Search the Portal

[image] Its getting to be the end of the year which means its time to take a look back at WatchGuard Threat Lab’s 2021 security predictions and give ourselves a grading on how well we did! On this episode, we’ll go through our 8 predictions for...

[image] We have seen interpolation in the news concerning a recent court case. Here we cover what interpolation does to an image, not only because of the recent news but also because face recognition uses interpolation to better recognize a face...

[image] This week on the podcast we discuss how a recent CISA alert on specific threat actor activity tipped off a separate adversary, leading to a new wave of attacks against vulnerable systems across multiple industries. We also cover the...

[image] Phishing is a type of social engineering attack where threat actors attempt to trick users into providing sensitive information via email. Typically, this involves creating a phishing campaign where threat actors will send the same...

[image] On this week’s episode of the podcast, we cover a newly discovered method for hiding malicious source code in plain sight, CISA’s new Known Exploited Vulnerabilities Catalog, and action from the US Department of Commerce on the Pegasus...

[image] Facebook’s face recognition has one of the largest training databases in the world, built from photos that users have uploaded since Facebook’s inception, but that database’s time may be coming to an end. In a blog post on Facebook they...

[image] The NRA has found itself in the middle of a potential breach and ransomware attack. This happened last week after the Russian hacking group Greif reportedly gained access. Greif has close ties to Evil Corp (another advanced hacking group...

[image] This week on the podcast, we cover a heist of over $130 million worth of cryptocurrency from a distributed financial (DeFi) organization and have an in depth discussion on why cryptocurrency-related platforms continue to suffer...

[image] The Microsoft Threat Intelligence Center (MSTIC) detected attacks by the Nobelium group targeting IT services providers. The intent was to “gain access to downstream customers” such as Cloud Service Providers (CSP) and Managed Service...

[image] Many cellular network protocols don’t have clear documentation explaining them, especially when it comes to the proprietary protocols used by 4G and 5G networks. This makes them difficult to understand by the average person, but also...

[image] This week on the podcast, we cover the latest news on REvil, the ransomware-as-a-service organization responsible for the Kaseya attack earlier this year among many others. After that, we cover an update from the US Commerce Department...

[image] Exploit Broker Zerodium Increasing Focus on VPNs The exploit broker Zerodium announced they are seeking exploits for ExpressVPN, NordVPN, and Surfshark VPNs. VPNs are becoming a more lucrative target. Zerodium’s announcement has...

[image] The US Department of Commerce announced export controls on hacking tools used for surveillance. The aim is to curb access to authoritarian governments who have been identified for human rights violations and abuses. Any companies who...

[image] Azure, BitBucket, GitHub, and GitLab revoke SSH Keys After GitKraken Vulnerability Git software client GitKraken disclosed an SSH key generation flaw in a post this past Monday. The flaw was discovered in versions 7.6.x, 7.7.x, and 8.0.0...

[image] This week on the podcast we cover VirusTotal’s first ever global ransomware report which analyzes ransomware trends over the last year from the unique position of the world’s largest malware intelligence platform. Before that though, we...

[image] By now you have probably heard of Missouri governor Mike Parson tweet threatening to prosecute a journalist for responsibly disclosing a data breach. If you missed it though, according to the tweet and the governor’s ensuing press...

[image] This week on the podcast we discuss a breach that lasted over 5 years involving a company responsible for routing SMS messages for 95 of the top 100 mobile carriers in the world. Before that though, we’ll cover the recent Facebook...

[image] SMS Routing Company Syniverse Discloses Breach Spanning 5 Years Syniverse claims to be “the world’s most connected company” serving so many large telecommunication companies that it should be assumed that your provider is one of their...

[image] U.S. Agencies have been making headlines recently for a lot of their new cyber related regulations. The following are several noteworthy of examples of what they have been up to. The Federal Communications Commission (FCC) and Robocalls...

[image] A recent survey of 700 SMBs (small and medium businesses) by Untangle shows an increase in cybersecurity budgets and awareness. While some companies still have users working remotely, 50% of respondents have moved back into the office or...