On this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these t...
Nov 28, 2019•20 min•Ep 10•Transcript available on Metacast On this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shop...
Nov 21, 2019•23 min•Ep 9•Transcript available on Metacast On this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (compli...
Nov 14, 2019•23 min•Ep 8•Transcript available on Metacast On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS de...
Nov 07, 2019•23 min•Ep 7•Transcript available on Metacast In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who st...
Oct 31, 2019•22 min•Ep 6•Transcript available on Metacast In this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has ...
Oct 24, 2019•22 min•Ep 5•Transcript available on Metacast In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security stories of the week. In the mix this week, a zero-day in the Windows version of iTunes and iCloud, ATM malware, the Sudo vulnerability, and how it has been proved that you can insert spy chips into firewalls. Also, the stalker in Japan who used reflections in photos to track down his victim, and finally, the price paid for people’s private information on the deep...
Oct 17, 2019•27 min•Ep 4•Transcript available on Metacast In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss some of the biggest cyber security stories of the last week. Topics on the agenda include: controversy over Apple allowing a police-tracking app to be carried on its App Store in Hong Kong, a ruling from the European Court of Justice that could have big implications for social media platforms, new technology that claims it can identify people through walls from their gait using just Wi-Fi ...
Oct 10, 2019•23 min•Ep 3•Transcript available on Metacast In this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman discuss the high cost of ransomware, and the emergence of disinformation-as-a-service on underground markets. We also chat about researchers finding a way to steal data from encrypted PDFs, and the bulletproof hosting service housed in a former NATO bunker in Germany that was recently shut down by police. Finally, we discuss the issue of deepfake videos, the problems they could present, and the steps Google and ...
Oct 03, 2019•23 min•Ep 2•Transcript available on Metacast We’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the...
Sep 26, 2019•23 min•Ep 1•Transcript available on Metacast In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Als...
Jun 27, 2019•19 min•Ep 52•Transcript available on Metacast In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.
Jun 20, 2019•24 min•Ep 51•Transcript available on Metacast On this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead calle...
Jun 13, 2019•22 min•Ep 50•Transcript available on Metacast On this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.
Jun 06, 2019•19 min•Ep 49•Transcript available on Metacast On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few ...
May 30, 2019•21 min•Ep 48•Transcript available on Metacast In this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attack...
May 23, 2019•21 min•Ep 47•Transcript available on Metacast In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are ...
May 15, 2019•25 min•Ep 46•Transcript available on Metacast On this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security o...
May 09, 2019•20 min•Ep 45•Transcript available on Metacast On this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.
May 02, 2019•24 min•Ep 44•Transcript available on Metacast On this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.
Apr 24, 2019•19 min•Ep 43•Transcript available on Metacast On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?
Apr 18, 2019•24 min•Ep 42•Transcript available on Metacast On this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing cu...
Apr 11, 2019•23 min•Ep 41•Transcript available on Metacast On this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.
Apr 04, 2019•20 min•Ep 40•Transcript available on Metacast On this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security.
Mar 28, 2019•23 min•Ep 39•Transcript available on Metacast In today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.
Mar 21, 2019•24 min•Transcript available on Metacast In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes.
Mar 14, 2019•32 min•Ep 37•Transcript available on Metacast This week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.
Mar 07, 2019•28 min•Ep 36•Transcript available on Metacast This week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most.
Feb 28, 2019•34 min•Ep 35•Transcript available on Metacast In this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, a...
Feb 21, 2019•23 min•Ep 34•Transcript available on Metacast In this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.
Feb 14, 2019•22 min•Ep 33•Transcript available on Metacast 
