))
Building Security In
…
continue reading
Interviews with cultural icons hosted by Matt Schichter. Guests include Lady GaGa, Robert DeNiro, Bradley Cooper, Katy Perry, One Direction, Christopher Walken, Taylor Swift, Gary Oldman, Sylvester Stallone, Justin Bieber, Kevin Hart, Alan Arkin, Kristen Stewart, Selena Gomez, Metallica, Pierce Brosnan, The Lumineers, Mumford & Sons, Lady Antebellum, Don Cheadle, Tim McGraw, Benedict Cumberbatch, JJ Abrams, The Killers, Joseph Gordon-Levitt, Will.I.Am, Carrie Underwood, and Slash to name but ...
…
continue reading
The editors of Decipher talk with a rotating cast of security practitioners, researchers, and executives about a variety of topics in the security and privacy fields.
…
continue reading
The Ohio Field Leader Podcast is a production of the Ohio Soybean Council and soybean checkoff. Podcast host, Dusty Sonnenberg, visits with agricultural leaders and researchers to discuss soybean production, best management practices, precision agricultural technology and environmental and water quality topics.
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
1
The Sony Hack Ten Years Later With Brian Raftery
45:17
45:17
Play later
Play later
Lists
Like
Liked
45:17
The Sony Pictures hack in 2014 by the North Korean Lazarus Group was a seminal event both in Hollywood and in the security community, bringing to light the capabilities and ambitions of North Korean attackers and showing the damage a leak of sensitive data can be. Brian Raftery joins Dennis Fisher to discuss his new Ringer podcast, The Hollywood Ha…
…
continue reading
1
9 1 24 Episode 48 Soy Innovation and Ohio Crop Tour Highlights
29:47
29:47
Play later
Play later
Lists
Like
Liked
29:47
The month the Ohio Field LeaderPodcast is a doubleheader. The names Craftsman, Stanley Black and Decker, MAC Tools, and Dewalt all have immediate recognition. In this episode, Dusty is joined by Scott Porter, CEO and Founder of Dynamic Green Products. Dusty and Scott discuss how Dynamic Green Products is working in concert with those recognizable n…
…
continue reading
1
Zero Day Reuse and A Busy Week for Iranian APTs
18:32
18:32
Play later
Play later
Lists
Like
Liked
18:32
The focus was on Iranian APTs this week, both from private threat intelligence teams and CISA, exposing new operations from UNC757 and other groups targeting government, higher education, and private industry. We also check in on a new report from Google's Threat Analysis Group on APTs using the same exploits for zero days that were developed by pr…
…
continue reading
1
Episode 258: Broken Brokers – Optery’s Fight To Claw Back Your Personal Data
36:16
36:16
Play later
Play later
Lists
Like
Liked
36:16
Lawrence Gentilello, the co-founder and CEO of Optery talks about the growing scandal around breaches at data brokers that have exposed the sensitive data on hundreds of millions of Americans to cyber criminals and how firms like Optery are helping people fight back. The post Episode 258: Broken Brokers – Optery’s Fight To Claw Back Your Personal D…
…
continue reading
1
Reddit's Matt Johansen on Identity Attacks, Enterprise Security, and Burnout
31:42
31:42
Play later
Play later
Lists
Like
Liked
31:42
Reddit's head of software security Matt Johansen joins Dennis Fisher to talk about the highlights of Black Hat USA, the challenges of sorting security priorities in a large enterprise, and how he's learned to take care of his mental health after many years in the security industry.By Decipher
…
continue reading
1
Rebekah Brown and John Scott-Railton on COLDRIVER and Russian Cyberespionage
23:12
23:12
Play later
Play later
Lists
Like
Liked
23:12
Rebekah Brown and John Scott-Railton of the Citizen Lab join Dennis Fisher to dive into their group's new report on highly targeted spear phishing campaigns by the Russian threat actor COLDRIVER and then discuss the emergence of a new, possibly related group called COLDWASTREL.By Decipher
…
continue reading
Dennis Fisher and Lindsey O'Donnell-Welch reflect on their week in Las Vegas at Black Hat and discuss the talks they liked, including Moxie Marlinspike's keynote and the Google Project Zero retrospective, and the other topics they found interesting, including vulnerability exploitation versus social engineering and the AI ecosystem.…
…
continue reading
1
Black Hat Podcast: Josh Harguess and Chris Ward
26:52
26:52
Play later
Play later
Lists
Like
Liked
26:52
At Black Hat USA this year, Josh Harguess and Chris Ward, with Cranium AI, talk about the security challenges that organizations are experiencing while implementing AI in their environments, what AI red teaming consists of and the backstory of how MITRE Labs’ AI Red Team came to be.By Decipher
…
continue reading
AI and machine learning security expert Gary McGraw joins Dennis Fisher to discuss the concept of data feudalism in LLM foundation models, what the security implications of it are, and whether narrowly focused models may help address these issues.By Decipher
…
continue reading
In episode 47 of the podcast, Dusty visits with Allen and Andrew Armstrong on the Ohio Field Leader Roadshow in Clark County. Allen and Andrew discuss their multigenerational family farm and how the operation has changed over the years. With a mind for business and finding the best practices and technologies that fit their operation, the Armstrong'…
…
continue reading
1
Black Hat USA 2024 Preview: AI, AI, and More AI
46:46
46:46
Play later
Play later
Lists
Like
Liked
46:46
Decipher editors Dennis Fisher and Lindsey O"Donnell-Welch are joined by Brian Donohue to dissect the Black Hat talks they're looking forward to, including sessions with H D Moore, Sherrod DeGrippo, and Moxie Marlinspike, and some talks they can't quite figure out from the titles.By Decipher
…
continue reading
The fallout from the CrowdStrike outage continues more than a week after the faulty update, so Huntress security researcher John Hammond joins Dennis Fisher to talk about the lessons learned from the incident, our fragile software ecosystem, and what cybersecurity practitioners can do differently next time.…
…
continue reading
Tyler Healy, CISO of Digital Ocean, joins Dennis Fisher to discuss the unique challenges of defending a huge platform, how AI is changing things for defenders, and what new challenges AI might bring in the near future.By Decipher
…
continue reading
1
What Happened With the CrowdStrike Update and Azure Outage
11:47
11:47
Play later
Play later
Lists
Like
Liked
11:47
CrowdStrike said a problem with an update the company pushed to Falcon sensors on Windows hosts on July 18 caused a blue screen of death, an issue that coincided with a Microsoft Azure outage and widespread outages across airlines, banks, hospitals, and other services. Our story on this incident: https://duo.com/decipher/crowdstrike-windows-update-…
…
continue reading
FIN7 is a highly active and capable cybercrime group also known as Carbanak that has been evolving and using its own tools such as AVNeutralizer for many years. SentinelOne researchers Antonio Cocomazzi helps us dig into the group's tactics and tools. Read Antonio's new research here: https://www.sentinelone.com/labs/fin7-reboot-cybercrime-gang-enh…
…
continue reading
Former NSA Deputy Director George Barnes joins Dennis Fisher to talk about his 35-year career at the agency, how he came to be intrigued by the cybersecurity world, the emergence of Cyber Command as a force inside the government, and what he sees as the priorities for defenders now.By Decipher
…
continue reading
Chris Hughes, co-founder of Aquia and a Cyber Innovation Fellow at the Cybersecurity and Infrastructure Security Agency, joins Dennis Fisher to talk about the challenges of supply chain security, working with the government to address systemic issues, and the importance of collaboration.By Decipher
…
continue reading
In the July episode, Dusty visits with Jeff McKanna and Robert Gray about the history of Shady Lawn Farms and the multiple generations involved today. They discuss the adoption of new technology on the farm and the financial side of growing an operation. The work of the Ohio Soybean Council is also multigenerational at Shady Lawn, as both Lyle McKa…
…
continue reading
1
The TeamViewer Breach and a Busy Week for APT29
10:07
10:07
Play later
Play later
Lists
Like
Liked
10:07
Dennis Fisher and Lindsey O'Donnell-Welch dig into the news of the TeamViewer corporate breach, attributed to APT29/Midnight Blizzard, and news of more victims from the Microsoft intrusion by the same group earlier this year.By Decipher
…
continue reading
1
Cisco Talos: How Threat Actors Target MFA
15:42
15:42
Play later
Play later
Lists
Like
Liked
15:42
Multi-factor authentication (MFA) is a critical form of defense for organizations, and threat actors are recognizing that: According to the latest Cisco Talos Incident Response Quarterly Trends report, instances related to MFA were involved in some capacity in half of all security incidents that the Talos team responded to in the first quarter of 2…
…
continue reading
Metin Kortak, CISO with Rhymetec, talks about how organizations are approaching data privacy and security compliance, and thinking about risk management policies, when it comes to generative AI in the workplace.By Decipher
…
continue reading
Michael Mann's 1995 thriller Heat is considered by many people to be the best crime movie ever made. And hidden inside the intricate plot is a story of a lone hacker with a background at DARPA who uses his skills to set up scores for the crews in LA's underworld. Meg Gardiner, the co-author of Heat 2, and Casey Ellis, cofounder of Bugcrowd, join De…
…
continue reading
Amy Bogac, a longtime security executive with a deep background in systems administration and networking, joins Dennis Fisher to talk about how she came to security, how her background in communications informed her career choices, and the difficult conversations that need to occur before someone has to push the button during an incident.…
…
continue reading
A few days after Microsoft announced the new AI-enabled Recall feature--generating tremendous concerns and pushback from the security and privacy communities--the company had decided to disable it by default, but many concerns still remain. A month after the company's CEO proclaimed that it would be "prioritizing security above all else", how did t…
…
continue reading
1
The Challenges of Reporting on Complex Intrusions With Ryan Naraine
26:13
26:13
Play later
Play later
Lists
Like
Liked
26:13
Veteran security journalist and podcaster Ryan Naraine joins the Decipher podcast to discuss the challenges of separating fact from fiction when reporting on complex incidents such as the Snowflake breach.By Decipher
…
continue reading
Chris Walcutt, the CSO at DirectDefense talks about the rapidly changing threat landscape that critical infrastructure owners and operators inhabit, and how savvy firms are managing OT cyber risks. The post Spotlight Podcast: OT Is Under Attack. Now What? appeared first on The Security Ledger with Paul F. Roberts.…
…
continue reading
Garrett Yamada, associate director of identity security at Texas A&M University, talks about his experiences navigating identity challenges, building an identity-centric strategy and moving away from “home-grown, home-managed systems” that were historically used for authentication.By Decipher
…
continue reading
The Ohio Field Leader travels to northern Wood County and Eckel Grain Farms and Cattle Company located just outside of Perrysburg, Ohio. Dusty visits with Nathan and Nick Eckel about their operation and the challenges and opportunities that present themselves when farming on the edge of suburbia and near the epicenter of the water quality issues in…
…
continue reading
Sarah Powazek, the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity, joins Dennis Fisher to talk about her work in setting up Cybersecurity Clinics at high education institutions around the country to help bring knowledge and skills to underserved organizations.…
…
continue reading
1
Caitlin Condon on the Attack Intelligence Report
29:22
29:22
Play later
Play later
Lists
Like
Liked
29:22
Caitlin Condon of Rapid7 joins Dennis Fisher to dive into the juicy tidbits from the Rapid7 Attack iNtelligence Report, including the rise in attacks on zero days, ransomware proliferation, and why network edge devices remain a major problem. Read the report here: https://www.rapid7.com/c/fr-2024-attack-intelligence-report-TY/1/…
…
continue reading
Chris Langford, Director of Network, Infrastructure, and Cyber Security at the Lewisville Independent School District, talks about how having experience in the classroom has helped him from a cybersecurity perspective, and how we can best educate the next generation of students on cybersecurity best practices.…
…
continue reading
1
Spotlight Podcast: CSO Chris Walcutt on Managing 3rd Party OT Risk
35:42
35:42
Play later
Play later
Lists
Like
Liked
35:42
In this Spotlight Podcast, host Paul Roberts talks with Chris Walcutt, the CSO of DirectDefense about the rising cyber threats facing operational technology (OT) and how organizations that manage OT - including critical infrastructure owners can best manage increased cyber risks to OT environments. The post Spotlight Podcast: CSO Chris Walcutt on M…
…
continue reading
At RSA Conference 2024, Kelly Shortridge, senior director of portfolio product management at Fastly, talks about the first steps organizations can take toward adopting a Secure by Design mindset and how businesses can approach the challenge of sustaining resilience in complex systems.By Decipher
…
continue reading
1
Spotlight Podcast: How AI Is Reshaping The Cyber Threat Landscape
37:10
37:10
Play later
Play later
Lists
Like
Liked
37:10
Host Paul Roberts speaks with Jim Broome, the CTO and President of DirectDefense about the evolution of cybersecurity threats and how technologies like AI are reshaping the cybersecurity landscape and the work of defenders and Managed Security Service Providers (MSSPs). The post Spotlight Podcast: How AI Is Reshaping The Cyber Threat Landscape appe…
…
continue reading
1
RSA 2024 Preview: What are These Sessions Even About?
53:55
53:55
Play later
Play later
Lists
Like
Liked
53:55
In this special episode, Dennis Fisher and Lindsey O'Donnell-Welch are joined by Brian Donohue of Red Canary to preview the RSA conference talks they're excited about and to try to make sense of some of the session titles that are maybe a little indecipherable.By Decipher
…
continue reading
1
5 1 24 Episode 44 Soybeans, Social Media and Succession Planning, Farmwithzoe
21:28
21:28
Play later
Play later
Lists
Like
Liked
21:28
The Ohio Field Leader Roadshow colides with social media influencer Farmwithzoe on Episode 44. Dusty visits with Zoe Kent to discuss soybean farming, social media and it's role in promoting production agriculture to the general public, and the importance of succession planning.By Dusty Sonnenberg
…
continue reading
Lindsey O'Donnell-Welch turns the tables on Decipher editor-in-chief Dennis Fisher in this episode of Memory Safe to find out how his background covering crime prepared him for the cybersecurity beat, why Ferris Bueller's Day Off is his favorite hacker movie, and how much the security world has changed in the last 20 years.…
…
continue reading
In this week's Source Code podcast, we go over findings from a newly released Ransomware Task Force report and give an update on the types of data accessed in the Change Healthcare ransomware attack.By Decipher
…
continue reading
The Salvation Army’s Lachlan McGill, general manager of cyber risk and compliance, and Euan Moore, security operations manager, talk about their experiences building a strong cybersecurity foundation, navigating the organization’s unique challenges and fostering a culture around security awareness.By Decipher
…
continue reading
In this week’s Source Code podcast, we discuss new reporting from Change Healthcare parent UnitedHealth Group that the massive ransomware attack has cost the company $872 million so far. We also talk about recent research about Sandworm, which has been designated by Mandiant as APT44.By Decipher
…
continue reading
Cody Stokes, a security leader at Procellis Technology, joins Dennis Fisher to talk about his time in the Marine Corps, the challenges of breaking into the cybersecurity field, and the fulfillment he gets from helping to protect users.By Decipher
…
continue reading
In this week’s Memory Safe episode, Sherrod DeGrippo of Microsoft talks about her first experiences with hacker culture, why a Stanley Kubrik movie shows a glimpse of what AI is, and how she makes sure that “threat intelligence hits the right note.”By Decipher
…
continue reading
Dan Lorenc, co-founder and CEO of Chainguard, joins Dennis Fisher to dig into the recent XZ Utils backdoor incident, the implications for the open source ecosystem, and what can be done to avoid similar incidents in the future. Then they discuss the problems facing NIST's National Vulnerability Database and the CVE ecosystem.…
…
continue reading
Rick Gordon of Tidal Cyber joins Dennis Fisher to discuss his path from the US Naval Academy to submarine officer to Wall Street and finally to the cybersecurity industry, where he's worked for the last 25 years. Dennis and Rick also talk about the importance of the community aspect of cybersecurity and why it's vital to the collective defense.…
…
continue reading
The Ohio Field Leader is hitting the road again in 2024 and the first stop is in Hardin County at the farm of Austin Heil. Learn how this 6th generation farmer gains inspiration from his Great-Great-Great Grandfather, Nicholas, who came to America in 1828, and started the farm in 1839. The family farm they still operate today. Dusty and Austin talk…
…
continue reading
In this week's Source Code news wrap podcast, we talk about a report by the U.S. Treasury Department looking at AI-specific cybersecurity risks in the financial sector, CISA's newly released Notice of Proposed Rulemaking document for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), and recently discovered activity linked to AP…
…
continue reading
1
Episode 257: Securing Software on Wheels with Dennis Kengo Oka of Synopsys
34:09
34:09
Play later
Play later
Lists
Like
Liked
34:09
In this episode of The Security Ledger Podcast (#257) Paul speaks with Dennis Kengo Oka, a senior principal automotive security strategist at the firm Synopsys about the growing cyber risks to automobiles as connected vehicle features proliferate in the absence of strong cybersecurity protections. The post Episode 257: Securing Software on Wheels w…
…
continue reading
Jack Cable, senior technical advisor at the Cybersecurity and Infrastructure Security Agency (CISA), talks about his past experiences with bug bounty programs, CISA’s Secure By Design initiative and its efforts to help secure the open-source software ecosystem.By Decipher
…
continue reading
Brian Donohue of Red Canary joins Dennis Fisher to talk about some of the surprising findings from the company's new 2024 Threat Detection Report, including why identity based attacks continue to work so well and how attackers are approaching the shift to the cloud.By Decipher
…
continue reading
In this week's Source Code podcast, we talk about Patch Tuesday updates and the HHS investigation into the ransomware attack on Change Healthcare.By Decipher
…
continue reading
