https://www.bankinfosecurity.com/capital-one-must-turn-over-mandiant-forensics-report-a-14352 https://www.databreachtoday.com/insider-threat-lessons-from-3-incidents-a-14312 https://www.zdnet.com/article/ransomware-deploys-virtual-machines-to-hide-itself-from-antivirus-software/By Jerry Bell and Andrew Kalat

Welcome! Today Craig’s talking about Computer Virus and Vaccine Signature Lists and why these types of anti-virus are getting left behind in the dust, and what should you be using in this day and age? Mutating malware means big trouble for antivirus software. Why you must use next-generation anti-malware software. He will discuss behavior-based ant…

The MITRE ATT&CK framework has had a major impact on the cybersecurity industry and has given a defenders a haystack in which to focus their defensive efforts. What’s most interesting, perhaps, is where and how these TTPs intersect and how we can use that information to determine patterns and disrupt attacks by analyzing historical datasets. Visit …

Security researchers have found a major vulnerability in almost every version of Android, which lets malware imitate legitimate apps to steal app passwords and other sensitive data. The vulnerability, dubbed Strandhogg 2.0 (named after the Norse term for a hostile takeover) affects all devices running Android 9.0 and earlier. It’s the “evil twin” t…

This week, Defcon is still cancelled, Cyber insurance?, Phishing, rogue drones, the return of the dark web, Sarwent malware, and Dutch Grandmothers in trouble. Jason Wood joins us for the Expert Commentary on how eBay users spot the online auction house port-scanning their PCs! Show Notes: https://wiki.securityweekly.com/SWNEpisode37 Visit https://…

This week, Defcon is still cancelled, Cyber insurance?, Phishing, rogue drones, the return of the dark web, Sarwent malware, and Dutch Grandmothers in trouble. Jason Wood joins us for the Expert Commentary on how eBay users spot the online auction house port-scanning their PCs! Visit https://www.securityweekly.com/swn for all the latest episodes! S…

Turla tunes its tools. The commodity Trojan AnarchyGrabber is now stealing passwords. A new iOS jailbreak has been released. The UK reconsiders its decision to allow Huawei into its 5G networks. A tech group lobbies the US House against warrantless inspection of searches. Remote work’s regulatory risk. COVID-19 conspiracy theories. Hackers say they…

Today's podcast reports on a strain of Android malware that knows how to hide, more CashApps scams and a report shows how easy it is to buy data that can help attackers track your smartphoneBy ITWC

Threat hunting activities often require packet capture analysis but capturing and storing PCAP at scale is rough. This segment covers open source tools for collecting packet captures on demand within a threat hunting use case in Gravwell. To learn more about Gravwell, visit: https://securityweekly.com/gravwell To check out Packet Fleet, visit: http…

Earlier this year, a Virgin Media database containing the personal details of 900,000 people was discovered to be unsecured and accessible online for 10 months. The breach was discovered by researchers at the security firm TurgenSec. This breach had major implications under GDPR. Joining us in this week's Research Saturday are George Punter and Pet…

This week, first we present a Technical Segment, on Lightweight Vulnerability Management using NMAP! In our second segment, we welcome back Corey Thuen, Co-Founder of Gravwell, for a second Technical Segment, entitled "PCAPS or it didn't happen", diving into Collecting Packet Captures on Demand within a Threat Hunting use case with Gravwell! In the…

Paul delivers a Technical Segment on Lightweight Vulnerability Management using NMAP! Visit https://www.securityweekly.com/psw for all the latest episodes! Show Notes: https://wiki.securityweekly.com/PSWEpisode654

New numbers from Canalys project a 7% drop in global PC sales, owing to financial strains. The category is one of countless impacted by the COVID-19-related shutdowns, but the group notes that the virus’s direct impact is mostly behind the industry, due to the rebounding of China’s supply chain. A resulting global recession, on the […]…

It’s mostly cyberespionage today, with an admixture of influence operations. Google has warned both major US Presidential campaigns that Chinese and Iranian intelligence services are after their staffers’ email accounts, so far apparently without much success. Russia, China, and Iran devote some purposive media attention to US civil unrest. Johanne…

Show news, Anonymous Returns, Deep Fakes and Deep Fake Hunters, IP in IP hacks, and IPv6. Show Notes: https://wiki.securityweekly.com/SWNEpisode40 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly…

Show news, Anonymous Returns, Deep Fakes and Deep Fake Hunters, IP in IP hacks, and IPv6. Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode40

Threatpost editors Lindsey O'Donnell-Welch and Tara Seals discuss the top security news stories of the week, including: Reports emerged earlier this week that the Minneapolis police department had been breached by hacktivist group Anonymous. Security expert Troy Hunt debunked the reports, however. Zoom sparked debate after announcing that it would …

Today Slack reported its earnings results for the three months ending April 30, 2020, the first quarter of its fiscal 2021. The well-known SaaS chat service posted revenue of $201.7 million, up 50% compared to its year-ago period. Slack also reported an adjusted per-share loss of $0.02, and per-share losses of $0.13 when counting all […]…

Today's podcast reports on a VPN update scam, huge attacks on WordPress sites and lessons from a San Francisco data breach involving test dataBy ITWC

Kitty Hawk is shutting down its Flyer program, the aviation startup’s inaugural moonshot to develop an ultralight electric flying car designed for anyone to use. The company, backed by Google co-founder Larry Page and led by Sebastian Thrun, said it’s now focused on scaling up Heaviside, a sleeker, more capable (once secret) electric aircraft that …

Nuisance-level hacktivism continues to surround US protests. The Higaisa APT is active in Southeast Asia. Goblin Panda is back, with USB-borne malware. A new strain of ransomware is described: “Tycoon.” The EU considers whether to sanction Russia over the GRU’s hack of Germany’s Bundestag. CISA launches a new public resource for cybersecurity. Zulf…

Today after the bell, video-chat service Zoom reported its Q1 earnings. The company disclosed that it generated $328.2 million in revenue, up 169% compared to the year-ago period. The company also reported $0.20 per-share in adjusted profit during the three-month period. Analysts, as averaged by Yahoo Finance, expected Zoom to report $202.48 millio…

In 2017, Bitcoin was winning. Money, attention, success poured out of every seam. It appeared that a golden age had dawned. But just under the surface, the network was teetering on the verge of collapse. Technical problems that were just nuisances when the community was small now became glaring and potentially lethal. Debates among tight communitie…

This week, we talk Enterprise News, to talk about how SureCloud Launches Cyber Resilience Assessment Solution, Blackpoint Cyber launches 365 Defense - a Microsoft 365 security add-on for its MDR service, Endace and Palo Alto Networks Cortex XSOAR enable accelerated forensics of cyberthreats, Zscaler acquires Edgewise Networks, WatchGuard Technologi…

Lots going on in the world today. If you want to be a part of it without giving up too much information, this Checklist is here to help. Topics on Checklist 188: Keep your smartphone from leaking your data Using an SOS Call without making an SOS Call A few software fixes from Apple Don't forget to check out our show notes: SecureMac.com/Checklist A…

Tembici, which says it owns 80% of the market share in Latin America’s micromobility space, now has $47 million more in capital to double down on its docked ebike offering. The Series B round was led by Valor Capital and Redpoint eventures. The International Finance Corporation (IFC), part of the World Bank Group, and Joá […]…

Protest groups sustain DDoS attacks, too. Old school denial-of-service afflicts police radio networks in Chicago: they’re being jammed with talk, music, and other noise. Influencers and wannabes continue to use unrest as an occasion for on-line branding. The Sodinokibi gang is selling data stolen in ransomware attacks, and Maze seems to be establis…

Acorns, which helps millions of people invest their spare change in the stock market, has laid off between 50 to 70 people, TechCrunch has learned from multiple sources. The Irvine, Calif.-based company would not confirm the total number of people laid off, but did confirm that there were cuts at the company as a result […]…

Today's podcast describes a new ransomware threat, a warning for GitHub developers, a hacker charged and Apple updates availableBy ITWC

Welcome! Good morning, everybody. I was on with Jim Polito and we covered Warnings from the NSA, Stats on C-Level Non-Compliance, and how companies are handling patching and updating and the problems that it is causing. For more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: Al Qae…

Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website first The state of drive-by malvertising downloads Google will be bad listing notification abusing sites Who else is doing the eBay-like ThreatMetrix port scanning? Facebook to require identity verification for high impact posters Goo…

Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website first The state of drive-by malvertising downloads Google will be bad listing notification abusing sites Who else is doing the eBay-like ThreatMetrix port scanning? Facebook to require identity verification for high impact posters Goo…

Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website first The state of drive-by malvertising downloads Google will be bad listing notification abusing sites Who else is doing the eBay-like ThreatMetrix port scanning? Facebook to require identity verification for high impact posters Goo…

Zoom gets end-to-end encryption. ACLU takes Clearview to court, but maybe they should worry about their own website first The state of drive-by malvertising downloads Google will be bad listing notification abusing sites Who else is doing the eBay-like ThreatMetrix port scanning? Facebook to require identity verification for high impact posters Goo…

Welcome, Good Monday morning, everybody. Craig Peterson here. I was on with Jack Heath this morning discussing the security implications that businesses are facing in the post-COVID environment. Here we go with Jack. These and more tech tips, news, and updates visit - CraigPeterson.com --- Automated Machine Generated Transcript: Craig Peterson: We …

Jeff loves PCI DSS. Josh has been a fierce critic of it... and... Josh has been working with public policy... We'll dig into the nuances and offer better ways to tell good from bad policy incentives. Show Notes: https://wiki.securityweekly.com/SCWEpisode30 Visit https://www.securityweekly.com/scw for all the latest episodes! Follow us on Twitter: h…

This week, SpaceX docks, Anonymous returns, Apple pays, Zephyr blows, and Mobile Phishing is Expensive! Show Notes: https://wiki.securityweekly.com/SWNEpisode39 Visit https://www.securityweekly.com/swn for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly…

This week, SpaceX docks, Anonymous returns, Apple pays, Zephyr blows, and Mobile Phishing is Expensive! Visit https://www.securityweekly.com/swn for all the latest episodes! Show Notes: https://wiki.securityweekly.com/SWNEpisode39

More dismal numbers confirm what we already knew: Q1 2020 was real rough for an already struggling smartphone category. Gartner’s latest report puts the global market at a 20.2% slide versus the same time last year, thanks in large part to fallout from the COVID-19 pandemic. Every single one of the global top-five manufactures saw […]…

Unrest accompanied by misinformation, disinformation, and Anonymous theater. Booter hacktivism. Extremist inauthenticity. The Cyberspace Solarium Commission releases its white paper on the pandemic’s lessons for cybersecurity. Joe Carrigan unpacks Casio executing a DMCA takedown on a hardware hack. Our guest is Herb Stapleton from the FBI on the 20…

StrandHogg 2.0 Can Hijack Androids, an iPhone Jailbreak for iOS 13.5 is Released, and a Critical Vulnerability Hits Cisco Services! All that coming up now on ThreatWire. #threatwire #hak5 Links:Watch on youtube: https://youtu.be/PZBP9vbhG3g Support me on alternative platforms! https://snubsie.com/support Shop ThreatWire Merch! - https://snubsie.com…

With the proliferation of cloud in enterprise environments, identity today is very different than how it used to be. Threatpost host Cody Hackett talks to Brian Johnson, CEO and co-founder of DivvyCloud, about how identity access management (IAM) is rapidly changing - and how businesses can keep up.By Mike Mimoso, Chris Brook

Uber is bringing a new feature to the U.S. that lets users book rides for $50 an hour and make multiple stops as the ride-hailing company tries to respond to changing consumer needs during the COVID-19 pandemic. The hourly booking feature, which is already available in a handful of international cities in Australia, Africa, Europe, […]…

This week, we welcome Jen Ellis, Vice President of Community & Public Affairs at Rapid7, to talk about How to Truly Disrupt Cybercrime! In the Leadership and Communications section, CISO vs. CEO: How executives rate their security posture, 3 Reasons Why Cybersecurity Is Not A Technical Problem, How to Be a Great Listener in Remote Meetings and more…