Shows
Security BitsInfoSec Word of The Day 02 P.A.S.T.AInfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. This PASTA is for a different kind of appetite, the one associated with threats aka #Riskappetite.PASTA is a threat modelling methodology to identify threats in a very systematic way. It stands for Process for Attack Simulation and Threat Analysis , a 7 step risk centric method to identify threats.#INFOSECWOTD2021-11-2701 min
Security BitsInfoSec Word of The Day 01 SneakernetInfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. Sneakernet, is an informal term for the transfer of information (data) by use of a physical media such as USB flash drives, optical discs, or external hard drives between computers, rather than transmitting it over a computer network.#INFOSECWOTD2021-07-0901 min
Security BitsFlorida Water Treatment Plant Hacked, Chrome Browser Vulnerability, Security Researchers were targeted, Social Media Etiquette, CISCO’s VPN Flaws, Happy Safe Internet Day and more!Hello and welcome to Simplified Security bits Episode Number 7. I am your host, Durgesh and today is Feb 9th 2021, coming to you straight from Houston Texas. Today is Safe Internet Day. Celebrated around the world. In the US, you can find more information for more information on how you can get involved and spread the word by going to https://saferinternetday.us/Tags: Podcast, Cybersecurity Podcast, Durgesh Kalya, Simplified Security, The Florida Water Treatment Plant was hacked and the attacker managed to...2021-02-0904 min
Security BitsCovid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more!Simplified Security - E6 - Covid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more!Headlines:Leaked information surfaces from the December attack on European Medicines Agency on COVID-19 Vaccine.EMA Original Post:https://www.ema.europa.eu/en/news/cyberattack-european-medicines-agencyBleeping Computer’s Posthttps://www.bleepingcomputer.com/news/security/hackers-leak-stolen-pfizer-covid-19-vaccine-data-online/ Siemens releases multiple Vulnerabilities in Web Server for Scalance X P...2021-01-2305 min
Security BitsSimplified Security Bits - Ticketmaster agrees to pay $10 million to Crowdsurge, Microsoft release details on SolarWinds Hack, Veritas released a handful of CVEs and Free Boot camp for CISSP Candidates and more!Public document from the court TicketMaster Lawsuit:https://www.justice.gov/usao-edny/pr/ticketmaster-pays-10-million-criminal-fine-intrusions-competitor-s-computer-systems-0 What is Egregor?https://www.trendmicro.com/en_us/research/20/l/egregor-ransomware-launches-string-of-high-profile-attacks-to-en.html Veritas Advisory:https://www.veritas.com/content/support/en_US/securitySANs institute is offering a Free Virtual Summit:https://www.sans.org/event/ics-security-summit-2021?utm_medium=Social&utm_source=LinkedIn&utm_content=ICS+Summit+Training+December+2020&utm_campaign=SANS+Solution+Forum+VendorJo...2021-01-0710 min
Security BitsExpert in Security - Full Featured Interview with Marco Ayala on various ICS Cybersecurity TopicsVery excited to share with you our cybersecurty community an interview with ICS Cybersecurity Expert Marco Ayala (Twitter: @ics_scada) We discuss various topics, such as how he got started, why defense in depth is criticle in Industrial systems and my favorite, #snickernet using USB drives in ICS. 00:10 - Introduction to Marco Ayala02:45 - What is your story and how did you get into Industrial Control Systems Security?14:01 - What are your thoughts on Virtualization in OT Environments? 17:48 - What are the key elements of an OT Incident Response Pla...2020-12-2549 min
Security BitsSimplified Security - Supply Chain Bust with Sunburst, Interview with Marco Ayala, Cybersecurity Expert where we discuss several different topics from his humble beginnings in Industrial Control Systems Security, USB Drive in ICS Environment and International Society of Automation and their certification and training.Simplified Security - E3 - Supply Chain Bust with Sunburst, Interview with Marco Ayala, Cybersecurity Expert where we discuss several different topics from his humble beginnings in Industrial Control Systems Security, USB Drive in ICS Environment & More!Full Interview with Marco is on YouTube Ayala https://youtu.be/gdfftCZEn28 Folllow Marc on Twitter: @ICS_SCADAMany of the Solarwinds products are built on this common technology platform, the SolarWinds® Orion which enables an organization, their customers to implement their various products whether individually or as a group. This makes it possible for their cu...2020-12-2114 min
Security BitsSimplified Security - Google Play Core Library Code Execution Vulnerability, Trickbot Evolves to new low levels and Fireeye Breached More!Hello and welcome to Simplified Security Episode Number 2.
Links:
Vulnerability in Google Play Core Library:
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/
TrickBot Malware gets a creepy feature:
https://www.advanced-intel.com/post/persist-brick-profit-trickbot-offers-new-trickboot-uefi-focused-functionality
CVE-2020-8539.
https://nvd.nist.gov/vuln/detail/CVE-2020-8539
Kia Motors Head Unit CVE:
Italian National Research Council Research Paper:
https://sowhat.iit.cnr.it/pdf/IIT-20-2020.pdf
What When and Why In Security:
Windows 98 End of Life
...2020-12-1013 min
Security BitsSimplified Security -Wordpress Plugins, Fortinet FortiOS System File Leak, Interpol and more!Wordpress Plugins, Fortinet Forti System File Leak, Interpol and more! Video Podcast: https://youtu.be/zNsWFASXYoEText Blog: https://icsbits.com/2020/12/01/simplified-security-e1/.Digitally Signed Malware which goes by the name Bandook Story:https://research.checkpoint.com/2020/bandook-signed-delivered/
Wordpress Story:https://www.webarxsecurity.com/wordpress-vulnerability-news-september-2020/Fake News and Disinformation:
https://www.nytimes.com/2020/10/14/technology/personaltech/how-to-deal-with-a-crisis-of-misinformation.htmlInterpols News:https://www.interpol.int/en/News-and-Events/News/2020/Three-arrested-as-INTERPOL-Group-IB-and-the-Nigeria-Police-Force-disrupt-prolific-cybercrime-groupFortinet FortiOS System File Leak:https://www.fortiguard.com/psirt/FG-IR-18-384https://blog.orange.tw/2019/08...2020-12-0212 min
Security BitsSimplified Security - TrailerWelcome to the ICSBits.com's Simplified Security Episodes. These episodes are available in Text, video and audio formats. Check out icsbits.com/simplified for more details. In every episode we will look at some of the security highlights especially the ones that made it to the news and also find out about any new security events that are happening around the world this week in our NEWS In Security segment. Then we will cover vulnerabilities that scored a CVE score of 10 & discuss any countermeasures that may be available in our Patch or Latch segment. And finally, we will go in...2020-11-2702 min