Tuesday, September 27, 2022
The Security Ledger

Episode 243: The CSTO is a thing- a conversation with Chris Hoff of LastPass

Paul talks with Chris Hoff the Chief Secure Technology Officer at LastPass about the CSTO role and the security implications of “software eating the world.” The post Episode 243: The CSTO is a thing- a conversation with Chris Hoff...
The Security Ledger

Episode 242: Hacking the Farm (and John Deere) with Sick Codes

In our latest podcast, Paul caught up with Sick Codes (@sickcodes) to talk about his now-legendary presentation at the DEF CON Conference in Las Vegas, in which he demonstrated a hack that ran the Doom first person shooter on a John...
The Security Ledger

Episode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko Hyppönen

We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable." The post Episode 241: If Its Smart, Its Vulnerable a Conversation wit Mikko...
The Security Ledger

Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko Hyppönen

We speak with Mikko Hyppönen on the sidelines of the DEF CON Conference in Las Vegas to talk about his new book, “If its Smart it Vulnerable." The post Episode 241: If Its Smart, Its Vulnerable a Conversation with Mikko...
The Security Ledger

DEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security, Competition

A researcher presented the results of a year-long effort to reverse engineer John Deere hardware to run a version of the DOOM first person shooter. He also discovered a number of security flaws along the way. The post DEF...
The Security Ledger

UPDATE DEF CON DOOM Patrol: Deere Jailbreak Raises Questions on Security, Competition

A researcher presented the results of a year-long effort to reverse engineer John Deere hardware to run a version of the DOOM first person shooter. He also discovered a number of security flaws along the way. The post UPDATE...
The Security Ledger

Episode 240: As Stakes Of Attacks Grow, Can Cyber Policy “Shift Right”?

In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard’s Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as...
The Security Ledger

Episode 240: As Stakes Grow, Can Cyber Policy Needs to “Shift Right”?

In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard’s Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as...
The Security Ledger

Episode 240: As Stakes Grow, Cyber Policy Needs to “Shift Right”?

In this episode of the podcast (#240) Lauren Zabierek, the Executive Director for the Cyber Project at the Belfer Center at Harvard’s Kennedy School joins us to talk about the need for a re-think of national cybersecurity preparedness, as...
The Security Ledger

Hybrid Work Is Here: Is Your Security Strategy Ready for It?

An “everywhere,” hybrid workforce is no longer concept, but reality. But securing hybrid workplaces requires big changes to how IT security gets done, argues Jason Lee, the CISO of Zoom in this Expert Insight. The post Hybrid Work Is...
The Security Ledger

The Future of Attack Surface Management: How to Prepare

Upwards of 70% of organizations have been compromised because of an unknown, unmanaged, or mismanaged visible asset. Improving your Attack Surface Management capabilities is critical, says David Monnier, a Fellow at Team Cymru. The post The Future of Attack...
The Security Ledger

How Vulnerability Management Has Evolved And Where It’s Headed Next

The blocking and tackling work of scan management is becoming a commodity, writes Lisa Xu, the CEO of NopSec in this Expert Insight. What organizations need now is complete visibility of their IT infrastructure and business applications. The post...
The Security Ledger

The Concerning Statistics About Mental Health in Cybersecurity

Are cyber professionals as good at protecting their mental health as their IT environments? Thomas Kinsella, COO of Tines, talks about the worrying mental health statistics in cyber and how to protect your team. The post The Concerning Statistics...
The Security Ledger

Episode 239: Power shifts from Russia to China in the Cyber Underground

Naomi Yusupov, a Chinese Intelligence Analyst at the threat intelligence firm CyberSixGill talks to host Paul Roberts about that company’s new report: The Bear and the Dragon: Analyzing the Russian and Chinese Cybercriminal Communities. The post Episode 239: Power...
The Security Ledger

Identity Fraud: The New Corporate Battleground

The pandemic accelerated the migration to digital services, with millions of U.S. consumers turning to the internet for everything from medical care to shopping and banking. But as consumers increasingly move their transactions online, criminals enjoy a landscape ripe...
The Register

Ukraine fears ‘massive’ Russian cyberattacks on power, infrastructure

Will those be before or after the nuke strikes Putin keeps banging on about? Russia plans to conduct "massive cyberattacks" on Ukraine and its allies' critical infrastructure and energy sector, according to Kyiv.…

BrandPost: Extortion Economics: Ransomware’s New Business Model

Did you know that over 80% of ransomware attacks can be traced to common configuration errors in software and devices? This ease of access is one of many reasons why cybercriminals have become emboldened by the underground ransomware economy.And...

Police ‘all over’ dark web ransom threat to release 10,000 customer records a day, Optus CEO says

Purported hackers post ultimatum demanding $1m within four days after massive Optus data breachFollow our Australia news live blog for the latest updatesGet our free news app, morning email briefing or daily news podcastThe chief executive of Optus, Kelly...

Barracuda Unveils New Capabilities To Protect Against Persistent And Evolving Threats

Barracuda announced a number of product enhancements and innovative new capabilities at its recent Secured.22 virtual conference to expand the protection for customers and help them defend against the latest cyber threats.

Zoho ManageEngine flaw is actively exploited, CISA warns

A remote code execution vulnerability in Zoho's ManageEngine, a popular IT management solution for enterprises, is being exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) added the flaw to its catalog of known exploited vulnerabilities...