Shows
ISACA PodcastCyberrisk Quantification: Strengthening Financial ResilienceIn this episode, ISACA's Lisa Cook engages with Yakir Golan, Executive Officer (CEO) and Co-Founder of Kovrr, to explore the critical role of Cyberrisk Quantification (CRQ) in enhancing organizational financial resilience. They discuss how CRQ solutions provide objective assessments of an organization's cybersecurity posture, enabling leaders to make informed decisions that align risk mitigation strategies with business objectives. The conversation also highlights the importance of translating cyberrisk exposure into monetary terms to facilitate high-level discussions and protect shareholder confidence.
Listen & Subscribe Catch this episode—and more—on the ISACA Podcast Library: https://www.isaca.org/resources/news-and-trends/isac...2025-06-0435 min
You've Already Been HackedCybersecurity Threats in Finance and Beyond!Title: Cybersecurity Threats in Finance and Beyond! Episode Number: 3×01 Overview In this episode, we delve into the latest cybersecurity threats targeting financial institutions and their members. We examine a large-scale breach at two major Australian superannuation funds, REST and AustralianSuper, discussing its implications for affected members. Additionally, we explore how businesses can defend against […]2025-04-1000 min
Pathmonk Presents PodcastBoosting Cybersecurity Marketing with Data Insights | Richard Counsell from CyberRisk AllianceRichard Counsell from CyberRisk Alliance joins Kevin on Pathmonk Presents to reveal how this data-driven, community-focused company empowers cybersecurity marketing teams. Based in Florida, CyberRisk Alliance connects professionals through events like InfoSec World and solutions like CRA Connect, offering tailored campaigns and actionable insights. Richard shares strategies for leveraging organic traffic, optimizing websites, and navigating MarTech challenges to drive conversions. Learn how they support CISOs and marketers alike, fostering a thriving cybersecurity ecosystem with integrity and expertise—perfect for anyone aiming to elevate their marketing game!2025-04-0435 min
The Cybersecurity Defenders Podcast#188 - The MSSP Alert 2024 Pricing Benchmark Report with Sharon Florentine, Senior Managing Editor at CyberRisk AllianceOn this episode of The Cybersecurity Defenders Podcast we speak with Sharon Florentine, Senior Managing Editor at CyberRisk Alliance, about the MSSP Alert 2024 Pricing Benchmark Report.Sharon is a master technology storyteller and editor with over two decades of experience in shaping the way we understand and engage with technology. Sharon's career spans an impressive range of platforms, from books and print magazines to podcasts, live events, and digital media. She's covered everything from AI and cybersecurity to career development and diversity in tech.Currently, Sharon is the Senior Managing Editor for CyberRisk Alliance's channel...2025-01-2325 min
360Grad. Von Chef zu Chef. Der Unternehmer-Podcast der VR-Bank Würzburg rund um Unternehmen, Bank un#043 Cyberrisk Insights – Schutzstrategien für Firmenkunden – im Gespräch mit Daniel Krüger360Grad. Von Chef zu Chef. Der UnternehmerPodCast der VR-Bank Würzburg rundum Unternehmer, Bank und Finanzen. Gemeinsam. Zukunft. Gestalten.
Daniel Krüger ist Underwriter bei der R+V. Das bedeutet er legt Risikoversicherungssummen aus und stellt auf die Firmenkunden zugeschnittenen Versicherungsschutz zusammen. Er unterschreibt sozusagen die Risiken, die die R+ V einkauft.
In dieser Folge sprechen wir mit dem Experten über die typischsten Schadensszenarien, mit denen er Tag für Tag in seinem Berufsalltag zu tun hat.
Schwachstellen in der Software, auch von namhaften Herstellern, sind nur eine von vielen Gefahren.
Cyberrisk: Was genau bedeutet das...2024-06-1133 min
AM Best Audio PodcastHAI’s Malaspina: ‘Human Firewall’ Is Best Defense Against CyberriskEd Malaspina, chief executive officer and president, HAI Group, said the affordable housing sector is also vulnerable to cyberrisk. Malaspina spoke with AM Best TV at the annual Vermont Captive Insurance Association conference in Burlington. 2023-09-0103 min
AM Best AudioHAI’s Malaspina: ‘Human Firewall’ Is Best Defense Against CyberriskEd Malaspina, chief executive officer and president, HAI Group, said the affordable housing sector is also vulnerable to cyberrisk. Malaspina spoke with AM Best TV at the annual Vermont Captive Insurance Association conference in Burlington. 2023-09-0103 min
eXecutive SecurityThe Power of Advocating for Yourself With Parham Eftekhari of CyberRisk AllianceParham Eftekhari is a nationally recognized leader in cybersecurity, national security, and critical infrastructure. He currently serves as an Executive Vice President at CyberRisk Alliance, setting the vision and operating priorities for its executive development, CISO, and community solutions. Parham also serves as the chairman of the Institute for Critical Infrastructure Technology (ICIT), the nation's leading cybersecurity think tank which he founded in 2014, and advisory board member at MazeBolt Technologies and the Ready Rock Institute. Other leadership roles during his 15-year career include co-founder and V.P of research at the Government Technology Research Alliance and founder of the...2023-05-2423 min
You've Already Been HackedWhat is the NIST Cybersecurity FrameworkThis week we are taking a look at what the NIST Cybersecurity Framework is, what are the pillars of it, and how this is something that could help you be better protected NIST framework: 5 pillars for your cyber security strategy https://www.nist.gov/cyberframework/online-learning/five-functions https://sopa.tulane.edu/blog/NIST-cybersecurity-framework ============== Prefer audio only check out my link on Anchor.FM to get […]2021-12-1200 min
You've Already Been HackedWhat is the NIST Cybersecurity FrameworkThis week we are taking a look at what the NIST Cybersecurity Framework is, what are the pillars of it, and how this is something that could help you be better protected NIST framework: 5 pillars for your cyber security strategy https://www.nist.gov/cyberframework/online-learning/five-functions https://sopa.tulane.edu/blog/NIST-cybersecurity-framework ============== Prefer audio only check out my link on Anchor.FM to get […]2021-12-1218 min
You've Already Been HackedWhat is the NIST Cybersecurity FrameworkThis week we are taking a look at what the NIST Cybersecurity Framework is, what are the pillars of it, and how this is something that could help you be better protected NIST framework: 5 pillars for your cyber security strategy https://www.nist.gov/cyberframework/online-learning/five-functions https://sopa.tulane.edu/blog/NIST-cybersecurity-framework ============== Prefer audio only check out my link on Anchor.FM to get […]2021-12-1200 min
You've Already Been HackedWhat is the NIST Cybersecurity FrameworkThis week we are taking a look at what the NIST Cybersecurity Framework is, what are the pillars of it, and how this is something that could help you be better protectedhttps://riversafe.co.uk/tech-blog/nist-framework-5-pillars-for-your-cyber-security-strategy/https://www.nist.gov/cyberframework/online-learning/five-functionshttps://sopa.tulane.edu/blog/NIST-cybersecurity-framework==============Prefer audio only check out my link on Anchor.FM to get to your favorite podcast service: https://anchor.fm/professor-cyber-riskShare that link with your friends, or share this one, either helps this podcast...2021-12-1218 min
You've Already Been HackedWhat Are the Stages of a Cyber Attack?A topic that I teach in my class is what the stages of a cyber attack are. Since we talk about those events all the time here, I thought it a Good Idea to discuss just to level set so everyone is thinking similarly. Even in this discussion, I go over the fact that the […]2021-12-0500 min
You've Already Been HackedWhat Are the Stages of a Cyber Attack?A topic that I teach in my class is what the stages of a cyber attack are. Since we talk about those events all the time here, I thought it a Good Idea to discuss just to level set so everyone is thinking similarly. Even in this discussion, I go over the fact that the […]2021-12-0500 minYou've Already Been HackedWhat Are the Stages of a Cyber Attack?A topic that I teach in my class is what the stages of a cyber attack are. Since we talk about those events all the time here, I thought it a Good Idea to discuss just to level set so everyone is thinking similarly. Even in this discussion, I go over the fact that the […]2021-12-0514 minYou've Already Been HackedWhat Are the Stages of a Cyber Attack?A topic that I teach in my class is what the stages of a cyber attack are. Since we talk about those events all the time here, I thought it a Good Idea to discuss just to level set so everyone is thinking similarly. Even in this discussion, I go over the fact that the cybersecurity community is not 100% in agreement on the stages, and the average is there are 5 to 7, and those are the ones that I will be going over this week. A couple of references for this weeks conversationh...2021-12-0514 min
You've Already Been HackedFDIC Cyber Rules, Delays in Notifications, and more Energy sector Hacks!– www.darkreading.com: US Banks Will Be Required to Report Cyberattacks Within 36 Hours – www.scmagazine.com: Months-long hack, theft of Sea Mar healthcare data impacts 688K patients – www.bleepingcomputer.com: Wind turbine giant Vestas’ data compromised in cyberattack Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter […]2021-11-2900 minYou've Already Been HackedFDIC Cyber Rules, Delays in Notifications, and more Energy sector Hacks!– www.darkreading.com: US Banks Will Be Required to Report Cyberattacks Within 36 Hours – www.scmagazine.com: Months-long hack, theft of Sea Mar healthcare data impacts 688K patients – www.bleepingcomputer.com: Wind turbine giant Vestas’ data compromised in cyberattack Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter […]2021-11-2917 min
You've Already Been HackedFDIC Cyber Rules, Delays in Notifications, and more Energy sector Hacks!– www.darkreading.com: US Banks Will Be Required to Report Cyberattacks Within 36 Hours – www.scmagazine.com: Months-long hack, theft of Sea Mar healthcare data impacts 688K patients – www.bleepingcomputer.com: Wind turbine giant Vestas’ data compromised in cyberattack Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter […]2021-11-2900 minYou've Already Been HackedFDIC Cyber Rules, Delays in Notifications, and more Energy sector Hacks!- www.darkreading.com: US Banks Will Be Required to Report Cyberattacks Within 36 Hours- www.scmagazine.com: Months-long hack, theft of Sea Mar healthcare data impacts 688K patients- www.bleepingcomputer.com: Wind turbine giant Vestas' data compromised in cyberattackShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1qls47sszwqxwpad66pn6awxr0...2021-11-2817 min
You've Already Been HackedCongress investigates “Small Lapses”, the FBI was hacked, Another Hospital got hacked, and so did Costco!– thehill.com: Oversight finds ‘small lapses’ in security led to Colonial Pipeline, JBS hacks – www.fbi.gov: FBI Statement on Incident Involving Fake Emails – krebsonsecurity.com: Hoax Email Blast Abused Poor Coding in FBI Website – www.scmagazine.com: Ohio hospital diverting ambulances, canceling appointments amid cyberattack – www.bleepingcomputer.com: Costco discloses data breach after finding credit card skimmer […]2021-11-2100 minYou've Already Been HackedCongress investigates “Small Lapses”, the FBI was hacked, Another Hospital got hacked, and so did Costco!– thehill.com: Oversight finds ‘small lapses’ in security led to Colonial Pipeline, JBS hacks – www.fbi.gov: FBI Statement on Incident Involving Fake Emails – krebsonsecurity.com: Hoax Email Blast Abused Poor Coding in FBI Website – www.scmagazine.com: Ohio hospital diverting ambulances, canceling appointments amid cyberattack – www.bleepingcomputer.com: Costco discloses data breach after finding credit card skimmer […]2021-11-2116 min
You've Already Been HackedCongress investigates “Small Lapses”, the FBI was hacked, Another Hospital got hacked, and so did Costco!– thehill.com: Oversight finds ‘small lapses’ in security led to Colonial Pipeline, JBS hacks – www.fbi.gov: FBI Statement on Incident Involving Fake Emails – krebsonsecurity.com: Hoax Email Blast Abused Poor Coding in FBI Website – www.scmagazine.com: Ohio hospital diverting ambulances, canceling appointments amid cyberattack – www.bleepingcomputer.com: Costco discloses data breach after finding credit card skimmer […]2021-11-2100 minYou've Already Been HackedCongress investigates "Small Lapses", the FBI was hacked, Another Hospital got hacked, and so did Costco!- thehill.com: Oversight finds 'small lapses' in security led to Colonial Pipeline, JBS hacks- www.fbi.gov: FBI Statement on Incident Involving Fake Emails- krebsonsecurity.com: Hoax Email Blast Abused Poor Coding in FBI Website- www.scmagazine.com: Ohio hospital diverting ambulances, canceling appointments amid cyberattack- www.bleepingcomputer.com: Costco discloses data breach after finding credit card skimmerShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling...2021-11-2116 min
You've Already Been HackedProfessor is Building a CyberSecurity HomelabThis week, is the first in what I hope is at least several episodes in my adventure in building home lab using older hardware, and raspberry pi’s. Kali Linux is the platform from which I will end up doing all of my personal skills training from. ———————————————– https://www.kali.org https://www.kali.org/tools/ ———————————————– Share that link with your […]2021-11-1400 minYou've Already Been HackedProfessor is Building a CyberSecurity HomelabThis week, is the first in what I hope is at least several episodes in my adventure in building home lab using older hardware, and raspberry pi’s. Kali Linux is the platform from which I will end up doing all of my personal skills training from. ———————————————– https://www.kali.org https://www.kali.org/tools/ ———————————————– Share that link with your […]2021-11-1415 min
You've Already Been HackedProfessor is Building a CyberSecurity HomelabThis week, is the first in what I hope is at least several episodes in my adventure in building home lab using older hardware, and raspberry pi’s. Kali Linux is the platform from which I will end up doing all of my personal skills training from. ———————————————– https://www.kali.org https://www.kali.org/tools/ ———————————————– Share that link with your […]2021-11-1400 minYou've Already Been HackedProfessor is Building a CyberSecurity HomelabThis week, is the first in what I hope is at least several episodes in my adventure in building home lab using older hardware, and raspberry pi's. Kali Linux is the platform from which I will end up doing all of my personal skills training from. -----------------------------------------------https://www.kali.orghttps://www.kali.org/tools/-----------------------------------------------Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your s...2021-11-1415 min
You've Already Been HackedCan you be a Ghost on the Internet?https://apple.news/Ag8RE6-acR1OreRhC8WfDrw Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A862021-10-3100 minYou've Already Been HackedCan you be a Ghost on the Internet?https://apple.news/Ag8RE6-acR1OreRhC8WfDrwShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zwCosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddfBAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86--- This episode is sponsored by · A...2021-10-3115 min
You've Already Been HackedInitial Look at Twitch Data LeakEpisode 64 This week we take an initial look at the Twitch data leak. All 175+ GBs and Over 2Million Files. This is a cursory discussion, and I will not be going into any hyper specific details as I have no interest in helping to damage Twitch. Share that link with your friends, or share […]2021-10-2600 minYou've Already Been HackedInitial Look at Twitch Data LeakEpisode 64This week we take an initial look at the Twitch data leak. All 175+ GBs and Over 2Million Files. This is a cursory discussion, and I will not be going into any hyper specific details as I have no interest in helping to damage Twitch.Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1q...2021-10-2520 min
You've Already Been HackedLets Talk Burn Out in the Cybersecurity IndustryCybersecurity Burnout Statistics: https://www.bitsight.com/blog/5-shocking-it-cybersecurity-burnout-statistics Combating Cyber Burnout: https://www.securew2.com/blog/combating-burnout-in-cybersecurity Hidden Costs: https://www.itsecurityguru.org/2020/05/19/cyber-burnout-the-hidden-cost-of-a-security-career/ How to Avoid: https://cyberwarrior.com/how-to-avoid-cybersecurity-burnout/ ———————————– Share that link with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Feeling Generous and want to show your support? algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSY bitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zw Cosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddf BAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05ed9172A86 Paypal: https...2021-10-1700 minYou've Already Been HackedLets Talk Burn Out in the Cybersecurity IndustryCybersecurity Burnout Statistics: https://www.bitsight.com/blog/5-shocking-it-cybersecurity-burnout-statisticsCombating Cyber Burnout: https://www.securew2.com/blog/combating-burnout-in-cybersecurityHidden Costs: https://www.itsecurityguru.org/2020/05/19/cyber-burnout-the-hidden-cost-of-a-security-career/How to Avoid: https://cyberwarrior.com/how-to-avoid-cybersecurity-burnout/-----------------------------------Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3...2021-10-1725 min
You've Already Been HackedRansomware Death, High Treason, Food Cybersecurity, and CISA helps with Insider Threats– threatpost.com: Baby’s Death Alleged to Be Linked to Ransomware – www.bleepingcomputer.com: CISA releases tool to help orgs fend off insider threat risks https://www.cisa.gov/sites/default/files/publications/IRMPE_Assessment_v1_2021-08-25.pdf – www.bleepingcomputer.com: Russia arrests cybersecurity firm CEO after raiding offices – www.scmagazine.com: Food and agriculture industry needs more threat intel as ransomware attacks crop up Share that link with your friends, […]2021-10-0300 minYou've Already Been HackedRansomware Death, High Treason, Food Cybersecurity, and CISA helps with Insider Threats- threatpost.com: Baby’s Death Alleged to Be Linked to Ransomware- www.bleepingcomputer.com: CISA releases tool to help orgs fend off insider threat riskshttps://www.cisa.gov/sites/default/files/publications/IRMPE_Assessment_v1_2021-08-25.pdf- www.bleepingcomputer.com: Russia arrests cybersecurity firm CEO after raiding offices- www.scmagazine.com: Food and agriculture industry needs more threat intel as ransomware attacks crop upShare that link with your friends, or share this one, either helps this podcast grow!Follow me on...2021-10-0315 minYou've Already Been HackedFeds go after Cryto Exchange, New Cyber Rules for Insurers, Chinese SmartPhones, and 35 years for DDoS attacks- www.theregister.com: Suex to be you: Feds sanction cryptocurrency exchange for handling payments from 8+ ransomware variants- thehill.com: Major US port target of attempted cyber attack- www.govtech.com: Wisconsin Law Imposes Cybersecurity Rules for Insurance Industry- arstechnica.com: Security audit raises severe warnings on Chinese smartphone models- www.bleepingcomputer.com: Admin of DDoS service behind 200,000 attacks faces 35yrs in prisonShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at...2021-09-2617 minYou've Already Been HackedOWASP's #1, Apple Devices and Pegasus, BlackMatter goes after Medical, and South Africa HackedEpisode 60- www.theregister.com: Hey – how did you get in here? Number one app security weakness of 2021 was borked access control, says OWASP- www.darkreading.com: Apple Patches Zero-Days in iOS 14.8 Update- www.bleepingcomputer.com: BlackMatter ransomware hits medical technology giant Olympus- www.bleepingcomputer.com: Former U.S. intel operatives to pay $1.6M for hacking for foreign govt- threatpost.com: REvil/Sodinokibi Ransomware Universal Decryptor Key Is Out- www.bleepingcomputer.com: Ransomware encrypts South Africa's entire Dept of Justice network...2021-09-1915 minYou've Already Been HackedProtonMail...not so private anymore, SEC is watching, New Zealand suffered a DDOS attack, the UN Confirmed it was HackedEpisode 59- arstechnica.com: ProtonMail removed “we do not keep any IP logs” from its privacy policy- searchsecurity.techtarget.com: SEC sanctions financial firms for cybersecurity failures- www.theregister.com: New Zealand DDoS wave targets banks, post offices, weather forecasters and more- www.theregister.com: New Zealand internet outage blamed on DDoS attack on nation's third largest internet provider- thehill.com: United Nations confirms its systems were breached this yearShare that link with your friends, or share this one, either helps this podc...2021-09-1216 minYou've Already Been HackedMalicious and Negligent Insiders destroyed over 22 Terabytes of data, Confluence and Cryptominers, SpyFone's done, and Autodesk got hackedEpisodes 58- Bleeping Computer: Fired NY credit union employee nukes 21GB of data in revenge- GovTech: Dallas Terminates Worker Who Deleted 22.5 TB of Police Data- Bleeping Computer: Atlassian Confluence flaw actively exploited to install cryptominers- Bleeping Computer: FTC bans stalkerware maker Spyfone from surveillance business- Bleeping Computer: Autodesk reveals it was targeted by Russian SolarWinds hackersShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous...2021-09-0516 min
You've Already Been HackedYour Gaming Periphs are Hacked, Conti hacked SAC and the FBI warned against HIVEEpisode 57 - www.bleepingcomputer.com: SteelSeries bug gives Windows 10 admin rights by plugging in a device - www.bleepingcomputer.com: Razer bug lets you become a Windows 10 admin by plugging in a mouse - www.bleepingcomputer.com: Nokia subsidiary discloses data breach after Conti ransomware attack - www.bleepingcomputer.com: FBI shares technical details for Hive ransomware Share this podcast with your friends, or share this one, either helps this podcast grow! Follow me on twitter at: @attiliojr Fe...2021-08-2914 minYou've Already Been HackedJopin Paid out, PRINTNIGHTMARE and you can’t wake up, IoT not so Random, and talking Pegasus- www.securityweek.com: Joplin: City Computer Shutdown Was Ransomware Attack- threatpost.com: Microsoft Warns: Another Unpatched PrintNightmare Zero-Day- thehackernews.com: A Critical Random Number Generator Flaw Affects Billions of IoT Devices- www.bleepingcomputer.com: Hacker behind biggest cryptocurrency heist ever returns stolen funds- www.darkreading.com: FTC: Phishing Campaign Targets Unemployment Benefits & PII- theconversation.com: What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets inShare that link with your friends...2021-08-1521 minYou've Already Been HackedInsider Threats in Oz, SolarWinds, the DOJ, and NY, GhostShips, and Amazon sets a new Record- www.zdnet.com: Audit finds some former WA government staff still have systems access after termination- www.govinfosecurity.com: SolarWinds Attackers Accessed US Attorneys' Office Emails- www.engadget.com: Over 100 warship locations have been faked in one year- www.govinfosecurity.com: Amazon Hit With $885 Million GDPR FineShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42...2021-08-0818 min
Privacy PleaseS2, E77 - Paul Asadoorian, CIO at CyberRisk AllianceSend us a textThis week on Privacy Please, Gabe, and I have on the OG in Security Podcasting and the Chief Innovation Officer at CyberRisk Alliance, Mr. Paul Asadoorian! Show highlights:We talk about a lot in this episode with a very wide range of topics ranging from security and podcasting to Wu-Tang for the kids. We cover Paul's story, where and when Security Weekly originally started, his progressions, challenges, company growth, mergers, data security and privacy shop talk, deep dark secrets, and much more! Link:https://www.linkedin.co...2021-08-041h 16You've Already Been HackedMeteor wipes out Iranian Rail, Jackpotting with Europol, Florida got hacked, and the US electric grid is concerning…- www.bleepingcomputer.com: New destructive Meteor wiper malware used in Iranian railway attack- www.europol.europa.eu: Russian-Speaking Hackers Arrested in Poland Over ATM Jackpotting Attacks- threatpost.com: UC San Diego Health Breach Tied to Phishing Attack- www.darkreading.com: Florida DEO Discloses Data Breach Affecting 58,000 Accounts- www.govinfosecurity.com: What Can Be Done to Enhance Electrical Grid Security?Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojr...2021-08-0116 minYou've Already Been HackedAI Talks NSO, TSA adds new Rules, Oil, Trains, Law Firms, and Courts all PWNEDBack online for Episode 53!- www.bleepingcomputer.com: Cyberattack on Moldova's Court of Accounts destroyed public audits- techcrunch.com: This tool tells you if NSO’s Pegasus spyware targeted your phone- www.bleepingcomputer.com: Akamai DNS global outage takes down major websites, online services- www.govinfosecurity.com: TSA Issues Cybersecurity Requirements for Pipelines- www.bleepingcomputer.com: Chinese state hackers breached over a dozen US pipeline operators- arstechnica.com: Saudi Aramco confirms data leak after $50 million cyber ransom demand...2021-07-2518 minYou've Already Been HackedOne Year In...Episode 52, thats 52 weeks straight we been at it!!!Thank you to everyone who has stopped by over the past 52 weeks!Kaseya Supply Chain hack impacts 1000s- www.scmagazine.com: Kaseya offers pre-patch instructions for on-prem VSA customers- www.zdnet.com: Kaseya ransomware attack updates: Your questions answered- us-cert.cisa.gov: CISA-FBI Guidance for MSPs and their Customers Affected by the Kaseya VSA Supply-Chain Ransomware Attack- arstechnica.com: Up to 1,500 businesses infected in one of the worst ransomware attacks ever- www...2021-07-1118 minYou've Already Been Hacked93% of LinkedIn User have had their data takenhttps://www.consumeraffairs.com/news/linkedin-data-breach-puts-700-million-user-records-at-risk-062921.htmlhttps://threatpost.com/linkedin-data-scrape-victims-targeted-attackers/167473/Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zwCosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddfBAT: 0x1d17d7Ee7d1BF9F53DEF2CEf4558D05...2021-07-0517 minYou've Already Been HackedLet's talk cybersecurity and Critical InfrastructureEpisode 50- www.sfgate.com: A hacker gained access to a Bay Area drinking water facility- thehackernews.com: North Korea Exploited VPN Flaw to Hack South's Nuclear Research Institute- eclypsium.com: Eclypsium Discovers Multiple Vulnerabilities Affecting 129 Dell Models via Dell Remote OS Recovery and Firmware Update Capabilities- www.cyberscoop.com: A plan to label companies vulnerable to hacking is set to spark debate on Capitol Hill- krebsonsecurity.com: How Cyber Safe is Your Drinking Water Supply?Share that link with your friends, or...2021-06-2719 minYou've Already Been HackedRansomware Gives Up, CLOP gets arrested, and NATO willing to invoke Article 5 in Cyber Response- www.govinfosecurity.com: Ukraine Arrests 6 Clop Ransomware Operation Suspects- www.theregister.com: Ryuk ransomware recovery cost us $8.1m and counting, says Baltimore school authority- www.bleepingcomputer.com: Network security firm COO charged with medical center cyberattack- www.zdnet.com: This data and password-stealing malware is spreading in an unusual way- www.govinfosecurity.com: NATO Endorses Cybersecurity Defense Policy- www.bleepingcomputer.com: Avaddon ransomware shuts down and releases decryption keysShare that link with your friends, or share this one, either helps...2021-06-2015 minYou've Already Been HackedThe Spring Term is over, lets reviewTalking about what we went over in the spring term, and how it related to the last 3 months!Share that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and want to show your support?algorand: E3HYLC56IHAFXPPA2WZCLBYAVFX42GVFDC7BDAXAQWNI3BXGHF3KDILMSYbitcoin: bc1qls47sszwqxwpad66pn6awxr0ex9s4d33t3t2zwCosmos: cosmos107ng80lsqhwqxeawajjt6cywmu5nhlt3drvddfBAT: 0x1d17d7Ee7d1BF9...2021-06-1321 minYou've Already Been HackedREvil took down one-fifth of US beef Production, The NYC MTA got hacked, Amazon wants your networkAs 2021 goes on, the attack on critical infrastructure continues at a rapid pace.- www.zdnet.com: FBI attributes JBS ransomware attack to REvil- www.bleepingcomputer.com: FBI: REvil cybergang behind the JBS ransomware attack- www.cyberscoop.com: Meat chain JBS says US production is returning after ransomware attack- www.bleepingcomputer.com: Chinese threat actors hacked NYC MTA using Pulse Secure zero-day- www.bleepingcomputer.com: Swedish Health Agency shuts down SmiNet after hacking attempts- www.cyberscoop.com: Sensitive medical, financial data exposed...2021-06-0617 minYou've Already Been HackedCyber Insurance Market is Crazy and Hacked, and the FBI deals with an Insider Threat- www.scmagazine.com: As market for cyber insurance booms, watchdog calls for better data- www.theregister.com: Doncaster insurance firm One Call hit by not-dead-at-all Darkside ransomware gang- www.theregister.com: Air India admits to data breach impacting 4.5m customers, sat on the news for five weeks- www.theregister.com: Toyota rear-ended by twin cyber attacks that left ransomware-shaped dents- www.cyberscoop.com: FBI employee indicted for stealing classified info on FBI cybersecurity workShare that link with your friends, or share this one...2021-05-3017 minYou've Already Been HackedLargest Ransomware payment Ever, Solarwinds and the DIB, and a Cyberinsurer get hacked- www.bloomberg.com: CNA Financial Paid $40 Million in Ransom After March Cyberattack- www.zdnet.com: Cybercriminals scanned for vulnerable Microsoft Exchange servers within five minutes of news going public- www.bleepingcomputer.com: Insurer AXA hit by ransomware after dropping support for ransom payments- threatpost.com: Fresh Loader Targets Aviation Victims with Spy RATsShare that link with your friends, or share this one, either helps this podcast grow!Follow me on twitter at: @attiliojrFeeling Generous and...2021-05-2315 minYou've Already Been HackedThe Fallout from Colonial hack, and 85% of cyber breaches caused by human failure in 2020The fallout from the colonial pipeline ransomware attack, may have a net positive for the cybersecurity landscape. Verizon published the 2021 Data breach investigations report, and 2020 was the year that showed we have so much more to do in making everyone have better cyber hygiene.- www.govinfosecurity.com: Biden: Russian Government Not Behind Colonial Pipeline Attack- threatpost.com: Colonial Pipeline Shells Out $5M in Extortion Payout, Report- www.cyberscoop.com: Biden signs security-focused executive order meant to accelerate breach reporting, boost software standards- www.theregister.com: South Korea...2021-05-1618 minYou've Already Been HackedJugular of US Fuel cut, 12 years of Dell insecurity, Warez Cause Problems, IIOT insecure Says Microsoft- Ransomware attack: Major U.S. fuel pipeline halts operations - https://salinapost.com/posts/3930ba6b-803c-4415-a0d0-b57dd47fc4bf- www.darkreading.com: Hundreds of Millions of Dell Computers Potentially Vulnerable to Attack- www.bleepingcomputer.com: A student pirating software led to a full-blown Ryuk ransomware attack- threatpost.com: Massive DDoS Attack Disrupts Belgium Parliament- Threatpost: Microsoft Warns of 25 Critical Vulnerabilities in IoT, Industrial DevicesBleeping Computer: Suspected Chinese state hackers target Russian submarine designerShare that link with...2021-05-0920 minYou've Already Been HackedThe University of Minnesota apologies, Linux is vulnerable, an AG got hacked, the DC Police did too!- www.bleepingcomputer.com: HashiCorp is the latest victim of Codecov supply-chain attack- www.zdnet.com: University of Minnesota responds to Linux security patch requests- threatpost.com: Linux Kernel Bug Opens Door to Wider Cyberattacks- www.bleepingcomputer.com: DC Police confirms cyberattack after ransomware gang leaks data- threatpost.com: DoppelPaymer Gang Leaks Files from Illinois AG After Ransom Negotiations Break Down- www.scmagazine.com: Apple patches ‘worst macOS bug in recent memory’ after it was used in the wild- www.scmagazine.com...2021-05-0220 minYou've Already Been HackedPulse Secure VPNs get bypassed, REvil takes on Apple, Ethernet/IP Stack problems in Industrial Systems, and 10 years for a guru- www.fireeye.com: Check Your Pulse: Suspected APT Actors Leverage Authentication Bypass Techniques and Pulse Secure Zero-Day- www.darkreading.com: University Suspends Project After Researchers Submitted Vulnerable Linux Patches- www.bleepingcomputer.com: REvil gang tries to extort Apple, threatens to sell stolen blueprints- www.cyberscoop.com: Codecov dev tool hit in another supply chain hack- thehackernews.com: Severe Bugs Reported in EtherNet/IP Stack for Industrial Systems- www.cyberscoop.com: FIN7 'technical guru' sentenced to 10 years in prison3Share that link...2021-04-2518 minYou've Already Been HackedSanctions for Russia, FBI Hacks US systems, and the Electric grid got lucky- www.scmagazine.com: As US takes sweeping action against Russia for years of hacking, industry skeptical of impact- www.darkreading.com: FBI Operation Remotely Removes Web Shells From Exchange Servers- www.bleepingcomputer.com: CISA gives federal agencies until Friday to patch Exchange servers- www.zdnet.com: Google Project Zero testing 30-day grace period on bug details to boost user patching- www.cyberscoop.com: Hundreds of electric utilities downloaded SolarWinds backdoor, regulator says- edscoop.com: Accellion breach exposed 300,000 records, University of Colorado says2021-04-1820 minYou've Already Been HackedYour Health Insurance, Facebook, and LinkedIn all got HackedThis past week had a bunch of large scale hits with potentially 700 million people being hacked (not all this week, some as early as 2019).- thehill.com: Major DC insurance provider hacked by 'foreign cybercriminals'- www.bleepingcomputer.com: North Korean hackers use new Vyveva malware to attack freighters- www.darkreading.com: LinkedIn Phishing Ramps Up With More-Targeted Attacks- www.scmagazine.com: Conti ransomware gang hits Broward County Schools with $40M demand- www.bleepingcomputer.com: 533 million Facebook users’ phone numbers leaked on hacker fo...2021-04-1122 minYou've Already Been HackedDHS emails hacked by SolarWinds, DPRK Actors created a Fake security Company, Space X gets encryptedLots happening this week, as I welcome in my new students to this term. Solarwinds fall out still happening, along with changes at the company, multi university hacks reported, North Korea is still being tricky, another water treatment plan was hacked (although in the past), Ubiquity has a whistle blower, and Space X encrypted their data streams.- thehill.com: Hackers accessed emails of top DHS officials as part of SolarWinds breach: report- www.cyberscoop.com: US to publish details on suspected Russian hacking tools used in SolarWinds espionage...2021-04-0420 minYou've Already Been HackedA Quick Overview of Teaching a (my) cybersecurity classTaking a break from the reoccuing nightmare that is cybersecurity, and doing a quick high level overview of teaching cybersecurity, specifically my class. Which happens to start back up on 6 April 2021.--- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app--- Send in a voice message: https://anchor.fm/professor-cyber-risk/messageSupport this podcast: https://anchor.fm/professor-cyber-risk/support2021-03-2821 minYou've Already Been HackedSolarwinds takes more source code, Exchange Ransomware, 4.2 Billion lost to internet crime in 2020- www.zdnet.com: Mimecast reveals source code theft in SolarWinds hack- www.bleepingcomputer.com: CISA releases new SolarWinds malicious activity detection tool- www.zdnet.com: Microsoft investigates potential ties between partner security firm, Exchange Server attack code lea- arstechnica.com: Exchange servers first compromised by Chinese hackers hit with ransomware- www.bleepingcomputer.com: FBI: Over $4.2 billion officially lost to cybercrime in 2020- www.cyberscoop.com: Cypriot sentenced for email hacking committed as teen- arstechnica.com: I was a teenage Twitter hacker...2021-03-2119 min
Cybersecurity ChroniclesSpecial Guest Don Cox: A CISO's View Why AI & Machine Learning are important for CyberRisk managementIn this episode CISO Don Cox returns alongside Sean and Stanley to discuss why AI and machine learning are so important for CyberRisk management, including: -- Why automation is essential for cybersecurity readiness.-- Why being able to fix problems autonomously is critical.-- The lessons Don's learned from his 25-year background into investigating high-tech crimes.-- Why automation is NOT about replacing employees.Sponsored by Netswitch Technology Management - netswitch.net2021-03-1830 minYou've Already Been HackedYet another Cyber Nightmare, potentially 100,000s exchange servers compromised world wideThis week focused heavily on the hack of 2021, at least 10 APTs are exploiting Microsoft Exchange Server vulnerabilities across the globe, oh and 150,000 security cameras were also breached...- www.cyberscoop.com: At least 10 APT hacking groups have exploited Exchange Server bugs, ESET warns- www.cyberscoop.com: Amid widespread Exchange Server attacks, Microsoft issues patch for older versions- arstechnica.com: Critical 0-day that targeted security researchers gets a patch from Microsoft- www.darkreading.com: Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day- www.bleepingcomputer.com: Microsoft's MSERT tool now finds web shells from Exchange Server attacks- krebsonsecurity.com: At Least 30,000 U...2021-03-1416 minYou've Already Been HackedIndia Power Hacked by the PRC, New Microsoft Zero-days, and PLCs have Hardcoded vulnerabilities- www.scmagazine.com: China’s new cyber tactic: targeting critical infrastructure- www.forbes.com: Hackers Break Into ‘Biochemical Systems’ At Oxford University Lab Studying Covid-19- arstechnica.com: Hard-coded key vulnerability in Logix PLCs has severity score of 10 out of 10- www.theregister.com: Chinese businessman plotted with GE insider to steal transistor secrets, say Feds- www.darkreading.com: Microsoft Fixes Exchange Server Zero-Days Exploited in Active Attacks- www.zdnet.com: GAO report finds DOD's weapons programs lack clear cybersecurity guidelines--- This episode is spo...2021-03-0718 minYou've Already Been HackedThe FED has an outrage, Defense Contractors targeted, new Mac malware, and NIST updates the Smart Grid Framework- www.bleepingcomputer.com: Federal Reserve nationwide outage impacts US banking system- www.bleepingcomputer.com: TD Bank suffered systemwide banking outage, services now recovered- www.scmagazine.com: ThreatNeedle malware tied to year-long North Korean espionage campaign against global defense industry- www.cyberscoop.com: Plane-maker Bombardier discloses breach after stolen data surfaces- threatpost.com: Mysterious Silver Sparrow Malware Found Nesting on 30K Macs- www.bleepingcomputer.com: Underwriters Laboratories (UL) certification giant hit by ransomware- www.gcn.com: NIST Updates Smart Grid Framework2021-02-2819 minYou've Already Been HackedMicrosoft Source Code was taken, FS-ISAC members targeted, M1 Malware, and DOJ gets a win…sorta- www.bleepingcomputer.com: Microsoft: SolarWinds hackers downloaded Azure, Exchange source code- www.cyberscoop.com: White House warns SolarWinds breach cleanup will take time- threatpost.com: Florida Water Plant Hack: Leaked Credentials Found in Breach Database- www.zdnet.com: Singtel hit by third-party vendor's security breach, customer data may be leaked- statescoop.com: Washington state looks to consolidate cybersecurity after data breach- www.bleepingcomputer.com: Cyberattack on Dutch Research Council (NWO) suspends research grants- www.darkreading.com: 100+ Financial Services Firms Targeted...2021-02-2126 minYou've Already Been HackedHackers attempt to poison water supplies, get into nuclear plans, windows has a 10 year old vulnerability, and 60 Million in bitcoin may be lost foreverThis week we go after Critical Infrastructure hacks, the majority of windows computers have likely had a vulnerability for over a decade, and 60 million in bitcoin may be locked away forever- www.vice.com: Hacker Tried to Poison Florida City's Water Supply, Police Say- www.wired.com: A Hacker Tried to Poison a Florida City's Water Supply, Officials Say- www.bleepingcomputer.com: Eletrobras, Copel energy companies hit by ransomware attacks- www.bleepingcomputer.com: 12-year-old Windows Defender bug gives hackers admin rights- arstechnica.com: Cops c...2021-02-1418 minYou've Already Been HackedSolarwinds goes back to 2019, High-performance computers compromised, and a Ransomware gang shutsdown- thehill.com: Hackers had access to SolarWinds email system for months- apnews.com: Russian hack brings changes, uncertainty to US court system- www.bleepingcomputer.com: Hackers steal StormShield firewall source code in data breach- arstechnica.com: High-performance computers are under siege by a newly discovered backdoor- threatpost.com: Lazarus Affiliate ‘ZINC’ Blamed for Campaign Against Security Researcher- www.bleepingcomputer.com: Fonix ransomware shuts down and releases master decryption key- threatpost.com: Industrial Gear at Risk from Fuji Code-Execution Bugs...2021-02-0723 minYou've Already Been HackedNorth Korea goes after Cyber professionals, The good guys get a couple of wins, and ADT's insider threatLinks to the Stories- www.wired.com: North Korea Targets—and Dupes—a Slew of Cybersecurity Pros- www.darkreading.com: Intl. Law Enforcement Operation Disrupts Emotet Botnet- www.govinfosecurity.com: Another Takedown: NetWalker Ransomware Gang Disrupted- threatpost.com: Mimecast Confirms SolarWinds Hack as List of Security Vendor Victims Snowball- www.darkreading.com: Ransomware Disrupts Operations at Packaging Giant WestRock- arstechnica.com: Home alarm tech backdoored security cameras to spy on customers having sex- threatpost.com: ADT Security Camera Flaw...2021-01-3122 minYou've Already Been HackedSolarwinds new tricks, hospital hack, fake vaccine info and moreFireeye tries to help, Solarwinds has another trick up it’s sleeve, students infected with malware from government laptops, and the FBI warns of vishing, all this week.Fireeye Release a tool to help: https://www.zdnet.com/article/fireeye-releases-tool-for-auditing-networks-for-techniques-used-by-solarwinds-hackers/SolarWinds has a fourth vector: https://www.zdnet.com/article/fourth-malware-strain-discovered-in-solarwinds-incident/Malwarebytes hit with SW: https://threatpost.com/malwarebytes-solarwinds-attackers/163190/Vulnerable Students infected with Malware: https://www.bbc.com/news/technology-55749959CISA’s got a new campaign: https://thehill.com/policy/cybersecurity/535240-federal-cyber-agency-announces-new-campaign-to-fight-ransomware-attacksBelgium Hospital loses 100TB: https://www...2021-01-2419 minYou've Already Been HackedDecentralized Social Media AlternativesThis week we are taking a high level look at decentralized social media alternatives, that can replace the other platforms you use.https://www.minds.comhttps://getaether.nethttps://joinmastodon.orghttps://lbry.tv/https://diasporafoundation.orghttps://d.tubehttps://www.signal.orghttps://www.voice.com/faq/https://mewe.com/faqhttps://sopa.tulane.edu/blog/decentralized-social-networkshttps://www.coindesk.com/now-is-the-time-to-advance-the-decentralized-webhttps://bravenewcoin.com/insights/decentralized-social-media-the-good-the-bad-and-the-potentially-ugly...2021-01-1715 minYou've Already Been HackedSolarwinds breeched US Courts, Insider Threat impacts PPE, and 4 Breaches for T-Mobile in 3 yearsSites for the News References- krebsonsecurity.com: Sealed U.S. Court Records Exposed in SolarWinds Breach- www.fedscoop.com: CISA updates guidance on SolarWinds compromise- www.zdnet.com: SolarWinds: The more we learn, the worse it looks- www.theverge.com: SolarWinds hack may be much worse than originally feared- duo.com: SolarWinds Attackers Accessed, But Did Not Modify, Microsoft Source Code- www.zdnet.com: CISA updates SolarWinds guidance, tells US govt agencies to update right awa- threatpost.com...2021-01-1015 minYou've Already Been HackedSolarWinds News, and the Top 10 Hacks of 2020This week, just a small update on SolarWinds, and a look back at the top 10 hacks that occurred in 2020.www.cyberscoop.com: Grid regulator warns utilities of risk of SolarWinds backdoor, asks how exposed they arewww.govinfosecurity.com: CISA Warns SolarWinds Incident Response May Be Substantial - www.bleepingcomputer.com: SolarWinds releases updated advisory for new SUPERNOVA malwarewww.wired.com: The Worst Hacks of 2020, a Surreal Pandemic Yeararstechnica.com: 2020 had its share of memorable hacks and breaches. Here are the top 102021-01-0317 minYou've Already Been HackedA Cybersecurity Christmas CarolSince its the holidays, we are skipping the news this week, and doing a tweaked version of A Christmas Carol. I hope you enjoy itSpecial Thanks to my family for lending their voices. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app--- Send in a voice message: https://anchor.fm/professor-cyber-risk/messageSupport this podcast: https://anchor.fm/professor-cyber-risk/support2020-12-2734 minYou've Already Been HackedNews of the Week for 21 December 2020FireEye's intrusion was just the tip of the iceberg. Solarwinds is the real nightmare. This week we dig a bit deeper than normal, and talk about Solarwinds, but wait...more than that happened this past week too! - arstechnica.com: ~18,000 organizations downloaded backdoor planted by Cozy Bear hackers - www.govtech.com: Federal Agencies, Think Tank Targeted in Russian Hacking Spree - www.cyberscoop.com: White House activates cyber emergency response under Obama-era directive - www.bleepingcomputer.com: CISA: Hackers breached US govt using more than SolarWinds backdoor - www.washingtonpost.com: Investors in breached software firm SolarWinds traded $280 m...2020-12-2120 minYou've Already Been HackedNews of the Week for 12 December 2020The hack that has shaken the cybersecurity industry, COVID vaccine information stolen, Congress brings national cyber back, all happened this past week- www.fireeye.com: FireEye Shares Details of Recent Cyber Attack, Actions to Protect Community- www.darkreading.com: Nation-State Hackers Breached FireEye, Stole Its Red Team Tools- www.zdnet.com: Hackers leak data from Embraer, world's third-largest airplane maker- arstechnica.com: COVID-19 vaccine data has been unlawfully accessed in hack of EU regulator- www.bleepingcomputer.com: Teen who shook the Internet in 2016 pleads guilty...2020-12-1321 minYou've Already Been HackedNews of the Week for December 5 2020CISA and the FBI Issue warnings to Think Tanks, The Cold Chain is being attacked, and MacOS vulnerabilities are being attacked buy APTs all this weekArticles:- www.bleepingcomputer.com: FBI and Homeland Security warn of APT attacks on US think tanks- www.securityweek.com: FBI Warns of Auto-Forwarding Email Rules Abused for BEC Scams- www.politico.com: Justices express qualms about sweeping computer crime law- www.bleepingcomputer.com: Pennsylvania county pays 500K ransom to DoppelPaymer ransomware- www.wired.com: Hackers Are...2020-12-0618 minYou've Already Been HackedNews of the Week for 28 November 2020The Managed.com hack impacts local governments, Google adding E2EE to RCS, and Manchester United was hacked, all this weekLinks to the Stories- www.securityweek.com: Attack on Vendor Affects Website of Arizona Court System- arstechnica.com: Google is testing end-to-end encryption in Android Messages- www.europol.europa.eu: Over 2 000 Participants from 132 Countries Logged on for the 4th Global Conference on Criminal Finances and Cryptocurrencies- www.bleepingcomputer.com: Tesla Model X key fobs could be hacked to steal cars, fix released...2020-11-2916 minYou've Already Been HackedNews of the Week for 21 November 2020Capcom did lose customer data, Russia and North Korea going after COVID-19 research, and 28 million had information stolen in Texas.- www.bleepingcomputer.com: Capcom confirms data breach after gamers' data stolen in cyberattack- arstechnica.com: Hackers sponsored by Russia and North Korea are targeting COVID-19 researchers- threatpost.com: Food-Supply Giant Americold Admits Cyberattack- thehill.com: Software vendor says data breach exposed nearly 28 million Texas driver's license records- www.zdnet.com: Lazarus malware strikes South Korean supply chains- www.zdnet.com: Cyber-attack...2020-11-2218 minYou've Already Been HackedNews of the Week for 14 November 2020So much Health Care news its astounding- healthitsecurity.com: ‘Security Threat’ Forces Hendrick Health to EHR Downtime Procedures- www.zdnet.com: Australian government warns of possible ransomware attacks on health sector- www.securityweek.com: Encryption Vulnerabilities Allow Hackers to Take Control of Schneider Electric PLCs- threatpost.com: Millions of Hotel Guests Worldwide Caught Up in Mass Data Leak- www.bleepingcomputer.com: Laptop maker Compal hit by ransomware, $17 million demanded- threatpost.com: Cyberattack on UVM Health Network Impedes Chemotherapy Appointments-dar...2020-11-1522 minYou've Already Been HackedNews of the Week for 7 November 2020- www.securityweek.com: U.S. Says Iranian Hackers Accessed Voter Information- www.securityweek.com: Guard Cyber Team to Help Respond to Hospitals Cyberattack- chathamjournal.com: Chatham County government experienced cybersecurity attack on October 28- arstechnica.com: The feds just seized Silk Road’s $1 billion stash of bitcoin- www.securityweek.com: Private Prison Operator GEO Group Discloses Data Breach.- www.cbc.ca/news: STM says it refused hackers' $2.8n- www.bleepingcomputer.com: Brazil's court system under massive RansomExx ransomware attack...2020-11-0820 minYou've Already Been HackedNews of the Week for 31 October 2020Medical systems still underweight, COVID-19 Vaccine Manufacture Hacked, Elections hacked with Ransomeware, Louisiana calls in the National Guard for help, and an insider threat, all this week closing out Cybersecurity Awareness Month- threatpost.com: 2 More Hospitals Hit by Growing Wave of Ransomware Attacks, As Feds Issue Warning- www.bleepingcomputer.com: Montreal's STM public transport system hit by ransomware attack- www.scmagazine.com: Finnish psychotherapy center fires CEO for suppressing breach details- krebsonsecurity.com: Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo...2020-11-0121 minYou've Already Been HackedNews of the Week for 24 October 2020The EU goes after the GRU, a plan for the supply chain, schools still under siege, phishing burn out, and our sweet, sweet coffee gets hacked, all this week.-www.scmagainze.com BN Cyber Attack calls into question business segmentation-www.darkreading.com Flurry of warnings highlight cyber threats to us elections- www.cyberscoop.com: EU slaps sanctions on GRU leader, Fancy Bear, FBI-wanted hacker over Bundestag attack- www.scmagazine.com: Cyber Solarium Commission lays out plan to secure supply chain- www.infosecurity-magazine.com: Cyber-attack on Mississippi Schools Costs $300...2020-10-2519 minYou've Already Been HackedNews of the Week for 17 October 2020Carnival makes it official, Magento holes patched, Congress cares about the UHS hack, and International governments are looking for way around encryption, all this week- www.bleepingcomputer.com: Largest cruise line operator Carnival confirms ransomware data theft- threatpost.com: Critical Magento Holes Open Online Shops to Code Execution- www.scmagazine.com: Here are the questions Congress asks after a ransomware attack- www.cyberscoop.com: Foreign hackers are targeting federal, state and local IT networks, feds warn- www.zdnet.com: TrickBot botnet survives takedown attempt...2020-10-1815 minYou've Already Been HackedNews of the Week for 10 October 2020Hospitals pay ransom in bitcoin, illegitimate news sites, clinical trials were hacked, so as the UN, and an ISP Apologies, all this week.- www.uhsinc.com: Statement from Universal Health Services: Updated Monday, October 5, 2020, 12:30 PM ET- www.zdnet.com: Microsoft's Azure AD authentication outage: What went wrong- www.bleepingcomputer.com: New Jersey hospital paid ransomware gang $670K to prevent data leak- www.bleepingcomputer.com: Massachusetts school district shut down by ransomware attack- arstechnica.com: Botched Excel import may have caused loss of 15,841 UK COVID-19...2020-10-1125 minYou've Already Been HackedNews of the Week for 3 October 2020A Microsoft Major outrage, 911 went down, the 2nd Largest HIPPA penalty ever, Russian Hacker goes to Jail, and a Teenager hacked a school all this week. - arstechnica.com: Paying ransomware demands could land you in hot water - home.treasury.gov: Advisory on Potential Sanctions Risks for Facilitating Ransomware Payments- www.reuters.com: Universal Health Services says its network is 'still down' - www.wired.com: A Ransomware Attack Has Struck a Major US Hospital Chain - www.bleepingcomputer.com: Microsoft Office 365 is down in the USA, show...2020-10-0422 minYou've Already Been HackedNews of the Week for 26 September 2020Ransomeware attacks on federal contractors, Iranian Dissidents targeted, the Dark Overload pleads guilty..and an 10 out of 10 vulnerability in windows all this week.Links to all the Stories- www.zdnet.com: CISA says a hacker breached a federal agency- www.wired.com: 179 Arrested in Massive Global Dark Web Takedown- www.theregister.com: Contractor convicted of pinching supercomputer cycles to mine cryptocurrency- www.bleepingcomputer.com: Government software provider Tyler Technologies hit by ransomware- www.govtech.com: Jekyll Island Authority Targeted by Ransomware Attack2020-09-2717 minYou've Already Been HackedNews of the Week for 19 September 2020News of the Week for 19 September 2020. The DOJ had a big week, the first death related to ransomware, schools still under siege, and an update that warns you are compromised, all this week.- www.zdnet.com: US charges two Russians for stealing cryptocurrency- www.zdnet.com: First death reported following a ransomware attack on a hospital- www.zdnet.com: Hackers are launching fresh attacks against universities- www.latimes.com: Ransomware attack hits schools, halting online classes- www.darkreading.com: Virginia's Largest School System Hit...2020-09-2020 minYou've Already Been HackedNews of the Week for 12 September 2020Hacking the Election, Banks, Schools, and Semiconductors...all this week.- www.wired.com: Hackers Are Hitting US Campaign Targets Again- www.cnet.com: Phones for low-income users hacked before they're turned on- www.bleepingcomputer.com: Netwalker ransomware hits Argentinian government,- www.politico.eu: Facebook to stop moving data from EU to US- www.bleepingcomputer.com: Netwalker ransomware hits Pakistan's largest private power utility- threatpost.com: Bluetooth Bug Opens Devices- www.bleepingcomputer.com: SunCrypt Ransomware shuts down North Carolina...2020-09-1320 minYou've Already Been HackedNews of the Week for 5 September 2020A data breach, kids hacking schools, and foreign nationals stealing secrets, all happened this past week.-www.darkreading.com Warner Music Group Admits Breach- www.theregister.com:Voting app maker roasted by computer boffins for poor security- www.zdnet.com: European ISPs report mysterious wave of DDoS attacks- www.nbcnews.com: Miami-Dade Public Schools' endures days of cyberattacks- www.zdnet.com: MIT SCRAM: a new analysis platform for prioritizing enterprise security investments- www.zdnet.com: Norwegian Parliament discloses cyber-attack o...2020-09-0622 minYou've Already Been HackedNews of the Week for 29 August 2020Telsa Hacked, The DNC wars staffers about Dating Apps, and the electric grid is a prime target, and more this week.Links to the Articles- www.wired.com: A Former Uber Exec's Indictment Is a Warning Shot- www.zdnet.com: Elon Musk confirms Russian hacking plot targeted Tesla factory- www.reuters.com: New Zealand's stock exchange not to reopen on Thursday after cyber attacks- threatpost.com: Hackers Exploit Autodesk Flaw in Recent Cyberespionage Attack- duo.com: Medical Data Leaks Linked to Hardcoded...2020-08-3016 minYou've Already Been HackedNews of the Week for 22 August 2020Ransomeware and Universities, Government Authorities, and CSOs going to Trial all this week.- www.cyberscoop.com: FBI, DHS expose North Korean government malware used in fake job posting campaign- www.theregister.com: Australian government wants power to run cyber-response for businesses under attack- threatpost.com: Cyberattacks Hit Thousands of Canadian Tax, Benefit Accounts- attheu.utah.edu: University of Utah update on data security incident- www.zdnet.com: University of Utah pays $457,000 to ransomware gang- www.zdnet.com: Google...2020-08-2316 minYou've Already Been HackedNews of the Week for 15 August 2020 threatpost.com Mac Users Targeted by Spyware Spreading via Xcode Projects threatpost.com Instagram Retained Deleted User Data Despite GDPR Rules scmagazine.com SANS Institute breach proves anyone can fall victim to a ‘consent phishing’ scam Scmagazine.com California under counted COVID-19 cases after certificate expired www.zdnet.com: A mysterious group has hijacked Tor exit nodes threatpost.com: TikTok Collected MAC addresses from Android Users www.wired.com: Alexa Bug has potential bad news for user Voice Logs www.theregister.com: Chrome Web Store extensions downloaded 80 million times with malware inside www.cyberscoop.com: The first state to release vuln...2020-08-1617 min
Inside The Media MindsInside the Media Minds Episode 44 - Jill Aitoro - CyberRisk Alliance/SC MediaIn the latest episode of #IMM, Christine speaks with Jill Aitoro, Editorial Director at CyberRisk Alliance, and editor in chief of SC Media.2020-08-1132 minYou've Already Been HackedNews of the Week 8 August 2020Referenced Articles:www.bleepingcomputer.com: Canon confirms ransomware attack in internal memowww.wired.com: Chinese Hackers Have Pillaged Taiwan's Semiconductor Industrywww.wired.com: Voting Machine Makers Are Finally Playing Nice With Hackerswww.zdnet.com: Capital One fined $80 million for 2019 hackarstechnica.com: More than 20GB of Intel source code and proprietary data dumped onlinewww.theregister.com: 'We stopped ransomware' boasts Blackbaud CEO. And by 'stopped' he means 'got insurance to pay off crooks'threatpost.com: Garmin Pays Up to Evil Corp...2020-08-0913 minYou've Already Been HackedNews of the Week for 1 August 2020- www.bleepingcomputer.com: New ‘Meow’ attack has deleted almost 4,000 unsecured databases- us-cert.cisa.gov: Alert (AA20-209A) | Potential Legacy Risk from Malware Targeting QNAP NAS Devices- www.theregister.com: If you own one of these 45 Netgear devices, replace it: Firm won't patch vulnerable gear despite live proof-of-concept code- threatpost.com: Lazarus Group Brings APT Tactics to Ransomware- www.mcafee.com: McAfee Defender’s Blog: Operation North Star Campaign- arstechnica.com: New flaw neuters Secure Boot, but there’s no reason to panic. Here’s why- www...2020-08-0115 minYou've Already Been HackedNews of the Week 25 July 2020In this week's podcast, hacks abound in multiple sectors, some of which happened months back, and we are only getting details on now.www.justice.gov: Two Alleged Criminals – A Hezbollah Associated Narco-Money Launderer and a Computer Hacker - Extradited from Cyprus to the United Stateswww.wired.com: Chinese Hackers Charged in Decade-Long Crime and Spying Spreewww.bbc.com: Blackbaud Hack: Universities lose data to ransomware attackarstechnica.com: Ongoing Meow attack has nuked >1,000 databases without telling anyone whywww.reuters.com: Twitter says ha...2020-07-2614 minYou've Already Been HackedNews of the Week for Week Ending July 18 2020In this episode, we go over cybersecurity news that stuck out to me over the past week, as things we all need to pay attention to. Article links listed below. This episode's format is based on a segment I teach in my class on cybersecurity risk management, to help students better understand the reading materials by using world events that are current and topical.www.ncsc.gov.uk: Advisory: APT29 targets COVID-19 vaccine developmentwww.usatoday.com: A game of 'cat and mouse': Hacking attacks on hospitals for patient data increase during coronavirus pandemic2020-07-1916 min