DtSR Episode 380 – Gadi Tells It Like It Is
Welcome to episode 380 of the DtSR Podcast. We have a special treat for you this episode, with long-time friend Gadi Evron, and he holds nothing back in his start discussion of our industry. We virtually guarantee this will...
ISC StormCast for Tuesday, January 28th 2020
Coronavirus Preparedness and Associated Scamshttps://isc.sans.edu/forums/diary/Network+Security+Perspective+on+Coronavirus+Preparedness/25750/ RD Gateway RCE Exploit Demoedhttps://twitter.com/layle_ctf/status/1221514332049113095?s=12
RCR 062: Understanding Asset Ownership (Domain 2) – CISSP Study and Training!
Shon Gerber from ShonGerber.com provides you the information and knowledge you need to prepare and pass the CISSP Exam while providing the tools you need to enhance your cybersecurity career. Shon utilizes his expansive knowledge while providing superior training...
A cyber espionage campaign is to use DNS hijacking. More observations on l’affaire Bezos. Operation Night Fury versus e-commerce hackers. Farewell to Clayton Christensen.
Someone has been running a DNS hijacking campaign against governments in southeast Europe and southwest Asia, and Reuters thinks that someone looks like Turkey. Experts would like to see a more thorough forensic analysis of Mr. Bezos’ iPhone: that...
Something Sanitary – PSW #636
This week, we welcome Dug Song, Co-Founder and General Manager of Duo Security at Cisco, to discuss the vision and culture behind Duo Security, and talk about his journey from when he began his start in Information Security! In...
Unsupervised Learning: No. 213
Saudi Bezos Hack, MIT Davos AI, Moar Energy Attacks, NIST Privacy, Ohio CISO, Microsoft Data Breach, Technology News, Human News, Ideas Trends & Analysis, Discovery, Recommendations, and the Weekly Aphorism…Support the show.
Bezos Hack, Microsoft Exposed, AI Threats – Wrap Up – SWN #6
This week, Doug White brings the Security Weekly News update for the week of January 20, 2020, to discuss the top news stories of the week, across all of the Security Weekly Network shows! Show Notes: https://wiki.securityweekly.com/SWNEpisode6 Visit...
Dark Web Fraud and Cybercrime with Emily Wilson
In episode 105 for January 27th 2020: What are the new forms of fraud and cybercrime being found on the Dark Web? We discuss this fascinating topic with Emily Wilson, VP of Research at Terbium Labs.
** Show notes and...
ISC StormCast for Monday, January 27th 2020
Citrix Releases ADC Updates For All Versions https://www.citrix.com/blogs/2020/01/24/citrix-releases-final-fixes-for-cve-2019-19781/Temporary Windows 0-Day
Episode 180 – A Tale of Two Vulnerabilities
Josh and Kurt talk about two recent vulnerabilities that have had very different outcomes. One was the Citrix remote code execution flaw. While the flaw is bad, the handling of the flaw was possibly worse than the flaw itself. The...
Hank Thomas and Mike Doniger, getting the specs on the cyber SPAC
In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they...
Weekly Update 175
Ari’s Coding for Kids; Scott’s NDC Sessions; My NDC Sessions; Have I Been Pwned Hits 3M Subscribers; Scott Misses His Pi-hole
https://www.troyhunt.com/weekly-update-175/
Know Thy Enemy – Identifying North American Cyber Threats – Research Saturday
The electric utility industry is a valuable target for adversaries seeking to exploit industrial control systems (ICS) and operations technology (OT) for a variety of purposes. As adversaries and their sponsors invest more effort and money into obtaining effects-focused...
PupyRAT is back. So is the Konni Group. Twitter storm over claims that MBS hacked Jeff Bezos. Anti-disinformaiton laws considered. Canada is ready to impose costs on cyber attackers.
PupyRAT was found in a European energy organization: it may be associated with Iranian threat actors. Another threat actor, the Konni Group, was active against a US government agency last year. Saudi Arabia maintains it had nothing to do...
ISC StormCast for Friday, January 24th 2020
Simple vs. Complex Obfuscation https://isc.sans.edu/forums/diary/Complex+Obfuscation+VS+Simple+Trick/25738/RD Gateway PoC Exploit Release https://github.com/ollypwn/BlueGateCitrix
Phishing with a RAT in the Gulf. More on how Jeff Bezos was hacked. Microsoft discloses data exposure. Ransomware continues to dump data. Windows 7, already back from the great beyond.
There’s more phishing around the Arabian Gulf, but it doesn’t look local. Reactions to Brazil’s indictment of Glenn Greenwald. The forensic report on Jeff Bezos’s smartphone has emerged, and the UN wants some investigating. Microsoft discloses an exposed database,...
Lots of Shenanigans – ESW #169
This week, we talk Enterprise News, to talk about Security Compass securing funding to enhance solutions portfolio and accelerate growth, Micropatch simulates workaround for recent zero-day IE flaw, New Kaspersky Sandbox automates protection from advanced threats, FireEye adds Cloudvisory...
2020-002-Liz Fong-Jones discusses blog post about Honeycomb.io Incident Response
Ms. Berlin's appearance on #misec podcast - https://www.youtube.com/watch?v=Cj2IF0zn_BE with @kentgruber and @quantissIA Blog post: https://www.honeycomb.io/blog/incident-report-running-dry-on-memory-without-noticing/ What is Honeycomb.io? From the site: “Honeycomb is a tool for introspecting and interrogating your production systems. We can gather data from...
ISC StormCast for Thursday, January 23rd 2020
German Malspam Pushing Ursnif https://isc.sans.edu/forums/diary/German+language+malspam+pushes+Ursnif/25732/Tracking Users Using Safari's Intelligent Tracking
7MS #397: OPSEC Tips for Security Consultants
This podcast is sponsored by Arctic Wolf, whose Concierge Security teams Monitor, Detect and Respond to Cyber threats 24/7 for thousands of customers around the world. Arctic Wolf. Redefining cybersecurity. Visit Arcticwolf.com/7MS to learn more.
I'm working on a...
DEF CON China conference put on hold due to coronavirus outbreak
DEF CON team is hoping that the 2019-nCoV outbreak will improve and they can go on as planned, or reschedule.
Remember the Clipper chip? NSA’s botched backdoor-for-Feds from 1993 still influences today’s encryption debates
We'll laugh at today's mandated holes in the same way we laugh at those from 25 years ago Enigma More than a quarter century after its introduction, the failed rollout of hardware deliberately backdoored by the NSA is still...
Average Ransomware Payments More Than Doubled in Q4 2019
Ransomware attackers collected an average of around $84,000 from victim organizations, up from $41,000 in Q3 of 2018, Coveware says.
Seven Years Later, Scores of EAS Systems sit Un-patched, Vulnerable
Two years after a false EAS alert about an incoming ICBM sowed terror in Hawaii, and seven years after security researchers warned about insecure, Internet connected Emergency Alert System (EAS) hardware, scores of the devices across the U.S. remain...
One Small Fix Would Curb Stingray Surveillance
The technology needed to limit stingrays is clear—but good luck getting telecoms on board.
