Shows
CyberHub PodcastSmarterTools Hacked By Own Software, Ivanti Zero-Days Hit EU, China Rehearses Cyber Attacks🎙️ SmarterTools Hacked By Own Software, Ivanti Zero-Days Hit EU, China Rehearses Cyber Attacks🚨 Join us on the CyberHub Podcast as we break down today’s biggest cybersecurity stories shaping global risk and resilience. Ep – 1058: Today's episode will discuss the latest news: Threat Actors Exploit SolarWinds Web Help Desk Flaws to Deploy Velociraptor for C2 BeyondTrust Warns of Critical 9.9 Pre-Auth RCE Flaw in Remote Support Software Claude Desktop Extensions Zero-Click RCE Vulnerability Exposes 10,000+ Users✅ Story Links:https://www.bleepingcomputer.com/news/security/hackers-breach-smartertools-network-using-flaw-in-its-own-software/https://therecord.media/eu-dutch-government-announce-hacks-ivanti-zero-dayshttps://cybers...
2026-02-1016 min
Ivanti OriginalsThe Autonomous Endpoint Management AdvantageIvanti’s research — a global study of more than 600 executive leaders, 3,900 IT / cybersecurity professionals and 8,400 office workers around the world — examines how autonomous endpoint management (AEM) ensures continuous compliance, proactively reduces downtime and helps employees reclaim lost productivity. Despite strained resources, patching alignment challenges and ramping pressure to manage costs, just 32% of IT pros say their departments fully leverage automation. As organizations continue to evolve their digital environments, maximizing IT value with AI and automation becomes increasingly important to:  Proactively address tech friction, including interruptions.  Maintain excellent cyber hygiene, like filling visibility gaps and improving...
2026-01-2018 min
HEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Daily Digest: Leaks, Exploits, Malware & 40K Phishing AttacksToday’s briefing covers seven major cybersecurity developments, including massive credential leaks in Docker Hub images and active exploitation of Ivanti vulnerabilities. We look at the latest Lumma Stealer malware surge, the MedStar Health data breach, and a North Korean campaign deploying EtherRAT. We also highlight a critical Gogs zero-day under attack and a spike of 40,000 finance-themed phishing attempts targeting users worldwide. Fast, clear, and focused on the threats shaping today’s digital landscape.
2025-12-1003 min
AI and the Future of Work: Artificial Intelligence in the Workplace, Business, Ethics, HR, and IT for AI Enthusiasts, Leaders and Academics360: From Automation to Accountability: AI Governance, Hybrid Workforce Security, and Trust with Dennis Kozak, Ivanti CEOSend us a textDennis Kozak is the CEO of Ivanti, a leading enterprise IT and security company generating over $1 billion in annual revenue and serving more than 40,000 customers. He previously served as Ivanti’s COO after holding senior leadership roles at Avaya. Earlier in his career, Dennis spent nearly 23 years at CA Software (now Broadcom), where he led global partnership sales and services teams. He holds a BS in Accounting from St. Joseph’s University in Long Island.In this conversation, we discuss:Dennis’s leadership journey from CA Techno...
2025-11-0338 minHEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Roundup: Global VPN Attacks, Fake Shop Scams, and E-Health Security OverhaulIn today’s cybersecurity roundup, we cover a surge in global brute-force attacks on Fortinet SSL VPNs, a massive scam using over 10,000 fake TikTok and Facebook shops to spread malware and steal cryptocurrency, and newly discovered vulnerabilities in Ivanti VPN gateways. We also report on a cyber incident disrupting the Pennsylvania Attorney General’s office, a suspected collaboration between the ShinyHunters and Scattered Spider cybercrime groups, and the emergence of Charon ransomware using advanced APT-style tactics. Plus, we look at Norway’s move to overhaul e-health security with fintech-grade protections.
2025-08-1204 minIvanti OriginalsRisk-Based Patch PrioritizationPatch management is fundamental to effective cybersecurity. So why are most organizations still struggling with patch prioritization and implementation?  Ivanti’s research — a global study of more than 2,400 executive leaders and cybersecurity professionals — explores how risk-based patch prioritization elevates patching to a proactive, high-performing security strategy.  Listen to “Risk-Based Patch Prioritization” to get all our original research on the advantages of a risk-based approach to patch prioritization and patch management, and learn directly from Ivanti’s cybersecurity efforts the steps you need to take to implement this strategy.  Get more resources To read the...
2025-07-1514 min
Security Insights - Cybersecurity for Real-World WorkplacesThe 5 Paradigm Shifts of Exposure ManagementExposure management is fundamentally changing the way we view cybersecurity. Ivanti's Chris Goettl and Robert Waters introduce five paradigm shifts brought on by this emerging technology and how your organization's security strategy might shift as a result. For more, check out our Exposure Management Strategy Guide: (https://ivanti.com/resources/exposure-maÂnagement-strategy-guide)Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-06-2734 minIvanti OriginalsExposure Management: From Subjective to Objective CybersecurityTitle Exposure Management: From Subjective to Objective Cybersecurity Show notes Ivanti’s research — a global study of more than 2,400 executive leaders and cybersecurity professionals — delves into how exposure management offers cybersecurity and executive leaders a more informed and intelligent approach to risk but misaligned priorities and data accessibility barriers impede cybersecurity efforts. Ivanti's global research shows how to balance your risk appetite and business objectives.Listen to “Exposure Management: From Subjective to Objective Cybersecurity” to discover how to exposure management reframes how cybersecurity and business leaders understand risk and give...
2025-06-0314 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Evolution of Patch Management with Eric SchultzeJoin us for a stroll down patch memory lane! Ivanti's Chris Goettl invites an old colleague to the show -- Eric Schultze, a former software development leader at Amazon, Microsoft, and Shavlik Technologies -- to look back on the early days of Patch Tuesday and how patch management has evolved over the decades since. Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-05-3124 min
HEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity and Tech Update: Major Breaches, Emerging Threats, and New Security InitiativesThe HEAL Security Dispatch Daily Digest, hosted by Edd Hall from London, delivers timely updates and expert insights on the intersection of healthcare and cybersecurity. Each episode provides listeners with critical news and analysis of the latest threats and developments affecting the digital health ecosystem. From cyberattacks on major healthcare institutions like the NHS and Cooper Health System to security vulnerabilities in widely used platforms such as Commvault and Ivanti, the podcast covers incidents that have real-world implications for patient safety and data protection. It also highlights broader industry trends, like Microsoft's efforts to streamline software updates, Apple’s fraud pr...
2025-05-2805 min
Digital Dragon Watch: Weekly China Cyber AlertOoh, China's Hacking Up a Storm! Ivanti & SAP Flaws Exploited, Taiwan Accused of Attacks!This is your Digital Dragon Watch: Weekly China Cyber Alert podcast.Hey there, cyber guardians! Ting here, dropping your Digital Dragon Watch update for May 27th, 2025. Grab your coffee and buckle up—it's been a wild week in the China cyber scene!First up, we've got UNC5221 hackers exploiting fresh Ivanti EPMM vulnerabilities since May 15th. They've been leveraging two critical flaws—CVE-2025-4427 and CVE-2025-4428—to gain remote access and steal data from global enterprises. Classic move, but effective. If you're running Ivanti EPMM, you need to patch yesterday!But that's not all—Ec...
2025-05-2702 min
HEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Roundup: SAP NetWeaver Exploits, and PDS Health's CyberArk UpgradeThe HEAL Security Dispatch Daily Digest is a comprehensive cybersecurity podcast hosted by Richard Simmons from London, offering in-depth coverage of the latest threats and developments impacting the digital healthcare landscape. This episode, dated Wednesday, May 14, 2025, focuses on critical vulnerabilities, significant threat actor activity, and strategic advancements in identity and access management. Topics include the exploitation of a zero-day flaw in SAP NetWeaver, North Korean cyber espionage targeting Ukraine, and PDS Health’s security infrastructure upgrades using CyberArk tools. Other key stories highlight mounting cybersecurity challenges in healthcare, urgent software patches from Ivanti and Samsung, and the rise of sophisticated at...
2025-05-1405 minSecurity Insights - Cybersecurity for Real-World WorkplacesPart 2: Solving the Top 10 Problems with Vulnerability ManagementOnce again, we're back with all the answers. Traditional vulnerability management comes with many pitfalls, and we're counting down the solutions to all the problems you might be running into. Ivanti's Chris Goettl and Robert Waters break down the back five on our list: a periodic approach to remediation, poor prioritization, lack of business context, overreliance on patch management, and poor metrics and reporting.Be sure to subscribe to our feed so you never miss an insight from the team.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-04-2538 min
Three Buddy ProblemNSA director fired, Ivanti's 0day screw-up, backdoor in robot dogsThree Buddy Problem - Episode 41: Costin and Juanito join the show from Black Hat Asia in Singapore. We discuss Bunnie Huang's keynote on hardware supply chains and a classification system to establish a grounded perspective on trust in hardware, Ivanti's misdiagnosis of a critical VPN applicance flaw and Mandiant reporting on a Chinese APT exploiting Ivanti devices. Plus, breaking news on the sudden firing of NSA director and head of Cyber Command Tim Haugh.
We also discuss Microsoft touting AI's value in finding open-source bootloader bugs, Silent Push report on a RUssian APT impersonating the CIA, a...
2025-04-041h 36HEAL Security - Cybersecurity Intelligence & News for HealthcareIvanti Attack, Oracle Cloud Breach, Google Vulnerabilities, and GitHub Supply Chain RisksThe HEAL Security Dispatch Daily Digest, hosted by Richard Simmons from London, delivers concise and insightful coverage of the latest developments at the intersection of cybersecurity and healthcare. In this episode from April 3, 2025, the podcast explores a wide array of critical security incidents and trends, including a Chinese APT group's exploitation of a formerly non-exploitable Ivanti vulnerability, a massive 39-million-record data leak on GitHub, and a cloud infrastructure breach at Oracle. The episode also covers multiple advisories from CISA aimed at securing industrial control systems, the impact of layoffs at the Department of Health and Human Services on medical device...
2025-04-0305 minHEAL Security - Cybersecurity Intelligence & News for HealthcareRussian Hackers, Oracle Breaches, and Qakbot Resurgence: Cybersecurity Warnings from HEAL SecurityThe HEAL Security Dispatch Daily Digest is a leading podcast delivering the latest insights and trends in cybersecurity with a sharp focus on the healthcare sector. Hosted by Richard Simmons from London, each episode dives into major cyber threats, data breaches, and evolving attack techniques affecting the digital health landscape and beyond. In this edition, the podcast unpacks high-stakes stories such as Russian hackers deploying new malware through the MSC EvilTwin technique, the use of Morphing Meerkat phishing kits targeting global brands, and Oracle facing scrutiny over alleged data breaches. It also covers the exploitation of WordPress MU-Plugins, emerging threats...
2025-03-3104 minSecurity Insights - Cybersecurity for Real-World WorkplacesPart 1: Solving the Top 10 Problems with Vulnerability ManagementWe promised we'd come back with the solutions to all your vulnerability management problems, so here we are. Plus, we're counting down in unranked order *and* starting from #10 on our list, just to keep you on your toes. Ivanti's Chris Goettl and Robert Waters will go through how you can address resource constraints, siloed tools and data, limited attack surface visibility, inaccurate view of exposures and data overload.And stay tuned for the rest of the list next time! Subscribe to our feed so you don't miss it.Join the conversation online on LinkedIn (
2025-03-2532 minIvanti Originals2025 State of Cybersecurity Report: Paradigm ShiftIvanti’s research — a global study of over 2,400 security and IT professionals and executive leaders —examines how organizations can embrace a more effective and evolved approach to managing cybersecurity risk by embracing exposure management.  Despite 89% of boards calling security a priority, the research reveals gaps in organizations' ability defend against high-risk threats. As attack surfaces continue to expand and cyber attacks grow more complex and sophisticated, businesses need a more comprehensive, strategic approach to vulnerability management.  How can cybersecurity teams combat critical concerns like tech debt to data silos? Learn how shifting your cybersecurity mindset to expos...
2025-03-1825 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Top 10 Problems with Vulnerability ManagementVulnerability management is not for the faint of heart. The pitfalls are many, and odds are you probably have at least one of these issues. Ivanti's Chris Goettl and Robert Waters run down the list of what can get in the way of vulnerability management done well -- from attack surface visibility to data overload and resource constraints -- all with an eye on how those problems can be addressed. (Which we'll have more on next time. We promise.)Â Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-03-0634 min
HEAL Security - Cybersecurity Intelligence & News for HealthcareHEAL Security Dispatch: CISA Alerts, Ivanti & Google Fixes, Unimicron Ransomware AttackHEAL Security Dispatch Daily Digest is a cybersecurity-focused podcast hosted by Richard Simmons from London, delivering the latest news and expert insights on the intersection of healthcare and cybersecurity. In each episode, the podcast explores critical cybersecurity incidents, vulnerabilities, and emerging threats, helping organizations and individuals stay informed. Covering topics such as newly added vulnerabilities in CISA’s Known Exploited Vulnerabilities Catalog, significant data breaches affecting healthcare institutions, ransomware attacks, and major software security flaws, the podcast provides timely updates and analysis. With reports on organizations like University Diagnostic Medical Imaging, Unimicron, and major tech companies like Google and NVIDIA, HE...
2025-02-1204 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Four Big Questions of CybersecurityIvanti's Chris Goettl and Robert Waters take on four big questions facing cybersecurity today, namely: Who gets the upper hand from AI, cyber adversaries or the legitimate organizations looking to stop them? What's going to win out, Everywhere Work or RTO? Exposure Management: sea change, or passing fad?And what's the bigger security risk, IoT devices or third-party vendors?Listen in for those questions and, if you're listening closely, a few answers too.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-01-2735 min
SANS Internet Storm Center's Daily Network Security News PodcastSANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance (#)SANS ISC Stormcast, Jan 23, 2025: PFSync Protocol; Oracle CPU; Korean VPN Supply Chain Attack; Ivanti Guidance In today's episode, we start by talking about the PFSYNC protocol used to synchronize firewall states to support failover. Oracle released it's quarterly critical patch update. ESET is reporting about a critical VPN supply chain attack and CISA released guidance for victims of recent Ivanti related attacks. Catching CARP: Fishing for Firewall States in PFSync Traffic https://isc.sans.edu/diary/Catching%20CARP%3A%20Fishing%20for%20Firewall%20Stat%20es%20in%20PFSync%20Traffic/31616)** Discover how attackers exploit PFSync traffic to manipulate firewall states. This deep dive...
2025-01-2207 minCyberHub PodcastIvanti Zeroday Abused by China, US Foreign Investment Review Breached, TikTok Ban Looms, & More Cyber newsIvanti Zeroday Abused by China, US Foreign Investment Review Breached, TikTok Ban Looms🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitionersToday’s episode will discuss the latest news as Ivanti Zeroday abused by China with more news below:• China Hacks US Foreign Investment Review• Tik Tok Ban Looms• Paypal Phishing              For more information, please visit our website: https://www.cyberhubpodcast.com/ ✅ Story Links: https://www.bleepingcomputer.com/news/security/treasury-hackers-also-breached-us-foreign-investments-review-office/https://www.securityweek.co...
2025-01-1317 min
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and moreIn today's episode, we cover the latest updates in cybersecurity:
Windows Defender Enhances Chrome Extension Detection
Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security.
https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574
Multi-OLE Analysis in Malicious Documents
A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it.
https://isc.sans.edu/diary/Multi-OLE/31580
Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282)
Details of a critical vulnerability affecting Ivanti products and the patching timelines.
2025-01-1306 min
SANS Internet Storm Center's Daily Network Security News PodcastSANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more (#)SANS ISC Stormcast, Jan 13, 2025: Defender Updates, Ivanti RCE, Apple USB-C Hack and more In today's episode, we cover the latest updates in cybersecurity: Windows Defender Enhances Chrome Extension Detection Microsoft's Defender now catalogs Chrome extensions to identify malicious ones. Learn how this improves enterprise security. https://isc.sans.edu/diary/Windows%20Defender%20Chrome%20Extension%20Detection/31574 Multi-OLE Analysis in Malicious Documents A look at how attackers embed OLE files in Office documents to evade detection and the tools to combat it. https://isc.sans.edu/diary/Multi-OLE/31580 Ivanti Connect Secure RCE Vulnerability (CVE-2025-0282) Details of a critical vulnerability affecting Ivanti...
2025-01-1306 minHEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Roundup: SonicWall, Palo Alto, Ivanti, Silk Typhoon, and AI-Powered ThreatsHEAL Security Dispatch Daily Digest, hosted by Richard Simmons from London, delivers essential updates and expert analysis on the evolving dynamics of cybersecurity, particularly at the intersection of healthcare and technology. In this episode, listeners are briefed on critical vulnerabilities patched in tools like SonicWall Global Management System and Ivanti's Connect Secure appliances, with emphasized urgency for updates to mitigate risks. Other highlights include the attribution of a US Treasury cyberattack to Chinese state-sponsored group Silk Typhoon, the continued impact of ransomware on critical sectors like healthcare and education, and a developing investigation into a possible data breach involving Gravy...
2025-01-0905 minCyberHub PodcastAnother Ivanti Zero Day, Russian ISP Network Destroyed, Green Bay Packers Store Hacked, CyberHaven Breach🎙️ Another Ivanti Zero Day, Russian ISP Network Destroyed, Green Bay Packers Store Hacked, CyberHaven Breach🚨 Join us daily on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitioners Today’s episode will discuss the latest news as Another Ivanti Zero Day with more news below:• Palo Alto Networks Patches Retired Migration tool• Japan Links China to MirrorFace• Jaime Blasco Joins the show to talk Cyberhaven Breach             For more information, please visit our website: https://www.cyberhubpodcast.com/ ✅ Story Links:Â
2025-01-0921 minSecurity Insights - Cybersecurity for Real-World WorkplacesProactive Protection with Exposure ManagementIvanti's Robert Waters welcomes Grand Bank CTO Robert Hanson for a wide-ranging conversation on the emerging field of exposure management and how you can proactively safeguard your organization, because every organization faces risk. What separates the vulnerable from the well-protected isn’t whether you have exposure — it’s how you manage it.  Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2025-01-0236 minIvanti OriginalsGen AI and Cybersecurity: Risk and RewardIvanti’s latest research report surveyed over 14,500 executives, security and IT professionals and office workers to understand how organizations are managing the double-edged sword of gen AI in cybersecurity — and the processes, technology and talent needed to fortify defenses.  Cybersecurity teams are optimistic about gen AI’s ability to improve workflows and enhance threat detection and response, but AI is also a powerful weapon in the hands of threat actors. As Gen AI makes social engineering threats like phishing more dangerous and sophisticated, cybersecurity AI education and training needs to continuously evolve.  How can organizations leverage...
2024-12-0312 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Ghosts of Exposure Management Past, Present, and FutureJoin Ivanti's Chris Goettl and Robert Waters as they take a Christmas-Carol-themed trip through the emerging field of exposure management, taking a close (and possibly ghostly) look at the past, present, and future of the field. To learn more about Ivanti's exposure management offerings, visit: https://ivanti.com/exposure-managementJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-12-0230 minSecurity Insights - Cybersecurity for Real-World WorkplacesTop 5 Tips for Cybersecurity AwarenessIvanti's Chris Goettl (VP of Product, Patch Management) welcomes back Robert Waters (Lead PMM, Exposure Management) for a special episode for Cybersecurity Awareness Month, sourcing five tips from a range of Ivanti employees on how your organization and its users can stay secure. Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-10-3026 min
CYFIRMA ResearchCYFIRMA Research- CVE-2024-7593 Vulnerability in Ivanti Virtual Traffic Manager: Vulnerability Analysis and ExploitationIvanti Virtual Traffic Manager (vTM) users – A critical authentication bypass flaw (CVSS 9.8) is now being actively exploited! This vulnerability allows unauthenticated attackers to gain admin control over your systems. Patch now to prevent unauthorized access, data theft, or malware deployment. Public exploit code is already circulating. Stay secure!Link to the Research Report: CVE-2024-7593 Vulnerability in Ivanti Virtual Traffic Manager : Vulnerability Analysis and Exploitation - CYFIRMA#Cybersecurity #Ivanti #CVE20247593 #PatchNow #InfoSec#CyberThreats #CYFIRMA #CyfirmaResearch #ExternalThreatLandscapeManagement #ETLMhttps://www.cyfirma.com/
2024-10-2403 minHEAL Security - Cybersecurity Intelligence & News for HealthcareFrom Zero-Day Vulnerabilities to Emerging Cyber ThreatsJoin Richard Simmons in this insightful episode of the 'HEAL Security Dispatch Daily Digest,' where he delivers the latest in cybersecurity intelligence for October 8, 2024. Broadcasting from London, Richard delves into Microsoft's crucial Patch Tuesday update, which addresses five active zero-day vulnerabilities and a total of 118 security flaws. These updates underscore Microsoft’s dedication to fortifying its software against the latest cyber threats, ensuring better protection for millions of users globally. Richard highlights the importance of applying these patches promptly to mitigate potential risks in today's evolving threat landscape.
In addition, Richard covers Ivanti's urgent disclosure regarding three critical vulnerabilities in...
2024-10-0805 minIvanti OriginalsSecuring the Digital Employee ExperienceIvanti’s latest research report surveyed over 20,000 unique executive leaders, IT professionals, security professionals and office workers around the globe to understand how organizations can strike a better balance between security and digital employee experience. Our research revealed that cybersecurity teams often don’t take user experience (UX) into account when designing security policies and protocols — leading to employee frustrations and frequent unsafe workarounds. These risks are further exacerbated by factors like the rise of unsanctioned AI use at work and a lack of prioritizing security when it comes to remote and hybrid workers. How can CISO...
2024-10-0113 minSecurity Insights - Cybersecurity for Real-World WorkplacesVulnerability Intelligence with Securin CEO Ram MovvaSecurin CEO Ram Movva joins the show to talk all things vulnerability intelligence: how to prioritize according to risk, how to manage your external attack surface and emerging trends in ransomware and security. Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-09-2722 minHEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Update: From Critical Infrastructure Vulnerabilities to Hospital Data BreachesThe HEAL Security Dispatch Daily Digest, presented by HEAL Security and hosted by Richard Simmons from London, delves into the critical intersection of healthcare and cybersecurity, offering the latest trends and expert insights into this rapidly evolving landscape. The podcast for Wednesday, September 25, 2024, sheds light on the escalating threat landscape, with operational technology and industrial control systems coming under attack from threat actors employing basic yet effective techniques such as phishing and exploiting known vulnerabilities. It covers the U.S. Cybersecurity and Infrastructure Security Agency's warning about the Ivanti Virtual Traffic Manager vulnerability, the rise in hurricane relief scams, the...
2024-09-2506 minCyberHub Podcast🚨 MacOS Sequoia Conks Security Products, $44M in Crypto Stolen, China Spies on APAC, Ivanti Attack🚨 MacOS Sequoia Conks Security Products, $44M in Crypto Stolen, China Spies on APAC, Ivanti Attack🎙️ Join us on the CyberHub Podcast as we delve into the latest headlines for cybersecurity practitionersToday’s episode will discuss the latest news after the latest MacOS update conks out security products with more news below:Another Ivanti Vulnerability$44M Stolen from Crypto PlatformDisney Ditching Slack after Breach           For more information, please visit our website: https://www.cyberhubpodcast.com/  👀 SHOW Supporters:Today's episode is supported by our...
2024-09-2317 min
Hacked dAily20-Sep-2024 North Korean APTs, Star Health Data Breach, Ivanti Vulnerabilities, Disney Drops SlackWelcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber! Join us for your daily dose of the latest in cybersecurity news and threats.
On today's episode, we'll dive into our top stories where North Korean APT groups are bypassing DMARC policies, targeting South Korean entities in a concerning rise of cyber-espionage. This sophisticated infiltration raises questions about the effectiveness of current email security systems against state-sponsored attacks.
In another alarming development, a hacker is selling 7 terabytes of customer data from Star Health Insurance on Telegram. This breach highlights significant privacy concerns and underscores the urgent need for...
2024-09-2003 minHEAL Security - Cybersecurity Intelligence & News for HealthcareHEAL Security Daily: From Compromised Android Boxes to Election CybersecurityThe "HEAL Security Dispatch Daily Digest," hosted by Richard Simmons in London, offers an incisive glimpse into today's pressing cybersecurity concerns, with a spotlight on the healthcare sector's unique vulnerabilities. The episode uncovers a worrying breach involving 1.3 million Android-based TV boxes, alerting listeners to the potential for remote control by malicious actors and emphasizing the necessity for user vigilance and manufacturer updates. It also delves into the repercussions of a 2023 data breach at 23andMe, costing the company $30 million in settlements due to compromised health and ancestry data, now bolstering its defenses with improved security measures. The digest doesn't shy away...
2024-09-1605 min
CISSP Cyber Training Podcast - CISSP Training ProgramCCT 176: Policies and Procedures - Candidate Screening, Employment Agreements, and Background Checks for the CISSP (Domain 1.9.1-4)Send us a textAre you ready to uncover the secrets behind successful candidate screening and robust employment agreements in cybersecurity? Join us on this episode of the CISSP Cyber Training Podcast, where we promise to equip you with essential techniques to vet the right candidates for sensitive security roles. From structured interviews to behavioral questions and technical assessments, we cover the full spectrum of best practices. Plus, we'll discuss the critical importance of maintaining up-to-date systems and managing end-of-life devices, spotlighting recent vulnerabilities in the Ivanti Cloud Services Appliance.Next, we tackle the nuanced...
2024-09-1638 minHacked dAily14-Sep-2024: Ivanti Urgent Patch, 23andMe Settlement, RansomHub Targets Kaspersky & KawasakiWelcome to Hacked dAily, the first AI-driven cybersecurity podcast by Cytadel Cyber, where we bring you the latest insights and updates from the cyber world. Today, we've got some pressing stories to cover.
First up, Ivanti has raised alarms about an exploited vulnerability in its cloud appliance, urging immediate patch updates to safeguard against unauthorized system access—emphasizing the critical nature of cloud security.
Next, genetic testing company 23andMe has settled a $30 million class-action lawsuit related to a 2023 data breach. Customers alleged genetic data exposure, prompting efforts to boost data protection.
In a concerning twist, RansomHub ransomware actors are manipulating Ka...
2024-09-1403 minHEAL Security - Cybersecurity Intelligence & News for HealthcareCybersecurity Frontline: Mastercard's Big Buy, Fortinet Breach, and Global Data Distrust SurgeIn today's episode of the 'HEAL Security Dispatch Daily Digest,' broadcasting from London, we delve into the most pressing cybersecurity developments affecting the healthcare sector and beyond. The show kicks off with news of Mastercard's acquisition of Recorded Future for $2.6 billion, signaling a significant expansion into cybersecurity. The episode also covers the recent data breach at Fortinet, involving 440GB of stolen files. Further, we explore a new malware campaign targeting Linux systems for cryptocurrency mining through vulnerabilities in Oracle WebLogic servers. CISA's warning about hackers exploiting a critical vulnerability in Ivanti's cloud IT service management software is also discussed...
2024-09-1306 minSecurity Insights - Cybersecurity for Real-World WorkplacesAvoiding the Costs of a CyberattackIvanti's Chris Goettl (VP of Product, Patch Management) welcomes back Robert Waters (Lead PMM, Exposure Management) to cover the dreaded costs of a cyberattack, and how organizations can work to proactively avoid them by addressing three strategic imperatives: attack surface, vulnerability prioritization, and data silos.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-08-3025 minSecurity Insights - Cybersecurity for Real-World WorkplacesCyber Defense 202: Exploit VulnerabilitiesIvanti's Robert Waters (Lead PMM, Exposure Management) is back with Chris Goettl (VP of Product, Patch Management) for the last of our three episodes covering Verizon's 2024 Data Breach Investigations Report, covering the third-most popular attack vector in breaches today: exploit vulnerabilities. And while they may be #3 in prevalence, they're #1 in Chris and Robert's hearts.To view Verizon's report, head to:Â https://www.verizon.com/business/resources/reports/dbir/Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-07-2631 min
The Cybersecurity DigestChrome Vulns, Cisco Catastrophes, and Ransomware Revelations: Your Friday Cybersecurity DigestCybersecurity Digest for 19 July 2024:
Today we discuss:
Â
Yet Another Chrome Vulnerability
Dual Critical Cisco Vulnerabilities; Including A Max Severity Vulnerability
Life360 Data Breach
Ivanti EMM Vulnerability
New Novel Email Vulnerabilites\
A Report on Fin7
SOC Radar’s Global Ransomware Report
CISA Adds 3 new vulns to its KEV
Articles Referenced in the Show in the order they appear:
Yet Another Chrome Vulnerability
Chrome Releases: Stable Channel Update for Desktop (googleblog.com)
Dual Critical Cisco Vulnerabilities; Including A Max Severity Vulnerability
Cisco Smart Software Manager On-Prem Password Cha...
2024-07-1916 minIvanti OriginalsAligning Perspectives: Cyber Risk Management in the C-SuiteIvanti’s latest research report surveyed over 3,000 executive leaders, IT and cybersecurity and found that today’s organizational leaders and CISOs are often misaligned when it comes to prioritizing cyber risks — and this can result in critical financial, operational and reputational damage. Cybersecurity is now a board-level issue, yet our latest research finds that organizational leaders appear to be overconfident in their understanding of key security concepts, and 2 in 3 organizations surveyed are not investing in critical areas like external attack surface management, and breach and attack simulations.   How can CISOs and non-IT leadership better align on cyberse...
2024-07-1613 min
Beyond Tech FrontiersThe Future of Work: Insights from Ivanti's 2024 Everywhere Work ReportThis episode delves into Ivanti's 2024 Everywhere Work Report, beginning with an introduction to its key findings. It explores flexible work environments, organizational challenges, and gender perspectives. Discusses IT challenges, security concerns, and the impact of AI and automation. Examines employee well-being, productivity, and work-life balance in remote work settings. Reviews organizational strategies, support measures, and cybersecurity budgeting. Highlights risks associated with AI and security threats, summarizing the report's findings. Concludes with closing remarks and a teaser for the next episode.
(0:00) Welcome and introduction to Ivanti's 2024 Everywhere Work Report
(0:37) Flexible work environments, organizational challenges, and gender perspectives
(2:35) IT challenges, security, and...
2024-07-0606 minIvanti OriginalsAttack Surface ManagementAs attack surfaces expand rapidly, so does cybersecurity risk from undetected and unmanaged assets and devices.  Ivanti surveyed 7,300 IT and security professionals to understand the scale of the problem and provide strategies for comprehensive attack surface management. Ivanti's latest research report demonstrates how effective attack surface management (ASM) combines people, processes and technologies that empower teams to continuously discover and manage their internal and external assets.  Get more resources To read the report and access additional media, including presentation-ready slides and downloadable charts and graphs, visit ivanti.com/asm-r...
2024-06-2614 minSecurity Insights - Cybersecurity for Real-World WorkplacesCyber Defense 101: Phishing + Credential AttacksIvanti's Chris Goettl (VP of Product, Patch Management) welcomes back Robert Waters (Lead PMM, Exposure Management) for a follow-up on Verizon's 2024 Data Breach Investigations Report, discussing the two main attack vectors used in most breaches -- phishing and credential attacks -- and how your organization should go about defending itself. Â To view Verizon's report, head to:Â https://www.verizon.com/business/resources/reports/dbir/Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-06-2117 minIvanti OriginalsInflection Point: Ivanti’s 2024 State of Cybersecurity ReportIvanti’s latest research — a study of over 7,000 leadership-level executives, cybersecurity professionals and office workers — finds cybersecurity is widely viewed as a top organizational priority, even at the board level. This board-level attention is critical because it positions cybersecurity not simply as a technology risk, but a critical business risk.  Ivanti research also underscores an ongoing (and costly) point of friction: insufficient alignment between the CIO and CISO — and this isn’t just a leadership problem.  With the spotlight now shining on them, how can security and IT teams bridge this gulf and overcome critical hurdles like...
2024-05-2322 minSecurity Insights - Cybersecurity for Real-World WorkplacesDissecting the Verizon DBIRIvanti's Chris Goettl (VP of Product, Patch Management) welcomes Robert Waters (Lead PMM, Exposure Management) as they discuss the key takeaways from Verizon's latest annual Data Breach Investigations Report: persistent risk from credentials, more and more sophisticated phishing attacks, and the rising prevalence of vulnerability exploits. To view the report yourself, head to: https://www.verizon.com/business/resources/reports/dbir/Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2024-05-2127 min
Geeks, Geezers, and Googlization ShowCybersecurity, IT, and HR: Unlikely Allies Empowering Flexible Work"Flexibility" has become the rallying cry of the Everywhere Work revolution, as highlighted in Ivanti's 2024 Everywhere Work report. On this Geeks, Geezers, and Googlization Show episode, host Ira S. Wolfe chats with guests Holly Novak and Mary Baird to unpack their experiences from the 2024 Ivanti Solutions Summit. Together, they explore the rapidly shifting landscape of Everywhere Work and the technological hurdles it brings. Tune in for a fascinating discussion on viewing cybersecurity through an HR lens as they tackle the intricacies of delivering seamless digital employee experiences, nurturing modern work cultures, managing AI's growing impact, and safeguarding the irreplaceable...
2024-05-0858 minCYFIRMA ResearchCYFIRMA Research - Ivanti RCE (CVE-2024-21894) Vulnerability Analysis and ExploitationA critical vulnerability, CVE-2024-21894, has been discovered in Ivanti's Connect Secure and Policy Secure gateways, posing a severe global threat to digital security. CYFIRMA’s research team have conducted a thorough analysis of this vulnerability. Immediate action is strongly advised: apply the latest patches provided by Ivanti to secure your systems. Additionally, enhance access controls, bolster your digital infrastructure defenses, and maintain heightened vigilance. Stay informed about potential threats and continuously monitor trusted sources for updates to ensure robust cybersecurity.Link to the Research Report: Ivanti RCE (CVE-2024-21894) Vulnerability Analysis and Exploitation - CYFIRMA
2024-04-1903 min
Ivanti Originals2024 Everywhere Work Report: Empowering Flexible WorkIvanti’s research — a global study of 7,700 executive leaders, IT and cybersecurity professionals‌‌ and office workers — highlights a new major priority in the Everywhere Work movement — flexibility. To hold onto top talent, organizations need to empower employees to work from anywhere at any time.  However, the report also revealed the additional IT burden and incremental security risks that hybrid and remote work can introduce.  How can organizations balance security and productivity and overcome the technical, cultural and organizational barriers standing in the way of delivering Everywhere Work to their employees?  Get more resources
2024-04-1014 min
Storm Watch by GreyNoise IntelligenceIvanti's Security Revamp, Dodging the XZ Bullet & D-Link's NAS CrisisForecast = Hazy, with a 60% chance of KEV squals towards the end of the week. In this episode of Storm⚡Watch, we start by discussing Ivanti's CEO Jeff Abbott's pledge for a comprehensive security overhaul following a series of breaches linked to vulnerabilities, including CVE-2024-21894. We also explore Andres Freund's accidental heroism in uncovering a backdoor in Linux software, and delve into the vulnerability of D-Link NAS devices to remote code execution. Cybersecurity Frontlines: Ivanti's Pledge and Vulnerabilities Ivanti CEO Jeff Abbott has publicly committed to a comprehensive security overhaul following
a series of b...
2024-04-091h 02CYFIRMA ResearchCYFIRMA Research - Exploit Analysis: SSRF and Command Injection for Unauthenticated RCE in Ivanti Connect SecureRead our Cyfirma Research report, which explores why Ivanti Connect Secure & Policy Secure users, should be cautious of a critical SSRF vulnerability (CVE-2024-21893) which affects your systems, enabling attackers to bypass mitigations and execute remote code. Exploits, like CVE-2023-46805 & CVE-2024-21887, demonstrate the severity.Ivanti has released a second mitigation and patches to address all vulnerabilities. Ensure your systems are up to date and protected against these threats. Stay vigilant and take action to safeguard your network.Link to the Research Report: Exploit Analysis: SSRF and Command Injection for Unauthenticated RCE in Ivanti...
2024-03-0103 min
The State of Enterprise IT SecurityS1 EP. 06: Ivanti Patches Zero-Days, Confirms New Exploit, China Threat Targets Critical Infrastructure, Congress Confronts Security with Hill’s AI useIn this insightful episode of the State of Enterprise IT Security, host Brad Bussie, Chief Information Security Officer at e360, explores pressing cybersecurity issues affecting businesses and governments. Brad brings his expertise to the forefront, discussing significant topics ranging from Ivanti's latest patches for zero-day vulnerabilities to the evolving landscape of cyber threats between the US and China, and Congress's approach to AI security risks.Topics Covered:Ivanti’s response to zero-day vulnerabilities and new exploits.The US government's actions against Chinese cyber threats and the ongoing risks.The US Congress's cautious approach towards the in...
2024-02-0519 min
Threat Vector by Palo Alto NetworksBeyond the Breach: Strategies Against Ivanti VulnerabilitiesIn this episode of Threat Vector, host David Moulton, Director of Thought Leadership at Unit 42, along with guests Sam Rubin, VP, Global Head of Operations, and Ingrid Parker, Senior Manager of the Intel Response Unit, dive deep into the critical vulnerabilities found in Ivanti's Connect Secure and Policy Secure products. They explore the vulnerabilities' potential impact, the urgency of mitigation, and strategies for defense. This discussion sheds light on the tactical and strategic responses necessitated by the current threat landscape, highlighting the collaboration between public directives and private sector response. ...
2024-02-0526 min
Buongiorno da EdoJuniper Networks e Ivanti protagonisti negativi della cybersecurity - Buongiorno 172In questa puntatona monotematica parliamo di gravi falle di sicurezza in punti cruciali della supply chain, cioè proprio nei cancelli d'ingresso delle reti aziendali, e della risposta non proprio prontissima e criticata da molti esperti della community infosec.
Links:
Playing with Fire – How We Executed a Critical Supply Chain Attack on PyTorch - https://johnstawinski.com/2024/01/11/playing-with-fire-how-we-executed-a-critical-supply-chain-attack-on-pytorch/
Security in 2024: Our experts’ predictions - https://blog.1password.com/security-trends-predictions-2024/
00:00 Intro
01:04 Twitter hacking
11:56 Juniper e Ivanti
30:18 Links
#cy...
2024-01-2532 min
CyberWire DailyUnveiling the Shadow Strike: A zero-day assault on Ivanti VPN users.A zero-day hits Ivanti VPN customers. CISA highlights an active MS Sharepoint Server flaw. Cisco patches a critical vulnerability. Atomic Stealer gets updates. Sensitive school emergency planning documents are exposed online. The FCC reports on risky communications equipment. The White House will introduce new cybersecurity requirements for hospitals. Mandiant explains their X-Twitter hack. Our guest is Palo Alto Networks’ Unit 42’s David Moulton, host of the new Threat Vector podcast. And we are shocked - shocked! - to learn that an online sex for money scheme is a scam. Remember to leave us a 5-star rating and revie...
2024-01-1132 min
Security Insights - Cybersecurity for Real-World WorkplacesChief Scapegoat Officer: How to Keep "Fighting the Good Fight" for Ethical Security StandardsWhat does CSO stand for at your organization? Is it short for Chief Security Officer... or Chief Scapegoat Officer?In this episode, Ivanti CSO Daniel Spicer talks about how he never thought he'd be a CSO, and the unique pressures that security executives face from their own internal leadership teams and external regulations or (worse) insurance companies.Listen in as Daniel and Ashley dig into:What counts as a "breach" -- legally and ethically -- and the conflicting pressures to either report or not.How hackers try to bluff their...
2023-06-2932 minSecurity Insights - Cybersecurity for Real-World WorkplacesSecurity and Employee Investigations: Breaking Down the Big Brother Security MythDaniel Spicer is back! Following up on last episode's discussion on the security risks of overemployment, Ivanti's Chief Security Officer returns to clear up the age-old myth of security tools being abused for employee investigations. Join Daniel, Chris and Ashley as they discuss:What is (and most definitely is not) allowed in an employee investigation -- especially if the Security Team is requested to assistUser and management's misconceptions about security data, and how it's less "Big Brother," and more "Death by Data"Â The invaluable technique of using HR and Legal both to cover your asks and avoid abuse o...
2023-06-1527 min
Security Insights - Cybersecurity for Real-World WorkplacesOveremployment Security Concerns: A Risk Versus Remediation Case StudyChris and Ashley use the current overemployment media trend as an example case study on evaluating security risks versus potential organizational impact. They cover: How overemployment existed before remote workWeighing the various security implications of overemployment — including shadow IT and insider threatsHow far an organization should go to remediate security risks due to unknown overemployed employees... and the cultural trade offs organizations may be required to make.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2023-05-2521 minSecurity Insights - Cybersecurity for Real-World WorkplacesVulnerability Patch Prioritization Problems: Cybersecurity Research Results (Part Two)Chris (finally!) adds his insights to the 2023 Press Reset cybersecurity research report, especially how its findings impact vulnerability and patch prioritization processes — do you shoot for mission critical systems, active exploits, or something else first? — and why asset visibility lies at the core of every security framework on the planet.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2023-05-1129 min
Security Insights - Cybersecurity for Real-World WorkplacesGenerative AI for Security Teams and Products with JR Robinson from WriterJR Robinson, Head of Platform at generative AI startup Writer, joins VP of Endpoint Security Product Management Chris Goettl and Ashley Stryker to discuss current generative AI use cases for security teams that go beyond just chat bots.(Please. For everyone’s sanity… go beyond chat bots.)They’ll also preview a deeper webinar discussion with Chief Security Officer Daniel Spicer on the risks and rewards generative AI offers security teams at every organization, airing on April 26 — save your spot and bring your questions to "Generative AI for Infosec and Hackers: What Security...
2023-04-2724 minSecurity Insights - Cybersecurity for Real-World WorkplacesDeath, Taxes and Phishing: Cybersecurity Research Results (Part One)Daniel and Ashley review the latest research report from Ivanti -- Press Reset: A 2023 Cybersecurity Status Report -- including prioritizing phishing and DDoS attacks, security ROI challenges, and why organizations should never increase their cybersecurity budget by sacrificing their IT allocations.Download the full report at Ivanti.com/CybersecurityReport  Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2023-02-1639 minSecurity Insights - Cybersecurity for Real-World WorkplacesVendor Cyber Risk Management 101: Balancing Supply-Chain Risk with Remote Work DEX and IoT Litter BoxesIt's vendor risk versus reward!Chris and Amanda educate Ashley on the core considerations, processes and requirements for robust vendor risk management programs... including when to be afraid of your IoT devices, especially those pesky Roomba vacuums and oh-so-convenient self-cleaning litter boxes.Remember to address these three components, no matter if your vendor is a major IT software provider or just your friendly neighborhood paper salesman:What data are you granting your vendor?What can they access?Due diligence and 200+ item questionnaires are everything.Join the conversation online on LinkedIn (linkedin.com/company...
2023-02-0243 min
The Mark Bishop ShowTMBS E286: Jeff Abbott CEO of IvantiCybersecurity affects us all and business is threatened everyday so Mark goes to Jeff Abbott the CEO of Ivanti to get the latest information from the 2023 World report.It's very scary but thank God for the likes of Avanti. Check this one out!About ~ Jeff Abbott As CEO of Ivanti, Jeff oversees all aspects of the company’s growth strategy and direction. Before becoming CEO of Ivanti in October 2021, Jeff was Ivanti’s President since January 2020. Jeff has over 25 years of experience working for enterprise software and services companies, including Accenture, Oracle, and Info...
2023-01-2609 minSecurity Insights - Cybersecurity for Real-World WorkplacesIT vs Security: When Hackers Patch for ProfitIT Director Tony Miller goes toe-to-toe with Chief Security Officer Daniel Spicer to justify – or condemn! – IT and cybersecurity posts found on Reddit, featuring a legendary story about hackers that patched endpoints faster than the company itself. #PatchHacksPlus, Ashley frets about the impact of a new security policy on her personal devices, creating an impromptu case study on the importance of explaining (or just reading) new security policies.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2023-01-1939 minSecurity Insights - Cybersecurity for Real-World WorkplacesPrisoner Priorities: Why Disclosure Policies Can’t Please EveryoneDaniel, Chris, Amanda and Ashley revisit the coordinated disclosure conversation from Episode 25 and apply the prisoner’s dilemma thought experiment to create a (more?) perfect vendor disclosure policy.Find shownotes for this episode at Ivanti.com/SecurityInsights-30Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-12-1530 minSecurity Insights - Cybersecurity for Real-World WorkplacesWomen in Cybersecurity: Personal Experiences and ProgressAmanda and Ashley talk about their experiences as women in the cybersecurity and technology industries. (Spoiler alert: it’s on the up-and-up!)Find shownotes for this episode at Ivanti.com/SecurityInsights-29Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-11-2432 minSecurity Insights - Cybersecurity for Real-World WorkplacesCloud Security: Indiana Bob’s Server Closet Versus Data CentersAmanda and Chris share stories proving why your data really is more secure in the cloud than the average on-premises server closet – and what organizations should worry more about when it comes to data security.Find shownotes for this episode at Ivanti.com/SecurityInsights-28  Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-11-1033 minSecurity Insights - Cybersecurity for Real-World WorkplacesSee Yourself in Cybersecurity: How 3 Experts Transitioned into InfoSecDo you want to work in cybersecurity, but not sure how to start? Ashley and Chris talk to three current cybersecurity experts on how they entered the industry – including Ivanti deputy CSO Amanda Wittern. (Also, bonus update on how Ashley pulled off her social engineering assignment from last episode!)Find shownotes for this episode at Ivanti.com/SecurityInsights-27  Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-10-2727 minSecurity Insights - Cybersecurity for Real-World WorkplacesPhishing Attacks and Marketing Minds: How Hackers Use Unexpected Skills to Break Their TargetsIn this episode, Chris tries to convince Ashley that marketers naturally make excellent hackers, based on modern phishing attacks and techniques… And Ashley confirms his guess by revealing the lengths to which marketers will go to “spoof” natural conversation and drive their target audience to take action.Referenced materials:The DarkNet Diaries Podcast, Episode 69: Human Hacker - https://darknetdiaries.com/transcript/69/Ashley’s “Social Engineering” booklist - https://www.amazon.com/hz/wishlist/ls/1INOW5WGDDUO5?ref_=wl_shareJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-09-2623 minSecurity Insights - Cybersecurity for Real-World WorkplacesMicrosoft's Coordinated Disclosure Discussion from BlackHat & DefCon '22Security Insights welcomes its new host, Ashley Stryker, into the mix! In today's episode, Chris Goettl and Daniel Spicer break down some backlash from Microsoft customers on their failure to disclose a “ninja patch” on a vulnerability researchers found months before the fix. Listen in as the trio discuss security transparency and best practices for vendor coordinated disclosures of vulnerabilities for cloud versus on-prem products and much more!Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-09-0731 minSecurity Insights - Cybersecurity for Real-World WorkplacesGartner Security & Risk Management Summit TakeawaysHello and welcome back to this week’s episode of Ivanti’s Security Insights! Today Chris Goettl and Daniel Spicer go over their takeaways from the recent Gartner Security & Risk Management Summit.Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-06-3018 minSecurity Insights - Cybersecurity for Real-World WorkplacesHealthcare and Cybersecurity w/ Daniel Brody and Chad HolmesWe’re back and ready to roll with this week’s episode where our host Chris Goettl interviews Chad Holmes and Daniel Brody from Cynario. Today they discuss healthcare and security through EMT devices and much more.Watch to learn more about how cyber security is assisting healthcare innovation! For more information, check out Cynario’s website www.cynerio.com or their social media @cynerio. Be sure to follow us on our socials @goivanti for more episodes like this! Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-05-1825 minSecurity Insights - Cybersecurity for Real-World WorkplacesThis Videogame Vulnerability Was a Huge Headache: Unpacking Log4jIn our first episode of 2022, Chris Goettl and Daniel Spicer unpack one of last year's biggest vulnerabilities: Apache Log4j. The conversation includes:What is Log4j?The difficulty of detecting Log4j and developing guidance for organizationsWhy security teams and IT teams are stuck in a Catch 22 of patchingThe latest guidance you can use for your organizationCheck out cisecurity.org and Ivanti's article on Log4jJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2022-01-2726 minSecurity Insights - Cybersecurity for Real-World WorkplacesCybersecurity Myth BustingHost Adrian Vernon sits down with Daniel Spicer to bust some cybersecurity myths! The list of myths include:Passwords should be changed every 30 daysYou shouldn't write down your passwordMulti-factor Authentication is not secureYou don't need antivirusVPNs keep my devices safe and secureIT is responsible for all of the cybersecurity at an organization"Stay safe, be secure, and keep smiling!"Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-12-1514 minSecurity Insights - Cybersecurity for Real-World WorkplacesBreaking Down the Ransomware Index Spotlight ReportHost Adrian Vernon is joined by Ivanti's Senior Vice President of Security Products Sri Mukkamala, CEO of Cyber Security Works (CSW) Aaron Sandeen, and Senior Intelligence Analyst at Cyware Neil Dennis. They break down the recent collaborative Ransomware Index Spotlight Report to make sure you are up to date on today's cybersecurity landscape. The conversation includes:How the report was put togetherWhat you can expect from the reportThe importance of the collaborationSurprising contextsWhy a yearly compliance checkpoint may not be enoughThe possible future of ransomwareCYBER HYGIENE!Check out the report at ivanti.comJoin...
2021-11-1737 minSecurity Insights - Cybersecurity for Real-World WorkplacesMore on Supply Chain Attacks!Adrian gets some insight from Chris and Daniel on some recent supply chain attack events.The conversation includes:The unique agenda of nation state attacksThe numbers game associated with cloud services attacksThere are way more attacks than what get covered in the newsWhat makes an attack a "Supply Chain Attack"Microsoft's recommendations for providers and customersProactive steps you can takeFor more on supply chain attacks check out our episode The Human Element of Preventing Supply Chain Attacks Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-11-0221 minSecurity Insights - Cybersecurity for Real-World WorkplacesOctober is Cyber Security Awareness Month!Host Adrian Vernon is joined by the usual cast, Daniel Spicer and Chris Goettl, to talk about Cyber Security Awareness Month and some of the best security practices from experts that have seen it all! The conversation includes:When to rotate your credit cards and more!Why going paperless when you can is so important, and if you can't, get a shredder!Best travel cyber hygiene practices for your personal devicesWifi security in the air and on the roadWhen it's appropriate to bring separate travel-only devicesThe importance of using power packs while in airportsWhen and how to use...
2021-10-1920 minSecurity Insights - Cybersecurity for Real-World WorkplacesBig Cybersecurity News!Host Adrian Vernon and VP of Product Management Chris Goettl break down some of the biggest headlines in the world of cybersecurity right now! The conversation includes:The recent critical security flaw of Apple devicesHow threat actors use remote code execution to mine cryptocurrencyLessons learned from the SolarWinds breachActions to take as cybersecurity threats increaseOctober is Cybersecurity Awareness Month!Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-10-0621 minSecurity Insights - Cybersecurity for Real-World WorkplacesWhy Trust Zero Trust?Host Adrian Vernon, VP of Product Managment Chris Goettl, and Chief Security Officer Daniel Spicer talk about the hottest buzzword in security right now: Zero Trust! The conversation includes:What Zero Trust is and what benefits it brings to securityAn overview of the federal government adopting the Zero Trust strategyThe Zero Trust maturity modelWhat it takes for a company to begin moving to Zero TrustThoughts on missing elements from the Biden executive order and what we'd like to see added or changedThe importance of making sure work can still get done with Zero Trust in placeJoin the conversation...
2021-09-2116 minSecurity Insights - Cybersecurity for Real-World Workplaces15 Minutes Could Save You Money On Your Cyber Insurance!Host Adrian Vernon, VP of Product Managment Chris Goettl, and Chief Security Officer Daniel Spicer give you the rundown on everything Cyber Insurance! The conversation includes:What Cyber Insurance covers and why it's importantWhat you need to know to be prepared for your conversation with a brokerHow to save MONEY on your planThe Cyber Insurance grey area and avoiding finesJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-09-1313 minSecurity Insights - Cybersecurity for Real-World WorkplacesAI vs. AI: The Future of Cyber SecurityHost Adrian Vernon, VP of Product Managment Chris Goettl, and Chief Security Officer Daniel Spicer talk about the future of artificial intelligence and machine learning in cyber security including:The beginning of AIHow AI and ML benefit organizations How AI and bots are used to attack organizationsWhat kinds of AI will we need to stand up to those attacks? How do we get Skynet to go up against Ultron?The human element behind AI and the danger of over-automationJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-08-1715 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Next Evolution of Patch Management: Don't Try to Patch Everything!Host Adrian Vernon, Sr. Director of Product Management Chris Goettl, and former CEO of RiskSense Sri Mukkamala talk about the recent news of the Ivanti and RiskSense team up and what it means for patch management moving forward!The conversation includes:The history of RiskSenseThe importance of "Proactive Response"Some insights on the current realities in our world of vulnerabilitiesWhy the White House is encouraging a risk-based assessment strategyBest practices on approaching the challenges that organizations faceCyber Hygiene!Join the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-08-0222 minSecurity Insights - Cybersecurity for Real-World WorkplacesWeak User Links in Supply Chain Cyber Attacks: How Security Teams Manage the Risk of Insecure Vendors and User ErrorHost Adrian Vernon, Sr. Director of Product Management Chris Goettl, and VP of Security Daniel Spicer explore recent challenges concerning the rise in supply chain attacks.The conversation includes:How a supply chain can be attacked and why organizations should careThe reality of building systems using multiple off the shelf products and the importance of making sure those products and vendors are secureBest practices around defending against supply chain attacksThe new cybersecurity executive orderJoin the conversation online on LinkedIn (linkedin.com/company/Ivanti)
2021-07-2016 minSecurity Insights - Cybersecurity for Real-World WorkplacesReplay: The Balancing Act of Staying Secure While Working From HomeWe are taking a break this week for Ivanti's Summer of Security, but don't worry we'll be back next week! Until then, if you missed it, check out one of our favorite episodes: The Balancing Act of Staying Secure While Working From Home.Host Adrian Vernon, Ivanti's Chef Security Officer Phil Richards, and Sr. Director of Product Management Chris Goettl discuss the new security landscape formed by the "new normal" of remote working including:Ivanti's new Secure Consumer Cyber Report revealing chilling insightsThe "Password Nirvana"The importance of two-factor authentication on your personal devicesJoin...
2021-07-0621 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe History of Ransomware: From Malware-Ridden Floppy Disks to "Trusted" Cyber Gang TycoonsChief Security Officer Phil Richards rejoins Chris Goettl, Head of Endpoint Security Product Management, for a history lesson of ransomware attacks: starting with its origins on malware-riddled floppy disks and ending with predictions of where ransomware gangs will go after several recent -- and highly publicized -- ransoms. Today's talk covers:The start of ransomware as malware hidden in floppy disks containing AIDS education materials that required victim users to mail paper checks as ransom to PanamaThe recent explosion in value of ransomware extortions from a few thousand USD and four days down time... to $4.1 million U...
2021-06-1520 minSecurity Insights - Cybersecurity for Real-World WorkplacesThe Risk of Post-COVID Pants Loss?! - New Cybersecurity Research ResultsChef Security Officer Phil Richards and Head of Endpoint Security Product Management Chris Goettl talk about managing employees and protecting users in a new post-COVID era, in which 1,600+ survey respondents confirm that no workplace will ever return to solely on-premises employment.Find out who on the podcast wears pants to video calls (and who doesn't!), plus:The alarming increase of after-hours work, when you can work from anywhereHow 64% of respondents said they'd choose remote work over a promotionNew network security and IOT endpoint security concerns in hybrid and remote work environments -- and how to remediate t...
2021-06-0120 minSecurity Insights - Cybersecurity for Real-World WorkplacesFrictionless Convenience or Human Connection? - Security for Post-COVID Remote Work With Chris Dancy (Part Two)Head of Endpoint Security Product Management Chris Goettl continues his conversation with "the world's most connect human" and author of Don't Unplug: How Technology Saved My Life and Can Save Yours Too, Chris Dancy! This second half of the conversation pivots from personal user data considerations to security experiences and data collection in the hybrid and remote workplaces now common in a post-COVID world, including:Renewed user safety considerations, now that organizations can no longer rely on the "walled gardens" of known network security considerations.Chris (Dancy) breaking down how "technology can be good, or it c...
2021-05-1822 min
Futurum Tech WebcastNew Cybersecurity Shorts episode: China-linked Hackers use Pulse Connect Secure VPN Flaw to Target Federal AgenciesIt was reported last week that at least two groups of hackers linked to China have spent months taking advantage of a flaw in Ivanti's Pulse Connect Secure VPN suite to break into what was defined as a 'very limited number' of customers' systems — but which included at least five federal civilian agencies and financial institutions in the U.S. and beyond. Hackers were able to break into the devices as they were being used. More from Reuters. Hackers suspected to be linked to China have exploited vulnerabilities in Ivanti's Pulse Connect Secure VPN products targeting multiple go...
2021-05-0404 minSecurity Insights - Cybersecurity for Real-World WorkplacesManaging the IT of Me: Privacy Risks and Personal Rewards of User Data with Chris Dancy (Part One)Head of Endpoint Security Product Management Chris Goettl talks with "the world's most connected human" and author of Don't Unplug: How Technology Saved My Life and Can Save Yours Too, Chris Dancy!In this first half of the conversation, they cover:The risks against the rewards of modern information technology and data collection -- and how tech augments more analog pursuits, such as exercise or creativity.How Chris (Dancy) came to be known as "the world's most connected human," and how he truly earned that nicknameThe cognitive disconnect of the average user worried about data privacy...
2021-05-0421 minSecurity Insights - Cybersecurity for Real-World WorkplacesQRurb Your Enthusiasm: New Risk and Vulnerability Research on QR CodesConsider the humble QR code: an older marketing device that exploded in popularity when the world needed touchless solutions for information and payments. In fact, according to Chief Security Officer Phil Richards and Head of Endpoint Security Product Management Chris Goettl, the latest cybersecurity research suggests that hackers aren't far behind in leveraging QR code vulnerabilities -- and security teams may be unprepared for a new attack on their managed devices and endpoints.Today's conversation covers:New security findings from QRurb Your Enthusiasm 2021: Why the QR code Remains a Top Security Threat a...
2021-04-2013 min