Threatpost writers Mike Mimoso and Chris Brook discuss security threats, attacks, vulnerability research and trends with a variety of industry executives, researchers and experts.
Here's the Latest Episode from The Threatpost Podcast:
The "identifiers" behind data collection - the ways that companies identify consumers who they're collecting the data from - has extended far beyond cookies prevalent in web browsers, privacy experts warn.
Now, consumers and regulators struggling to understand who is collecting data, how that data is being shared and how it's being stored, must also think about 'identifiers" that are used in mobile tracking and even physical tracking - including facial biometrics or credit cards. And unfortunately, according to a new report released this week, these new types of tracking identifiers are still in a stage where its difficult to reign them in via regulation.
We talk to EFF about how data is being tracked and used, how consumers can protect themselves - and why it's not all bad news in our Threatpost Podcast interview.
Black Friday and Cyber Monday-related scams are nothing new - but researchers warn that this year, they are seeing an uptick in scams using more sophisticated methods to lure users to hand over their payment data.
A research report released Tuesday by ZeroFOX uncovered some of the threats that attackers are using to tap into the Black Friday shopping craze, including social media scams, domain impersonation scams, and malware.
Threatpost news editors break down the top stories of the week, including:
- The Coalition Against Stalkerware launched this week, with the aim of offering a centralized location for helping victims of stalkerware, as well as defining what stalkerware is in the first place.
- Five U.S. Senators are demanding that Amazondisclose how it's securing Ring home-security device footage – and who is allowed to access that footage.
- D-Link has warned that more of its routers are vulnerableto critical flaws that allow remote hackers to take control of hardware and steal data - but the routers won't be fixed as they have reached end of life.
Threatpost talks to researchers about a newly-disclosed, high-severity vulnerability in the Google Camera App, the camera built into Android smartphones, that could allow attackers to hijack Android cameras.
In this sponsored podcast, Threatpost podcast host Cody Hackett and Sam McLane, chief technical services officer with Arctic Wolf, discuss important considerations when building a multi-layered cybersecurity strategy and best practices when evaluating security vendors in a crowded landscape.
From insider threats, to Internet of Things (IoT) medical device security, ENFUSE 2019 broke down the top privacy and security issues that consumers are seeing today - and which regulatory efforts are being developed to address them.
Threatpost editors break down the top news stories for the week ended Nov. 8. The top stories of the week include:
- Despite trillions of dollars in breach fine payouts, each year the number of compromised companies and individuals with private data exposed rise - a Threatpost feature looks at why.
- The DoJ charged two former Twitter employeesfor allegedly accessing thousands of accounts on behalf of Saudi Arabia.
- Trend Micro said that a rogue employee sold the data of 68,000 customersto a malicious third party, who then used that data to target customers with scam calls.
- Researchers disclosed a new way to hack Alexa and Sirismart speakers - using a laser light beam.
- What to expect out of our upcoming free Threatpost webinar, "Trends in Fortune 1000 Breach Exposure." (Click here to register)
Emotet, the infamous banking trojan that mysteriously disappeared over the summer, returned last monthdropping other banking trojans, information stealers, email harvesters, self-propagation mechanisms and ransomware.
But since the malware returned from its hiatus, there was no clear novel technique or tactic that researchers observed - until eventually throughout the weeks, security researcher Suweera De Souza started seeing more and more development. De Souza discusses the new techniques with Threatpost on this week's Threatpost Podcast.
Threatpost editors Tara Seals and Lindsey O'Donnell break down the top security news of this week, from data breaches to Advanced Persistent Threat (APT) activity. Top stories include:
- A Microsoft alert that APT group Fancy Bearhas targeted anti-doping authorities and sporting organizations around the world as the world begins to gear up for the Tokyo Summer Olympic Games, which kick off July 2020.
- A report outlining that Chinese state-sponsored hackersare attacking telecom networks to sniff out SMS messages that contain keywords revolving around political dissidents.
- Bed, Bath and Beyond disclosing a data breachthat allowed the adversaries to access customers' online accounts - and what researchers say the attack may have stemmed from.
- A nasty phishing campaignthat uses fake voicemail messages to lure victims into revealing their Office 365 email credentials.
John Scott Railton, senior researcher at Citizen Lab, led the charge on the investigation into NSO Group and the alleged WhatsApp hack. The lawsuit by WhatsApp parent company Facebook into NSO Group, he said, is a "certified big deal" and will have widespread implications for commercial spyware companies in general.
Threatpost editors break down the top news stories for the week ended Oct. 25. The biggest stories include:
- An unsecured NFC tag opening a door totrivial exploitation of robotsthat are used inside Japanese hotels.
- The FTC has bannedthe sale of three apps – marketed to monitor children and employees – unless the developers can prove that the apps will be used for legitimate purposes.
- Developer interfaces were used by Security Research Labs researchers to turn digital home assistantsinto 'Smart Spies'.
Researchers this week disclosed new ways that attackers can exploit Alexa and Google Home smart speakers to spy on users. The hacks, which rely on the abuse of "skills," or apps for voice assistants, allow bad actors to eavesdrop on users and trick them into telling them their passwords over the smart assistant devices.
Threatpost discusses the new hack with Karsten Nohl, managing director at Security Research Labs, who was behind the research.
As it becomes more difficult and expensive to infiltrate environments via malware, cybercriminals may start turning in the future to a more viable and less costly alternative: Insider threats.
With so many malicious adversaries trying to penetrate companies' networks, companies are forgetting to watch out for a dangerous threat from within their own ranks -insider threats.
Threatpost talks to Digital Guardian's Tim Bandos to learn more about the insider threat of departing employees - and what companies can do to protect data loss.
In this sponsored podcast, Threatpost podcast host Cody Hackett talks to Chip Witt, head of product strategy at SpyCloud, about the account takeover risks posed by third parties.
Your users’ login credentials are available for sale on the criminal underground -- and criminals know it. For the third year running, the 2019 Verizon Data Breach Report calls out the use of weak and stolen credentials as the most common hacking tactic.
The best way to protect your organization is to reset stolen employee and consumer credentials before criminals have a chance to use them against you. But what about partners and vendors, who may have access to your network, your customer data, or your IP? If you have these types of direct relationships, you may have additional exposures.
Researchers have uncovered a cybergang, using a new business email compromise (BEC) tactic, that has found success swindling funds from more than 500 organizations worldwide.
The cybergang, dubbed Silent Starling, hijacks email accounts belonging to employees within a targeted company’s finance department, such as accounts receivable or procurement - and then targets their customers.
On this week's news wrap podcast, Threatpost editors Tara Seals and Lindsey O'Donnell break down the top news, including:
- Despite claiming they were retiring, GandCrab's authors have been linkedto the REvil/Sodinokibi ransomware via a technical analysis.
- A spearphishing campaign, first spotted in Julytargeting three U.S. utility companies with a new malware variant, has evolved its tactics and extended its targetingto include nearly 20 companies.
- A known threat actor, Tortoiseshell, is targeting U.S. military veteranswith a fake veteran hiring website that hosts malware.
From the re-emergence of an infamous malware, to a new lawsuit against Edward Snowden, Threatpost editors Lindsey O'Donnell and Tara Seals break down this week's top news.
A global anonymous bug submission platform, announced at DEF CON in Las Vegas in August, aims to help encourage ethical hackers to submit high-level bugs anonymously that might otherwise trigger a barrage of questions or might put researchers in legal hot water.
At DEF CON, conference founder Jeff Moss said the goal was to launch the yet-to-be-named program within the next 12 months. The program will be built on open-source technology from the Freedom of the Press Foundation's SecureDrop server and is designed to be a cyber tipline of sorts.
Marc Rogers, VP of cybersecurity strategy for Okta and Head of Security Operations for DEF CON, breaks down the anonymous bug submission program in this week's Threatpost Podcast.
Threatpost editors break down the biggest news stories of this week ended Sept. 13.
- Researchers warning that more than one billion mobile usersare at risk from a SIM card flaw being currently exploited by threat actors
- A Telnet backdoor opened more than 1 million Imperial Dabman IoT radiosto hijack
- Wikipedia and World of Warcraft being crippled for days byweekend DDoS attacks
- Microsoft addressing two zero-days under active attack during Patch Tuesday
- Two leaky databases discovered with surprising twists - one owned by DealerLeadsand the other by cybercriminals
Sherrod DeGrippo, the senior director of the threat research and detection team at Proofpoint, joins Threatpost editor Lindsey O'Donnell to swap stories about the craziest scams and phishing attempts that she's seen - and how hackers are playing into victims' emotions to get them to click on that malicious attachment or link.
In this week's news wrap ended Sept. 6, the Threatpost team breaks down the biggest news of the week, including:
- Cybercrooks successfully fooling a company into a large wire transfer using an AI-powered deepfakeof a chief executive's voice (and Facebook, Microsoft and a number of universities joining forces to sponsor a contestpromoting research and development to combat deepfakes)
- A leaky server exposing phone numbers linked to the Facebook accountsof hundreds of millions of users in the latest privacy gaffe for the social media giant.
- Facebook allowing its users to opt-out of the Tag Suggestions feature, while at the same time attempting to help users better understand what the feature does.
- The challenges behind patch management, and why 80 percent of enterprise applications have at least one unpatched vulnerability in them.
In this week's news wrap podcast, editor Lindsey O'Donnell and Tara Seals break down the top news of the week - from ransomware attacks to companies responding to outcry over privacy issues. Top stories include:
- Ring announcedit is working with more than 400 US police departments to streamline their access to user videos, ushering fears over privacy
- Speaking of privacy, the Mozilla Foundation and EFF penned an open letter this week scolding Venmofor its privacy policies; while Appleand Googlestepped up their game with newly-announced steps they would take against data abuse.
- Ransomware attacks hit several U.S. dentist officesthis week, while a report also came out about how more cyberinsurance providers are encouraging users to pay the ransom.
- A webinar hosted by Tara Seals this week where a panel of experts offered enterprises and other organizations insight about how to approach security for the next wave of IoT deployments, which will be enabled by the rollout of 5G networks worldwide. Click here to listen to the recorded webinar.
Why did Valve-owner Steam say it made a "mistake" turning a researcher away from its bug bounty program? Who was behind a backdoor that was purposefully introduced into a utility utilized by Unix and Linux servers? And why is Facebook coming under fire for its "Clear History" feature? Threatpost editors Lindsey O'Donnell and Tom Spring break down the top stories of the week that have the infosec space buzzing, including:
- A backdoor that was intentionally planted in Webminin 2018 and found during the DEF CON 2019 security conference when researchers stumbled upon malicious code.
- A researcher disclosing a zero-day vulnerability (the second in two weeks) for the Steam gaming client after he said he was barred from the bug bounty programof Steam's owner, Valve.
- Facebook being met with vitriol after users discovered its "Clear History" feature, rolled out in some countries this week, wasn't what they had thought.
Threatpost talks to Allan Liska, with Recorded Future, about the ongoing ransomware attacks of more than 20 Texas entities. What do we know so far? Why is this so different from other ransomware attacks? And will cities continue to be plagued by ransomware threats?
On the heels of Black Hat USA 2019 and DEF CON, Threatpost editors break down the biggest news of this past week ended Aug. 16, from Patch Tuesday craziness to publicly-exposed databases. That includes:
- Microsoft's August Patch Tuesday releasefeaturing four BlueKeep-like critical remote code-execution vulnerabilities in Remote Desktop Services (RDS) and a critical RCE flaw in Microsoft Word.
- The personal and biometrics data of more than a million people left publicly exposedon a database owned by Suprema, a biometric security company.
- Hacking conference organizer DEF CON Communicationssaid it plans to roll out a global anonymous bug submission platform based on the SecureDrop communications tool.
As social media platform TikTok becomes the top App Store app download in 2019 - and the number three app download on Google Play and on platforms overall - scammers are looking to cash in on the troves of younger users of the popular platform.
Tenable researcher Satnam Narang, who has been tracking the platform for scams since March 2019, said that, while scams have been previously undocumented, he has come across several that are "in their infancy" - and he expects that number to explode.
These scams, already prevalent on Instagram and Twitter, revolve around adult dating as well as account impersonation to get more likes or follows, and in some cases can be extremely profitable for scammers.
"I think as long as these platforms exist, and there are billions of users using them, you're going to have scammers. It's just sort of part of using these platforms," Narang told Threatpost.
Las Vegas - Black Hat and DEF CON 2019 may be wrapping up, but the dual conferences last week in Las Vegas left the security industry with a flurry of new security flaws, topics and announcements to discuss for the weeks to come.
Threatpost editors Tara Seals and Lindsey O'Donnell get together to discuss the highs and lows from the conference. The highs include a widespread trend around increased collaboration between vendors and researchers pinpointed during the keynote by Square's Dino Dai Zovi. That includes:
- An improved public bug bounty programannounced by Apple that increases product scope and rewards
- Microsoft offering $300,000 for working exploits
- New IoT flaws discovered- and in the process of being updated - in high-end hotels
In addition, Threatpost discusses why Black Hat came under scrutiny for a sponsored "Time AI" encryption session that many researchers criticized as a scam.
Security, intel and fraud teams are swimming in data. Data is not the problem, but operationalizing and making use of the data we have is. Taking this one step further is making use of the data with a purpose, specifically, to interrupt the criminal lifecycle to make it more expensive for criminals to get value from the data and information they steal.
Threatpost podcast host Cody Hackett talks to Chip Witt, head of product strategy at Spycloud, to discuss the operationalization of data and how market trends are driving data security challenges.
Las Vegas - Despite bizarre reports of a grasshopper infestation, Black Hat USA 2019 and DEF CON are set to kick off next week in Las Vegas, bringing on a rainstorm of sessions, keynotes and security-themed villages.
The Threatpost team, which will be on the frontlines of next week's shows, discuss what is sticking out to them - from the keynote given by Dino Dai Zovi with Square, "Every Security Team is a Software Team Now," to key sessions and vulnerabilities disclosed in iPhones, 5G and IoT devices.
With the increasing popularity of Bring Your Own Device (BYOD) policies and public cloud offerings, enterprises are moving from on-premises applications to cloud apps - but they still lack faith in cloud security.
A new July Bitglass study found that 67 percent of respondents believe cloud apps are as secure or more secure than on-premises apps— a significantly higher statistic than the 40 percent recorded in 2015. Despite this, 93 percent of respondents are at least moderately concerned about the security of the cloud.
"So you have this kind of seeming contradiction where people say, yes, it's just as secure or more secure, than on-prem ways of doing things. But also, we're very concerned about it," said Jacob Serpa with Bitglass in a podcast interview with Threatpost. "So I just think that, you know, one thing that really jumped out of the report was that emphasis on the shared responsibility model of security, and how organizations can say, hey, the cloud is secure. But we have to use it wisely."
Below is a full podcast interview with Serpa breaking down the top takeaways from the report and how enterprises are challenged by cloud security threats and concerns.
With ransomware attacks against local governments repeatedly making headlines, what can cities do to better protect themselves?
In the second of a two-part series, Threatpost talks to Shawn Taylor, the senior systems engineer at Forescout who covers state and local governments across the country. Taylor, who was in the trenches during the infamous 2018 Atlanta ransomware attack, recounts what the experience taught him about how to best protect against ransomware threats.
Voice assistants are growing rapidly in popularity -- but at the same time, the privacy concerns and security issues with popular home assistant devices like Amazon Echo and Google Home are also peaking.
Earlier in July, Amazon came under fireafter acknowledging that it retains the voice recordings and transcripts of customers' interactions with its Alexa voice assistant indefinitely - raising questions about how long companies should be able to save highly-personal data collected from voice assistant devices.
Amazon continues to find itself in hot water regarding privacy policies around its Echo devices. In April, Amazon came under fire after a report revealedthe company employs thousands of auditors to listen to Echo users' voice recordings. And last year, Amazon inadvertentlysent 1,700 audio files containing recordings of Alexa interactions by a customer to a random person –and later characterized it as a "mishap" that came down to one employee's mistake.Against this backdrop, Threatpost talks about the top privacy concerns regarding voice assistants with Tim Mackey, principal security strategist at the cybersecurity research center at Synopsys - and what types of regulation aim to curb these concerns.
Why do cities appear to be a low hanging fruit when it comes to ransomware attacks? What hurdles do state and local governments face when securing their systems and responding to attacks?
In the first of a two part series, Threatpost talks to Shawn Taylor, the senior systems engineer at Forescout who covers state and local governments across the country. Taylor was in the trenches during the infamous 2018 Atlanta ransomware attack and recounts what the experience taught him about remediation and recovery efforts when it comes to cyberattacks.
Threatpost talks to Bugcrowd chief security officer David Baker about the challenges, trends and future of bug bounty programs.
A 14-year-old hacker used a new strain of malware this week to brick up to 4,000 insecure Internet of Things (IoT) devices - before abruptly shutting down. The malware, dubbed Silex, was first discovered by Larry Cashdollar, senior Security Intelligence Response engineer at Akamai, on his honeypot. Threatpost discusses the new malware with Cashdollar - and what malware strains like this one and BrickerBot mean for the insecure IoT device landscape.
Beyond the regular humdrum of security vulnerabilities and patches this week, a slew of stories covered varying topics ranging from NASA to Tinder. The Threatpost team broke down the top stories of the week, including:
- A ransomware webinar hosted by Threatpost editor Tara Seals, which included experts from Recorded Future, Malwarebytes and Moss Adams. The webinar looked at the top ransomware trends and threats, and outlined how enterprises can protect themselves.
- A Florida city hit three weeks ago by a ransomware attack voted this week to pay the hackers a ransom of $600,000.
- A Threatpost feature, that looked at top dating apps like Match.com and Tinder, found that the services are collecting and sharing a disturbing range of data, from chat messages to sexual orientation.
- Rampant security-operations bungling allowed cyberattackers to infiltrate NASA's JPL network, which carries human mission data.
What can be done with 2 million connected security cameras, baby monitors and more that are vulnerable to serious flaws - but don't have a patch?
Security researcher Paul Marrapese, whodisclosed the flaws in April and has yet to hear back from any impacted vendors, recommends that consumers throw them in the trash.
"I 100 percent suggest that people throw them out," he told Threatpost in a podcast interview. "I really, I don't think that there's going to be any patch for this. The issues are very, very hard to fix, in part because, once a device is shipped with a serial number, you can't really change that, you can't really patch that, it's a physical issue."
Beyond Patch Tuesday, this week was crammed with privacy and security related news. In this week's Threatpost podcast, editors Tara Seals and Lindsey O'Donnell discussed the top news from the week. That includes:
- A federal lawsuit alleging that Amazon is recording children who use its Alexa devices, without their consent or knowledge.
- Telegram's CEO pointing the finger squarely at Chinaas the culprit responsible for the distributed denial of service (DDoS) attack that it suffered on Wednesday.
- A critical flawin the popular note-taking Evernote extension could have allowed attackers to steal personal data – including emails and financial transactions – of millions.
This week cybersecurity news was overshadowed by research, talks and discussion from Infosecurity Europe, which took place in London. During the Threatpost news wrap for the week ended June 7, the team breaks down the top news from the show, as well as other breaking security news covered over the past few days. Those include:
- Top keynotes from Infosecurity Europe, including one that looked at the impact of data miningon future elections.
- Continued worries around the BlueKeep vulnerabilityafter a researcher disclosed a proof-of-concept (PoC).
- A PoC attack named Tap ‘n Ghostthat targets Near Field Communication (NFC)-enabled Android smartphones.
At Infosecurity Europe, Threatpost caught up with Agari researchers to discuss their threat research unveiled at the show about a newly-unveiled business email compromise (BEC) cybergang.
The cybercriminal group, which researchers called Scattered Canary, has been evolving for over 10 years - starting from a "one man shop" launching Craigslist and romance scams, to a high-level, sophisticated BEC group with dozens of employees targeting enterprises.
Threatpost talks to Ronnie Tokazowski, senior threat researcher at Agari, and Crane Hassold, Senior Director of threat Research at Agari, about the threat research and BEC scams in general.
At Infosecurity Europe, which kicks off Tuesday in London, UK, Threatpost gets a behind-the-scenes look at the Nansh0u campaign, a cryptojacking campaign that has infected 50,000 servers with malware that mines an open source cryptocurrency called TurtleCoin. Dave Klein, senior director of engineering architecture with Guardicore, discusses cryptojacking and other trends he's looking out for at the show.
Threatpost talks to Nils Ahrlich, head of end-to-end security solutions at Nokia, at the GSMA Mobile 360 Security for 5G conference last week in the Netherlands. When it comes to 5G there are a slew of use cases being utilized at the bleeding edge - from smart factories to IoT - but these are also opening up security risks.
During the GSMA Mobile360 conference on 5G security, Threatpost editor Tara Seals talks to Patrick Donegan, founder and principle analyst at HardenStance, about the enterprise risks involved in 5G.
With the advent of 5G, the tech community is bracing itself for new applications like self-driving cars and IoT. But what does that mean for the security landscape? At the GSMA Mobile 360 Conference, Threatpost editor Tara Seals talks to Fred Streefland, CISO for the Benelux and Nothern East Europe region at Palo Alto Networks, about the security challenges - and opportunities - that 5G is presenting.
The Threatpost team breaks down the top data privacy-related news this week, including:
- Google's acknowledgementthat G Suite passwords had been stored in plaintext - since 2005.
The database of golfing app Game Golf left misconfigured, exposing millions of data points on games played plus sensitive information.
- Mozilla's focus on privacy in its new release of Firefox 67, which comes with protections against cryptomining and digital fingerprints.
- The upcoming Threatpost webinar focusing on Identity Management solutions picking up the slack as passwords are increasingly viewed as security liabilities (you can register here)
After Intel on Tuesday revealed a new class of speculative execution vulnerabilities, which impact all its modern CPUs, the researcher who was part of the team that discovered one of these flaws is sounding off on the disclosure process behind it.
The speculative execution flaw, ZombieLoad, is an attack related to CVE-2018-12130, the flaw in the Fill Buffer of Intel CPUs. That's because this attack leaks the most data – attackers are able to siphon data from system applications, operating system and virtual machines.
ZombieLoad was discovered and reported by Michael Schwarz, Moritz Lipp and Daniel Gruss from the Graz University of Technology (known for their previous discoveries of similar attacks, including Meltdown). Gruss talks about how the team first discovered the attack.
This week was filled with flaws, flaws and more flaws: From a zero-day under active exploit in the WhatsApp messaging app, to Patch Tuesday glitches addressed by Microsoft. Threatpost breaks down the top vulnerabilities of the week, including:
A WhatsApp zero-day vulnerability being exploited in targeted spyware attacks
- Several Cisco vulnerabilities, including a critical remote code-execution (RCE) vulnerabilities in the Cisco Prime Infrastructure (PI) and Evolved Programmable Network (EPN) Manager; and an unpatched, high-severity Secure Boot flaw that was disclosed on Monday
A Microsoft patch released on Patch Tuesdayfor an elevation-of-privileges vulnerability rated important, which is being exploited in the wild
- Apple rolling out 173 patchesin various products across its hardware portfolio, including for dangerous bugs in macOS for laptops and desktops, iPhone, Apple TV and Apple Watch.
Threatpost editors Lindsey O'Donnell and Tom Spring break down this week's biggest news, including:
-Facebook co-founder Chris Hughes wrote a blistering op-ed about the need for regulation around the social media giant
-Verizon's data breach investigations report 2019, released this week, which outlined the top data breach trends to look out for
-A firestorm surrounding Airbnb after a guest discovered that her host was secretly recording her in the flat's bedroom.
The Threatpost team discusses a slew of strange security news that made headlines this week, including:
-The Cartoon Network being hacked to play Brazilian stripper videos
-The Catholic Church falling victim to a $1.75 business email compromise scam
-A scammer pretending to be Jason Statham tricking a fan out of money
What is the future of IoT security? Will consumers continue to face insecure technology, disturbing privacy concerns, and DDoS attacks? Or will the efforts of consortiums, legislations and industry pressure help set connected device security straight?
Threatpost sits down with Jason Soroco with Sectigo, the Chief Technology Officer of IoT, to get his opinion.
The Threatpost team talks about recent data privacy news - including the Facebook's FTC fine potentially reaching $5 billion, facial recognition concerns, and Amazon's Echo auditing team.
Threatpost editor Tara Seals sits down with Staffan Truvé, the co-founder and CTO of Recorded Future, at the Security Analyst Summit in Singapore this week.
Truvé discussed the rise of influence campaigns on social media, and one campaign in particular that researchers have recently spotted that has focused not on fake news, but on old news that aims to influence victims.
At the Security Analyst Summit this year in Singapore, Threatpost editor Tara Seals catches up with Joe FitzPatrick, researcher with Securing Hardware, who led a session during the conference about "A Measured Response to a Grain of Rice: An Implant in the Shell"
After a 2019 Bloomberg report alleged that a spy chip was implanted on Supermicro servers and eventually made it into the supply chain of several high-profile cloud vendors, supply chain was thrown to the forefront. (The report was strongly refuted by Supermicro, Amazon and Apple).
FitzPatrick talks about what stood out to him about the report- and what didn't make sense - as well as the risks of supply chain that end users should focus on.
Chris Vickery, the Director of Cyber Risk Research at UpGuard, joined the Threatpost Podcast to discuss this week's report that hundreds of millions of Facebook records were publicly exposed on the internet.
Norway-based Norsk Hydro announced on Tuesday morning it was victim to a serious ransomware attack, which has forced the global aluminum producer to shut down or isolate several plants and send several more into manual mode, the company said on Tuesday morning.
Threatpost talked to Phil Neray, the VP of Industrial Cybersecurity at CyberX, about how manufacturing firms can avoid a similar cyberattack that Norsk Hydro has undergone.
The Threatpost team touches base at the RSA Conference this year in San Francisco to discuss breaking news from the show and their favorite topics and trends that they saw.
Lindsey O'Donnell with Threatpost talked to Tom Kellermann, Chief Cybersecurity Officer at Carbon Black. Carbon Black at RSA this year unveiled a new report outlining the top attacks that financial firms are facing. According to the report, 67 percent of surveyed financial institutions have reported an increase in cyberattacks over the past 12 months. Kellermann discusses the report's findings and key takeaways.
During the RSA conference this week, Lindsey O'Donnell with Threatpost talks to Raoul Strackx, post-doctoral researcher and KU Leuven. Strackx was one of the researchers who discovered the Foreshadow vulnerability in CPUs in August. He discusses the vulnerability and why speculative execution attacks will only get worse.
The Threatpost team breaks down the biggest news, stories and trends they expect to hear about at RSA 2019 this year, which takes place next week in San Francisco.
Lindsey O'Donnell and Tom Spring discuss the biggest news of the week ended Feb. 22, including a report about flaws in password managers that drew backlash, and a 19-year-old flaw found in WinRAR.
Threatpost editors break down the biggest news from the week ended Feb. 1.
Threatpost editors break down the top news from this week, including a government emergency alert regarding DNS hijacking attacks and a massive Google GDPR fine.
Threatpost's Tom Spring and Lindsey O'Donnell talk about data exposure, data breaches and new vulnerabilities discovered this past week.
The Emotet banking trojan has been popping up in the news for years: From widespread malspam infections of banking German targets in 2014, all the way up to the costly infection of a New Hampshire town’s computer network in July.
And while the tricky Emotet malware first emerged targeting banking credentials, over the past year researchers have called out the trojan for changing its tactics – and its targets. Sig Murphy, consulting director for Western North America at Cylance, says that this evolution will continue in 2019.
Human rights lawyer Robert Tibbo represented former N.S.A. contractor-turned-whistleblower Edward Snowden when he fled the United States to Hong Kong in 2013. Less publicized has been Tibbo’s work representing several families from the Hong Kong refugee community that welcomed Snowden into their homes – where he avoided unwanted attention.
Threatpost caught up with Tibbo last week in Leipzig, Germany where he spoke at the Chaos Communication Congress about the so-called “Snowden Refugees.”
Threatpost talked to Leigh-Anne Galloway, the cybersecurity resilience lead of Positive Technologies, about what she sees as the top cyber trends, threats and topics in 2019.
From data breaches to threat actors, listen to hear more of Galloway's predictions.
Threatpost's Tom Spring sits down with Robert Tibbo, lawyer for Edward Snowden and the refugee families who hid Snowden.
The refugee families located in Hong Kong that helped shelter Edward Snowden in 2013 - known as the "Snowden refugees" - are under crushing pressure to cooperate with local authorities or face deportation to their countries of origin, where they face an uncertain fate.
Threatpost editor Lindsey O’Donnell talks to RiskIQ's threat researcher, Yonathan Klijnsma, about the varying groups under the Magecart umbrella, and the differing characteristics, targets and techniques of these growing number of groups.
We are joined on the podcast by David Wolpoff, better known as Moose, CTO at Randori.
With high profile breaches making headlines every day, and enterprises spending more on tools and solutions than ever, Moose talks about how companies can create an effective security strategy and defend themselves instead of merely throwing money at the problem.
Threatpost editor Lindsey O'Donnell talks to Rapid7's Chief Data Scientist, Bob Rudis, about the threats that Magecart poses when it comes to e-commerce websites - and how this has evolved over time. This is the first in a series of three podcasts featuring an in-depth discussion of the Magecart threat group. Stay tuned for part two next week.
With Thanksgiving this week and Cyber Monday right around the corner, Threatpost editors Lindsey O'Donnell and Tara Seals talk about the biggest holiday season-related cybersecurity stories of the week.
When it comes to IoT security, legal action is "a matter of when not if."
That's according to Ijay Palansky, an attorney in Armstrong Teasdale's Litigation practice group, represented plaintiffs and class members who alleged in the infamous 2015 Jeep hacking class-action lawsuit that the 3G “infotainment” center in those cars were vulnerable to hacking.
Threatpost talked to Palansky about impending IoT legal issues and what to expect.
The Threatpost editors break down this week's biggest news.
Threatpost's Lindsey O'Donnell speaks with Troy Hunt, a web security expert and the owner of Have I Been Pwned (HIBP).
Hunt talks about HIBP's partnership with Mozilla Firefox and Cloudflare; trends he's seeing with data breaches; and how the view of responsibilities behind strong passwords is changing.
A “critical water utility” has been victim of a ransomware attack, significantly impeding the service in the week after Hurricane Florence hit the East coast of the U.S.
The Onslow Water and Sewer Authority (ONWASA) said in a Monday release that a “sophisticated ransomware attack… has left the utility with limited computer capabilities.” While customer data was not compromised as part of the attack, the lack of computing ability will impact the timeliness of service from ONWASA “for several weeks to come.”
Threatpost's Lindsey O'Donnell talks to Katherine Gronberg, who heads government affairs at ForeScout, about the incident and the level of awareness and readiness for federal organizations for these types of threats.
From Google's privacy snafu to a sneaky new fake Adobe Flash updater, Threatpost's Lindsey O'Donnell and Tara Seals break down the biggest news from the week ended Oct. 12.
Lindsey O'Donnell discusses Synopsys’ ninth annual Building Security in Maturity Model report (BSIMM9) released Tuesday.
The report revealed an emerging new dynamic for software security professionals. Synopsys' Gary McGraw, vice president of security technology, breaks down the top takeaways from the report and what was most surprising.
Threatpost's Lindsey O'Donnell and Tom Spring discuss this week's biggest news - including a breakthrough Bloomberg report that China infiltrated Supermicro motherboards, as well as a report that said that 83 percent of home and office router brands have vulnerabilities.
A year later, almost 2 billion IoT devices are still vulnerable to the BlueBorne attack. Armis' VP of Product Joe Lea discusses with Threatpost.
Threatpost editors Lindsey O'Donnell and Tom Spring break down the biggest news from the week ending September 7.
The Threatpost team talks about the biggest news from this past week, including a Windows zero-day flaw outed on Twitter, Yahoo's email ad-targeting privacy snafu, and crashing mobile apps that leak private data.
Threatpost talks to Scott Ellis with Google Cloud about issues around securing data in the cloud and accidental exposure.
Security researcher Troy Mursch, of the Bad Packets Report, comes onto the Threatpost Podcast to discuss recent cryptojacking campaigns and why these types of malicious cryptomining attacks are on the rise.
Bugcrowd has had a busy summer. Recently, the bug bounty company partnered with HP to launch the first-ever bug bounty program for printers, with rewards of up to $10,000 for discovered vulnerabilities.
Bugcrowd also recently announced Disclose.io, an open-sourced project to standardize best practices for providing a safe harbor for security researchers within bug bounty and vulnerability disclosure programs (VDPs).
Threatpost talked to Casey Ellis, Bugcrowd founder and CTO, about big trends in bug bounty programs.
Las Vegas was filled with researchers, executives, and hackers last week for the Black Hat USA and DEF CON 2018 conferences.
Among the most interesting topics at the shows included IoTand connected cars, election votinghacks, and a flurry of other news topics and sessions outlining the newest threats, vulnerabilities, and cybersecurity best practices.
Threatpost's Lindsey O'Donnell and Tara Seals talk about their favorite parts of the show.
Threatpost's Lindsey O'Donnell talks to enSilo CEO Roy Katmor about Black Hat trends to watch out for - from firmware attacks to connected car security.
Threatpost editors Tom Spring, Lindsey O'Donnell and Tara Seals preview Black Hat USA and DEF CON 2018, which both kick off in Las Vegas this week.
Threatpost talks to Matt Tyrer with Commvault about the recent COSCO ransomware attack. Tyrer discusses the biggest lessons learned from the incident, COSCO's response, and best practices in preventing ransomware attacks.
On this week's Threatpost Podcast show, we sit down with Ronen Rabinovich from Cyberbit to discuss bitcoin mining on operational technology and critical infrastructure networks.
Threatpost's Tom Spring and Lindsey O'Donnell sit down to discuss the biggest news of the week - including COSCO being hit by a ransomware attack, Adobe Flash being discussed by the U.S. government, and more Facebook drama.
Threatpost's Lindsey O'Donnell talks to PAS CEO Eddie Habibi about the cybersecurity risks that large manufacturing companies face today - especially with the emergence of industrial IoT.
On this week's episode of The Threatpost Podcast, editor Lindsey O'Donnell sits down with Marten Mickos, the CEO of popular bug bounty program platform HackerOne. Mickos sounds off on the opportunities - and growing pains - of bug bounty programs.
Threatpost's Lindsey O'Donnell talks with Zack Allen, ZeroFOX’s manager of threat operations, about the broader social media threats landscape and the growing issue of malicious content being spread across networks like Twitter, Facebook and LinkedIn.
Threatpost editors Tom Spring, Tara Seals and Lindsey O’Donnell discuss the week’s information security news, including a slew of IoT device privacy incidents, a critical Adobe Flash vulnerability, and scary new data on the breadth and impact of the VPNFilter malware.
The smart city industry is projected to be a 400 billion dollar market by 2020, as municipals look at applications for transportation, waste management, and law enforcement.
But with that growth comes privacy issues and security risks, Tenable CTO Renaud Deraison told Threatpost’s Lindsey O’Donnell. Deraison outlines some of the biggest security problems that smart cities face right now – and how city developers can adopt better security hygiene.
Threatpost editors Tom Spring, Tara Seals and Lindsey O'Donnell discuss the week’s information security news, including some interesting new malware, a Linux patch that made waves, social engineering gambits and a major banking theft from the second-largest economy in Latin America.
Once only seen in the market through the form of honeypots, deception technology is a quickly emerging category of cyber defense that is particularly useful when it comes to IoT devices, SCADA systems and medical devices.
Threatpost talks to Tony Cole, CTO of Attivo Networks, about how deception technology has evolved, the challenges behind adoption of this method of cyber defense, and how attackers are learning to adapt.
Threatpost's Lindsey O'Donnell talks with Christie Terrill, partner at Bishop Fox, about what kind of companies are looking at bug bounty programs versus conducting penetration testing, what these methods mean for vulnerability disclosures, and the legal nuances and complexities behind bug bounty programs.
Threatpost's Lindsey O'Donnell talks to Jeff Wilbur, Director of the Online Trust Alliance, about the challenges that manufacturers face when securing IoT devices.