Sunday, June 20, 2021
The CyberWire Podcast

Primitive Bear spearphishes for Ukrainian entities. [Research Saturday]

Guests Gage Mele and Yury Polozov join Dave to talk about Anomali's research "Primitive Bear (Gamaredon) Targets Ukraine with Timely Themes." Anomali Threat Research identified malicious samples that align with the...

Weekly Update 248

Presently sponsored by: Axonius gives IT and security teams the confidence they need to focus on the bigger picture. Learn more and try it free.Thought I'd do a bit of AMA this week given the rest of the content...
Security Weekly

Adrian Overlord – PSW #699

This week, we welcome Brian Joe, Director of Security Product Marketing at Fastly, to discuss Avoiding the Silo: Bridging the Divide Between Security + Dev Teams! In the Security News: Jeff, Larry, & Doug adjust to our Adrian Overlord!...
The CyberWire Podcast

Notes from the underworld: phishing with hardware, DarkSide impersonation, and cyber vigilantes. Data incidents, and a conviction for a crypter.

Phishing, with a bogus hardware wallet as bait. Empty threats from a DarkSide impersonator. Cyber vigilantes may be distributing anti-piracy malware. Data security incidents at a cruise line and a US...
Security Weekly

Cyber Insurance, Akamai Outages, Win 10 EOL, & Pinchy Spider – SWN #128

This week, Dr. Doug talks: Pinchy Spider, Drones, Biden and Putin, Microsoft, CVS, along with the Show Wrap Ups & his Favorite Threat of the Week! Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like...

Game Changer with Mathieu Huysman

Videogame studios are under serious attack, partly because they don't need to adhere to the same security requirements and regulatory demands as more prominent industries. From an attacker's viewpoint, it's very lucrative. Not only are game developers at risk...
Security Weekly

Sassy & Thoughtful – ESW #231

This week, in our first segment, we welcome Ian Tien, CEO and Co-Founder of Mattermost, to discuss "Open-Source Enterprise Communication Security "! In the second segment, Russell From, Enterprise Services Integration Engineer Lead at Tanium joins to talk Tanium...
SANS ISC

ISC StormCast for Friday, June 18th, 2021

Network Forensics on Azure VMs https://isc.sans.edu/forums/diary/Network+Forensics+on+Azure+VMs+Part+1/27536/ Fake Ledger Hardware Wallets
The CyberWire Podcast

The Russo-US summit ended in frank exchanges and the prospect of further discussions on cybersecurity. Ferocious Kitten tracked. Initial access brokers. Molerats return. Ransomware arrests.

The US-Russian summit took up cyber conflict, cyber privateering, and cyber deterrence, ending with the prospect of further discussions. Ferocious Kitten’s domestic surveillance. Ransomware gangs are using a lot of initial...

S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems

S3 Ep37: Quantum crypto, refunding Bitcoins, and Alpaca problems Will quantum cryptography mean the end of encryption? How was the FBI able to get bitcoins back in the Colonial Pipeline ransomware case? What is the ALPACA attack, and does it...
Security Weekly

Help Heal – SCW #76

Join this segment with Danny Akacki to learn about educating both practitioners and executives on security topics of the day and helping to build community initiatives like trust groups and community groups like local DEF CON chapters.   Show...
SANS ISC

ISC StormCast for Thursday, June 17th, 2021

June 2021 Forensic Quiz https://isc.sans.edu/forums/diary/June+2021+Forensic+Contest/27532/ ThroughTek IP Camera SDK Vulnerability
Smashing Security

232: Zoomolympics and language matters

Video gaming giant Electronic Arts suffers a hack following slack security, the Japanese Olympics are proving unpopular with everyone apart from cybercriminals, and le coq est mort. All this and much much...
The CyberWire Podcast

Airline resolves IT issue. Paradise ransomware source code leaked. Unauthorized access to cameras possible. TSA pipeline cyber guidance under preparation. Russo-US summit. Anonymous extradition.

Southwest flights are back in the air after an IT issue disrupted them yesterday. Paradise ransomware source code has been leaked online. Some networked camera feeds may be accessible to unauthorized...
OWASP Podcast

OWASP Flagship Projects – Episode 02

In this episode of the People | Process | Technology podcast, I speak with Seba Deleersnyder from the Software Assurance Maturity Model, Carlos Holguera and Sven Schleier from the Mobile Security Testing Guide, and Bjoern Kimminich from the Juice...
7 minute security

7MS #472: Interview with Christopher Fielder

Today our good pal Christopher Fielder from Arctic Wolf is back for an interview three-peat! He joins Joe "The Machine" Skeen (a.k.a. Gh0sthax) and I to talk about all things ransomware, including: How the Colonial Pipeline incident may have...
Security Weekly

Frustratingly Effective – BSW #220

This week, we welcome Jonny Noble, Technical Marketing Team Lead at Cisco Umbrella, to discuss Securing User Connections to Applications! In the Leadership & Communications articles: Attracting Talent During a Worker Shortage, CISOs Say Application Security is Broken, Three...
SANS ISC

ISC StormCast for Wednesday, June 16th, 2021

Multi Perimeter Device Exploit Mirai Version Hunting For Sonicwall, DLink,

2021-021-Security Sphynx, ZeroTrust, implementation prep- part2

EO from President Biden asked for a plan to create Zerotrust implementation in the next 90 days (well, 70ish days now… as of 23 May) https://twitter.com/SecuritySphynx/status/1390475868032618496 @securitySphynx “CIO: Zero Trust is the way…” What is the optimal configuration...
Security Now

SN 823: TLS Confusion Attacks – TikTok Privacy, iOS 14.5 Tracking Permission, Industry-Wide Patch Tuesday

Picture of the week. Being #1 is a mixed blessing. Industry wide patch Tuesday. TikTok Quietly Updated Its Privacy Policy to Collect Users' Biometric Data. iOS 14.5 requires apps to obtain explicit tracking permission. The ANOM sting operation. "Windows 10" — the last Windows ever? Project...
SecurityWeek

Hit by a Ransomware Attack? Your Payment May be Deductible

As ransomware attacks surge, the FBI is doubling down on its guidance to affected businesses: Don’t pay the cybercriminals. But the U.S. government also offers a little-noticed incentive for those who do pay: The ransoms may be tax deductible. read...

A Bug in the Android Google App Put Privacy at Risk

Plus: Airbnb's safety squad, a fake pharmacy crackdown, and more of the week's top security news.

Why You Suddenly Need To Delete Google Maps On Your iPhone

Hundreds of millions of iPhone users should stop using Google Maps after radical new update...

Why You Should Stop Sending Texts From Your Android Messages App

Millions of you are still putting your security at risk. Here's the serious problem you have...
SecurityWeek

Major Cyberattack on Poland Came from Russian Territory: Kaczynski

A recent "large scale" cyberattack targeting top Polish politicians was launched from Russia, Jaroslaw Kaczynski, the leader of Poland's governing right-wing party, said on Friday. read more