and civilian sectors, Rick’s contributions have shaped how we understand and approach cybersecurity today.
From serving as Chief Security Officer at Palo Alto Networks to advisory roles wi...2024-12-3033 min
The Gate 15 Podcast ChannelWeekly Security Sprint EP 81. Arrest and Disruption Tuesday - hostile events, terrorgram, and more.In this week's Security Sprint, Dave and Andy covered the following topics:
Warm Start:
Press Release! Gate 15 Partners with Cyware to Enhance Cybersecurity and Homeland Security Resilience. Gate 15's Resilience and Intelligence Portal (GRIP) now leverages the robust capabilities available in Cyware's Collaborate platform to provide the homeland security community with all-hazards technology-enhanced, human-driven analysis products.
Main Topics:
Physical Threats, Notable Dates:
· Pakistani National Charged for Plotting Terrorist Attack in New York City in Support of ISIS
· Man Plotted to Kill Jews in New York...2024-09-1025 min
Unspoken SecurityIs Any Security Marketing NOT Bullshit?In this episode of Unspoken Security, host AJ Nash sits down with Emily Phelps, Director of Marketing Communications at CYWARE. They dive into the core challenges and strategies in cybersecurity marketing. Emily emphasizes the importance of not just attracting customers but ensuring they are the right fit to prevent churn and frustration. She highlights the need for authenticity in marketing messages, noting that misleading claims can harm both the company's reputation and customer trust.AJ and Emily also discuss the essential goals of marketing within the cybersecurity industry, stressing the need to build and retain a loyal...2024-09-031h 09
The Gate 15 Podcast ChannelWeekly Security Sprint EP 74. Information sharing and resiliency; Crowdstrike, MDM, and HealthIn this weeks Security Sprint, Dave and Andy covered the following topics:
Warm Start:
· FB-ISAO Releases an All-Faiths Analysis of Attacks on U.S. Houses of Worship in 2023.
· New Cyware Survey Reveals Critical Gaps in Cybersecurity Threat Intelligence Sharing and Collaboration.
· Private-public partnership releases new bank resources for cloud computing adoption.
o Financial Sector Cloud Outsourcing Issues and Considerations.
Main Topics:
CrowdStrike Outage:
· CISA: Widespread IT Outage Due to CrowdStrike Update (being updated; update 9:45 a.m., EDT, July 21, 2024)
· Canadian Centre for Cyber Security - Alert - Issue impacting CrowdStrike Falcon EDR
· UK NCSC: Statement on major IT outage
· NZ-NCSC: NCSC statement on global IT outage
· CrowdStrike says significant nu...2024-07-2327 min
RevOps UnboxedReducing friction in sales contract creation with Joe Aurilia Jr.On this episode of RevOps Unboxed, Sandy Robinson sits down with Joe Aurilla Jr, SVP of Operations at Cyware, to discuss how you can reduce friction during sales contract creation. They discuss streamlining Salesforce usage, leveraging AI, and more.About our guest, Joe Aurilia Jr.Joe Aurilia Jr is SVP of Operations at Cyware, and a seasoned revenue-aligned operator with broad multidisciplinary skills fully capable of diving deep into each business facet to create value, drive change, and demonstrate strategic impact.About our host, Sandy RobinsonSandy is SVP...2024-07-0328 min
ITOps, DevOps, AIOps - All Things OpsEp. 39 - Scaling Cyware: Lessons From Growing the Company Headcount Fivefold - With Joe AuriliaHow can you scale your tech company while maintaining rigorous operational standards? Senior VP of Operations at Cyware Joe Aurilia shares what he learned while 5x-ing the company.In this episode, Joe shares how he's building operations from the ground up, handling the complexities of international teams, and embedding a culture of security and compliance in a rapidly growing company.You'll learn:1. How to balance immediate operational needs with long-term growth strategies2. The challenges and solutions of managing a globally distributed team3. The importance of fostering a culture of security...2024-06-2541 min
SaaS SessionsS8E7 - Building Across Borders ft. Joe Aurilia, SVP of Operations at CywareIn this episode of the SaaS Sessions Podcast, we hosted Joe Aurelia, Senior Vice President of Operations at Cyware, who shares his extensive journey in scaling businesses globally.Joe discusses his transition from heavy applications to SaaS, his role in growing Cyware from two to seven countries, and the challenges and strategies in managing remote teams.He emphasizes the importance of process standardization, continuous learning, and risk mitigation in business operations. Joe also sheds light on the balance between speed and perfection, and the importance of allowing team autonomy for growth....2024-06-2435 min
Enterprise Security Weekly (Video)Automated Pentesting, AI in SecOps, & AI-Powered Analytics - Jason Keirstead, Jay Mar-Tang, Anthony Aurigemma - ESW #361Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. This conversation will focus on the challenge of security validation and pentesting in the cloud, and how Pentera Cloud is redefining the speed and scale of pentesting in the cloud. This segment is sponsored by Pentera. Visit https://www.securityweekly.com/penterarsac to learn more about them! Jason Keirstead, Cyware's VP of Collective Threat Defense, takes us beyond the AI...2024-05-1045 min
Security Weekly Podcast Network (Video)Automated Pentesting, AI in SecOps, & AI-Powered Analytics - Jason Keirstead, Jay Mar-Tang, Anthony Aurigemma - ESW #361Despite building up impressive security stacks in the Cloud, organizations are still struggling to keep their environments safe. Pentera recently introduced Pentera Cloud as the first tool to provide automated pentesting capabilities for cloud environments. This conversation will focus on the challenge of security validation and pentesting in the cloud, and how Pentera Cloud is redefining the speed and scale of pentesting in the cloud. This segment is sponsored by Pentera. Visit https://www.securityweekly.com/penterarsac to learn more about them! Jason Keirstead, Cyware's VP of Collective Threat Defense, takes us beyond the AI...2024-05-1045 min
Enterprise Security Weekly (Audio)Executive Interviews from RSAC! - ESW #361Tune in to hear 9 executive interviews from RSA Conference 2024, featuring speakers from Zscaler, Open Systems, Aryaka, OpenText, Hive Pro, Critical Start, Anomali, Cyware, and Pentera! Find individual descriptions for each interview on the show notes. Show Notes: https://securityweekly.com/esw-3612024-05-092h 09
CISO Perspectives (public)Bonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us by Eugene Spafford, Leigh Metcalf, Josiah Dykstra and Illustrated by Pattie Spafford.Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, interviews Eugene Spafford about his 2024 Cybersecurity Canon Hall of Fame book: “Cybersecurity Myths and Misconceptions.”References:Eugene Spafford, Leigh Metcalf, Josiah Dykstra, Illustrator: Pattie Spafford. 2023. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book]. Goodreads.Helen Patton, 2024. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book Review]. Cybersecurity Canon Project. Staff, 2024. CERIAS - Center for Education and Research in Information Assurance and Security [Homepage]. Purdue University.Rick How...2024-05-0716 min
CyberWire DailyBonus Episode: 2024 Cybersecurity Canon Hall of Fame Inductee: Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us by Eugene Spafford, Leigh Metcalf, Josiah Dykstra and Illustrated by Pattie Spafford. [CSOP]Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, interviews Eugene Spafford about his 2024 Cybersecurity Canon Hall of Fame book: “Cybersecurity Myths and Misconceptions.”References:Eugene Spafford, Leigh Metcalf, Josiah Dykstra, Illustrator: Pattie Spafford. 2023. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book]. Goodreads.Helen Patton, 2024. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book Review]. Cybersecurity Canon Project. Staff, 2024. CERIAS - Center for Education and Research in Information Assurance and Security [Homepage]. Purdue University. Rick How...2024-05-0716 min
What's The Problem?Episode 49- Neal Dennis- 3 Core Tenants of Zero Trust with Neal Dennis of Cyware LabsNeal Dennis, Cyber Threat Intelligence Consultant at CyWare & Co-Host of the "Adopting Zero Trust" Podcast, joins to discuss the 3 core tenants of zero trust.
2024-05-0222 min
Second in Command: The Chief Behind the Chief with Cameron HeroldEp. 356 - Cyware SVP of Operations, Joe Aurilia Jr.In today's episode of the Second in Command podcast, Cameron is joined by Joe Aurilia, Jr., the SVP of Operations for Cyware, to explore the intricacies of operational leadership and the dynamics of rapid company growth. Joe played a pivotal role in scaling Cyware from its early seed stage to a Series C funded cybersecurity powerhouse, and shares his experiences and strategies for fostering collaboration, consensus, and a vibrant culture across a multinational team. He explores the challenges of hiring and integrating key talent, the nuances of international operations, and the importance of communication and leadership in breaking down...2024-02-1341 min
The Gate 15 Podcast ChannelThe Gate 15 Interview EP 41. Cyware’s Tom Stockmeyer on info sharing, threat intel, collective defense, popcorn and The Big HouseIn this episode of The Gate 15 Interview, Andy Jabbour welcomes Tom Stockmeyer, Cyware’s Director, Enterprise East, ISAC's and Federal. Cyber security leader with experience in helping threat sharing communities such as ISACs and ISAOs and their Member companies improve the fidelity of their intel and accelerate threat intel sharing amongst Members. Tom served in the Marine Corps from 1979 to 1983. He has an MBA from the Michael Coles School of Business, Kennesaw University. Tom has held several executive positions, has served on numerous technology Boards.
Tom on LinkedIn.
In the discussion we address:
Tom’s backgr...2023-12-1846 min
My Privacy HelpPrivacy vs Security Explained | MyPrivacy.Help (7)
* Reclaim your privacy: https://myprivacy.help
* Bitcoin Basics podcast: https://bitcoinbasics.help
“What’s the real difference between data security & data privacy? VPNs may not be offering you any data privacy. What’s the most private VPN solution? How to setup your own VPN. Self-hosting what?!?”
Show page: https://myprivacy.help/7
#privacy #selfhost #cybersecurity
TIMESTAMPS:
00:00 Start
02:03 Offline privacy vs security
04:09 Online privacy vs security
08:08 Your VPN does not give you any privacy
11:40 Your own VPN is the b...2023-12-0218 min
My Privacy HelpMedibank hack & protecting yourself against data leaks | MyPrivacy.Help (6)
* Reclaim your privacy: https://myprivacy.help
* Bitcoin Basics podcast: https://bitcoinbasics.help
“MediBank Private (Australian health insurance) is just another major data leak so how can you best protect your personal data? What are 3 free things you can do right now to improve your cybersecurity & privacy?”
Show page: https://myprivacy.help/6
#MediBank #DataBreach #CyberSecurity
TIMESTAMPS:
00:00 Start
01:57 Medibank Private data leak
03:27 Government’s response
05:56 Preventing against data leaks
08:39 How to check if your details have been leaked...2023-12-0224 min
Out of the Woods: The Threat Hunting PodcastTop 5 Threat Hunting Headlines - 27 Nov 2023
Top 5 Threat Hunting Headlines - 27 Nov 2023
Secure List: HrServ – Previously Unknown Web Shell Used in APT Attack
https://securelist.com/hrserv-apt-web-shell/111119/
Group-IB: Hunting Rituals #2.2: Threat Hunting for Abuse of Windows Services
https://www.group-ib.com/blog/hunting-rituals-windows-services-part-2/
Red Canary: Threat Hunting for PsExec, Open-Source Clones, and Other Lateral Movement Tools
https://redcanary.com/blog/threat-hunting-psexec-lateral-movement/
Talos: A Deep Dive into Phobos Ransomware, Recently Deployed by 8Base Group
https://blog.talosintelligence.com/deep-dive-into-phobos-ransomware/
Cyware: Lazarus Group Exploit MagicLine2NX Flaw to Launch Su...2023-11-2848 min
CMO ConvoJoe Aurilia | Everything your ops specialist wants their CMO to know | CMO ConvoBusinesses are growing increasingly complex, and the role of ops specialists is increasing in importance.But ops doesn't happen in the background. They aren't your magic helpers tinkering away in the background doing everything without assistance.For ops to be effective, the function and personnel need to be working closely with your marketing teams, and aligned with leadership's goals.That's why we spoke to Joe Aurilia Jr, Senior Vice President of Operations at Cyware, to break down everything ops specialists want their CMOs to know for successful alignment and collaboration.2023-11-0140 min
The Operations Room: A Podcast for COO’s11. Why licensing 170 SaaS tools is a great idea!In this episode we discuss the topic of: Why licensing 170 SaaS tools is a great idea! Our special guest is Joe Aurilia, Jr., Senior VP Operations at Cyware. As a former CIO, Joe comes at the COO role from a really interesting angle. We discuss the following:Why 170 SaaS applications in an organisation with 270 employees?What does best practice look like in the procurement process? What should it look like in a smaller organisation?How do you ensure ownership ensuring the organisation is receiving the expected value from a given tool?How do you ensure you don't miss...2023-10-0546 min
Secret OpsApplying Technology and Operations to Leadership with Joe AuriliaAs a self-proclaimed ‘Swiss Army Knife’ of executive functions, Joe Aurilia has served at the executive level across diverse departments. He is currently the Senior Vice President of Operations for Cyware, an automated alert aggregation and advisory sharing platform designed to drive real-time situational awareness.In this episode we discuss:The power of working in a range of different job rolesAdvice for non-technical individuals when approaching new technology How to quantify what a tool can actually do for youHow to best communicate the importance of operational initiatives… and what do people mostly get wrong about operations? 2023-09-0645 min
Producing a DisasterBeatstars: A Deep DiveBeatstars Unmasked: All the Answers You've Been Seeking
Beatstars has worked with beatmakers producing miracles in the process, There just seems to be information that stays hidden, and questions that are never answered by Abe (Also I realized I butchered his last name the whole time) Sorry Abe! I hope this mini-documentary is informative.
These are my sources for the research done in this video.
Zippia: https://www.zippia.com/beatstars-careers-1415605/revenue/
GlassDoor: https://www.glassdoor.com/Overview/Working-at-BeatStars-EI_IE3320925.11,20.htm
SEC: https://www.sec.gov/Archives/edgar/data/1690042/000169004217000002/beatstarsformcar.pdf
Forbes: https://www.forbes.com/sites/ogdenpayne/2017/01/04/beatstars-the-bootstrapped-startup-making-it-easy-to-purchase-a-no-1-hit...2023-09-0411 minCyberWire DailyA cyberespionage operation of unclear provenance shifts its targets. Cyberattacks on voting in Ecuador. Other notes from the cyber underworld. And doxing the Duma.HiatusRAT shifts its targets. Ecuador's difficulties with voting is attributed to cyberattacks. Carderbee is an APT targeting Hong Kong. auDA (OOO-duh) turns out not to have been breached. Ukrainian hacktivists claim to dox a senior member of Russia's Duma. Russian influence operations take aim at NATO's July summit. Joe Carrigan describes attacks on LinkedIn accounts. Our guest is John Hernandez from Quest to discuss why he believes the MOVEit flaw is a wakeup call for CISOs. Security, not by obscurity, but by typo.For links to all of today's stories check out our CyberWire...2023-08-2229 min
Redefining CyberSecurityBeyond the Silos: The Evolution of Threat Intelligence | Taking an Intelligence-Driven Approach to Security Operations | A Brand Story Conversation from Black Hat USA 2023 | A Cyware Story with Willy LeichterIn this Brand Story podcast episode, as part of our Black Hat USA conference coverage, host Sean Martin connects with Willy Leichter as he sheds light on his extensive experience spanning over 24 years in the security realm. With a keen focus on cyclical patterns of security, he underscores the unique position of Cyware, a brand that has worked assiduously to bridge silos across industries. While discussing the broader vision of threat intelligence, he underscores its potential in predicting and mitigating attacks proactively.Join Wily and Sean and they dig into the complexities of threat intelligence, highlighting the...2023-08-1030 min
Hire Learning with Oz RashidJoe Aurilia, Jr. — From First US Employee to Global Powerhouse. How an Operational Mindset Can Lead to Great HiringOn today’s episode, our host, Oz Rashid, welcomes Joe Aurilia, Jr., Senior Vice President of Operations at Cyware, a cybersecurity company focusing on Cyber Fusion and collective defense. Having joined the company as the first US hire, Joseph talks about the challenges and opportunities of working in a geographically dispersed workforce with offices across multiple countries. Joe’s overall hiring philosophy revolves around considering whether he could have enjoyable and productive conversations with potential candidates on a regular basis. This approach holds true regardless of the candidate's location, as collaboration and communication are es...2023-08-0931 min
Embracing Digital This WeekJuly 24, 2023This week, July 24, 2023, in digital transformation news, there have been developments in Generative AI in the workplace and a China cyber attack on the US Embassy. Additionally, Data Fabrics are beginning to surface as a trend.Artificial IntelligenceMeta, the AI trailblazer, wows the tech community with a game-changing release - introducing Llama 2, the latest open-source LLM model. Unlocking the power of language understanding for all developers, this groundbreaking innovation promises to revolutionize AI projects. Bid farewell to complexity and welcome seamless AI training. Get ready to ride the wave of...2023-07-2505 min
Abrazando lo Digital Esta Semana23 de julio de 2023Esta semana, del 24 de julio de 2023, en noticias de transformación digital, ha habido avances en la inteligencia artificial generativa en el lugar de trabajo, así como un ciberataque de China a la Embajada de Estados Unidos. Además, los tejidos de datos están comenzando a surgir como una tendencia.Inteligencia ArtificialMeta, el pionero de IA, impresiona a la comunidad tecnológica con un lanzamiento revolucionario: Llama 2, el último modelo LLM de código abierto. Desbloqueando el poder de comprensión del lenguaje para todos los desarrolladores, esta innovación sorprendente promete r...2023-07-2505 min
Cyber BriefingCyber Briefing: 2023.06.30
Welcome to Cyber Briefing, the newsletter that informs you about the latest cybersecurity advisories, alerts, incidents and news every weekday.
👉 What are the latest cybersecurity alerts, incidents, and news?
********************************************************************
🚨 #CyberAlerts
********************************************************************
CISA Releases Nine ICS Advisories
Source: CISA
Massive Growth of Pro-Russia DDoS Project 'DDoSia'
Source: Sekoia
Microsoft Resolves Start Menu and Windows Search Bug
Source: Microsoft
Arcserve Addresses High-Severity Authentication Bypass Vulnerability
Source: MDSec
Iranian Cyber Espionage Group MuddyWater Exploits New PhonyC2 Framework for Tar...2023-06-3008 min
Cybersecurity News Byte with Jim GuckinEpisode 61: June 20 2023Links
https://www.hackread.com/diicot-hackers-ssh-servers-brute-force-malware/
https://www.securityweek.com/barracuda-zero-day-attacks-attributed-to-chinese-cyberespionage-group/
https://www.welivesecurity.com/2023/06/15/android-gravityrat-goes-after-whatsapp-backups/
https://cyware.com/news/third-bug-in-moveit-transfer-found-d35a9335
https://www.helpnetsecurity.com/2023/06/19/cve-2023-35708/
https://www.bleepingcomputer.com/news/security/moveit-transfer-customers-warned-of-new-flaw-as-poc-info-surfaces/
https://cyberscoop.com/energy-department-cl0p-moveit-cisa/
New Threat Group Targets SSH Servers
Cado Labs Researchers
Diicotemerging Romanian threat actorAKA Mexalsextensive technical knowledge
active since 2020
new campaignCayosin botnetMirai-based botnet agenttarget routers running the Linux-based OS OpenWRTtargets are the internet exposed SSH servers with password authentication enabled.
username and password list is pretty restrictive
including only default or easy-to-guess credentials.
TacticsShell Script...2023-06-2120 min
Abrazando lo Digital Esta Semana6 de junio de 2023Noticias sobre transformación digital para el 6 de junio de 2023. Esta semana hay más trabajos en AI, importantes infracciones de ciberseguridad y mejores prácticas en tecnología en la nube.Inteligencia ArtificialEl CEO de OpenAI, Sam Altman, advierte que la compañía podría retirar sus servicios de la UE por las preocupaciones que generan las regulaciones del plan de Ley de IA. Esto pone de manifiesto una creciente división transatlántica sobre el control de la IA. Empresas de tecnología de EE. UU., como Google, se están p...2023-06-1305 min
Adopter le Digital Cette Semaine29 mai 2023Actualités pour l'adoption du numérique pour la semaine du 29 mai 2023 : découvrez les nouvelles réglementations pour l'IA, l'augmentation des cyberattaques étatiques et les investissements en informatique de pointe. #Numérique #IA #Cybersécurité #InformatiqueDePointeIntelligence ArtificielleLe PDG d'OpenAI, Sam Altman, met en garde contre le possible retrait des services de l'entreprise en UE en raison des inquiétudes concernant la réglementation prévue par l'AI Act. Cela souligne une fracture transatlantique croissante sur le contrôle de l'IA. Les entreprises technologiques américaines, dont Google, se préparent à u...2023-06-0504 min
Umarmung Digital Diese Woche29. Mai 2023Nachrichten für die Einführung von Digitaltechnologien in der Woche vom 29. Mai 2023: Erfahren Sie mehr über neue Vorschriften für Künstliche Intelligenz, zunehmende Cyberangriffe von Nationalstaaten und Investitionen in Edge Computing.Inteligencia ArtificialEl CEO de OpenAI, Sam Altman, advierte que la compañía podría retirar sus servicios de la UE por las preocupaciones que generan las regulaciones del plan de Ley de IA. Esto pone de manifiesto una creciente división transatlántica sobre el control de la IA. Empresas de tecnología de EE. UU., como Google, se...2023-06-0505 min
Cybersecurity News Byte with Jim GuckinEpisode 58: May 28 2023Links
https://www.cybersecuritydive.com/news/summer-holiday-weekends-cyber/651434/
https://www.netwrix.com/download/documents/Netwrix_Hybrid_Security_Trends_Report_2023_Enterprise_Sector.pdf - Copy URL if you don’t trust the link…I get it
https://www.prnewswire.com/news-releases/netwrix-report-enterprises-suffer-more-ransomware-and-other-malware-attacks-than-smaller-organizations-301831669.html
Hot Pixel Technical Paper: https://arxiv.org/abs/2305.12784
https://www.bleepingcomputer.com/news/security/hot-pixels-attack-checks-cpu-temp-power-changes-to-steal-data/
https://www.cadosecurity.com/updates-to-legion-a-cloud-credential-harvester-and-smtp-hijacker/
https://cyware.com/news/enhanced-legion-credential-harvester-targets-ssh-servers-and-aws-credentials-77e34efc
Entering the Summer Caution Seaso
Memorial Day Weekend
Start of the Summer Vacation Season
pattern has emer...2023-05-2936 min
Embracing Digital This WeekMay 1, 2023News and stories from the Week of May 01, 2023, in Digital Transformation, including cyberattacks and intelligent edge, non-verbal communication AI, and company merges in the IoT space.Artificial IntelligenceThe AI backlash begins: Fans of Snapchat are expressing their discontent with using ChatGPT-powered bots on the platform, marking a backlash against AI. Users criticize the lack of human-like responses and the inability to differentiate between actual and AI-generated content. The incident highlights growing concerns and the need for a balanced implementation of AI in social media platforms.https://www.techradar.com/news/the-ai-backlash-begins-snapchat-fans-revolt-against-chatgpt-powered-bot2023-05-2305 min
Breakpoint Security PodcastProactive Threat Prevention with Threat Intelligence | Episode TeaserTOPIC: Proactive Threat Prevention with Threat IntelligenceIn this episode, we discuss the challenges of Threat Intelligence in the modern Threat landscape and how security teams can conduct Threat Intelligence to Proactively Stop Advanced Attacks. Guest: Avkash Kathiriya, Sr. VP - Research and Innovation at Cyware LabsAvkash is the VP of Research at a US-based Cyber security product startup. Avkash is an astute cybersecurity professional with more than 13 years of experience in core security technology domains including Cyber Defense, Security Orchestration and Automation, Cyber Resiliency, Threat Hunting, a...2023-04-1402 min
Breakpoint Security PodcastProactive Threat Prevention with Threat Intelligence | Avkash Kathiriya | Full Ep.TOPIC: Proactive Threat Prevention with Threat IntelligenceIn this episode, we discuss the challenges of Threat Intelligence in the modern Threat landscape and how security teams can conduct Threat Intelligence to Proactively Stop Advanced Attacks. Guest: Avkash Kathiriya, Sr. VP - Research and Innovation at Cyware LabsAvkash is the VP of Research at a US-based Cyber security product startup. Avkash is an astute cybersecurity professional with more than 13 years of experience in core security technology domains including Cyber Defense, Security Orchestration and Automation, Cyber Resiliency, Threat Hunting, a...2023-04-141h 11Out of the Woods: The Threat Hunting PodcastTop 5 Threat Hunting Headlines - 10 April 2023**Threat Hunting Workshop: Hunting for Impact
April 26 @ 12:00 - 1:00 PM ET 👇
https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-7
**Out of the Woods LIVE Podcast Recording - Episode 8
April 20 @ 7:00 - 8:30 PM ET 👇
https://info.cyborgsecurity.com/en-us/threathuntingpodcast-s1e8
-----
Top 5 Threat Hunting Headlines - 10 April 2023
CISA Adds Five Known Exploited Vulnerabilities to Catalog
https://www.cisa.gov/news-events/alerts/2023/04/07/cisa-adds-five-known-exploited-vulnerabilities-catalog
Hackers Flood NPM with Bogus Packages Causing a DoS Attack
https://thehackernews.com/2023/04/hackers-flood-npm-with-bogus-packages.html
MERCURY and DEV-1084: Destructive Attack on Hybrid Environment
ht...2023-04-1338 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #107 - It's 5:05, Tuesday, March 28, 2023Hey, it's 5:05 on Tuesday, March 28th, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today's episode come from Ax Sharma in Manchester, UK, Olimpiu Pop in Transylvania, Romania, Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Marcel Brown in St. Louis, Missouri. Let's get to it.Redis CVE Race Condition🇬🇧 Ax Sharma, Manchester UKChatGPT Data Leak and Redis Race Condition Vulnerability That Remains UnfixedLiberte, Egalite, Fraternite Surveillance: France to use AI...2023-03-2809 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #80 - It's 5:05, Friday, February 17, 2023Hey! It’s 5:05, on Friday, February 17, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Edwin Kwan in Sydney, Australia, Trac Bannon in Camp Hill, Pennsylvania, Ian Garrett in Arlington, Virginia, Katy Craig in San Diego, California and Marcel Brown in St. Louis, Missouri.Let’s get to it!Is Your Smart Speaker Eavesdropping?🇦🇺 Edwin Kwan, Sydney, AustraliaAlexa, who else is listening? | WeLiveSecurityValentine’s Day Breakup: Goodbye Internet Explorer🇺🇸 Tracy (Trac) Bannon, Camp Hill, Pennsylva...2023-02-1711 min
It's 5:05! Daily cybersecurity and open source briefingEpisode #58 - It's 5:05, Wednesday, January 18, 2023Hey! It’s 5:05, Wednesday, January 18, 2023. From the Sourced Podcast Network in New York City, this is your host, Pokie Huang. Stories in today’s episode come from Katy Craig in San Diego, California, Edwin Kwan in Sydney, Australia, Kadi Grigg in Alexandria, Virginia and Olimpiu Pop in Transylvania, Romania. Let's get to it!🇺🇸 Katy Craig, San Diego, CaliforniaFortinet OS exploitedhttps://arstechnica.com/information-technology/2023/01/fortinet-says-hackers-exploited-critical-vulnerability-to-infect-vpn-customers/🇦🇺 Edwin Kwan, Sydney, AustraliaMalicious Python Lolipop packages in the Wild https://www.bleepingcomputer.com/news/security/malicious-lolip0p-pypi-packages-install-info-stealing-malware/ 🇦🇺...2023-01-1809 minOut of the Woods: The Threat Hunting PodcastOut of the Woods: Top 5 Threat Hunting Headlines**Join our Threat Hunting Workshop: Hunting for Credential Access on February 8th from 12:00 – 1:00 PM ET and earn your “Credential Access – Level 1” certification! Save your seat 👇
https://info.cyborgsecurity.com/en-us/threat-hunting-workshop-5
Many of 13 New Mac Malware Families Discovered in 2022 Linked to China
https://www.securityweek.com/many-13-new-mac-malware-families-discovered-2022-linked-china?&web_view=true
https://objective-see.org/blog/blog_0x71.html
Microsoft Ends Windows 7 Extended Security Updates on Tuesday
https://www.bleepingcomputer.com/news/microsoft/microsoft-ends-windows-7-extended-security-updates-on-tuesday/?&web_view=true
Attackers Abuse Genuine Windows Tool to Deliver Pupy RAT
https://cyware.com...2023-01-1034 min
Thou Shalt Listen: Randomness ReimaginedSeason 3, Episode 2 - Most Notorious Hacking Groups, The Most Unlucky US Naval Vesselhttps://cyware.com/news/top-10-most-notorious-hacking-groups-of-all-time-32d01ba2
https://www.businessinsider.com/uss-william-d-porter-was-the-navys-unluckiest-warship-2021-72022-12-0316 min
Cyber Morning CallCyber Morning Call - #209 - 30/11/2022[Referências do Episódio]
- MIT Technology Review - The Cyber Defense Index 2022/23 - https://mittrinsights.s3.amazonaws.com/CDIreport.pdf
- KNOWN EXPLOITED VULNERABILITIES CATALOG - https://www.cisa.gov/known-exploited-vulnerabilities-catalog
- ATTACKER USES A POPULAR TIKTOK CHALLENGE TO LURE USERS INTO INSTALLING MALICIOUS PACKAGE - https://checkmarx.com/blog/attacker-uses-a-popular-tiktok-challenge-to-lure-users-into-installing-malicious-package/
- Hackers Exploit RCE Vulnerability in Windows Internet Key Exchange
- https://cyware.com/news/hackers-exploit-rce-vulnerability-in-windows-internet-key-exchange-ce908a01/?web_view=true
- Critical Flaw Exploited to Bypass Fortinet Products and Compromise Orgs - https://www.hackre...2022-11-3004 min
Cyware's CyberCastCyberCast EP 9: A Cyber Journey from National Security to Finance to HealthcareErrol Weiss is an accomplished information security executive recognized internationally as a visionary and a leader in threat intelligence operations and management. Weiss has 15 years of cyber security experience within banking and finance. He currently works in healthcare as the Chief Security Officer (CSO) for the Health-ISAC. Throughout his career he has leveraged his ability to build information security strategies aligned to business risk and corporate goals.In the last year and 10 months Weiss has served as a Senior Fellow at the McCrary Institute for Cyber and Critical Infrastructure Security. His prior experience includes roles with Bank of America, the...2022-03-0439 min
Cyware's CyberCastCyberCast EP 8: Tari Schreider on Democratizing Cyber, Defeating Ransomware, and the NFL PlayoffsToday we are joined by Tari, a nationally known expert on cybersecurity who created cyber programs for one of the largest oil and gas companies, a Canadian electric utility company, a 911 system, and one of the largest retailers in the US. He has appeared on ABC News, CNN, CNBC, NPR, and has had numerous articles printed in security and business magazines, including Business Week, New York Times, SC Magazine, The Wall Street Journal and many others. Safe to say Tari is the perfect guest to kick off 2022.In this episode we discuss the democratization of cyber, defeating ransomware, and the...2022-01-3143 min
Security Insights - Cybersecurity for Real-World WorkplacesBreaking Down the Ransomware Index Spotlight ReportHost Adrian Vernon is joined by Ivanti's Senior Vice President of Security Products Sri Mukkamala, CEO of Cyber Security Works (CSW) Aaron Sandeen, and Senior Intelligence Analyst at Cyware Neil Dennis. They break down the recent collaborative Ransomware Index Spotlight Report to make sure you are up to date on today's cybersecurity landscape. The conversation includes:How the report was put togetherWhat you can expect from the reportThe importance of the collaborationSurprising contextsWhy a yearly compliance checkpoint may not be enoughThe possible future of ransomwareCYBER HYGIENE!Check out the report at ivanti.comJoin...2021-11-1737 min