Primitive Bear spearphishes for Ukrainian entities. [Research Saturday]
Guests Gage Mele and Yury Polozov join Dave to talk about Anomali's research "Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes." Anomali Threat Research identified malicious samples that align with the...
Weekly Update 248
Presently sponsored by: Axonius gives IT and security teams the confidence they need to focus on the bigger picture. Learn more and try it free.Thought I'd do a bit of AMA this week given the rest of the content...
Adrian Overlord – PSW #699
This week, we welcome Brian Joe, Director of Security Product Marketing at Fastly, to discuss Avoiding the Silo: Bridging the Divide Between Security + Dev Teams! In the Security News: Jeff, Larry, & Doug adjust to our Adrian Overlord!...
Notes from the underworld: phishing with hardware, DarkSide impersonation, and cyber vigilantes. Data incidents, and a conviction for a crypter.
Phishing, with a bogus hardware wallet as bait. Empty threats from a DarkSide impersonator. Cyber vigilantes may be distributing anti-piracy malware. Data security incidents at a cruise line and a US...
Cyber Insurance, Akamai Outages, Win 10 EOL, & Pinchy Spider – SWN #128
This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like...
Game Changer with Mathieu Huysman
Videogame studios are under serious attack, partly because they don't need to adhere to the same security requirements and regulatory demands as more prominent industries. From an attacker's viewpoint, it's very lucrative. Not only are game developers at risk...
Sassy & Thoughtful – ESW #231
This week, in our first segment, we welcome Ian Tien, CEO and Co-Founder of Mattermost, to discuss "Open-Source Enterprise Communication Security "! In the second segment, Russell From, Enterprise Services Integration Engineer Lead at Tanium joins to talk Tanium...
ISC StormCast for Friday, June 18th, 2021
Network Forensics on Azure VMs https://isc.sans.edu/forums/diary/Network+Forensics+on+Azure+VMs+Part+1/27536/ Fake Ledger Hardware Wallets
The Russo-US summit ended in frank exchanges and the prospect of further discussions on cybersecurity. Ferocious Kitten tracked. Initial access brokers. Molerats return. Ransomware arrests.
The US-Russian summit took up cyber conflict, cyber privateering, and cyber deterrence, ending with the prospect of further discussions. Ferocious Kitten’s domestic surveillance. Ransomware gangs are using a lot of initial...
S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems
S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems
Will quantum cryptography mean the end of encryption? How was the FBI able to get bitcoins back in the Colonial Pipeline ransomware case? What is the ALPACA attack, and does it...
Help Heal – SCW #76
Join this segment with Danny Akacki to learn about educating both practitioners and executives on security topics of the day and helping to build community initiatives like trust groups and community groups like local DEF CON chapters. Show...
ISC StormCast for Thursday, June 17th, 2021
June 2021 Forensic Quiz https://isc.sans.edu/forums/diary/June+2021+Forensic+Contest/27532/ ThroughTek IP Camera SDK Vulnerability
232: Zoomolympics and language matters
Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort.
All this and much much...
Airline resolves IT issue. Paradise ransomware source code leaked. Unauthorized access to cameras possible. TSA pipeline cyber guidance under preparation. Russo-US summit. Anonymous extradition.
Southwest flights are back in the air after an IT issue disrupted them yesterday. Paradise ransomware source code has been leaked online. Some networked camera feeds may be accessible to unauthorized...
OWASP Flagship Projects – Episode 02
In this episode of the People | Process | Technology podcast, I speak with Seba Deleersnyder from the Software Assurance Maturity Model, Carlos Holguera and Sven Schleier from the Mobile Security Testing Guide, and Bjoern Kimminich from the Juice...
7MS #472: Interview with Christopher Fielder
Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including:
How the Colonial Pipeline incident may have...
Frustratingly Effective – BSW #220
This week, we welcome Jonny Noble, Technical Marketing Team Lead at Cisco Umbrella, to discuss Securing User Connections to Applications! In the Leadership & Communications articles: Attracting Talent During a Worker Shortage, CISOs Say Application Security is Broken, Three...
ISC StormCast for Wednesday, June 16th, 2021
Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink,
2021-021-Security Sphynx, ZeroTrust, implementation prep- part2
EO from President Biden asked for a plan to create Zerotrust implementation in the next 90 days (well, 70ish days now… as of 23 May) https://twitter.com/SecuritySphynx/status/1390475868032618496 @securitySphynx “CIO: Zero Trust is the way…” What is the optimal configuration...
SN 823: TLS Confusion Attacks – TikTok Privacy, iOS 14.5 Tracking Permission, Industry-Wide Patch Tuesday
Picture of the week.
Being #1 is a mixed blessing.
Industry wide patch Tuesday.
TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data.
iOS 14.5 requires apps to obtain explicit tracking permission.
The ANOM sting operation.
"Windows 10" — the last Windows ever?
Project...
Hit by a Ransomware Attack? Your Payment May be Deductible
As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible.
read...
A Bug in the Android Google App Put Privacy at Risk
Plus: Airbnb's safety squad, a fake pharmacy crackdown, and more of the week's top security news.
Why You Suddenly Need To Delete Google Maps On Your iPhone
Hundreds of millions of iPhone users should stop using Google Maps after radical new update...
Why You Should Stop Sending Texts From Your Android Messages App
Millions of you are still putting your security at risk. Here's the serious problem you have...
Major Cyberattack on Poland Came from Russian Territory: Kaczynski
A recent "large scale" cyberattack targeting top Polish politicians was launched from Russia, Jaroslaw Kaczynski, the leader of Poland's governing right-wing party, said on Friday.
read more
