show episodes
 
Loading …
show series
 
Updates on the DarkSide ransomware attack on Colonial Pipeline. Other ransomware strains, including Avaddon and Babuk are out, and dangerous. Guidelines on 5G threat vectors. Lemon Duck cryptojackers are looking for vulnerable Exchange Server instances. A bogus, malicious Chrome app is circulating by smishing. Ben Yelin examines an online facial re…
 
Colonial Pipeline shuts down some systems after a ransomware attack, disrupting refined petroleum product delivery in the Eastern US. We’ll check in with Sergio Caltagirone from Dragos for his analysis. Other ransomware attacks hit city and Tribal governments. Joint UK-US alert on SVR tactics issued, and the SVR may have changed its methods accordi…
 
Good security gets out of the way of users while getting in the way of adversaries. Passwords fail on both accounts. Users feel the pain of adhering to complex password policies. Adversaries simply copy, break, or brute-force their way in. Why, then, have we spent decades with passwords as the primary factor for authentication?From the very first t…
 
VP of Global Solutions Architecture at eSentire Tia Hopkins shares her career journey and talks about its beginnings in engineering and pivots into cybersecurity leadership. Tia shares how she liked to take things apart when she was young, including the brand new computer her mother bought her and how she was fascinated by all the pieces of it spre…
 
Guest Mike McLellan from Secureworks joins us to share his team's insights about SUPERNOVA and threat group attribution. Similarities between the SUPERNOVA activity and a previous compromise of the network suggest that SPIRAL was responsible for both intrusions and reveal information about the threat group. In late 2020, Secureworks® Counter Threat…
 
CISA outlines the FiveHands ransomware campaign. Circumstantial evidence suggests that some cybergangs are either controlled by or are doing contract work for Russian intelligence services. US Federal agencies turn their attention to software supply chain security. Scripps Health continues its recovery from cyberattack. Insecure home routers in the…
 
Some possible insight into what a Chinese cyberespionage unit is up to. Hackathons, from Beijing to Washington (the one sponsored by Beijing developed an iPhone zero-day used against China’s Uyghurs). Panda Stealer is after crypto wallets. Microsoft's Kevin Magee reflects on lessons learned in the last year. Our own Rick Howard speaks with Todd Nei…
 
Belgium sustains a DDoS attack that knocks parliamentary sessions offline. New malware strains identified in phishing campaign. Threat actors look for ways of working around multi-factor authentication and open authentication. COVID-19 scams continue online, and attract law enforcement attention. Joe Carrigan describes a compromised password manage…
 
Pulse Secure patches its VPN, and CISA for one thinks you ought to apply those fixes. Apple has also patched two zero-days in its Webkit engine. Scripps Health recovers from what’s said to be a ransomware attack. Researchers describe Genesis, a criminal market for digital fingerprints. Ben Yelin described a grand jury subpoena for Signal user data.…
 
Possible data exposure at the Philippines’ Office of the Solicitor General. In the US, FISA surveillance targets dropped during 2020’s pandemic. The Babuk gang says it’s giving up encryption to concentrate on doxing. A new version of the Buer loader is out in the wild. Rick Howard looks at security in the energy sector. Betsy Carmelite from Booz Al…
 
CEO and co-founder of SafeGuard Cyber Jim Zufoletti shares his journey starting out as an intrepreneur and transformation into a serial entrepreneur in cybersecurity. Jim shares how he got his feet wet working for others as an intrepreneur and catching the entrepreneurial bug in the mid-90s. He has co-founded a number of companies starting with Fre…
 
Guest Jen Miller-Osborn from Palo Alto Networks' Unit 42 joins Dave to discuss their 2021 Unit 42 Ransomware Threat Report, which highlights a surge in ransomware demands based on a global analysis of the threat landscape in 2020. To evaluate the current state of the ransomware threat landscape, the Unit 42 threat intelligence team and the Crypsis …
 
The US Government expands its investigation into Pulse Secure VPN compromises. Microsoft discloses its discovery of BadAlloc IoT and OT vulnerabilities. Someone’s distributing Purple Lambert spyware. Chinese intelligence services seem to be backdooring the Russian defense sector. Financially motivated criminals are exploiting SonicWall VPN vulnerab…
 
An API bug may have exposed credit ratings. A study offers advice for the new anti-ransomware task forces emerging in the US and elsewhere. Israelis warned to keep their cyber-guard up on Quds Day next week. Russia says it would spot any US cyberattack before it hit. The US Congress considers establishing surge cyber response capacity. Dinah Davis …
 
Ghostwriter is back, and has moved its “chaos troops” against fresh targets in Poland and Germany. The Naikon APT has a new secondary backdoor. FluBot, temporarily inhibited by police raids, is back, and expanding its infection of Android devices across Europe. Microsoft is rethinking how much, and with whom, it wants to share vulnerability informa…
 
FBI, CISA, detail SVR cyber activities. Nine US Combatant Commands see declassification as an important tool in information warfare. A convergence of OPSEC and privacy? Apple fixes a significant Gatekeeper bypass flaw. Babuk ransomware hits DC police. A new twist in credential harvesting. Ben Yelin considers the FTCs stance on racially biased algor…
 
Zoom prankers deceive European members of parliament with a deepfake video call. A password manager is compromised. Europol took a good whack at Emotet yesterday, removing the botnet’s malware from infected machines. US response to the Holiday Bear campaign receives cautious good reviews. A cyberattack interferes with cancer treatments. Caleb Barlo…
 
Senior security researcher from Secureworks Marcelle Lee shares her career journey into cybersecurity and how she helps solve hard problems in her daily work. Marcelle came into cybersecurity not through any traditional path. She describes her route from a different field and starting in cyber at her local community college through a grant program.…
 
Proliferation of data continues to outstrip our ability to manage and secure data. The gap is growing and alarming,especially given the explosion of non-traditional smart devices generating, storing, and sharing information. As edge computing grows, more devices are generating and transmitting data than there are human beings walking the planet. Hi…
 
Guest Jason Passwaters of Intel 471 joins us to discuss his team's research into bulletproof hosting (BPH). The research team at Intel 471 defined what a typical BPH service offers and how these services can be stopped in order to limit the damage they have on enterprises, businesses and digital society itself. They examined some popular malware fa…
 
Ransomware operators begin timing their releases for more reputational damage. Another gang is equipping its ransomware with scripts to disable defenses, and yet another is now into stock shorting. The US Postal Inspection Service is apparently monitoring social media. GCHQ’s head warns of the dangers of becoming dependent on China’s technology. Jo…
 
Agencies continue to respond to the Pulse Secure VPN vulnerabilities. Updates on the SolarWinds compromise show that it remains a threat, and that it was designed to escape detection and, especially, attribution. A cryptojacking botnet is exploiting vulnerable Microsoft Exchange Server instances. Facebook takes down two Palestinian groups distribut…
 
SonicWall zero-days are under active exploitation; mitigations are available. Pulse Secure VPN is also undergoing exploitation, probably by China, and mitigations are available here, too. The US begins work on shoring up power grid cybersecurity. Cyber ops rise with Russo-Ukrainian tension. The help desk at ISIS tells jihadists to stay away from Bi…
 
Update on the Codecov supply chain attack. The Babuk gang says they’ve debugged their decryptor. MI5 warns of “industrial scale” catphishing in LinkedIn. Positive Technologies responds to US sanctions. The US stands down the two Unified Coordination Groups it established to deal with the SolarWinds and Exchange Server compromises. Are all Five Eyes…
 
Another supply chain incident surfaces. The Natanz sabotage seems to have landed a punch, but not a knock-out blow against Iran’s nuclear program (and it appears to have been a bomb). China’s “big data” gangs and their place in the criminal economy. Tolerating (and protecting?) ransomware gangs in Russia? Betsy Carmelite looks at the intersection o…
 
Loading …

Quick Reference Guide

Copyright 2021 | Sitemap | Privacy Policy | Terms of Service
Google login Twitter login Classic login