The 443 - Security Simplified

This week on the podcast, we cover another remote code execution vulnerability that looks extremely concerning on the surface but might be less serious in reality. After that, we cover two research articles by Microsoft on ransomware campaigns including defensive takeaways for all organizations.

This week on the podcast we cover a proposed program from the White House to create an Energy Star-like label for cybersecurity in consumer products. Before that, we cover two other updates from the federal government including a new open source tool from CISA and the latest reincarnation of Privacy Shield.

This week on the podcast, we focus on highlighting WatchGuard's Q2 Internet Security Report, covering the latest threat trends and what you can do to avoid them. However, we also pack in our security news segment, with an Optus breach update from an Australian IT and security expert and WatchGuard Partner, the latest on the UBER CSO trial, and a warning about the recent zero day Exchange exploit that some call ProxyNotShell. This week's episode is a long one, so grab a fresh coffee and listen during a long walk or drive.

This week on the podcast, we cover an Optus data breach that could affect over 10 million Australian customers, and what they should do to protect themselves. We highlight a new malware-as-a-service (MaaS) information stealer that lowers the cost and technical bar for cybercriminals. Finally, we end with some good news about how the FBI was able to catch and arrest an ex-NSA insider trying to sell sensitive national security data to a supposed Russian adversary.
Or watch the video version here.

This week on the podcast, we cover Uber's most recent security incident and the alleged individual behind it. After that, we dive into the world of gas station operational technology and potential security weaknesses in one tool. Finally, we end with a chat about the FBI CISO Academy and how the FBI as a whole is trying to reshape relationships with the private sector.

This week on the podcast we cover a court case that is attempting to hold the ex-CISO of a popular tech company accountable for their actions involving a data breach dating back to 2016. Before that though, we dive in to a novel command and control (C2) method as well as the latest commoditization of a sophisticated cyber attack technique.

This week on the podcast we sit down with Ryan Estes, a malware analyst on  the WatchGauard Threat Lab team, to discuss what it takes to rapidly differentiate malware from goodware. In this interview, we discuss what it takes to get in to malware analytics, popular tools to help with the task, and resources anyone can follow to build up skills.

This week on the podcast, we cover the big whistleblower complaint against Twitter including our hot takes on who to believe. We then cover an FBI alert on evasion techniques cyber criminals are deploying in their authentication attacks before finishing with a highlight of a very convincing phish.

This week on the podcast we review our time at this year's Black Hat and Def Con cybersecurity conferences in Las Vegas. We'll cover how the WatchGuard CTF contest went this year and discuss takeaways from a few of the briefings we attended.

This week on the podcast, we give our preview of the Black Hat and Def Con cybersecurity conferences, aka Hacker Summer Camp. Throughout the episode, we'll discuss the briefings and panels we're most excited to see and what we hope to get out of them. If you're not able to attend either conference in person this year, be sure to watch the Def Con Youtube channel for recordings!
Also, check out our capture the flag contest at WGCTF.com!