Tuesday, January 28, 2020
DtSR Podcast

DtSR Episode 380 – Gadi Tells It Like It Is

Welcome to episode 380 of the DtSR Podcast. We have a special treat for you this episode, with long-time friend Gadi Evron, and he holds nothing back in his start discussion of our industry. We virtually guarantee this will...
SANS ISC

ISC StormCast for Tuesday, January 28th 2020

Coronavirus Preparedness and Associated Scamshttps://isc.sans.edu/forums/diary/Network+Security+Perspective+on+Coronavirus+Preparedness/25750/ RD Gateway RCE Exploit Demoedhttps://twitter.com/layle_ctf/status/1221514332049113095?s=12
Reduce Cyber Risk

RCR 062: Understanding Asset Ownership (Domain 2) – CISSP Study and Training!

Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career.  Shon utilizes his expansive knowledge while providing superior training...
The CyberWire Podcast

A cyber espionage campaign is to use DNS hijacking. More observations on l’affaire Bezos. Operation Night Fury versus e-commerce hackers. Farewell to Clayton Christensen.

Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that...
Security Weekly

Something Sanitary – PSW #636

This week, we welcome Dug Song, Co-Founder and General Manager of Duo Security at Cisco, to discuss the vision and culture behind Duo Security, and talk about his journey from when he began his start in Information Security! In...
Unsuperivsed Learning Podcast

Unsupervised Learning: No. 213

Saudi Bezos Hack, MIT Davos AI, Moar Energy Attacks, NIST Privacy, Ohio CISO, Microsoft Data Breach, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Support the show.
Security Weekly

Bezos Hack, Microsoft Exposed, AI Threats – Wrap Up – SWN #6

This week, Doug White brings the Security Weekly News update for the week of January 20, 2020, to discuss the top news stories of the week, across all of the Security Weekly Network shows!   Show Notes: https://wiki.securityweekly.com/SWNEpisode6 Visit...
The Shared Security Podcast

Dark Web Fraud and Cybercrime with Emily Wilson

In episode 105 for January 27th 2020: What are the new forms of fraud and cybercrime being found on the Dark Web? We discuss this fascinating topic with Emily Wilson, VP of Research at Terbium Labs. ** Show notes and...
SANS ISC

ISC StormCast for Monday, January 27th 2020

Citrix Releases ADC Updates For All Versions https://www.citrix.com/blogs/2020/01/24/citrix-releases-final-fixes-for-cve-2019-19781/Temporary Windows 0-Day
Open Source Security Podcast

Episode 180 – A Tale of Two Vulnerabilities

Josh and Kurt talk about two recent vulnerabilities that have had very different outcomes. One was the Citrix remote code execution flaw. While the flaw is bad, the handling of the flaw was possibly worse than the flaw itself. The...
The CyberWire Podcast

Hank Thomas and Mike Doniger, getting the specs on the cyber SPAC

In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they...

Weekly Update 175

Ari’s Coding for Kids; Scott’s NDC Sessions; My NDC Sessions; Have I Been Pwned Hits 3M Subscribers; Scott Misses His Pi-hole https://www.troyhunt.com/weekly-update-175/
The CyberWire Podcast

Know Thy Enemy – Identifying North American Cyber Threats – Research Saturday

The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused...
The CyberWire Podcast

PupyRAT is back. So is the Konni Group. Twitter storm over claims that MBS hacked Jeff Bezos. Anti-disinformaiton laws considered. Canada is ready to impose costs on cyber attackers.

PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do...
SANS ISC

ISC StormCast for Friday, January 24th 2020

Simple vs. Complex Obfuscation https://isc.sans.edu/forums/diary/Complex+Obfuscation+VS+Simple+Trick/25738/RD Gateway PoC Exploit Release https://github.com/ollypwn/BlueGateCitrix
The CyberWire Podcast

Phishing with a RAT in the Gulf. More on how Jeff Bezos was hacked. Microsoft discloses data exposure. Ransomware continues to dump data. Windows 7, already back from the great beyond.

There’s more phishing around the Arabian Gulf, but it doesn’t look local. Reactions to Brazil’s indictment of Glenn Greenwald. The forensic report on Jeff Bezos’s smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database,...
Security Weekly

Lots of Shenanigans – ESW #169

This week, we talk Enterprise News, to talk about Security Compass securing funding to enhance solutions portfolio and accelerate growth, Micropatch simulates workaround for recent zero-day IE flaw, New Kaspersky Sandbox automates protection from advanced threats, FireEye adds Cloudvisory...

2020-002-Liz Fong-Jones discusses blog post about Honeycomb.io Incident Response

Ms. Berlin's appearance on #misec podcast - https://www.youtube.com/watch?v=Cj2IF0zn_BE with @kentgruber and @quantissIA Blog post:  https://www.honeycomb.io/blog/incident-report-running-dry-on-memory-without-noticing/   What is Honeycomb.io? From the site:  “Honeycomb is a tool for introspecting and interrogating your production systems. We can gather data from...
SANS ISC

ISC StormCast for Thursday, January 23rd 2020

German Malspam Pushing Ursnif https://isc.sans.edu/forums/diary/German+language+malspam+pushes+Ursnif/25732/Tracking Users Using Safari's Intelligent Tracking
7 minute security

7MS #397: OPSEC Tips for Security Consultants

This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more. I'm working on a...
ZDNet

DEF CON China conference put on hold due to coronavirus outbreak

DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
The Register

Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates

We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma  More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...

Average Ransomware Payments More Than Doubled in Q4 2019

Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
The Security Ledger

Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable

Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...

One Small Fix Would Curb Stingray Surveillance

The technology needed to limit stingrays is clear—but good luck getting telecoms on board.