Search the Portal

[image] This week on the podcast we walk through CISA alert AA222-131A which gives bulleted guidance to MSPs and customers of MSPs on how to navigate their relationship security as threats targeting service providers continue to grow. We’ll walk...

[image] This week on the podcast we discuss the latest rumblings around the return of the prolific ransomware-as-a-service organization REvil. Before that though, we dive in to the latest tools, tactics and procedures of the Lazarous nation...

[image] This week on the podcast, we dive into CISA’s list of the 15 most exploited vulnerabilities in 2021. We’ll walk through each flaw and give a refresher on their history and how attackers have exploited them. After that, we cover the...

[image] This week on the podcast we cover a critical and easily-exploited vulnerability in how some recent versions of Java handle cryptography. We also discuss the latest in a series of alerts from CISA and international intelligence...

[image] This week on the podcast, we cover the latest evasion and persistence techniques from the state-sponsored threat actors known as Hafnium. Then, we dive into the world of ICS and SCADA devices to discuss the latest joint-agency alert from...

[image] This week on the podcast we discuss one of the most rampant yet easily resolved risks facing many organizations today, not installing vendor-supplied security fixes. We’ll cover some of the reasons why organizations might fall behind on...

[image] When talking to IT and Security professionals, everyone seems to know they shouldn’t overly-expose management portals. And yet, every year we learn some new statistic showing tens of thousands of devices or software products with...

[image] This week on the podcast we cover the hacking organization Lapsus$ including their tactics, targets, and how they ended up with several members arrested last week. After that, we cover the cyber cold war and threats of Russian revenge...

[image] This week on the podcast, we cover a CISA alert on securing satellite communications (SATCOM) in the wake of several recent incidents involving providers and networks in eastern Europe. After that, we check in on the TSA’s cybersecurity...

[image] This week on the podcast, we cover last week’s Executive Order from the White House that lays the foundation for a United States Central Bank Digital Currency, or CBDC, and what it means for the future of Cryptocurrency. We also discuss...

[image] This week on the podcast we cover the recent leaks highlighting the inner workings of the Conti ransomware group that started with chat logs and grew to entire source code dumps. We then round out the episode by discussing the recent...

[image] 5G didn’t put malware on these Mazda’s entertainment systems but many Seattle Mazda drivers couldn’t change their radio station after turning it to the local NPR station, KUOW. As one reddit user put it, “the whole audio system and...

[image] This week on the podcast we dig back into our archives for an episode that originally aired back in July 2020 where we discussed one of our analysts first-hand research into facial recognition biases. Read More - Rewind: Can We Trust...

[image] Microsoft’s monthly Patch Tuesday already occurred this month, so you know what that means – more disclosed vulnerabilities. This iteration of patches included fixes for a combined 70 vulnerabilities, including one zero-day. Thankfully...

[image] This week on the podcast we cover a cryptocurrency heist that abused the backbone of the internet to steal millions of dollars of coins. In related news, we also cover the FBI’s new Virtual Asset Exploitation Team and their focus on...

[image] This week on the podcast we cover Russia’s latest crackdown on cybercriminals within their borders and try to answer the “why now?” question. We also discuss a multi-billion dollar cryptocurrency recovery by the US Justice Department...

[image] In early 2020, during the emergence of the COVID-19 pandemic, researchers discovered a novel malware named Oski Stealer, capable of stealing browser data such as cookies, history, payment information, and autofill information, as well as...

[image] The US IRS has plans to use a 3rd party identification system to prevent tax-related identity theft. The IRS plans to contract with ID.me to identify people using, among other factors, face recognition. James Hendler, professor of...

[image] This week on the podcast, we cover the heist of $322 million in cryptocurrency from the distributed exchange Wormhole, including a long discussion on the why it feels like cryptocurrency is still the wild west of technology. After that...