NSA and CISA release a list of the ten most common misconfigurations along with Identity and access management guidelines. The Predator Files. Cyber cooperation between Russia and North Korea. Hacktivist auxiliaries hit Australia. Hacktivists and hacktivist auxiliaries scorn the application of international humanitarian law. The direction of Russian cyber operations. Dave Bittner speaks with Andrea Little Limbago from Interos to talk about geopolitics, cyber and the C-suite. Rick Howard talks wi...
Oct 06, 2023•30 min•Season 7Ep. 1922
Apple patches actively exploited iOS 17 vulnerability. Qakbot's survival of a major takedown. BADBOX puts malware into the device supply chain. LoonyTunables and a privilege-escalation risk. Scattered Spider believed responsible for cyberattack against Clorox. Sony discloses information on its data breach. In today’s Threat Vector segment, Chris Tillett, Senior Research Engineer at Palo Alto Networks and member of the Advisory Board at Titaniam Labs, joins host David Moulton to delve inside the ...
Oct 05, 2023•25 min•Season 7Ep. 1921
EvilProxy phishes for executives. Typosquatting to deliver a rootkit. Stream-jacking on YouTube. A global look at risk management. Assistance from a diverse set of international partners. In our Solution Spotlight segment, Simone Petrella speaks with Diane Janosek, Executive Director of Capitol Technology University's Center for Women in Cyber, about paths to cybersecurity and ways to address cybersecurity workforce intelligence through education. Dave Bittner previews the 3rd annual SOC Analyst...
Oct 04, 2023•26 min•Season 7Ep. 1920
Nearly 100,000 ICS services exposed to the Internet. BunnyLoader in the C2C market. Phantom Hacker scams. API risks. Cybersecurity attitudes and behaviors. Homeland Security IG finds flaws in TSA pipeline security programs, and privacy issues with CBP, ICE, and USSS use of commercial telemetry. Kyiv prepares for Russian attacks on Ukraine's power grid. Ben Yelin on the Department of Commerce placing guardrails on semi-conductor companies. As part of our sponsored Industry Voices segment, Dave Bi...
Oct 03, 2023•26 min•Season 7Ep. 1919
Double-tapping ransomware hits the same victim twice. Exim mail servers are found exposed to attack. Iran's OilRig deploys Menorah malware against Saudi targets. North Korea's Lazarus Group targets a Spanish aerospace firm. Update your ransomware scorecards: LostTrust is a rebrand of MetaEncryptor. Increased domestic surveillance in Russia, done partly so propaganda can be more effectively targeted. Killnet claims to have hit the British Royal family with a DDoS attack. Michael Denning, CEO at S...
Oct 02, 2023•28 min•Season 7Ep. 1918
This week, we are joined by Ted Wagner, Chief Information Security Officer at SAP National Security Services, or SAP NS2. Ted sits down to share his story on how he got introduced into the industry and why he chose this as a career path. He went straight into the Armyas a second lieutenant in the artillery field after high school, which after his time was up he decided to move on and started working for a company that allowed him to do a management training program. After that he found himself w...
Oct 01, 2023•9 min•Season 4Ep. 169
David Liebenberg from Cisco Talos joins to discussing Talos' discovery of cracked Microsoft Windows software being downloaded by enterprise users across the globe. Downloading and running this compromised software not only serves as an entry point for threat actors, but can serve as a gateway to access control systems and establish backdoors. Talos identified additional malware, including RATs, on endpoints running this cracked software, which allows an attacker to gain unauthorized remote acces...
Sep 30, 2023•17 min•Season 7Ep. 301
Malicious ads in a chatbot. Google provides clarification on a recent vulnerability. Cl0p switches from Tor to torrents. Influence operations as an adjunct to weapons of mass destruction. Our guest Jeffrey Wells, former Maryland cyber czar and partner at Sigma7 shares his thoughts on what the looming US government shutdown will mean for the nation’s cybersecurity. Tim Eades from Cyber Mentor Fund discussing the 3 who’s a cybersecurity entrepreneur needs to consider. And NSA has a new AI Security...
Sep 29, 2023•27 min•Season 7Ep. 1917
The Budworm APT's bespoke tools. Johnson Controls sustains a cyberattack. The US Privacy and Civil Liberties Oversight Board reports on Section 702. The looming government shutdown and cyber risk. Cybersecurity in the US industrial base. X cuts back content moderation capabilities. In our Industry Voices segment, Nicholas Kathmann from LogicGate describes the struggle when facing low cost attacks. Sam Crowther from Kasada shares his team's findings on Stolen Auto Accounts. And Ukrainian hacktivi...
Sep 28, 2023•29 min•Season 7Ep. 1916
A Joint Advisory warns of Beijing's "BlackTech" threat activity. ShadowSyndicate is a new ransomware as a service operation. A Smishing Triad in the UAE. Openfire flaw actively exploited against servers. AtlasCross is technically capable and, above all, "cautious." Xenomorph malware in the wild. DDoS and API attacks hit the financial sector. In our Industry Voices segment, Joe DePlato from Bluestone Analytics demystified dark net drug markets. Our guest is Richard Hummel from Netscout with the l...
Sep 27, 2023•33 min•Season 7Ep. 1915
An advanced phishing campaign hits hospitality industry. An information-stealing campaign deploys ZenRAT. More MOVEit-related data breaches are disclosed. Mixin Network suspends deposits and withdrawals. The OpenSea NFT market warns of third-party risk to its API. Phishing for Ukrainian military drone operators. Mr. Security Answer Person John Pescatore shares thoughts in Cisco acquiring Splunk. Ann Johnson from the Afternoon Cyber Tea podcast interviews Deb Cupp sharing a lesson in leadership. ...
Sep 26, 2023•23 min•Season 7Ep. 1914
The Gelsemium APT is active against a Southeast Asian government. A multi-year campaign against Tibetan, Uighur, and Taiwanese targets. Stealth Falcon's new backdoor. Predator spyware is deployed against Apple zero-days. An update on Pegasus spyware found in Meduza devices. There’s a shift in Russian cyberespionage targeting. A rumor of cyberwar in occupied Crimea. In our Industry Voices segment, Amit Sinha, CEO of Digicert, describes digital trust for the software supply chain. Our guest is Arc...
Sep 25, 2023•31 min•Season 7Ep. 1913
In this extended interview, Simone Petrella sits down with Chris Krebs of the Krebs Stamos Group at the mWise 2023 Cybersecurity Conference to discuss threat intelligence . Learn more about your ad choices. Visit megaphone.fm/adchoices
Sep 25, 2023•16 min•Season 8Ep. 54
This week our guest is Merritt Baer, a Field CISO from Lacework, and a cloud security unicorn, sits down to share her incredible story working through the ranks to get to where she is today. Before working at Lacework Merritt served in the Office of the CISO at Amazon Web Services, as part of a small elite team that formed a Deputy CISO. She provided technical cloud security guidance to AWS’ largest customers, like the Fortune 100, on security as a bottom line proposition. She also has experienc...
Sep 24, 2023•7 min•Season 4Ep. 168
Maxim Zavodchik from Akamai joins Dave to discuss their research on "Xurum: New Magento Campaign Discovered." Akamai researchers have discovered an ongoing server-side template injection campaign that is exploiting digital commerce websites. This campaign targets Magento 2 shops, and was dubbed Xurum in reference to the domain name of the attacker’s command and control (C2) server. The research states "The attacker uses an advanced web shell named “wso-ng” that is activated only when the attacke...
Sep 23, 2023•15 min•Season 7Ep. 300
A new APT is found: enter Sandman. Tracking an initial access broker called Gold Melody. Iran’s OilRig group is active against Israeli targets. Cyber ops as an instrument of soft power. Recovery and investigation in the casino ransomware attacks. In our Solutions Spotlight, Simone Petrella speaks with MK Palmore from Google Cloud about talent retention and the cybersecurity skills gap. Our guest is Kristen Marquardt of Hakluyt with advice for cyber startups. And Bermuda points to Russian threat ...
Sep 22, 2023•32 min•Season 7Ep. 1912
CISA and the FBI warn of Snatch ransomware. A look at phishing trends. Ransomware is increasingly cited in cyber insurance claims. Trends in cyber threats to academic institutions. A Russian hacktivist auxiliary disrupts Canadian border control and airport sites. The ICC remains tight-lipped concerning cyberattack. N2K’s Simone Petrella sits down with Chris Krebs at the mWise conference. In today’s Threat Vector segment, David Moulton from Unit 42 takes a peek into the modern threat landscape wi...
Sep 21, 2023•31 min•Season 7Ep. 1911
The International Criminal Court reports a "cybersecurity incident." ShroudedSnooper intrusion activity is both novel and simple. Criminal malware targets Chinese-speaking victims. The costs of insider risk. More on the casino attacks (and related social engineering capers). In our Learning Layer segment, Sam Meisenberg drops into a CISSP tutoring session and offers some test-taking tips. Our guest is Aaron Brazelton, Dean of Admissions and Advancement at the Alabama School of Cyber Technology a...
Sep 20, 2023•32 min•Season 7Ep. 1910
Colombia continues its recovery from last week's cyberattacks. AI training data is accidentally published to GitHub. The cyberespionage techniques of Earth Lusca. Clorox blames product shortages on a cyber attack. Cybersecurity incidents in industrial environments. Where the wild bots are. Joe Carrigan looks at top level domain name exploitation. Our guest is Kristen Bell from GuidePoint Security with a look at vulnerability vs. exploitability. And there’s talk of potential Russia-DPRK cooperati...
Sep 19, 2023•27 min•Season 7Ep. 1909
Cyber threats trending from East Asia. The Lazarus Group is suspected in the CoinEx crypto theft. Pig butchering, enabled by cryptocurrency. BlackCat is active against Azure storage. a Ukrainian view of cyber warfare. A US-Canadian water commission deals with a ransomware attack. Eric Goldstein from CISA shares insights on cyber threats from China. Neil Serebryany of Calypso explains the policies, tools and safeguards in place to enable the safe use of generative AI. And more details emerge in t...
Sep 18, 2023•27 min•Season 7Ep. 1908
Karl Mattson, CISO at Noname Security, joins us to share his story. Having started out as a "military brat," traveling the world as the child of a Marine, Karl later joined the Army not long after high school. In the Army, Karl was assigned the career field of intelligence analyst and started working with the NSA. He says that was a real career break. Following the Army, Karl worked in the financial services world as a CISO. At Noname, Karl began by building out internal risk and IT functions in...
Sep 17, 2023•8 min•Season 4Ep. 167
Guest Manuel Hepfer from ISTARI shares his research on cyber resilience which includes discussions with 37 CEOs to gain insight into how they manage cybersecurity risk. ISTARI and Oxford University's Saïd Business School dive into the minds and experiences of CEOs on how they manage cybersecurity risk. Ask any CEO to name the issues that keep them awake at night and cybersecurity risk is likely near the top of the list – with good reason. With the accelerating digitalisation of business models c...
Sep 16, 2023•40 min•Season 7Ep. 299
"Peach Sandstorm" is an Iranian cyberespionage campaign. A Cyberattack against a telecom provider affects government and corporate online operations in Colombia. Python NodeStealer takes browser credentials. Caesars Entertainment files its 8-K. Some MGM Entertainment systems remain down. Betsy Carmelite from Booz Allen talking about how to leverage cyber psychology. Ron Reiter of Sentra outlines the threats for connected cars. And a third-party incident exposes personal data of the Manchester po...
Sep 15, 2023•31 min•Season 7Ep. 1907
The MGM Resorts incident is now believed to be ransomware, and how does that inform our view of Materiality of a cyber incident? MetaStealer targets businesses. Cloud access with stolen credentials. The cloud as an expansive attack surface. Johannes Ullrich from SANS describes malware in dot-inf files. In our Industry Voices segment Dave speaks with Oliver Tavakoli, CTO at Vectra, on the complexity and challenges of cloud service security. And welcome back, or not, Your Highness the Large Langua...
Sep 14, 2023•26 min•Season 7Ep. 1906
An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense publishes its 2023 Cyber Strategy. Ann Johnson from the Afternoon Cyber Tea podcast speaks with with Jenny Radcliffe about the rise in social engineering. Deepen Desai from Zscaler shares a technical analysis of Bandit Stealer. And a quick reminder: yesterday was Pa...
Sep 13, 2023•26 min•Season 7Ep. 1905
Phishing with Facebook Messenger accounts. Redfly cyberespionage targets a national grid. The exploit trade in the C2C underground market. Phishing attack exploits Baidu link. A repojacking vulnerability. A hacktivist auxiliary looks to its own interests. Ben Yelin marks the start of the Google antitrust trial. In our Industry Voices segment, Adam Bateman from Push Security explains how identities are the new perimeter. And MGM Resorts are dealing with a “cybersecurity issue.” For links to all o...
Sep 12, 2023•32 min•Season 7Ep. 1904
UK's NCA and NCSC release a study of the cybercriminal underworld. HijackLoader's growing share of the C2C market. Russia's hacker diaspora in Turkey. Author David Hunt discusses his new book, “Irreducibly Complex Systems: An Introduction to Continuous Security Testing.” In our Industry Voices segment, Mike Anderson from Netskope outlines the challenges of managing Generative AI tools. And a senior Russian cyber diplomat warns against US escalation in cyberspace. For links to all of today's stor...
Sep 11, 2023•31 min•Season 7Ep. 1903
Caroline Wong, Chief Strategy Officer from Cobalt sits down to share her story of her 15+ years in cybersecurity leadership, including practitioner, product, and consulting roles. As well as being a member of our very own Hash Table, Caroline also authored the popular textbook, Security Metrics: A Beginner's Guide and teachers cybersecurity courses on LinkedIn Learning as well as hosts the Humans of InfoSec podcast. Caroline's father pushed her to start her career in engineering, she went to UC ...
Sep 10, 2023•8 min•Season 4Ep. 166
This week, our guest is Reece Baldwin from Kasada discussing their work on "No Honour Amongst Thieves: Unpacking a New OpenBullet Malware Campaign." The Kasada Threat Intelligence team has recently identified a malware campaign targeting users of OpenBullet, a tool popular within criminal communities to conduct credential stuffing attacks. This malware campaign was first uncovered when the team was digging around in a Telegram channel setup to share OpenBullet configurations. Reading through a f...
Sep 09, 2023•17 min•Season 7Ep. 298
Apple issues emergency patches. "Multiple nation-state actors" target the aerospace sector. The DPRK targets security researchers. SpaceX interrupted service to block a Ukrainian attack against Russian naval units last year. The International Criminal Court will prosecute cyber war crimes. Operation KleptoCapture extends to professional service providers. Malek Ben Salem of Accenture ponders the long-term reliability of LLM-powered applications. Our guest is Elliott Champion from CSC on how cybe...
Sep 08, 2023•31 min•Season 7Ep. 1902
