https://symantec-enterprise-podcasts.security.com/podcasts/symantec-cyber-security-brief-podcasten-us2026 © BroadcomSecurity Response TeamOur regular podcast series features threat research and security news, hosted by threat researchers from the Threat Hunter Team.Our regular podcast series features threat research and security news, hosted by threat researchers from the Threat Hunter Team.episodicAdminsymantecentgsm@gmail.comfalsefullNew Billbug campaign, Prestige ransomware, and multiple arrests of alleged cyber-crime gang membersOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the Symantec Threat Hunter Team’s latest blog detailing a recent campaign by the Billbug espionage group, in which it targeted a certificate authority and multiple government agencies in various countries in Asia. We also discuss a new strain of ransomware called Prestige, which is being used in attacks against Ukraine, while we also take a look some recent arrests of suspects that are alleged to have been involved in major cyber crime groups - with one suspect alleged to have been involved in the JabberZeus gang arrested in Switzerland, while an alleged member of the LockBit ransomware group was apprehended in Canada. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the Symantec Threat Hunter Team’s latest blog detailing a recent campaign by the Billbug espionage group, in which it targeted a certificate authority and multiple government agencies in various countries in Asia. We also discuss a new strain of ransomware called Prestige, which is being used in attacks against Ukraine, while we also take a look some recent arrests of suspects that are alleged to have been involved in major cyber crime groups - with one suspect alleged to have been involved in the JabberZeus gang arrested in Switzerland, while an alleged member of the LockBit ransomware group was apprehended in Canada. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the Symantec Threat Hunter Team’s latest blog detailing a recent campaign by the Billbug espionage group, in which it targeted a certificate authority and multiple government agencies in various countries in Asia. We also discuss a new strain of ransomware called Prestige, which is being used in attacks against Ukraine, while we also take a look some recent arrests of suspects that are alleged to have been involved in major cyber crime groups - with one suspect alleged to have been involved in the JabberZeus gang arrested in Switzerland, while an alleged member of the LockBit ransomware group was apprehended in Canada. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E06_Billbug_Ukraine_Ransomware_Arrests.mp3Thu, 17 Nov 2022 14:00:00 +000000:25:38false65fullExbyte exfiltration tool, Cranefly uses new tools and novel technique, and OpenSSL bug is downgradedOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss two recent Symantec blogs, including one detailing the new Exbyte data exfiltration tool, which is being used by at least one affiliate of the BlackByte ransomware gang. We also discuss our blog about a group called Cranefly, which is using a new dropper and malware, as well as a novel method of reading commands from legitimate IIS logs. We also discuss the OpenSSL vulnerability that caused a lot of headlines over the last week, and the ransomware losses that occurred in 2021. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss two recent Symantec blogs, including one detailing the new Exbyte data exfiltration tool, which is being used by at least one affiliate of the BlackByte ransomware gang. We also discuss our blog about a group called Cranefly, which is using a new dropper and malware, as well as a novel method of reading commands from legitimate IIS logs. We also discuss the OpenSSL vulnerability that caused a lot of headlines over the last week, and the ransomware losses that occurred in 2021. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss two recent Symantec blogs, including one detailing the new Exbyte data exfiltration tool, which is being used by at least one affiliate of the BlackByte ransomware gang. We also discuss our blog about a group called Cranefly, which is using a new dropper and malware, as well as a novel method of reading commands from legitimate IIS logs. We also discuss the OpenSSL vulnerability that caused a lot of headlines over the last week, and the ransomware losses that occurred in 2021. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E05_Cranefly_Exbyte_OpenSSL_Ransomware.mp3Thu, 03 Nov 2022 13:30:00 +000000:20:42false55fullBudworm espionage activity, Spyder Loader malware, and Ransom Cartel links to SodinokibiOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Kevin Sovey to discuss a blog we recently published about the Budworm espionage group targeting organizations in the U.S. We also discuss another blog we published this week about the Spyder Loader malware being deployed on the machines of government agencies in Hong Kong. We also talk about apparent links between the operators behind Ransom Cartel and the REvil/Sodinokibi ransomware family.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Kevin Sovey to discuss a blog we recently published about the Budworm espionage group targeting organizations in the U.S. We also discuss another blog we published this week about the Spyder Loader malware being deployed on the machines of government agencies in Hong Kong. We also talk about apparent links between the operators behind Ransom Cartel and the REvil/Sodinokibi ransomware family.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Kevin Sovey to discuss a blog we recently published about the Budworm espionage group targeting organizations in the U.S. We also discuss another blog we published this week about the Spyder Loader malware being deployed on the machines of government agencies in Hong Kong. We also talk about apparent links between the operators behind Ransom Cartel and the REvil/Sodinokibi ransomware family.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E04_Budworm_Spyder_Loader_REvil.mp3Thu, 20 Oct 2022 13:00:00 +000000:18:14false45fullWitchetty espionage group activity, Microsoft Exchange Server zero days, and U.S. defense sector targeted by APT groupsOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss a recent blog we published on the Witchetty (aka LookingFrog) espionage group, which has been progressively updating its toolset, using new malware in attacks on targets in the Middle East and Africa, including a new tool that employs steganography. We also discuss the recently discovered Microsoft Exchange Server zero days, the U.S. defense sector being targeted by multiple APT groups, and a newly discovered espionage actor called Metador, which was spotted operating in recent weeks. We also discuss the breach of Australian telecoms giant Optus, and some new information that has emerged about the takedown of the REvil/Sodinokibi ransomware gang. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss a recent blog we published on the Witchetty (aka LookingFrog) espionage group, which has been progressively updating its toolset, using new malware in attacks on targets in the Middle East and Africa, including a new tool that employs steganography. We also discuss the recently discovered Microsoft Exchange Server zero days, the U.S. defense sector being targeted by multiple APT groups, and a newly discovered espionage actor called Metador, which was spotted operating in recent weeks. We also discuss the breach of Australian telecoms giant Optus, and some new information that has emerged about the takedown of the REvil/Sodinokibi ransomware gang. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss a recent blog we published on the Witchetty (aka LookingFrog) espionage group, which has been progressively updating its toolset, using new malware in attacks on targets in the Middle East and Africa, including a new tool that employs steganography. We also discuss the recently discovered Microsoft Exchange Server zero days, the U.S. defense sector being targeted by multiple APT groups, and a newly discovered espionage actor called Metador, which was spotted operating in recent weeks. We also discuss the breach of Australian telecoms giant Optus, and some new information that has emerged about the takedown of the REvil/Sodinokibi ransomware gang. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E03_Witchetty_Exchange_Zero_Days.mp3Thu, 06 Oct 2022 13:00:00 +000000:27:50false35fullEspionage activity targeting Asian governments, Webworm develops customized tools, and latest Noberus TTPsOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss some of the recent blogs that the Symantec Threat Hunter team has published. We discuss a new wave of espionage activity targeting Asian governments by attackers who were formerly associated with the ShadowPad malware but who appear to have now adopted a new toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. We also examine the current activities of a group we call Webworm, which has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. We also discuss a blog we have published about the Noberus (aka BlackCat ) ransomware, and the recent tactics, tools, and procedures we have seen deployed alongside that ransomware recently.On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss some of the recent blogs that the Symantec Threat Hunter team has published. We discuss a new wave of espionage activity targeting Asian governments by attackers who were formerly associated with the ShadowPad malware but who appear to have now adopted a new toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. We also examine the current activities of a group we call Webworm, which has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. We also discuss a blog we have published about the Noberus (aka BlackCat ) ransomware, and the recent tactics, tools, and procedures we have seen deployed alongside that ransomware recently.On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss some of the recent blogs that the Symantec Threat Hunter team has published. We discuss a new wave of espionage activity targeting Asian governments by attackers who were formerly associated with the ShadowPad malware but who appear to have now adopted a new toolset to mount an ongoing campaign against a range of government and state-owned organizations in a number of Asian countries. We also examine the current activities of a group we call Webworm, which has developed customized versions of three older remote access Trojans (RATs), including Trochilus, Gh0st RAT, and 9002 RAT. We also discuss a blog we have published about the Noberus (aka BlackCat ) ransomware, and the recent tactics, tools, and procedures we have seen deployed alongside that ransomware recently.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E02_Espionage_Webworm_Noberus_BlackCat.mp3Thu, 22 Sep 2022 13:00:00 +000000:25:24false25fullMobile app security, Russian invasion of Ukraine cyber impact continues, and Evil Corp switches focusThe Cyber Security Brief is back after its summer break! In this episode, Brigid O Gorman and Dick O’Brien cover some of the stories you might have missed while we were off air. Dick discusses a recent Symantec blog that looks at the implications of poor security practices in the mobile software supply chain, and how this can lead to the exposure of an alarming amount of data. Brigid discusses some of the continuing effects of the Russian invasion of Ukraine in the world of cyber security, including some activity by the Shuckworm APT gang aimed at Ukraine, as well as a seemingly increased focus by Chinese espionage actors on Russia since the invasion began. Finally, we also discuss some recent developments by the Evil Corp cyber crime gang, and what these might mean. The Cyber Security Brief is back after its summer break! In this episode, Brigid O Gorman and Dick O’Brien cover some of the stories you might have missed while we were off air. Dick discusses a recent Symantec blog that looks at the implications of poor security practices in the mobile software supply chain, and how this can lead to the exposure of an alarming amount of data. Brigid discusses some of the continuing effects of the Russian invasion of Ukraine in the world of cyber security, including some activity by the Shuckworm APT gang aimed at Ukraine, as well as a seemingly increased focus by Chinese espionage actors on Russia since the invasion began. Finally, we also discuss some recent developments by the Evil Corp cyber crime gang, and what these might mean. The Cyber Security Brief is back after its summer break! In this episode, Brigid O Gorman and Dick O’Brien cover some of the stories you might have missed while we were off air. Dick discusses a recent Symantec blog that looks at the implications of poor security practices in the mobile software supply chain, and how this can lead to the exposure of an alarming amount of data. Brigid discusses some of the continuing effects of the Russian invasion of Ukraine in the world of cyber security, including some activity by the Shuckworm APT gang aimed at Ukraine, as well as a seemingly increased focus by Chinese espionage actors on Russia since the invasion began. Finally, we also discuss some recent developments by the Evil Corp cyber crime gang, and what these might mean. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S05E01.mp3Thu, 08 Sep 2022 11:28:24 +000000:31:07false15fullBumblebee loader analysis, Raccoon Stealer returns, and LockBit launches a new versionIn this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman are joined by Symantec threat researcher Chris Kiefer to discuss our latest blog about the Bumblebee loader. We discuss this new malware’s place on the cyber crime landscape, its capabilities, and how it is being leveraged by ransomware actors. We also discuss the appearance of new versions of both Raccoon Stealer and LockBit, as well as an FBI warning about deepfakes being used in job interviews. The podcast will be taking a short break for the summer and we will be back with new episodes in September. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman are joined by Symantec threat researcher Chris Kiefer to discuss our latest blog about the Bumblebee loader. We discuss this new malware’s place on the cyber crime landscape, its capabilities, and how it is being leveraged by ransomware actors. We also discuss the appearance of new versions of both Raccoon Stealer and LockBit, as well as an FBI warning about deepfakes being used in job interviews. The podcast will be taking a short break for the summer and we will be back with new episodes in September. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman are joined by Symantec threat researcher Chris Kiefer to discuss our latest blog about the Bumblebee loader. We discuss this new malware’s place on the cyber crime landscape, its capabilities, and how it is being leveraged by ransomware actors. We also discuss the appearance of new versions of both Raccoon Stealer and LockBit, as well as an FBI warning about deepfakes being used in job interviews. The podcast will be taking a short break for the summer and we will be back with new episodes in September. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E20_Bumblebee_Raccoon_Stealer_Lockbit.mp3Thu, 30 Jun 2022 15:19:31 +000000:23:17false204fullBlackCat ransomware, Follina vuln used by Russian actors, and a new version of MetasploitIn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how Russian espionage actors are exploiting the Follina vulnerability, the release of the latest version of Metasploit, and a new phishing campaign that’s been underway on Facebook. We also discuss ransomware extensively, including what authorities were able to find when they took down the Netwalker ransomware gang, the increasing activity of the BlackCat ransomware, and some new research into the Hello XD ransomware. We also speculate about the impact turmoil on the cryptocurrency markets may have on the types of payment ransomware actors might demand. In this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how Russian espionage actors are exploiting the Follina vulnerability, the release of the latest version of Metasploit, and a new phishing campaign that’s been underway on Facebook. We also discuss ransomware extensively, including what authorities were able to find when they took down the Netwalker ransomware gang, the increasing activity of the BlackCat ransomware, and some new research into the Hello XD ransomware. We also speculate about the impact turmoil on the cryptocurrency markets may have on the types of payment ransomware actors might demand. In this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how Russian espionage actors are exploiting the Follina vulnerability, the release of the latest version of Metasploit, and a new phishing campaign that’s been underway on Facebook. We also discuss ransomware extensively, including what authorities were able to find when they took down the Netwalker ransomware gang, the increasing activity of the BlackCat ransomware, and some new research into the Hello XD ransomware. We also speculate about the impact turmoil on the cryptocurrency markets may have on the types of payment ransomware actors might demand. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E19_Ransomware_Follina_BlackCat.mp3Thu, 16 Jun 2022 13:00:00 +000000:28:10false194fullThe Follina Microsoft Office vulnerability, Conti break-up, and more ransomware activityOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the recently discovered Follina vulnerability in Microsoft Office, as well as some recent ransomware stories. One thing we talk about is the apparent break up of the Conti ransomware gang, with evidence pointing to the group folding itself into other ransomware gangs, including Hive, which carried out a recent attack on the health service in Costa Rica. The Clop and REvil names have also appeared in news reports in recent weeks, but are these ransomware gangs really back? And what are the signs of pre-ransomware activity that organizations need to look out for on their networks because they may indicate a ransomware attack in preparation? On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the recently discovered Follina vulnerability in Microsoft Office, as well as some recent ransomware stories. One thing we talk about is the apparent break up of the Conti ransomware gang, with evidence pointing to the group folding itself into other ransomware gangs, including Hive, which carried out a recent attack on the health service in Costa Rica. The Clop and REvil names have also appeared in news reports in recent weeks, but are these ransomware gangs really back? And what are the signs of pre-ransomware activity that organizations need to look out for on their networks because they may indicate a ransomware attack in preparation? On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the recently discovered Follina vulnerability in Microsoft Office, as well as some recent ransomware stories. One thing we talk about is the apparent break up of the Conti ransomware gang, with evidence pointing to the group folding itself into other ransomware gangs, including Hive, which carried out a recent attack on the health service in Costa Rica. The Clop and REvil names have also appeared in news reports in recent weeks, but are these ransomware gangs really back? And what are the signs of pre-ransomware activity that organizations need to look out for on their networks because they may indicate a ransomware attack in preparation? https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E18_Follina_Conti_Ransomware.mp3Thu, 02 Jun 2022 13:00:00 +000000:26:10false184fullChinese cyber-espionage activity, Conti gang threatens Costa Rica government, and U.S. warns about North Korean citizens seeking jobs in ITIn this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman discuss the recent in-depth whitepaper the Symantec Threat Hunter team produced about Chinese cyber-espionage activity, which details the most active groups operating out of that country at the moment, as well as the tactics, tools, and procedures they leverage, the custom malware they use, and who their victims tend to be. We also talk about recent warnings from U.S. authorities about North Korean nationals posing as citizens of other countries to gain employment, and threats from the Conti ransomware gang to “overthrow” the government of Costa Rica. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman discuss the recent in-depth whitepaper the Symantec Threat Hunter team produced about Chinese cyber-espionage activity, which details the most active groups operating out of that country at the moment, as well as the tactics, tools, and procedures they leverage, the custom malware they use, and who their victims tend to be. We also talk about recent warnings from U.S. authorities about North Korean nationals posing as citizens of other countries to gain employment, and threats from the Conti ransomware gang to “overthrow” the government of Costa Rica. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O Gorman discuss the recent in-depth whitepaper the Symantec Threat Hunter team produced about Chinese cyber-espionage activity, which details the most active groups operating out of that country at the moment, as well as the tactics, tools, and procedures they leverage, the custom malware they use, and who their victims tend to be. We also talk about recent warnings from U.S. authorities about North Korean nationals posing as citizens of other countries to gain employment, and threats from the Conti ransomware gang to “overthrow” the government of Costa Rica. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E17_China_Cyber_Espionage_North_Korea_Conti_Ransomware.mp3Thu, 19 May 2022 13:00:00 +000000:25:45false174fullNorth Korea’s Stonefly, commodity malware, and the potential return of the REvil ransomwareIn the latest Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the recent research published by Symantec’s Threat Hunter Team, including our blog about the activity of North Korean APT group Stonefly, and our latest whitepaper on the topic of Commodity Malware. We also talk about some stories that were in the news over the last week or so, including the possible return of the REvil/Sodinokibi ransomware gang, a new loader called Bumblebee that might be a successor to BazarLoader, and a China-on-Russia intelligence-gathering attack. In the latest Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the recent research published by Symantec’s Threat Hunter Team, including our blog about the activity of North Korean APT group Stonefly, and our latest whitepaper on the topic of Commodity Malware. We also talk about some stories that were in the news over the last week or so, including the possible return of the REvil/Sodinokibi ransomware gang, a new loader called Bumblebee that might be a successor to BazarLoader, and a China-on-Russia intelligence-gathering attack. In the latest Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the recent research published by Symantec’s Threat Hunter Team, including our blog about the activity of North Korean APT group Stonefly, and our latest whitepaper on the topic of Commodity Malware. We also talk about some stories that were in the news over the last week or so, including the possible return of the REvil/Sodinokibi ransomware gang, a new loader called Bumblebee that might be a successor to BazarLoader, and a China-on-Russia intelligence-gathering attack. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E16_Stonefly_REvil_Cobalt_Strike.mp3Thu, 05 May 2022 13:00:00 +000000:31:58false164fullShuckworm targets Ukraine, Lazarus Dream Job campaign continues, and two dark marketplaces get taken downOn this week’s Cyber Security Brief, Brigid O Gorman is joined by Symantec threat researchers John-Paul Power and Alan Neville. In this week’s podcast we discuss some recent research published by Symantec detailing new activity in the Dream Job campaign carried out by the North Korean Lazarus APT group, as well as continuing attacks aimed at Ukraine carried out by the Russia-linked APT group Shuckworm. Also, we talk about a critical vulnerability in the Windows Remote Procedure Call Runtime (RPC) protocol, the shut down of two well-known dark marketplaces, and the emergence of a new marketplace offering stolen data for sale.On this week’s Cyber Security Brief, Brigid O Gorman is joined by Symantec threat researchers John-Paul Power and Alan Neville. In this week’s podcast we discuss some recent research published by Symantec detailing new activity in the Dream Job campaign carried out by the North Korean Lazarus APT group, as well as continuing attacks aimed at Ukraine carried out by the Russia-linked APT group Shuckworm. Also, we talk about a critical vulnerability in the Windows Remote Procedure Call Runtime (RPC) protocol, the shut down of two well-known dark marketplaces, and the emergence of a new marketplace offering stolen data for sale.On this week’s Cyber Security Brief, Brigid O Gorman is joined by Symantec threat researchers John-Paul Power and Alan Neville. In this week’s podcast we discuss some recent research published by Symantec detailing new activity in the Dream Job campaign carried out by the North Korean Lazarus APT group, as well as continuing attacks aimed at Ukraine carried out by the Russia-linked APT group Shuckworm. Also, we talk about a critical vulnerability in the Windows Remote Procedure Call Runtime (RPC) protocol, the shut down of two well-known dark marketplaces, and the emergence of a new marketplace offering stolen data for sale.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E15_Shuckworm_Lazarus_Dreamjob_Takedowns.mp3Thu, 21 Apr 2022 13:00:00 +000000:27:42false154fullSpring4Shell, Cicada campaign, new Verblecon malware, and Ukraine invasion cyber activity updateOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the research published by Symantec’s Threat Hunter team over the past couple of weeks, including a new Cicada/APT10 espionage campaign targeting government organizations and NGOs in multiple countries worldwide. We discuss the new Verblecon malware, which is being deployed in sophisticated campaigns that appear to have the relatively low-reward goal of cryptocurrency mining as their main objective. We also talk about the Spring4Shell vulnerability that briefly caused a lot of consternation last week, and give an update about the latest information that has emerged about the cyber activity that has been seen targeting organizations in Ukraine. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the research published by Symantec’s Threat Hunter team over the past couple of weeks, including a new Cicada/APT10 espionage campaign targeting government organizations and NGOs in multiple countries worldwide. We discuss the new Verblecon malware, which is being deployed in sophisticated campaigns that appear to have the relatively low-reward goal of cryptocurrency mining as their main objective. We also talk about the Spring4Shell vulnerability that briefly caused a lot of consternation last week, and give an update about the latest information that has emerged about the cyber activity that has been seen targeting organizations in Ukraine. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of the research published by Symantec’s Threat Hunter team over the past couple of weeks, including a new Cicada/APT10 espionage campaign targeting government organizations and NGOs in multiple countries worldwide. We discuss the new Verblecon malware, which is being deployed in sophisticated campaigns that appear to have the relatively low-reward goal of cryptocurrency mining as their main objective. We also talk about the Spring4Shell vulnerability that briefly caused a lot of consternation last week, and give an update about the latest information that has emerged about the cyber activity that has been seen targeting organizations in Ukraine. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E14-Spring4Shell-Cicada-Verblecon-Ukraine.mp3Thu, 07 Apr 2022 13:00:00 +000000:23:38false144fullWhat you need to know about hacking group Lapsus$, cyber impacts of Ukraine invasion, and BazarBackdoor deploys new tacticsIn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien talk about extortion hacking group Lapsus$, which has made headlines in recent weeks by claiming to have compromised numerous high-profile companies including Microsoft, Okta, and Nvidia. We tell you what we know so far about this controversial new actor. We also discuss the impact the Russian invasion of Ukraine has had in the world of cyber security, from Russia potentially running out of data storage facilities due to international cloud providers pulling out of the country, to warnings about attacks on critical infrastructure being issued by authorities in the U.S. and the UK. Finally, the BazarBackdoor malware is seen deploying some new tactics.In this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien talk about extortion hacking group Lapsus$, which has made headlines in recent weeks by claiming to have compromised numerous high-profile companies including Microsoft, Okta, and Nvidia. We tell you what we know so far about this controversial new actor. We also discuss the impact the Russian invasion of Ukraine has had in the world of cyber security, from Russia potentially running out of data storage facilities due to international cloud providers pulling out of the country, to warnings about attacks on critical infrastructure being issued by authorities in the U.S. and the UK. Finally, the BazarBackdoor malware is seen deploying some new tactics.In this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien talk about extortion hacking group Lapsus$, which has made headlines in recent weeks by claiming to have compromised numerous high-profile companies including Microsoft, Okta, and Nvidia. We tell you what we know so far about this controversial new actor. We also discuss the impact the Russian invasion of Ukraine has had in the world of cyber security, from Russia potentially running out of data storage facilities due to international cloud providers pulling out of the country, to warnings about attacks on critical infrastructure being issued by authorities in the U.S. and the UK. Finally, the BazarBackdoor malware is seen deploying some new tactics.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E13_Lapsus_Ukraine_Critical_Infrastructure.mp3Thu, 24 Mar 2022 14:00:00 +000000:30:54false134fullDaxin special: How this advanced malware was discoveredIn this special edition of the podcast, Dick O’Brien is joined by Symantec threat researchers and analysts Piotr Krysiuk and Vikram Thakur to discuss the Symantec Threat Hunter team’s discovery of Daxin, which is the most advanced piece of malware we have seen from China-linked actors. We published a blog about the discovery of Daxin last week, as well as two in-depth technical blogs with more information on the tool this week. Piotr discusses his work analyzing the malware, and when he realized the significance of this discovery, while Vikram talks about liaising with customers impacted by the malware as well as working with the Cyber Security and Infrastructure Security Agency (CISA) to engage with multiple foreign governments targeted with Daxin to assist with detection and remediation.In this special edition of the podcast, Dick O’Brien is joined by Symantec threat researchers and analysts Piotr Krysiuk and Vikram Thakur to discuss the Symantec Threat Hunter team’s discovery of Daxin, which is the most advanced piece of malware we have seen from China-linked actors. We published a blog about the discovery of Daxin last week, as well as two in-depth technical blogs with more information on the tool this week. Piotr discusses his work analyzing the malware, and when he realized the significance of this discovery, while Vikram talks about liaising with customers impacted by the malware as well as working with the Cyber Security and Infrastructure Security Agency (CISA) to engage with multiple foreign governments targeted with Daxin to assist with detection and remediation.In this special edition of the podcast, Dick O’Brien is joined by Symantec threat researchers and analysts Piotr Krysiuk and Vikram Thakur to discuss the Symantec Threat Hunter team’s discovery of Daxin, which is the most advanced piece of malware we have seen from China-linked actors. We published a blog about the discovery of Daxin last week, as well as two in-depth technical blogs with more information on the tool this week. Piotr discusses his work analyzing the malware, and when he realized the significance of this discovery, while Vikram talks about liaising with customers impacted by the malware as well as working with the Cyber Security and Infrastructure Security Agency (CISA) to engage with multiple foreign governments targeted with Daxin to assist with detection and remediation.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E12_Daxin.mp3Thu, 10 Mar 2022 14:00:00 +000000:30:14false124fullHive and BlackByte ransomware, the money made by cyber criminals, and BEC scammers’ new tacticsIn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some of the activity we saw in Ukraine prior to the escalation of the last couple of days. We also heavily cover ransomware in this podcast, including discussing a recent FBI alert about the BlackByte ransomware, and a possible decryptor for the Hive ransomware, as well as some research into how long ransomware gangs are remaining active for these days and the amount of money they are making. Finally, we also discuss how BEC scammers are leveraging virtual meeting platforms in their attacks.In this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some of the activity we saw in Ukraine prior to the escalation of the last couple of days. We also heavily cover ransomware in this podcast, including discussing a recent FBI alert about the BlackByte ransomware, and a possible decryptor for the Hive ransomware, as well as some research into how long ransomware gangs are remaining active for these days and the amount of money they are making. Finally, we also discuss how BEC scammers are leveraging virtual meeting platforms in their attacks.In this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some of the activity we saw in Ukraine prior to the escalation of the last couple of days. We also heavily cover ransomware in this podcast, including discussing a recent FBI alert about the BlackByte ransomware, and a possible decryptor for the Hive ransomware, as well as some research into how long ransomware gangs are remaining active for these days and the amount of money they are making. Finally, we also discuss how BEC scammers are leveraging virtual meeting platforms in their attacks.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E11_Ukraine_ransomware_BEC_scams.mp3Thu, 24 Feb 2022 14:20:07 +000000:23:33false114fullFBI seizes $3.6 billion in cryptocurrency, cyber attacks against Ukraine continue, and financial organizations in Taiwan targetedIn this week’s Cyber Security Brief podcast, Dick O’Brien and Alan Neville discuss how Chinese state-backed advanced persistent threat (APT) group Antlion targeted financial institutions in Taiwan in a persistent campaign over the course of at least 18 months. Also up for discussion is the recent arrest of a New York couple and the seizure of $3.6 billion in cryptocurrency allegedly linked to the 2016 Bitfinex hack, as well as continuing attacks carried out by the Russia-linked Shuckworm APT group against targets in Ukraine.In this week’s Cyber Security Brief podcast, Dick O’Brien and Alan Neville discuss how Chinese state-backed advanced persistent threat (APT) group Antlion targeted financial institutions in Taiwan in a persistent campaign over the course of at least 18 months. Also up for discussion is the recent arrest of a New York couple and the seizure of $3.6 billion in cryptocurrency allegedly linked to the 2016 Bitfinex hack, as well as continuing attacks carried out by the Russia-linked Shuckworm APT group against targets in Ukraine.In this week’s Cyber Security Brief podcast, Dick O’Brien and Alan Neville discuss how Chinese state-backed advanced persistent threat (APT) group Antlion targeted financial institutions in Taiwan in a persistent campaign over the course of at least 18 months. Also up for discussion is the recent arrest of a New York couple and the seizure of $3.6 billion in cryptocurrency allegedly linked to the 2016 Bitfinex hack, as well as continuing attacks carried out by the Russia-linked Shuckworm APT group against targets in Ukraine.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E10.mp3Thu, 10 Feb 2022 14:00:00 +000000:19:27false104fullUkraine cyber attacks, law enforcement activity, and a Noberus ransomware attackIn this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss the tumultuous situation in Ukraine, where cyber attacks, including destructive cyber attacks, have been aimed at government and private sector organizations. The WhisperGate attacks, as they have been dubbed, have been compared by many to the infamous 2017 NotPetya wiper attacks. Also up for discussion is recent law enforcement activity aimed at cyber criminals in Russia and elsewhere, and some ransomware news, including a Noberus ransomware attack, and the FBI officially linking the Diavol ransomware to the creators of Trickbot and Conti.In this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss the tumultuous situation in Ukraine, where cyber attacks, including destructive cyber attacks, have been aimed at government and private sector organizations. The WhisperGate attacks, as they have been dubbed, have been compared by many to the infamous 2017 NotPetya wiper attacks. Also up for discussion is recent law enforcement activity aimed at cyber criminals in Russia and elsewhere, and some ransomware news, including a Noberus ransomware attack, and the FBI officially linking the Diavol ransomware to the creators of Trickbot and Conti.In this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss the tumultuous situation in Ukraine, where cyber attacks, including destructive cyber attacks, have been aimed at government and private sector organizations. The WhisperGate attacks, as they have been dubbed, have been compared by many to the infamous 2017 NotPetya wiper attacks. Also up for discussion is recent law enforcement activity aimed at cyber criminals in Russia and elsewhere, and some ransomware news, including a Noberus ransomware attack, and the FBI officially linking the Diavol ransomware to the creators of Trickbot and Conti.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E09_Ukraine_Whispergate_ransomware.mp3Thu, 27 Jan 2022 14:00:00 +000000:27:23false94fullBadUSB attacks, a new backdoor, and how one APT group managed to infect itself with malwareWelcome to the first Cyber Security Brief of 2022! In this week’s podcast, Dick O’Brien and Brigid O Gorman chat about some of the biggest news stories of the last couple of weeks. The topics up for discussion in this episode include: FIN7 BadUSB attacks return, an interesting new multi-platform backdoor, and the latest way attackers are attempting to abuse Google Docs. Also, a jump in the number of extortion DDoS attacks, how payments to suspicious cryptocurrency wallets have exploded in recent months, corruption of open source libraries as a form of protest, and how one APT group managed to infect itself with its own malware. Welcome to the first Cyber Security Brief of 2022! In this week’s podcast, Dick O’Brien and Brigid O Gorman chat about some of the biggest news stories of the last couple of weeks. The topics up for discussion in this episode include: FIN7 BadUSB attacks return, an interesting new multi-platform backdoor, and the latest way attackers are attempting to abuse Google Docs. Also, a jump in the number of extortion DDoS attacks, how payments to suspicious cryptocurrency wallets have exploded in recent months, corruption of open source libraries as a form of protest, and how one APT group managed to infect itself with its own malware. Welcome to the first Cyber Security Brief of 2022! In this week’s podcast, Dick O’Brien and Brigid O Gorman chat about some of the biggest news stories of the last couple of weeks. The topics up for discussion in this episode include: FIN7 BadUSB attacks return, an interesting new multi-platform backdoor, and the latest way attackers are attempting to abuse Google Docs. Also, a jump in the number of extortion DDoS attacks, how payments to suspicious cryptocurrency wallets have exploded in recent months, corruption of open source libraries as a form of protest, and how one APT group managed to infect itself with its own malware. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E08.mp3Thu, 13 Jan 2022 14:00:00 +000000:21:58false84fullLog4j vulnerabilities, likely Iran-backed attacks on telecoms companies, and new Rust-based Noberus ransomwareOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec Threat Analyst Alan Neville to discuss the vulnerabilities in Apache Log4j that made lots of headlines this week. We also discuss two other blogs that Symantec published this week, including one looking at an attack campaign aimed at telecoms companies in the Middle East and Asia that appears likely to have originated from Iran-based attackers. Meanwhile, we also talk about a blog we published covering details about a new Rust-based malware we have dubbed Noberus (ALPHV/BlackCat). This is our last Cyber Security Brief podcast of 2021, we will be back on January 13. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec Threat Analyst Alan Neville to discuss the vulnerabilities in Apache Log4j that made lots of headlines this week. We also discuss two other blogs that Symantec published this week, including one looking at an attack campaign aimed at telecoms companies in the Middle East and Asia that appears likely to have originated from Iran-based attackers. Meanwhile, we also talk about a blog we published covering details about a new Rust-based malware we have dubbed Noberus (ALPHV/BlackCat). This is our last Cyber Security Brief podcast of 2021, we will be back on January 13. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec Threat Analyst Alan Neville to discuss the vulnerabilities in Apache Log4j that made lots of headlines this week. We also discuss two other blogs that Symantec published this week, including one looking at an attack campaign aimed at telecoms companies in the Middle East and Asia that appears likely to have originated from Iran-based attackers. Meanwhile, we also talk about a blog we published covering details about a new Rust-based malware we have dubbed Noberus (ALPHV/BlackCat). This is our last Cyber Security Brief podcast of 2021, we will be back on January 13. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E07_log4j_noberus_blackcat_telecoms_attacks.mp3Thu, 16 Dec 2021 14:00:00 +000000:28:17false74fullYanluowang ransomware update, possible Conti link to Emotet, and the importance of strong passwords On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the latest Symantec blog, some updated research about the Yanluowang ransomware gang, with fresh activity appearing to show that this ransomware isn’t a flash-in-the-pan. We also discuss how quickly exposed cloud services are compromised by malicious actors, how off-putting strong passwords are for attackers employing brute-forcing techniques, and apparent attempts by Russian hackers to collaborate with Chinese-speaking actors. Also, the Conti gang’s possible role in the return of Emotet, and North Korean actors continue to target security researchers with fake job offers.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the latest Symantec blog, some updated research about the Yanluowang ransomware gang, with fresh activity appearing to show that this ransomware isn’t a flash-in-the-pan. We also discuss how quickly exposed cloud services are compromised by malicious actors, how off-putting strong passwords are for attackers employing brute-forcing techniques, and apparent attempts by Russian hackers to collaborate with Chinese-speaking actors. Also, the Conti gang’s possible role in the return of Emotet, and North Korean actors continue to target security researchers with fake job offers.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the latest Symantec blog, some updated research about the Yanluowang ransomware gang, with fresh activity appearing to show that this ransomware isn’t a flash-in-the-pan. We also discuss how quickly exposed cloud services are compromised by malicious actors, how off-putting strong passwords are for attackers employing brute-forcing techniques, and apparent attempts by Russian hackers to collaborate with Chinese-speaking actors. Also, the Conti gang’s possible role in the return of Emotet, and North Korean actors continue to target security researchers with fake job offers.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E06_Yanluowang_Conti_Ransomware_Passwords.mp3Thu, 02 Dec 2021 14:00:00 +000000:23:01false64fullAttacks on critical infrastructure, ransomware arrests, and the return of Emotet?On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some recent attack campaigns aimed at critical infrastructure organizations in several countries around the world, the possible return of the Emotet botnet, and some law enforcement activity that has led to the arrest of people involved with both the REvil and Gandcrab ransomware. We also discuss some new techniques being used by the BazarLoader gang, and an FBI system being compromised and used to send out fake information security alerts. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some recent attack campaigns aimed at critical infrastructure organizations in several countries around the world, the possible return of the Emotet botnet, and some law enforcement activity that has led to the arrest of people involved with both the REvil and Gandcrab ransomware. We also discuss some new techniques being used by the BazarLoader gang, and an FBI system being compromised and used to send out fake information security alerts. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some recent attack campaigns aimed at critical infrastructure organizations in several countries around the world, the possible return of the Emotet botnet, and some law enforcement activity that has led to the arrest of people involved with both the REvil and Gandcrab ransomware. We also discuss some new techniques being used by the BazarLoader gang, and an FBI system being compromised and used to send out fake information security alerts. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E05_Emotet_Ransomware_Critical_Infrastructure.mp3Thu, 18 Nov 2021 14:00:00 +000000:22:05false54fullBlackMatter updates, lots of law enforcement activity, and new SquirrelWaffle malware is one to watchOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of our recent blogs, including at least one BlackMatter ransomware affiliate using a new data exfiltration tool in attacks, and also the breaking news that the BlackMatter ransomware operation is apparently winding down. We also discuss another recent blog we published about banking Trojan activity in Latin America, while recent law enforcement activity cracking down on ransomware criminals is also up for discussion. Elsewhere, we also talk about SquirrelWaffle, a reasonably new malware that is used as a loader and has been mentioned as a potential successor to the notorious Emotet for the delivery of threats. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of our recent blogs, including at least one BlackMatter ransomware affiliate using a new data exfiltration tool in attacks, and also the breaking news that the BlackMatter ransomware operation is apparently winding down. We also discuss another recent blog we published about banking Trojan activity in Latin America, while recent law enforcement activity cracking down on ransomware criminals is also up for discussion. Elsewhere, we also talk about SquirrelWaffle, a reasonably new malware that is used as a loader and has been mentioned as a potential successor to the notorious Emotet for the delivery of threats. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of our recent blogs, including at least one BlackMatter ransomware affiliate using a new data exfiltration tool in attacks, and also the breaking news that the BlackMatter ransomware operation is apparently winding down. We also discuss another recent blog we published about banking Trojan activity in Latin America, while recent law enforcement activity cracking down on ransomware criminals is also up for discussion. Elsewhere, we also talk about SquirrelWaffle, a reasonably new malware that is used as a loader and has been mentioned as a potential successor to the notorious Emotet for the delivery of threats. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E04_Blackmatter_ransomware_banking_trojan.mp3Thu, 04 Nov 2021 14:00:00 +000000:24:28false44fullNew research about the Yanluowang ransomware and two separate campaigns targeting victims in AsiaOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss several new blogs that the Symantec Threat Hunter Team has published recently. Firstly, we uncovered a new ransomware threat that we dubbed Yanluowang, which appears to be deployed in a targeted fashion and is certainly a new threat as various indications point towards it still being in development. We also published two blogs detailing two separate campaigns targeting organizations in Asia. The Harvester group is a previously unknown, likely nation-state backed group targeting victims in South Asia, while elsewhere a new espionage campaign is targeting the defense, healthcare, and ICT sectors in South East Asia. Meanwhile, we also discuss new activity from a targeted attack group dubbed LightBasin, and the return of the Lyceum group.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss several new blogs that the Symantec Threat Hunter Team has published recently. Firstly, we uncovered a new ransomware threat that we dubbed Yanluowang, which appears to be deployed in a targeted fashion and is certainly a new threat as various indications point towards it still being in development. We also published two blogs detailing two separate campaigns targeting organizations in Asia. The Harvester group is a previously unknown, likely nation-state backed group targeting victims in South Asia, while elsewhere a new espionage campaign is targeting the defense, healthcare, and ICT sectors in South East Asia. Meanwhile, we also discuss new activity from a targeted attack group dubbed LightBasin, and the return of the Lyceum group.On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss several new blogs that the Symantec Threat Hunter Team has published recently. Firstly, we uncovered a new ransomware threat that we dubbed Yanluowang, which appears to be deployed in a targeted fashion and is certainly a new threat as various indications point towards it still being in development. We also published two blogs detailing two separate campaigns targeting organizations in Asia. The Harvester group is a previously unknown, likely nation-state backed group targeting victims in South Asia, while elsewhere a new espionage campaign is targeting the defense, healthcare, and ICT sectors in South East Asia. Meanwhile, we also discuss new activity from a targeted attack group dubbed LightBasin, and the return of the Lyceum group.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E03_Yanluowang_ransomware_Harvester_Asia_attacks.mp3Thu, 21 Oct 2021 13:00:00 +000000:20:09false34fullGovernments tackle cyber crime, ransomware arrests, and an interesting phishing campaignOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how the UK and the U.S. are planning to increase their efforts to tackle cyber crime, ransomware being blamed in court for the death of a baby, and the arrests of some ransomware criminals in Ukraine. Also, the Conti ransomware gang makes some threats, evidence of the Pegasus spyware allegedly found on the phones of French cabinet ministers, and an interesting targeted phishing campaign. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how the UK and the U.S. are planning to increase their efforts to tackle cyber crime, ransomware being blamed in court for the death of a baby, and the arrests of some ransomware criminals in Ukraine. Also, the Conti ransomware gang makes some threats, evidence of the Pegasus spyware allegedly found on the phones of French cabinet ministers, and an interesting targeted phishing campaign. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how the UK and the U.S. are planning to increase their efforts to tackle cyber crime, ransomware being blamed in court for the death of a baby, and the arrests of some ransomware criminals in Ukraine. Also, the Conti ransomware gang makes some threats, evidence of the Pegasus spyware allegedly found on the phones of French cabinet ministers, and an interesting targeted phishing campaign. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E02_Ransomware_Conti_Pegasus_Phishing.mp3Thu, 07 Oct 2021 13:00:00 +000000:20:47false24fullA new ransomware whitepaper and some recent ransomware stories, plus new botnet is carrying out giant DDoS attacksWe are back for Season 4 after our summer break, and on this week’s Cyber Security Brief podcast Dick O’Brien and Brigid O Gorman spend a lot of time discussing the subject that also dominated the last season of the podcast - ransomware. We discuss some of the ransomware stories we missed while we were off air, as well as a ransomware whitepaper we recently worked on and made available to our customers. Apart from ransomware, we also discuss Mēris - a huge botnet that emerged over the summer and has aimed massive DDoS attacks at various organizations around the world. We are back for Season 4 after our summer break, and on this week’s Cyber Security Brief podcast Dick O’Brien and Brigid O Gorman spend a lot of time discussing the subject that also dominated the last season of the podcast - ransomware. We discuss some of the ransomware stories we missed while we were off air, as well as a ransomware whitepaper we recently worked on and made available to our customers. Apart from ransomware, we also discuss Mēris - a huge botnet that emerged over the summer and has aimed massive DDoS attacks at various organizations around the world. We are back for Season 4 after our summer break, and on this week’s Cyber Security Brief podcast Dick O’Brien and Brigid O Gorman spend a lot of time discussing the subject that also dominated the last season of the podcast - ransomware. We discuss some of the ransomware stories we missed while we were off air, as well as a ransomware whitepaper we recently worked on and made available to our customers. Apart from ransomware, we also discuss Mēris - a huge botnet that emerged over the summer and has aimed massive DDoS attacks at various organizations around the world. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S04E01_Ransomware_Meris_DDoS.mp3Thu, 23 Sep 2021 13:00:00 +000000:22:05false14fullRansomware, the rising cost of data breaches, and the U.S. points finger at China for Microsoft Exchange Server attacksOn this week’s Cyber Security Brief, we discuss some recent ransomware stories, as well as giving a sneak peek into some research we have been doing into ransomware. We also talk about recent announcements from U.S. authorities that attributed some recent cyber attacks, including the Microsoft Exchange Server campaign, to Chinese actors, and we also discuss the rising cost of data breaches. This is the last podcast of season 3, we will be taking a short break and will return with new episodes in September.On this week’s Cyber Security Brief, we discuss some recent ransomware stories, as well as giving a sneak peek into some research we have been doing into ransomware. We also talk about recent announcements from U.S. authorities that attributed some recent cyber attacks, including the Microsoft Exchange Server campaign, to Chinese actors, and we also discuss the rising cost of data breaches. This is the last podcast of season 3, we will be taking a short break and will return with new episodes in September.On this week’s Cyber Security Brief, we discuss some recent ransomware stories, as well as giving a sneak peek into some research we have been doing into ransomware. We also talk about recent announcements from U.S. authorities that attributed some recent cyber attacks, including the Microsoft Exchange Server campaign, to Chinese actors, and we also discuss the rising cost of data breaches. This is the last podcast of season 3, we will be taking a short break and will return with new episodes in September.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E21_ransomware_data_breaches.mp3Thu, 29 Jul 2021 13:00:00 +000000:24:04false213fullKaseya ransomware supply chain attack, new SolarWinds vulnerability, and the rising cost of cyber insuranceOn this week’s Cyber Security Brief, Gavin O’Gorman joins us to discuss the Kaseya ransomware supply chain attack that occurred over the July 4 holiday weekend in the U.S. The REvil/Sodinokibi ransomware gang were behind this attack, and Gavin and Dick O’Brien discuss whether this is a sign that we now need to be aware of ransomware actors targeting victims through supply chain attacks, which would more traditionally be associated with state-sponsored hackers, as well as some of the other interesting aspects of this attack. Meanwhile, Brigid O Gorman discusses the latest news of a new vulnerability in SolarWinds software being exploited by a Chinese hacking group, energy companies being targeted in a year-long espionage campaign, and the rising cost of cyber insurance.On this week’s Cyber Security Brief, Gavin O’Gorman joins us to discuss the Kaseya ransomware supply chain attack that occurred over the July 4 holiday weekend in the U.S. The REvil/Sodinokibi ransomware gang were behind this attack, and Gavin and Dick O’Brien discuss whether this is a sign that we now need to be aware of ransomware actors targeting victims through supply chain attacks, which would more traditionally be associated with state-sponsored hackers, as well as some of the other interesting aspects of this attack. Meanwhile, Brigid O Gorman discusses the latest news of a new vulnerability in SolarWinds software being exploited by a Chinese hacking group, energy companies being targeted in a year-long espionage campaign, and the rising cost of cyber insurance.On this week’s Cyber Security Brief, Gavin O’Gorman joins us to discuss the Kaseya ransomware supply chain attack that occurred over the July 4 holiday weekend in the U.S. The REvil/Sodinokibi ransomware gang were behind this attack, and Gavin and Dick O’Brien discuss whether this is a sign that we now need to be aware of ransomware actors targeting victims through supply chain attacks, which would more traditionally be associated with state-sponsored hackers, as well as some of the other interesting aspects of this attack. Meanwhile, Brigid O Gorman discusses the latest news of a new vulnerability in SolarWinds software being exploited by a Chinese hacking group, energy companies being targeted in a year-long espionage campaign, and the rising cost of cyber insurance.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E20_Kaseya_Revil_Ransomware_SolarWinds.mp3Thu, 15 Jul 2021 13:00:00 +000000:31:55false203fullRansomware attackers using virtual machines, over-60s lost $1 billion online in 2020, and the EU launches a new cyber security unitOn this week’s Cyber Security Brief podcast, Dick O’Brien fills us in on the latest research we have published on our blog about how a growing number of ransomware attackers are using virtual machines in their attacks. We also discuss a few other ransomware-related stories, including REvil introducing a new Linux version of its ransomware, a Babuk ransomware builder being leaked online, and a couple of stories showing the amount of money that can be involved in ransomware operations. Elsewhere, the FBI recently released a report stating that over-60s lost around $1 billion through online fraud in 2020, the U.S. Secret Service released a cyber crime Most Wanted list, a FIN7 gang member was jailed, and the EU launched a new cyber security unit.On this week’s Cyber Security Brief podcast, Dick O’Brien fills us in on the latest research we have published on our blog about how a growing number of ransomware attackers are using virtual machines in their attacks. We also discuss a few other ransomware-related stories, including REvil introducing a new Linux version of its ransomware, a Babuk ransomware builder being leaked online, and a couple of stories showing the amount of money that can be involved in ransomware operations. Elsewhere, the FBI recently released a report stating that over-60s lost around $1 billion through online fraud in 2020, the U.S. Secret Service released a cyber crime Most Wanted list, a FIN7 gang member was jailed, and the EU launched a new cyber security unit.On this week’s Cyber Security Brief podcast, Dick O’Brien fills us in on the latest research we have published on our blog about how a growing number of ransomware attackers are using virtual machines in their attacks. We also discuss a few other ransomware-related stories, including REvil introducing a new Linux version of its ransomware, a Babuk ransomware builder being leaked online, and a couple of stories showing the amount of money that can be involved in ransomware operations. Elsewhere, the FBI recently released a report stating that over-60s lost around $1 billion through online fraud in 2020, the U.S. Secret Service released a cyber crime Most Wanted list, a FIN7 gang member was jailed, and the EU launched a new cyber security unit.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E19.mp3Thu, 01 Jul 2021 13:00:00 +000000:23:12false193fullRansomware, takedowns, and political promises to tackle cyber crimeIn this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss some of the biggest cyber security stories of the last two weeks. Ransomware has once again dominated the news headlines, with news about huge ransom payments and ransom recovery operations being reported. Meanwhile, cyber security comes to the fore in the political sphere following pronouncements from the G7 and NATO summits. Elsewhere, attackers leveraged Slack to attack one of the world’s biggest gaming companies, one of the largest online marketplaces for stolen credentials in the world was taken down by authorities, and how law enforcement used a backdoored chat app to spy on criminals, leading to hundreds of arrests.In this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss some of the biggest cyber security stories of the last two weeks. Ransomware has once again dominated the news headlines, with news about huge ransom payments and ransom recovery operations being reported. Meanwhile, cyber security comes to the fore in the political sphere following pronouncements from the G7 and NATO summits. Elsewhere, attackers leveraged Slack to attack one of the world’s biggest gaming companies, one of the largest online marketplaces for stolen credentials in the world was taken down by authorities, and how law enforcement used a backdoored chat app to spy on criminals, leading to hundreds of arrests.In this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss some of the biggest cyber security stories of the last two weeks. Ransomware has once again dominated the news headlines, with news about huge ransom payments and ransom recovery operations being reported. Meanwhile, cyber security comes to the fore in the political sphere following pronouncements from the G7 and NATO summits. Elsewhere, attackers leveraged Slack to attack one of the world’s biggest gaming companies, one of the largest online marketplaces for stolen credentials in the world was taken down by authorities, and how law enforcement used a backdoored chat app to spy on criminals, leading to hundreds of arrests.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E18.mp3Thu, 17 Jun 2021 13:00:00 +000000:26:38false183full In-depth look at the ransomware attack on Ireland’s national health service, as major meat producer JBS also hit with ransomwareOn this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researcher Gavin O’Gorman to discuss the Conti ransomware attack on Ireland’s national health service, how the response to this attack is going, and what the likely consequences of it may be. Elsewhere, another ransomware attack, this time on the world’s largest meat producer, JBS Foods, and Sweden’s Public Health Agency is also hit with some hack attempts. Meanwhile, the alleged leader of an ATM fraud gang responsible for stealing more than $1 billion from tourists, is arrested in Mexico.On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researcher Gavin O’Gorman to discuss the Conti ransomware attack on Ireland’s national health service, how the response to this attack is going, and what the likely consequences of it may be. Elsewhere, another ransomware attack, this time on the world’s largest meat producer, JBS Foods, and Sweden’s Public Health Agency is also hit with some hack attempts. Meanwhile, the alleged leader of an ATM fraud gang responsible for stealing more than $1 billion from tourists, is arrested in Mexico.On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researcher Gavin O’Gorman to discuss the Conti ransomware attack on Ireland’s national health service, how the response to this attack is going, and what the likely consequences of it may be. Elsewhere, another ransomware attack, this time on the world’s largest meat producer, JBS Foods, and Sweden’s Public Health Agency is also hit with some hack attempts. Meanwhile, the alleged leader of an ATM fraud gang responsible for stealing more than $1 billion from tourists, is arrested in Mexico.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E17_HSE_Cyberattack_Ransomware_JBS.mp3Thu, 03 Jun 2021 13:00:00 +000000:33:57false173fullColonial Pipeline attack, Darkside ransomware gang, and crypto mining makes a comebackIn this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman discuss the implications of the Colonial Pipeline ransomware attack and the activities of the group behind it, Darkside. We also talk about what appears to be a reasonably new ransomware - Avaddon - that has been used in a string of attacks recently, while we also discuss an idea Brian Krebs wrote about that could potentially help deter ransomware actors from infecting your network. Away from the world of ransomware we talk about Lemon Duck and something of a resurgence in crypto mining, while we also discuss what CISOs are most worried about in 2021. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman discuss the implications of the Colonial Pipeline ransomware attack and the activities of the group behind it, Darkside. We also talk about what appears to be a reasonably new ransomware - Avaddon - that has been used in a string of attacks recently, while we also discuss an idea Brian Krebs wrote about that could potentially help deter ransomware actors from infecting your network. Away from the world of ransomware we talk about Lemon Duck and something of a resurgence in crypto mining, while we also discuss what CISOs are most worried about in 2021. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman discuss the implications of the Colonial Pipeline ransomware attack and the activities of the group behind it, Darkside. We also talk about what appears to be a reasonably new ransomware - Avaddon - that has been used in a string of attacks recently, while we also discuss an idea Brian Krebs wrote about that could potentially help deter ransomware actors from infecting your network. Away from the world of ransomware we talk about Lemon Duck and something of a resurgence in crypto mining, while we also discuss what CISOs are most worried about in 2021. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E16_Darkside_Ransomware_LemonDuck.mp3Thu, 20 May 2021 13:30:00 +000000:23:17false163fullMFA causes headaches for attackers, and a look at living off the land activityOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some research we have recently been working on at Symantec. First, we discuss a blog we published this week, which looks at multi-factor authentication and how it has become a headache for malicious actors, leading them to adopt new attack techniques in an attempt to bypass or avoid it completely. We also discuss a report that we shared with customers recently looking at living off the land attack techniques and the activity and trends in that area, as well as some steps you can take to try and protect your network from this kind of activity. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some research we have recently been working on at Symantec. First, we discuss a blog we published this week, which looks at multi-factor authentication and how it has become a headache for malicious actors, leading them to adopt new attack techniques in an attempt to bypass or avoid it completely. We also discuss a report that we shared with customers recently looking at living off the land attack techniques and the activity and trends in that area, as well as some steps you can take to try and protect your network from this kind of activity. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some research we have recently been working on at Symantec. First, we discuss a blog we published this week, which looks at multi-factor authentication and how it has become a headache for malicious actors, leading them to adopt new attack techniques in an attempt to bypass or avoid it completely. We also discuss a report that we shared with customers recently looking at living off the land attack techniques and the activity and trends in that area, as well as some steps you can take to try and protect your network from this kind of activity. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E15_MFA_Living_off_the_land.mp3Thu, 06 May 2021 13:00:00 +000000:26:50false153fullPulse Secure VPN zero-day, SolarWinds and Exchange Server developments, and spies approach UK employees on social mediaOn this week’s Cyber Security Brief, Alan Neville joins Brigid O Gorman and Dick O’Brien to discuss the recent discovery of a zero-day vulnerability in popular VPN product Pulse Secure. We also discuss some recent developments in the SolarWinds and Microsoft Exchange Server stories. Finally, we discuss a recent potential data breach at software testing company Codecov, and look at why UK authorities are warning government employees about potential approaches from foreign spies on social media. On this week’s Cyber Security Brief, Alan Neville joins Brigid O Gorman and Dick O’Brien to discuss the recent discovery of a zero-day vulnerability in popular VPN product Pulse Secure. We also discuss some recent developments in the SolarWinds and Microsoft Exchange Server stories. Finally, we discuss a recent potential data breach at software testing company Codecov, and look at why UK authorities are warning government employees about potential approaches from foreign spies on social media. On this week’s Cyber Security Brief, Alan Neville joins Brigid O Gorman and Dick O’Brien to discuss the recent discovery of a zero-day vulnerability in popular VPN product Pulse Secure. We also discuss some recent developments in the SolarWinds and Microsoft Exchange Server stories. Finally, we discuss a recent potential data breach at software testing company Codecov, and look at why UK authorities are warning government employees about potential approaches from foreign spies on social media. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E14_Pulse_Secure_SolarWinds.mp3Thu, 22 Apr 2021 13:00:00 +000000:21:56false143fullFacebook data leak, cyber attack aimed at EU institutions, and cyber criminals use a call center to spread malwareOn this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the big Facebook data leak that has made headlines around the world this week, as well as a cyber attack aimed at European Union institutions, and a cyber incident impacting Australia’s parliament. We also discuss warnings from authorities in the U.S. about attackers attempting to exploit vulnerabilities in Fortinet FortiOS, while authorities in the UK have issued warnings about an increased risk of ransomware attacks targeting the education sector. Meanwhile, some cyber criminals have started using call centers to distribute malware, with the tactic reportedly proving quite successful for several cyber crime groups. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the big Facebook data leak that has made headlines around the world this week, as well as a cyber attack aimed at European Union institutions, and a cyber incident impacting Australia’s parliament. We also discuss warnings from authorities in the U.S. about attackers attempting to exploit vulnerabilities in Fortinet FortiOS, while authorities in the UK have issued warnings about an increased risk of ransomware attacks targeting the education sector. Meanwhile, some cyber criminals have started using call centers to distribute malware, with the tactic reportedly proving quite successful for several cyber crime groups. On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the big Facebook data leak that has made headlines around the world this week, as well as a cyber attack aimed at European Union institutions, and a cyber incident impacting Australia’s parliament. We also discuss warnings from authorities in the U.S. about attackers attempting to exploit vulnerabilities in Fortinet FortiOS, while authorities in the UK have issued warnings about an increased risk of ransomware attacks targeting the education sector. Meanwhile, some cyber criminals have started using call centers to distribute malware, with the tactic reportedly proving quite successful for several cyber crime groups. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E13.mp3Thu, 08 Apr 2021 13:35:56 +000000:17:58false133fullRansomware attackers leverage the Microsoft Exchange Server vulns, WeLeakInfo users hit by data breach, and ransomware payments increaseOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss how ransomware attackers are now attempting to leverage the vulnerabilities in Microsoft Exchange Server. We also talk about an interesting interview given by one of the ReEvil ransomware gang to Recorded Future, evidence that ransomware payments increased over the last year, and the users of WeLeakInfo falling victim to their own data breach. Also, we warn U.S. taxpayers to be on the lookout for phishing campaigns at this time of year, and the hacker who made headlines a few weeks ago for hacking security cameras used in Tesla offices and elsewhere is indicted on numerous hacking charges in the U.S. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss how ransomware attackers are now attempting to leverage the vulnerabilities in Microsoft Exchange Server. We also talk about an interesting interview given by one of the ReEvil ransomware gang to Recorded Future, evidence that ransomware payments increased over the last year, and the users of WeLeakInfo falling victim to their own data breach. Also, we warn U.S. taxpayers to be on the lookout for phishing campaigns at this time of year, and the hacker who made headlines a few weeks ago for hacking security cameras used in Tesla offices and elsewhere is indicted on numerous hacking charges in the U.S. On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss how ransomware attackers are now attempting to leverage the vulnerabilities in Microsoft Exchange Server. We also talk about an interesting interview given by one of the ReEvil ransomware gang to Recorded Future, evidence that ransomware payments increased over the last year, and the users of WeLeakInfo falling victim to their own data breach. Also, we warn U.S. taxpayers to be on the lookout for phishing campaigns at this time of year, and the hacker who made headlines a few weeks ago for hacking security cameras used in Tesla offices and elsewhere is indicted on numerous hacking charges in the U.S. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E12_ProxyLogon_Ransomware_ReEvil.mp3Thu, 25 Mar 2021 14:00:00 +000000:20:32false123fullAll you need to know about the Microsoft Exchange Server attacks, and some SolarWinds developmentsOn this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss the biggest cyber security story of the last couple of weeks - the vulnerabilities in Microsoft Exchange Server. Alan gives a comprehensive overview of the vulnerabilities, what’s happened since they became public knowledge last week, and the steps you can take to keep your organization’s network safe. He also talks about some of the post-compromise activity that Symantec has seen. We also chat about some other topics: new research into the SolarWinds hack, and the arrest of an alleged GandCrab ransomware gang member.On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss the biggest cyber security story of the last couple of weeks - the vulnerabilities in Microsoft Exchange Server. Alan gives a comprehensive overview of the vulnerabilities, what’s happened since they became public knowledge last week, and the steps you can take to keep your organization’s network safe. He also talks about some of the post-compromise activity that Symantec has seen. We also chat about some other topics: new research into the SolarWinds hack, and the arrest of an alleged GandCrab ransomware gang member.On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are joined by Symantec threat researcher Alan Neville to discuss the biggest cyber security story of the last couple of weeks - the vulnerabilities in Microsoft Exchange Server. Alan gives a comprehensive overview of the vulnerabilities, what’s happened since they became public knowledge last week, and the steps you can take to keep your organization’s network safe. He also talks about some of the post-compromise activity that Symantec has seen. We also chat about some other topics: new research into the SolarWinds hack, and the arrest of an alleged GandCrab ransomware gang member.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E11_Microsoft_Exchange_Server_SolarWinds.mp3Thu, 11 Mar 2021 14:00:00 +000000:21:58false113fullAccellion product vulns, Equation group tool copied by Chinese APT, and software supply chain attacks in France On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman discuss some of the biggest cyber security stories of the last few weeks. Among the stories up for discussion are the bugs in Accellion’s 20-year-old FTA product, which led to multiple companies worldwide reporting breaches related to it. We also talk about the reports saying the Sandworm group has been carrying out a long-running spying campaign against multiple French IT services providers by compromising an open-source IT monitoring tool called Centreon, and a Chinese APT group reportedly cloning an Equation group tool. Some interesting law enforcement activity in recent weeks is also up for discussion. On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman discuss some of the biggest cyber security stories of the last few weeks. Among the stories up for discussion are the bugs in Accellion’s 20-year-old FTA product, which led to multiple companies worldwide reporting breaches related to it. We also talk about the reports saying the Sandworm group has been carrying out a long-running spying campaign against multiple French IT services providers by compromising an open-source IT monitoring tool called Centreon, and a Chinese APT group reportedly cloning an Equation group tool. Some interesting law enforcement activity in recent weeks is also up for discussion. On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman discuss some of the biggest cyber security stories of the last few weeks. Among the stories up for discussion are the bugs in Accellion’s 20-year-old FTA product, which led to multiple companies worldwide reporting breaches related to it. We also talk about the reports saying the Sandworm group has been carrying out a long-running spying campaign against multiple French IT services providers by compromising an open-source IT monitoring tool called Centreon, and a Chinese APT group reportedly cloning an Equation group tool. Some interesting law enforcement activity in recent weeks is also up for discussion. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E10_Accellion_Equation_Supply_Chain.mp3Thu, 25 Feb 2021 14:00:00 +000000:23:21false103fullEmotet takedown, water plant cyber attack, and a SolarWinds updateOn this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman round up some of the biggest cyber security stories of the last two weeks. We bring you the latest developments in the SolarWinds hack investigation, and chat about the significance of the disruption to the Emotet botnet. We also discuss some other recent takedowns and arrests, as well as some of the biggest ransomware stories of the last couple of weeks. We also talk about the recently reported cyber attack on a water treatment plant in the Florida town of Oldsmar - was this just a one-off incident or do industrial control systems like water plants need to be on high alert?On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman round up some of the biggest cyber security stories of the last two weeks. We bring you the latest developments in the SolarWinds hack investigation, and chat about the significance of the disruption to the Emotet botnet. We also discuss some other recent takedowns and arrests, as well as some of the biggest ransomware stories of the last couple of weeks. We also talk about the recently reported cyber attack on a water treatment plant in the Florida town of Oldsmar - was this just a one-off incident or do industrial control systems like water plants need to be on high alert?On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman round up some of the biggest cyber security stories of the last two weeks. We bring you the latest developments in the SolarWinds hack investigation, and chat about the significance of the disruption to the Emotet botnet. We also discuss some other recent takedowns and arrests, as well as some of the biggest ransomware stories of the last couple of weeks. We also talk about the recently reported cyber attack on a water treatment plant in the Florida town of Oldsmar - was this just a one-off incident or do industrial control systems like water plants need to be on high alert?https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E09_SolarWinds_Emotet_ICS.mp3Thu, 11 Feb 2021 14:00:00 +000000:22:50false93fullRaindrop: How the additional tool was discovered in SolarWinds investigationOld threats and new feature in this week’s Cyber Security Brief podcast. Dick O’Brien and Gavin O’Gorman discuss the latest developments in the SolarWinds hack investigation, including how Symantec investigators found Raindrop, an additional piece of malware used in the SolarWinds attacks against a select number of victims that were of interest to the attackers. We published a blog about Raindrop last week, and Dick and Gavin discuss how this new malware was discovered. Also, romance scams and DDoS attacks make a comeback. Old threats and new feature in this week’s Cyber Security Brief podcast. Dick O’Brien and Gavin O’Gorman discuss the latest developments in the SolarWinds hack investigation, including how Symantec investigators found Raindrop, an additional piece of malware used in the SolarWinds attacks against a select number of victims that were of interest to the attackers. We published a blog about Raindrop last week, and Dick and Gavin discuss how this new malware was discovered. Also, romance scams and DDoS attacks make a comeback. Old threats and new feature in this week’s Cyber Security Brief podcast. Dick O’Brien and Gavin O’Gorman discuss the latest developments in the SolarWinds hack investigation, including how Symantec investigators found Raindrop, an additional piece of malware used in the SolarWinds attacks against a select number of victims that were of interest to the attackers. We published a blog about Raindrop last week, and Dick and Gavin discuss how this new malware was discovered. Also, romance scams and DDoS attacks make a comeback. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E08_Raindrop_Solarwinds.mp3Thu, 28 Jan 2021 14:00:00 +000000:25:04false83fullThe latest on the SolarWinds hack, a lot of ransomware activity, and healthcare hit hard by cyber attacksOn this week’s Cyber Security Brief, the first of 2021, Dick O’Brien brings us a comprehensive update about some of the developments in the SolarWinds hack story, with a lot having happened since our last podcast. We also discuss some recent ransomware attacks, and how the healthcare sector is having a hard time with cyber attacks at the moment. On this week’s Cyber Security Brief, the first of 2021, Dick O’Brien brings us a comprehensive update about some of the developments in the SolarWinds hack story, with a lot having happened since our last podcast. We also discuss some recent ransomware attacks, and how the healthcare sector is having a hard time with cyber attacks at the moment. On this week’s Cyber Security Brief, the first of 2021, Dick O’Brien brings us a comprehensive update about some of the developments in the SolarWinds hack story, with a lot having happened since our last podcast. We also discuss some recent ransomware attacks, and how the healthcare sector is having a hard time with cyber attacks at the moment. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E07_final_solarwinds_ransomware.mp3Thu, 14 Jan 2021 14:00:00 +000000:24:58false73fullSunburst: Everything we know about the supply chain attack targeting SolarWinds usersIn this week’s Cyber Security Brief, the last one of 2020, find out all you need to know about the biggest news story of the week - the Sunburst supply chain attack targeting customers of software company SolarWinds. This is one of the biggest cyber security stories of the year, with thousands of organizations affected. Dick O’Brien and Symantec threat analyst Gavin O’Gorman give a comprehensive rundown of everything we know about this attack so far. Also, Twitter is handed a big fine by the Irish data regulator, and bug reports jump in 2020. In this week’s Cyber Security Brief, the last one of 2020, find out all you need to know about the biggest news story of the week - the Sunburst supply chain attack targeting customers of software company SolarWinds. This is one of the biggest cyber security stories of the year, with thousands of organizations affected. Dick O’Brien and Symantec threat analyst Gavin O’Gorman give a comprehensive rundown of everything we know about this attack so far. Also, Twitter is handed a big fine by the Irish data regulator, and bug reports jump in 2020. In this week’s Cyber Security Brief, the last one of 2020, find out all you need to know about the biggest news story of the week - the Sunburst supply chain attack targeting customers of software company SolarWinds. This is one of the biggest cyber security stories of the year, with thousands of organizations affected. Dick O’Brien and Symantec threat analyst Gavin O’Gorman give a comprehensive rundown of everything we know about this attack so far. Also, Twitter is handed a big fine by the Irish data regulator, and bug reports jump in 2020. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E06_Sunburst_SolarWinds.mp3Thu, 17 Dec 2020 14:00:00 +000000:28:13false63fullCyber predictions for 2021, botnets turn to ransomware, and the Gootkit infostealer reemergesOn this week’s Cyber Security Brief podcast, we discuss what card skimmers are up to during the busiest shopping time of the year, while also bringing some good news about how EU authorities prevented almost $50 million in card fraud this year. Also on the agenda, are botnets abandoning banking Trojans in favour of ransomware? It looks like they might be. We also take a look at some COVID-19 related cyber security stories that are making the headlines, as well as the reemergence of the Gootkit infostealer. Also, Dick O’Brien brings us his predictions for what to expect on the cyber security landscape in 2021 - including predictions around ransomware, the impact of work from home, and increased cooperation between cyber crime gangs. On this week’s Cyber Security Brief podcast, we discuss what card skimmers are up to during the busiest shopping time of the year, while also bringing some good news about how EU authorities prevented almost $50 million in card fraud this year. Also on the agenda, are botnets abandoning banking Trojans in favour of ransomware? It looks like they might be. We also take a look at some COVID-19 related cyber security stories that are making the headlines, as well as the reemergence of the Gootkit infostealer. Also, Dick O’Brien brings us his predictions for what to expect on the cyber security landscape in 2021 - including predictions around ransomware, the impact of work from home, and increased cooperation between cyber crime gangs. On this week’s Cyber Security Brief podcast, we discuss what card skimmers are up to during the busiest shopping time of the year, while also bringing some good news about how EU authorities prevented almost $50 million in card fraud this year. Also on the agenda, are botnets abandoning banking Trojans in favour of ransomware? It looks like they might be. We also take a look at some COVID-19 related cyber security stories that are making the headlines, as well as the reemergence of the Gootkit infostealer. Also, Dick O’Brien brings us his predictions for what to expect on the cyber security landscape in 2021 - including predictions around ransomware, the impact of work from home, and increased cooperation between cyber crime gangs. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E05.mp3Thu, 03 Dec 2020 14:00:00 +000000:24:09false53fullNew research about attacks on Japan-linked companies, and APT groups target COVID-19 vaccine makersIn this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. There are multiple stories about APT groups to cover this week, including our own Threat Intel blog detailing a wide-ranging attack campaign that targeted Japan-linked companies in multiple sectors in 17 regions worldwide. We also discuss other public reports about a Chinese APT targeting governments in South East Asia, and nation-state backed attacks from Russia and North Korea targeting COVID-19 vaccine makers and researchers. We also discuss a separate campaign in which Lazarus is targeting victims in South Korea, and examine some developments in the world of ransomware. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. There are multiple stories about APT groups to cover this week, including our own Threat Intel blog detailing a wide-ranging attack campaign that targeted Japan-linked companies in multiple sectors in 17 regions worldwide. We also discuss other public reports about a Chinese APT targeting governments in South East Asia, and nation-state backed attacks from Russia and North Korea targeting COVID-19 vaccine makers and researchers. We also discuss a separate campaign in which Lazarus is targeting victims in South Korea, and examine some developments in the world of ransomware. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. There are multiple stories about APT groups to cover this week, including our own Threat Intel blog detailing a wide-ranging attack campaign that targeted Japan-linked companies in multiple sectors in 17 regions worldwide. We also discuss other public reports about a Chinese APT targeting governments in South East Asia, and nation-state backed attacks from Russia and North Korea targeting COVID-19 vaccine makers and researchers. We also discuss a separate campaign in which Lazarus is targeting victims in South Korea, and examine some developments in the world of ransomware. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E04.mp3Thu, 19 Nov 2020 14:00:00 +000000:19:34false43fullMaze 'retires' while Ryuk ramps up activity, U.S. election, and the UK ICO hands down a historically large fineIn this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. Of course, this week’s U.S. Presidential Election gets a mention, while we also discuss the recently announced ‘retirement’ of the Maze ransomware gang, as well as a threat alert issued last week by authorities in the U.S. about Trickbot and the Ryuk ransomware. Elsewhere, a Russian man was jailed this week for his involvement with a financial botnet, and the UK’s Information Commissioner’s Office handed down a US$23.8 million fine to the Marriott Hotels group. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. Of course, this week’s U.S. Presidential Election gets a mention, while we also discuss the recently announced ‘retirement’ of the Maze ransomware gang, as well as a threat alert issued last week by authorities in the U.S. about Trickbot and the Ryuk ransomware. Elsewhere, a Russian man was jailed this week for his involvement with a financial botnet, and the UK’s Information Commissioner’s Office handed down a US$23.8 million fine to the Marriott Hotels group. In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman talk about some of the biggest cyber security stories of the last couple of weeks. Of course, this week’s U.S. Presidential Election gets a mention, while we also discuss the recently announced ‘retirement’ of the Maze ransomware gang, as well as a threat alert issued last week by authorities in the U.S. about Trickbot and the Ryuk ransomware. Elsewhere, a Russian man was jailed this week for his involvement with a financial botnet, and the UK’s Information Commissioner’s Office handed down a US$23.8 million fine to the Marriott Hotels group. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S03E03.mp3Thu, 05 Nov 2020 14:00:00 +000000:19:01false33fullTrickbot disruption, newly released Seedworm research, and some noteworthy indictmentsOn this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researchers Vikram Thakur and Alan Neville. Vikram discusses Symantec’s role in the cross-industry initiative to disrupt the Trickbot botnet. Symantec was part of a global partnership that secured a court order directing hosting providers to take down Trickbot’s infrastructure. Trickbot had spread prolifically across the internet for years and became one of the most commonly blocked types of malware, suggesting it was one of the world’s largest botnets. Alan is on the podcast to discuss some newly-published Symantec research into Seedworm, as the Iran-linked group continues to target organizations in the Middle East, while we also chat about some of the indictments that have recently been announced against various nation-state backed actors around the world. On this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researchers Vikram Thakur and Alan Neville. Vikram discusses Symantec’s role in the cross-industry initiative to disrupt the Trickbot botnet. Symantec was part of a global partnership that secured a court order directing hosting providers to take down Trickbot’s infrastructure. Trickbot had spread prolifically across the internet for years and became one of the most commonly blocked types of malware, suggesting it was one of the world’s largest botnets. Alan is on the podcast to discuss some newly-published Symantec research into Seedworm, as the Iran-linked group continues to target organizations in the Middle East, while we also chat about some of the indictments that have recently been announced against various nation-state backed actors around the world. On this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman are joined by Symantec threat researchers Vikram Thakur and Alan Neville. Vikram discusses Symantec’s role in the cross-industry initiative to disrupt the Trickbot botnet. Symantec was part of a global partnership that secured a court order directing hosting providers to take down Trickbot’s infrastructure. Trickbot had spread prolifically across the internet for years and became one of the most commonly blocked types of malware, suggesting it was one of the world’s largest botnets. Alan is on the podcast to discuss some newly-published Symantec research into Seedworm, as the Iran-linked group continues to target organizations in the Middle East, while we also chat about some of the indictments that have recently been announced against various nation-state backed actors around the world. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Trickbot_Seedworm_S03E02.mp3Thu, 22 Oct 2020 13:00:00 +000000:27:47false23fullRound up: Financial sector threats, North Korean actors, WastedLocker and moreWe are back! Welcome to Season 3 of the Cyber Security Brief podcast, recording now from home. We will be with you every fortnight going forward and we are delighted to be back to tell you all about what is happening in the world of cyber security. In this episode, Dick O’Brien and Brigid O’Gorman discuss some of the projects they have been working on while the podcast was off air - threats against the financial sector, North Korean threat actors’ activity, the WastedLocker ransomware, and an attack linked to the Palmerworm APT group are all covered.We are back! Welcome to Season 3 of the Cyber Security Brief podcast, recording now from home. We will be with you every fortnight going forward and we are delighted to be back to tell you all about what is happening in the world of cyber security. In this episode, Dick O’Brien and Brigid O’Gorman discuss some of the projects they have been working on while the podcast was off air - threats against the financial sector, North Korean threat actors’ activity, the WastedLocker ransomware, and an attack linked to the Palmerworm APT group are all covered.We are back! Welcome to Season 3 of the Cyber Security Brief podcast, recording now from home. We will be with you every fortnight going forward and we are delighted to be back to tell you all about what is happening in the world of cyber security. In this episode, Dick O’Brien and Brigid O’Gorman discuss some of the projects they have been working on while the podcast was off air - threats against the financial sector, North Korean threat actors’ activity, the WastedLocker ransomware, and an attack linked to the Palmerworm APT group are all covered.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+20-10-08.mp3Thu, 08 Oct 2020 13:00:00 +000000:20:19false13fullRound-up: A whole host of vulnerabilities, and the hackers hacking other hackersIn this week's Cyber Security Brief podcast, Brigid O'Gorman and Dick O'Brien discuss some of the biggest infosec news stories of the last week, including, new vulnerabilities in Intel chips, and the Microsoft SMB protocol, as well as the Rowhammer vulnerability being back in the headlines. As well as this, there is an intricate phishing scam targeting Russian speakers that uses a chatbot to help you hand over your information, a mysterious Vietnam-based group is releasing Trojanized hacking tools to try and hack other hackers, the chief suspect thought to be behind the Deer[.]io online marketplace is arrested, and BEC scammers make the headlines once again.In this week's Cyber Security Brief podcast, Brigid O'Gorman and Dick O'Brien discuss some of the biggest infosec news stories of the last week, including, new vulnerabilities in Intel chips, and the Microsoft SMB protocol, as well as the Rowhammer vulnerability being back in the headlines. As well as this, there is an intricate phishing scam targeting Russian speakers that uses a chatbot to help you hand over your information, a mysterious Vietnam-based group is releasing Trojanized hacking tools to try and hack other hackers, the chief suspect thought to be behind the Deer[.]io online marketplace is arrested, and BEC scammers make the headlines once again.In this week's Cyber Security Brief podcast, Brigid O'Gorman and Dick O'Brien discuss some of the biggest infosec news stories of the last week, including, new vulnerabilities in Intel chips, and the Microsoft SMB protocol, as well as the Rowhammer vulnerability being back in the headlines. As well as this, there is an intricate phishing scam targeting Russian speakers that uses a chatbot to help you hand over your information, a mysterious Vietnam-based group is releasing Trojanized hacking tools to try and hack other hackers, the chief suspect thought to be behind the Deer[.]io online marketplace is arrested, and BEC scammers make the headlines once again.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E23+20-03-12.mp3Thu, 12 Mar 2020 14:00:00 +000000:23:10false232fullRound-up: Ransomware criminals continue to innovate, and BEC scammers hit a high-profile victimOn this week’s Cyber Security Brief, we bring you a round-up of some of the biggest cyber security stories of the last 7 days. Among the topics up for discussion are the latest innovations of ransomware criminals, a data breach at a controversial facial recognition company, and an investigation by Brian Krebs into a series of cyber attacks on companies in France that led to an interesting conclusion. Also this week, a survey reveals that many government employees feel ill-prepared to cope with a cyber attack, and a judge on Shark Tank falls victim to BEC scammers. On this week’s Cyber Security Brief, we bring you a round-up of some of the biggest cyber security stories of the last 7 days. Among the topics up for discussion are the latest innovations of ransomware criminals, a data breach at a controversial facial recognition company, and an investigation by Brian Krebs into a series of cyber attacks on companies in France that led to an interesting conclusion. Also this week, a survey reveals that many government employees feel ill-prepared to cope with a cyber attack, and a judge on Shark Tank falls victim to BEC scammers. On this week’s Cyber Security Brief, we bring you a round-up of some of the biggest cyber security stories of the last 7 days. Among the topics up for discussion are the latest innovations of ransomware criminals, a data breach at a controversial facial recognition company, and an investigation by Brian Krebs into a series of cyber attacks on companies in France that led to an interesting conclusion. Also this week, a survey reveals that many government employees feel ill-prepared to cope with a cyber attack, and a judge on Shark Tank falls victim to BEC scammers. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E22+20-03-05.mp3Thu, 05 Mar 2020 14:00:00 +000000:21:40false222fullSpecial Edition: The RSA Conference 2020Candid Wueest and Dick O’Brien join the Cyber Security Brief from the RSA Conference in San Francisco this week. Both Candid and Dick were presenting at RSA this week – Dick on the topic of targeted ransomware, and Candid on the subject of formjacking. They fill us in on how their presentations went, the other interesting sessions they attended, what the big themes of the conference are this year, and their overall impressions of RSAC 2020.Candid Wueest and Dick O’Brien join the Cyber Security Brief from the RSA Conference in San Francisco this week. Both Candid and Dick were presenting at RSA this week – Dick on the topic of targeted ransomware, and Candid on the subject of formjacking. They fill us in on how their presentations went, the other interesting sessions they attended, what the big themes of the conference are this year, and their overall impressions of RSAC 2020.Candid Wueest and Dick O’Brien join the Cyber Security Brief from the RSA Conference in San Francisco this week. Both Candid and Dick were presenting at RSA this week – Dick on the topic of targeted ransomware, and Candid on the subject of formjacking. They fill us in on how their presentations went, the other interesting sessions they attended, what the big themes of the conference are this year, and their overall impressions of RSAC 2020.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E21_RSAC_2020_ransomware_formjacking.mp3Thu, 27 Feb 2020 14:00:00 +000000:26:19false212fullFocus On: Pegasus spywareThis week’s Cyber Security Brief is part of our regular Attack Group of the Month series, though this time around it’s more like Tool of the Month, as we take a closer look at Pegasus. Pegasus is a mobile spyware that is owned and sold by Israeli company the NSO Group, which says it is a legitimate tool that it sells exclusively to law enforcement and government agencies. However, there have been many cases where Pegasus appears to have been misused and has been found on the phones of journalists, activists and government critics in some countries. Symantec engineer Alexey Kleymenov has examined Pegasus extensively, and joins Dick O’Brien to discuss the malware and its technical abilities and sophistication.This week’s Cyber Security Brief is part of our regular Attack Group of the Month series, though this time around it’s more like Tool of the Month, as we take a closer look at Pegasus. Pegasus is a mobile spyware that is owned and sold by Israeli company the NSO Group, which says it is a legitimate tool that it sells exclusively to law enforcement and government agencies. However, there have been many cases where Pegasus appears to have been misused and has been found on the phones of journalists, activists and government critics in some countries. Symantec engineer Alexey Kleymenov has examined Pegasus extensively, and joins Dick O’Brien to discuss the malware and its technical abilities and sophistication.This week’s Cyber Security Brief is part of our regular Attack Group of the Month series, though this time around it’s more like Tool of the Month, as we take a closer look at Pegasus. Pegasus is a mobile spyware that is owned and sold by Israeli company the NSO Group, which says it is a legitimate tool that it sells exclusively to law enforcement and government agencies. However, there have been many cases where Pegasus appears to have been misused and has been found on the phones of journalists, activists and government critics in some countries. Symantec engineer Alexey Kleymenov has examined Pegasus extensively, and joins Dick O’Brien to discuss the malware and its technical abilities and sophistication.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E20+20-02-20.mp3Thu, 20 Feb 2020 14:00:00 +000000:13:19false202fullSpotlight On: The healthcare cyber threat landscapeIn this week’s Cyber Security Brief, we discuss the various cyber security concerns facing the healthcare sector. Ransomware attacks are now one of the biggest challenges facing organizations in the healthcare industry, while data breaches also remain a major concern. Meanwhile, developments in medtech and the increased connectivity of hospitals and other healthcare organizations pose new challenges for practitioners and patients. We discuss the main threats facing the sector, and the steps you can take to keep your organization safe. In this week’s Cyber Security Brief, we discuss the various cyber security concerns facing the healthcare sector. Ransomware attacks are now one of the biggest challenges facing organizations in the healthcare industry, while data breaches also remain a major concern. Meanwhile, developments in medtech and the increased connectivity of hospitals and other healthcare organizations pose new challenges for practitioners and patients. We discuss the main threats facing the sector, and the steps you can take to keep your organization safe. In this week’s Cyber Security Brief, we discuss the various cyber security concerns facing the healthcare sector. Ransomware attacks are now one of the biggest challenges facing organizations in the healthcare industry, while data breaches also remain a major concern. Meanwhile, developments in medtech and the increased connectivity of hospitals and other healthcare organizations pose new challenges for practitioners and patients. We discuss the main threats facing the sector, and the steps you can take to keep your organization safe. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E19+20-02-13.mp3Thu, 13 Feb 2020 12:33:50 +000000:19:55false192fullRound-up: Traffic jams, increasing defenses, and shortening the Google Chrome ‘patch gap’In this week’s edition of the Cyber Security Brief, Brigid O’Gorman, Candid Wueest and Dick O’Brien discuss the U.S. Department of Defense’s new cyber security framework for its contractors, how easy it was for a performance artist in Germany to cause a fake traffic jam on Google Maps, and the way the coronavirus outbreak is being exploited by cyber scammers. Also this week, Google halves its Chrome patch gap, Microsoft Teams gets knocked offline, and how bugs in Microsoft Azure could have allowed cloud servers to be hacked. In this week’s edition of the Cyber Security Brief, Brigid O’Gorman, Candid Wueest and Dick O’Brien discuss the U.S. Department of Defense’s new cyber security framework for its contractors, how easy it was for a performance artist in Germany to cause a fake traffic jam on Google Maps, and the way the coronavirus outbreak is being exploited by cyber scammers. Also this week, Google halves its Chrome patch gap, Microsoft Teams gets knocked offline, and how bugs in Microsoft Azure could have allowed cloud servers to be hacked. In this week’s edition of the Cyber Security Brief, Brigid O’Gorman, Candid Wueest and Dick O’Brien discuss the U.S. Department of Defense’s new cyber security framework for its contractors, how easy it was for a performance artist in Germany to cause a fake traffic jam on Google Maps, and the way the coronavirus outbreak is being exploited by cyber scammers. Also this week, Google halves its Chrome patch gap, Microsoft Teams gets knocked offline, and how bugs in Microsoft Azure could have allowed cloud servers to be hacked. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S01E18_Coronavirus_Google_DoD.mp3Thu, 06 Feb 2020 14:00:00 +000000:20:47false182fullRound-up: Ransomware, vulnerabilities, and eavesdroppingIn this week’s Cyber Security Brief, Candid Wueest and Brigid O’Gorman bring you a round-up of the biggest cyber security news stories of the last week. We discuss the Shlayer malware, the publication of exploits for a vulnerability in Windows Remote Desktop Gateway, and how attackers may be able to eavesdrop on your conference calls. Also this week, there were a whole slew of news stories about ransomware, so we discuss some of those as well. In this week’s Cyber Security Brief, Candid Wueest and Brigid O’Gorman bring you a round-up of the biggest cyber security news stories of the last week. We discuss the Shlayer malware, the publication of exploits for a vulnerability in Windows Remote Desktop Gateway, and how attackers may be able to eavesdrop on your conference calls. Also this week, there were a whole slew of news stories about ransomware, so we discuss some of those as well. In this week’s Cyber Security Brief, Candid Wueest and Brigid O’Gorman bring you a round-up of the biggest cyber security news stories of the last week. We discuss the Shlayer malware, the publication of exploits for a vulnerability in Windows Remote Desktop Gateway, and how attackers may be able to eavesdrop on your conference calls. Also this week, there were a whole slew of news stories about ransomware, so we discuss some of those as well. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E17+20-01-30.mp3Thu, 30 Jan 2020 13:42:04 +000000:20:33false172fullSpotlight On: Software vulnerabilities and patch managementOn this week’s Cyber Security Brief, we discuss a timely issue – the importance of patching software vulnerabilities and the necessity for organizations to have good patch management. We decided to cover this topic as it is something that has been much in the news recently: CVE-2020-0601, a vulnerability in Microsoft’s Windows CryptoAPI, that was reported to the software giant by the NSA and was described as “severe” by the security agency, has made many headlines in the last week. Vulnerabilities in software from Citrix, and in Pulse Secure VPN servers, which were first revealed in December and April 2019, respectively, were also in the news in the last week or so. The vulnerabilities in the Pulse VPN servers were patched back in April - but despite this they are suspected of having been exploited in several cyber attacks since then, demonstrating that patches are not always being applied in a timely fashion. We discuss why that might be, and a variety of other issues, in this podcast. On this week’s Cyber Security Brief, we discuss a timely issue – the importance of patching software vulnerabilities and the necessity for organizations to have good patch management. We decided to cover this topic as it is something that has been much in the news recently: CVE-2020-0601, a vulnerability in Microsoft’s Windows CryptoAPI, that was reported to the software giant by the NSA and was described as “severe” by the security agency, has made many headlines in the last week. Vulnerabilities in software from Citrix, and in Pulse Secure VPN servers, which were first revealed in December and April 2019, respectively, were also in the news in the last week or so. The vulnerabilities in the Pulse VPN servers were patched back in April - but despite this they are suspected of having been exploited in several cyber attacks since then, demonstrating that patches are not always being applied in a timely fashion. We discuss why that might be, and a variety of other issues, in this podcast. On this week’s Cyber Security Brief, we discuss a timely issue – the importance of patching software vulnerabilities and the necessity for organizations to have good patch management. We decided to cover this topic as it is something that has been much in the news recently: CVE-2020-0601, a vulnerability in Microsoft’s Windows CryptoAPI, that was reported to the software giant by the NSA and was described as “severe” by the security agency, has made many headlines in the last week. Vulnerabilities in software from Citrix, and in Pulse Secure VPN servers, which were first revealed in December and April 2019, respectively, were also in the news in the last week or so. The vulnerabilities in the Pulse VPN servers were patched back in April - but despite this they are suspected of having been exploited in several cyber attacks since then, demonstrating that patches are not always being applied in a timely fashion. We discuss why that might be, and a variety of other issues, in this podcast. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E16_Vulnerabilities_Patching.mp3Thu, 23 Jan 2020 13:55:00 +000000:20:07false162fullSpotlight On: Living off the landOn this week’s Cyber Security Brief, we discuss “living off the land”, where attackers use legitimate tools on your device or network for malicious purposes. Dick O’Brien is joined by Candid Wueest, who wrote a whitepaper on this very topic just before the holidays, to discuss the tools that are most commonly exploited by attackers using living off the land techniques, the prevalence of this kind of activity, and what organizations can do to protect themselves. As well as this, we give an overview of CVE-2020-0601, the vulnerability in the Windows CryptoAPI that was patched by Microsoft on Tuesday.On this week’s Cyber Security Brief, we discuss “living off the land”, where attackers use legitimate tools on your device or network for malicious purposes. Dick O’Brien is joined by Candid Wueest, who wrote a whitepaper on this very topic just before the holidays, to discuss the tools that are most commonly exploited by attackers using living off the land techniques, the prevalence of this kind of activity, and what organizations can do to protect themselves. As well as this, we give an overview of CVE-2020-0601, the vulnerability in the Windows CryptoAPI that was patched by Microsoft on Tuesday.On this week’s Cyber Security Brief, we discuss “living off the land”, where attackers use legitimate tools on your device or network for malicious purposes. Dick O’Brien is joined by Candid Wueest, who wrote a whitepaper on this very topic just before the holidays, to discuss the tools that are most commonly exploited by attackers using living off the land techniques, the prevalence of this kind of activity, and what organizations can do to protect themselves. As well as this, we give an overview of CVE-2020-0601, the vulnerability in the Windows CryptoAPI that was patched by Microsoft on Tuesday.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S01E15_Living_off_the_land_Microsoft.mp3Thu, 16 Jan 2020 14:00:00 +000000:21:38false152fullSpotlight On: Iranian cyber espionage activityOn this week’s Cyber Security Brief, we decide to take a look at an issue that is very topical at the moment – Iranian cyber espionage activity. Dick O’Brien and Gavin O’Gorman discuss some past campaigns we have seen carried out by Iranian actors, and the kind of cyber capabilities the country has. Threat researcher Gavin gives his opinion on what is likely to happen next when it comes to cyber activity, and if we are likely to see any cyber attacks by Iranian actors targeting U.S. organisations.On this week’s Cyber Security Brief, we decide to take a look at an issue that is very topical at the moment – Iranian cyber espionage activity. Dick O’Brien and Gavin O’Gorman discuss some past campaigns we have seen carried out by Iranian actors, and the kind of cyber capabilities the country has. Threat researcher Gavin gives his opinion on what is likely to happen next when it comes to cyber activity, and if we are likely to see any cyber attacks by Iranian actors targeting U.S. organisations.On this week’s Cyber Security Brief, we decide to take a look at an issue that is very topical at the moment – Iranian cyber espionage activity. Dick O’Brien and Gavin O’Gorman discuss some past campaigns we have seen carried out by Iranian actors, and the kind of cyber capabilities the country has. Threat researcher Gavin gives his opinion on what is likely to happen next when it comes to cyber activity, and if we are likely to see any cyber attacks by Iranian actors targeting U.S. organisations.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E14_Iran_Cyber_Attacks.mp3Thu, 09 Jan 2020 14:00:00 +000000:24:52false142fullCyber Security Brief’s Review of the YearThis week’s episode of the Cyber Security Brief is the last one of 2019, so we are taking a look back at some of the big stories of the year in the world of infosec. Brigid O’Gorman, Dick O’Brien and Candid Wueest discuss a range of topics, including targeted ransomware, living off the land, supply chain attacks, extortion scams, and formjacking. We are taking a short break for the holidays but will be back in January 2020 with lots more chat about the world of cyber security.This week’s episode of the Cyber Security Brief is the last one of 2019, so we are taking a look back at some of the big stories of the year in the world of infosec. Brigid O’Gorman, Dick O’Brien and Candid Wueest discuss a range of topics, including targeted ransomware, living off the land, supply chain attacks, extortion scams, and formjacking. We are taking a short break for the holidays but will be back in January 2020 with lots more chat about the world of cyber security.This week’s episode of the Cyber Security Brief is the last one of 2019, so we are taking a look back at some of the big stories of the year in the world of infosec. Brigid O’Gorman, Dick O’Brien and Candid Wueest discuss a range of topics, including targeted ransomware, living off the land, supply chain attacks, extortion scams, and formjacking. We are taking a short break for the holidays but will be back in January 2020 with lots more chat about the world of cyber security.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E13_19-12-19_Cyber_Security_Review_of_2019.mp3Thu, 19 Dec 2019 14:00:00 +000000:26:30false132fullSpotlight On: Targeted ransomware – a major trend in 2019On this week’s Cyber Security Brief, we turn the spotlight onto targeted ransomware – one of the most active threats we observed in 2019. Targeted ransomware has seen huge growth since the start of 2018, with 2019, in particular, seeing a big rise in the number of targeted ransomware families operating. We take a look at the reasons for this growth, outline the activities of some of the most interesting targeted ransomware families that have emerged in 2019, take you through how an attack like this works, and provider some essential tips to help you keep your business safe from targeted ransomware. On this week’s Cyber Security Brief, we turn the spotlight onto targeted ransomware – one of the most active threats we observed in 2019. Targeted ransomware has seen huge growth since the start of 2018, with 2019, in particular, seeing a big rise in the number of targeted ransomware families operating. We take a look at the reasons for this growth, outline the activities of some of the most interesting targeted ransomware families that have emerged in 2019, take you through how an attack like this works, and provider some essential tips to help you keep your business safe from targeted ransomware. On this week’s Cyber Security Brief, we turn the spotlight onto targeted ransomware – one of the most active threats we observed in 2019. Targeted ransomware has seen huge growth since the start of 2018, with 2019, in particular, seeing a big rise in the number of targeted ransomware families operating. We take a look at the reasons for this growth, outline the activities of some of the most interesting targeted ransomware families that have emerged in 2019, take you through how an attack like this works, and provider some essential tips to help you keep your business safe from targeted ransomware. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E12_Targeted_Ransomware_19-12-12.mp3Thu, 12 Dec 2019 14:00:00 +000000:22:55false122fullAttack Group of the Month: Shamoon – targeting the Middle East with disk-wiping malwareOn this week’s Cyber Security Brief podcast we are introducing a new feature – Attack Group of the Month. Every month we will bring in one of our expert threat researchers for a deep dive into the history, tactics, and techniques of notable attack groups, and discuss what you should do to keep your company safe from these sophisticated attackers. This week we look at Shamoon, an attack group that first appeared in 2012, causing waves when it wiped the disks on thousands of computers in two companies in Saudi Arabia. Threat researcher Gavin O’Gorman brings us through the history of the group, what makes it so interesting, and why he thinks we haven’t seen the last of Shamoon yet. On this week’s Cyber Security Brief podcast we are introducing a new feature – Attack Group of the Month. Every month we will bring in one of our expert threat researchers for a deep dive into the history, tactics, and techniques of notable attack groups, and discuss what you should do to keep your company safe from these sophisticated attackers. This week we look at Shamoon, an attack group that first appeared in 2012, causing waves when it wiped the disks on thousands of computers in two companies in Saudi Arabia. Threat researcher Gavin O’Gorman brings us through the history of the group, what makes it so interesting, and why he thinks we haven’t seen the last of Shamoon yet. On this week’s Cyber Security Brief podcast we are introducing a new feature – Attack Group of the Month. Every month we will bring in one of our expert threat researchers for a deep dive into the history, tactics, and techniques of notable attack groups, and discuss what you should do to keep your company safe from these sophisticated attackers. This week we look at Shamoon, an attack group that first appeared in 2012, causing waves when it wiped the disks on thousands of computers in two companies in Saudi Arabia. Threat researcher Gavin O’Gorman brings us through the history of the group, what makes it so interesting, and why he thinks we haven’t seen the last of Shamoon yet. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E11_Shamoon_19-12-05.mp3Thu, 05 Dec 2019 14:00:00 +000000:26:12false112fullSpotlight On: BEC scams – an expensive threatOn this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these types of scams. On this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these types of scams. On this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these types of scams. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E10_19-11-28_BEC_Scams.mp3Thu, 28 Nov 2019 14:00:00 +000000:20:25false102fullHoliday shopping special: Scams to watch out for this Black Friday and Cyber MondayOn this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shopping online. On this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shopping online. On this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shopping online. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast_S02E09_Black_Friday_Shopping.mp3Thu, 21 Nov 2019 14:00:00 +000000:22:36false92fullPrivacy concerns, election campaign worries, and phish-y meeting invitesOn this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (complicated) way to gain access to people’s Wi-Fi networks via Amazon’s Ring doorbell, a new ruling in the U.S. on whether or not border police are entitled to search your electronic devices when you’re entering the country, and beware of suspicious meeting invites. On this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (complicated) way to gain access to people’s Wi-Fi networks via Amazon’s Ring doorbell, a new ruling in the U.S. on whether or not border police are entitled to search your electronic devices when you’re entering the country, and beware of suspicious meeting invites. On this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (complicated) way to gain access to people’s Wi-Fi networks via Amazon’s Ring doorbell, a new ruling in the U.S. on whether or not border police are entitled to search your electronic devices when you’re entering the country, and beware of suspicious meeting invites. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+S02E08+19-11-14.mp3Thu, 14 Nov 2019 14:00:00 +000000:23:01false82fullLasers, Bluekeep, and BEC scammers continue to cash inOn this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac. On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac. On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/S02E07_WhatsApp_Lasers_BEC.mp3Thu, 07 Nov 2019 14:00:00 +000000:23:08false72fullFancy Bear attack campaign, ransomware hits Johannesburg again, and malware hijacks Discord clientIn this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who still has access to the connected car he rented – and returned – several months ago.In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who still has access to the connected car he rented – and returned – several months ago.In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who still has access to the connected car he rented – and returned – several months ago.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+58+Fancy+Bear+IoT+Discord.mp3Thu, 31 Oct 2019 14:00:00 +000000:21:52false62fullA second supply chain attack attempt against CCleaner, voice-controlled home assistants spying on owners, and dodgy mobile biometric authenticationIn this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has been targeting SQL servers.In this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has been targeting SQL servers.In this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has been targeting SQL servers.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+57+19-10-24.mp3Thu, 24 Oct 2019 11:03:40 +000000:21:43false52fullAn iTunes and iCloud zero-day, ATM malware, and the Sudo vulnerabilityIn this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security stories of the week. In the mix this week, a zero-day in the Windows version of iTunes and iCloud, ATM malware, the Sudo vulnerability, and how it has been proved that you can insert spy chips into firewalls. Also, the stalker in Japan who used reflections in photos to track down his victim, and finally, the price paid for people’s private information on the deep and dark web. In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security stories of the week. In the mix this week, a zero-day in the Windows version of iTunes and iCloud, ATM malware, the Sudo vulnerability, and how it has been proved that you can insert spy chips into firewalls. Also, the stalker in Japan who used reflections in photos to track down his victim, and finally, the price paid for people’s private information on the deep and dark web. In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security stories of the week. In the mix this week, a zero-day in the Windows version of iTunes and iCloud, ATM malware, the Sudo vulnerability, and how it has been proved that you can insert spy chips into firewalls. Also, the stalker in Japan who used reflections in photos to track down his victim, and finally, the price paid for people’s private information on the deep and dark web. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+56+19-10-17.mp3Thu, 17 Oct 2019 13:00:00 +000000:26:40false42fullA controversial Apple app, a far-reaching ruling from the ECJ, and many, many data breachesIn this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss some of the biggest cyber security stories of the last week. Topics on the agenda include: controversy over Apple allowing a police-tracking app to be carried on its App Store in Hong Kong, a ruling from the European Court of Justice that could have big implications for social media platforms, new technology that claims it can identify people through walls from their gait using just Wi-Fi receivers, and a whole lot of data breaches. Also, Candid tells us about the it-sa: IT Security Expo and Congress, which he is attending and presenting at in Nuremberg, Germany, this week. In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss some of the biggest cyber security stories of the last week. Topics on the agenda include: controversy over Apple allowing a police-tracking app to be carried on its App Store in Hong Kong, a ruling from the European Court of Justice that could have big implications for social media platforms, new technology that claims it can identify people through walls from their gait using just Wi-Fi receivers, and a whole lot of data breaches. Also, Candid tells us about the it-sa: IT Security Expo and Congress, which he is attending and presenting at in Nuremberg, Germany, this week. In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss some of the biggest cyber security stories of the last week. Topics on the agenda include: controversy over Apple allowing a police-tracking app to be carried on its App Store in Hong Kong, a ruling from the European Court of Justice that could have big implications for social media platforms, new technology that claims it can identify people through walls from their gait using just Wi-Fi receivers, and a whole lot of data breaches. Also, Candid tells us about the it-sa: IT Security Expo and Congress, which he is attending and presenting at in Nuremberg, Germany, this week. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+55+Apple+Facebook+Hong+Kong.mp3Thu, 10 Oct 2019 13:00:00 +000000:22:53false32fullDeepfakes, disinformation, and the former NATO bunker housing a bulletproof hosting serviceIn this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman discuss the high cost of ransomware, and the emergence of disinformation-as-a-service on underground markets. We also chat about researchers finding a way to steal data from encrypted PDFs, and the bulletproof hosting service housed in a former NATO bunker in Germany that was recently shut down by police. Finally, we discuss the issue of deepfake videos, the problems they could present, and the steps Google and others are taking to tackle them.In this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman discuss the high cost of ransomware, and the emergence of disinformation-as-a-service on underground markets. We also chat about researchers finding a way to steal data from encrypted PDFs, and the bulletproof hosting service housed in a former NATO bunker in Germany that was recently shut down by police. Finally, we discuss the issue of deepfake videos, the problems they could present, and the steps Google and others are taking to tackle them.In this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman discuss the high cost of ransomware, and the emergence of disinformation-as-a-service on underground markets. We also chat about researchers finding a way to steal data from encrypted PDFs, and the bulletproof hosting service housed in a former NATO bunker in Germany that was recently shut down by police. Finally, we discuss the issue of deepfake videos, the problems they could present, and the steps Google and others are taking to tackle them.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+Deepfakes+Disinformation+Ransomware.mp3Thu, 03 Oct 2019 13:00:00 +000000:23:19false22fullTortoiseshell APT group, vBulletin zero-day, and Facebook suspends thousands of appsWe’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.We’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.We’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+53+Tortoiseshell+Facebook+vBulletin.mp3Thu, 26 Sep 2019 13:00:00 +000000:23:13false12fullCloud security, telecoms companies compromised, and can someone else access your Nest camera?In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at https://www.symantec.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel. In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at https://www.symantec.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel. In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at https://www.symantec.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+52+19-06-27.mp3Thu, 27 Jun 2019 09:50:04 +000000:18:51false521fullWaterbug, “smart” TVs, and BEC scam hits Canadian cityIn this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+51+19-06-20.mp3Thu, 20 Jun 2019 11:22:47 +000000:24:26false511fullBug bounties, bad passwords, and RadioheadOn this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal. On this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal. On this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+50+19-06-13.mp3Thu, 13 Jun 2019 10:52:46 +000000:21:39false501fullTwitterbots, ransomware retirements, and email mishapsOn this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.On this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.On this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+49+19-06-05.mp3Thu, 06 Jun 2019 13:08:10 +000000:19:07false491fullTube users’ data to be collected, Baltimore ransomware attack continues to cause problems, and the latest on the BlueKeep vulnerabilityOn this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online. On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online. On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+48+19-05-30.mp3Thu, 30 May 2019 10:26:00 +000000:21:25false481fullBlueKeep bug, ransomware “recovery”, and the dismantling of the GozNym networkIn this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.In this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.In this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+47+19-05-23.mp3Thu, 23 May 2019 13:00:00 +000000:21:05false471fullGDPR Special: The Impact of the Regulation One Year OnIn this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+46+GDPR.mp3Wed, 15 May 2019 11:22:11 +000000:25:27false461fullBuckeye’s use of Equation group tools pre Shadow Brokers leak, IoT security, and targeted ransomwareOn this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.On this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.On this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+45+Buckeye+Equation+Group+Shadow+Brokers.mp3Thu, 09 May 2019 11:22:46 +000000:19:51false451fullBeapy cryptojacking worm, Emotet’s new hiding technique, and set-top box dangersOn this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.On this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.On this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+44+19-05-02.mp3Thu, 02 May 2019 13:22:34 +000000:24:02false441fullInterview: Martijn Grooten, Editor, Virus BulletinOn this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.On this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.On this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+43+19-04-25.mp3Wed, 24 Apr 2019 14:13:33 +000000:19:26false431fullSymantec’s role in Bayrob convictions, Silk Road 2.0 founder jailed, and who’s listening to your Alexa recordings?On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+42+19-04-18.mp3Thu, 18 Apr 2019 11:18:27 +000000:23:32false421fullHotel booking privacy, dark marketplace selling your digital fingerprint, and Mar-a-Lago intruder updateOn this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing customers into surrendering an excessive amount of personal information, and the discovery of a dark marketplace called Genesis that is selling the digital fingerprints of thousands of people.On this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing customers into surrendering an excessive amount of personal information, and the discovery of a dark marketplace called Genesis that is selling the digital fingerprints of thousands of people.On this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing customers into surrendering an excessive amount of personal information, and the discovery of a dark marketplace called Genesis that is selling the digital fingerprints of thousands of people.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+41+19-04-11.mp3Thu, 11 Apr 2019 13:00:00 +000000:23:22false411fullMalware sneaked onto Trump property, Albany ransomware attack, and Tesla trickedOn this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.On this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.On this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+40+19-04-04.mp3Thu, 04 Apr 2019 11:41:44 +000000:19:54false401fullElfin research, ASUS software supply chain attack, insider threats, and mobile securityOn this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security. On this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security. On this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+39+19-03-28.mp3Thu, 28 Mar 2019 14:00:00 +000000:22:44false391fullInterview: Neil Jenkins, Chief Analytic Officer, Cyber Threat AllianceIn today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.In today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.In today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+38+19-03-21.mp3Thu, 21 Mar 2019 12:59:42 +000000:24:16false381fullHighlights from RSA Conference 2019In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes. In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes. In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+37+19-03-14.mp3Thu, 14 Mar 2019 14:58:53 +000000:31:58false371fullISTR Special: EnterpriseThis week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.This week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.This week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+36+19-03-07.mp3Thu, 07 Mar 2019 14:43:50 +000000:28:19false361fullISTR Special: ConsumersThis week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most. This week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most. This week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+35+19-02-28.mp3Thu, 28 Feb 2019 13:45:00 +000000:33:38false351fullGoogle backtracks, Apple gets sued, and Australia a victim of state-sponsored cyber attackIn this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, and the “sophisticated state actor” reportedly responsible for cyber attacks targeting Australia’s parliament and a number of its political parties. And also, two UK soaps team up for a cyber security special… In this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, and the “sophisticated state actor” reportedly responsible for cyber attacks targeting Australia’s parliament and a number of its political parties. And also, two UK soaps team up for a cyber security special… In this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, and the “sophisticated state actor” reportedly responsible for cyber attacks targeting Australia’s parliament and a number of its political parties. And also, two UK soaps team up for a cyber security special… https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+34+19-02-21.mp3Thu, 21 Feb 2019 12:38:46 +000000:23:22false341fullStolen data for sale, Mac malware, and container vulnerabilitiesIn this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.In this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.In this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+33+19-02-14.mp3Thu, 14 Feb 2019 11:27:07 +000000:21:38false331fullInsecure IoT devices, password breach checks, and misleading phone appsIn this week’s Cyber Security Brief, we discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.In this week’s Cyber Security Brief, we discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.In this week’s Cyber Security Brief, we discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+32+19-02-07.mp3Thu, 07 Feb 2019 14:00:00 +000000:24:56false321fullJapan to hack civilians’ IoT devices, Apple Facetime bug, and an evolution in BEC scamsIn this week’s Symantec Cyber Security Brief we discuss authorities' pursuit of Webstresser users, Japan allowing officials to hack civilians’ IoT devices in an attempt to improve security, and the much-discussed Apple Facetime bug. We also chat about the Razy malware attempting to steal cryptocurrencies, an evolution of business email compromise (BEC) scams, and a bizarre sting operation targeting the Citizen Lab internet watchdog group.In this week’s Symantec Cyber Security Brief we discuss authorities' pursuit of Webstresser users, Japan allowing officials to hack civilians’ IoT devices in an attempt to improve security, and the much-discussed Apple Facetime bug. We also chat about the Razy malware attempting to steal cryptocurrencies, an evolution of business email compromise (BEC) scams, and a bizarre sting operation targeting the Citizen Lab internet watchdog group.In this week’s Symantec Cyber Security Brief we discuss authorities' pursuit of Webstresser users, Japan allowing officials to hack civilians’ IoT devices in an attempt to improve security, and the much-discussed Apple Facetime bug. We also chat about the Razy malware attempting to steal cryptocurrencies, an evolution of business email compromise (BEC) scams, and a bizarre sting operation targeting the Citizen Lab internet watchdog group.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+31+19-01-30.mp3Thu, 31 Jan 2019 13:59:53 +000000:25:17false311fullAttacks on financial institutions in Africa, dodgy free mobile VPN apps, and Facebook shutters multiple “inauthentic” accountsOn this week’s Cyber Security Brief podcast, Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform. On this week’s Cyber Security Brief podcast, Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform. On this week’s Cyber Security Brief podcast, Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+30+19-01-24.mp3Thu, 24 Jan 2019 14:00:00 +000000:22:49false301fullUkrainians indicted, cash for Tesla hacks, and cryptocurrency exchanges breachedIn this week’s Cyber Security Brief, we discuss the indictment of two Ukrainian nationals for their role in a conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems. We also chat about the recent controversy about GoDaddy quietly injecting scripts onto websites without the website owners knowing, and recent attacks on cryptocurrency exchanges. We also cover the Pwn2Own contest offering cash prizes for hacks on a Tesla vehicle for the first time, and how credit card scammers are using smartcard technology to their advantage. In this week’s Cyber Security Brief, we discuss the indictment of two Ukrainian nationals for their role in a conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems. We also chat about the recent controversy about GoDaddy quietly injecting scripts onto websites without the website owners knowing, and recent attacks on cryptocurrency exchanges. We also cover the Pwn2Own contest offering cash prizes for hacks on a Tesla vehicle for the first time, and how credit card scammers are using smartcard technology to their advantage. In this week’s Cyber Security Brief, we discuss the indictment of two Ukrainian nationals for their role in a conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems. We also chat about the recent controversy about GoDaddy quietly injecting scripts onto websites without the website owners knowing, and recent attacks on cryptocurrency exchanges. We also cover the Pwn2Own contest offering cash prizes for hacks on a Tesla vehicle for the first time, and how credit card scammers are using smartcard technology to their advantage. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+29+19-01-17.mp3Thu, 17 Jan 2019 14:00:00 +000000:24:05false291fullGerman data leak, untrustworthy IoT devices, and PewDiePie hackers go quietWelcome to the first Cyber Security Brief podcast of 2019! On this week’s episode we discuss the fact that most people don’t trust their internet of things devices, but also aren’t that willing to pay extra for improved security. We also chat about the major leak of personal data of high-profile politicians and others in Germany, and developments in the campaign of the hackers taking over printers and Chromecasts to express their support for PewDiePie (and highlight security issues). Finally, we take a look at some research highlighting the fact that facial recognition on smartphones still isn’t foolproof.Welcome to the first Cyber Security Brief podcast of 2019! On this week’s episode we discuss the fact that most people don’t trust their internet of things devices, but also aren’t that willing to pay extra for improved security. We also chat about the major leak of personal data of high-profile politicians and others in Germany, and developments in the campaign of the hackers taking over printers and Chromecasts to express their support for PewDiePie (and highlight security issues). Finally, we take a look at some research highlighting the fact that facial recognition on smartphones still isn’t foolproof.Welcome to the first Cyber Security Brief podcast of 2019! On this week’s episode we discuss the fact that most people don’t trust their internet of things devices, but also aren’t that willing to pay extra for improved security. We also chat about the major leak of personal data of high-profile politicians and others in Germany, and developments in the campaign of the hackers taking over printers and Chromecasts to express their support for PewDiePie (and highlight security issues). Finally, we take a look at some research highlighting the fact that facial recognition on smartphones still isn’t foolproof.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+28+19-01-10.mp3Thu, 10 Jan 2019 14:00:00 +000000:22:29false281fullWhat Were the Top 5 Cyber Security Stories of 2018?In the final Cyber Security Brief podcast of 2018, we take a look back at the year that has gone by in cyber security, and count down the top 5 biggest cyber security stories of 2018. Listen to find out what we thought they were!In the final Cyber Security Brief podcast of 2018, we take a look back at the year that has gone by in cyber security, and count down the top 5 biggest cyber security stories of 2018. Listen to find out what we thought they were!In the final Cyber Security Brief podcast of 2018, we take a look back at the year that has gone by in cyber security, and count down the top 5 biggest cyber security stories of 2018. Listen to find out what we thought they were!https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-12-20.mp3Thu, 20 Dec 2018 14:58:53 +000030:34false271fullMoney mule arrests, grandparent scams, and new research into the Seedworm groupOn this week’s Cyber Security Brief podcast, money is a big theme! We discuss a series of heists on banks in Eastern Europe that sound like something out of a Hollywood movie, a rise in the money lost to so-called “grandparent scams”, a crackdown by cops on money mules operating throughout Europe, and a new twist to the sextortion email scams we have previously discussed on this podcast. Also this week, we chat about new research Symantec has just published into the Seedworm group (aka Muddywater), which has hit more than 130 victims in 30 organisations since September 2018.On this week’s Cyber Security Brief podcast, money is a big theme! We discuss a series of heists on banks in Eastern Europe that sound like something out of a Hollywood movie, a rise in the money lost to so-called “grandparent scams”, a crackdown by cops on money mules operating throughout Europe, and a new twist to the sextortion email scams we have previously discussed on this podcast. Also this week, we chat about new research Symantec has just published into the Seedworm group (aka Muddywater), which has hit more than 130 victims in 30 organisations since September 2018.On this week’s Cyber Security Brief podcast, money is a big theme! We discuss a series of heists on banks in Eastern Europe that sound like something out of a Hollywood movie, a rise in the money lost to so-called “grandparent scams”, a crackdown by cops on money mules operating throughout Europe, and a new twist to the sextortion email scams we have previously discussed on this podcast. Also this week, we chat about new research Symantec has just published into the Seedworm group (aka Muddywater), which has hit more than 130 victims in 30 organisations since September 2018.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+26+18-12-12.mp3Thu, 13 Dec 2018 13:31:26 +000000:24:41false261fullSamSam developments, an AI gaffe, and some massive data breacheshttps://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+25+18-12-06.mp3Thu, 06 Dec 2018 14:00:00 +000000:24:38false251fullOperation Eversion, Magecart, and the UK parliament takes on FacebookOn this week’s Cyber Security Brief, we discuss Symantec’s role in an FBI takedown of ad-fraud infrastructure dubbed Operation Eversion. We also discuss the latest developments in the Facebook/Cambridge Analytica scandal, as well as the most recent activity from Magecart. Also, the dangers of most phishing sites having the padlock sign beside their address, and the curious incident of a security researcher who responsibly reported a vulnerability but was still subsequently reported to the police.On this week’s Cyber Security Brief, we discuss Symantec’s role in an FBI takedown of ad-fraud infrastructure dubbed Operation Eversion. We also discuss the latest developments in the Facebook/Cambridge Analytica scandal, as well as the most recent activity from Magecart. Also, the dangers of most phishing sites having the padlock sign beside their address, and the curious incident of a security researcher who responsibly reported a vulnerability but was still subsequently reported to the police.On this week’s Cyber Security Brief, we discuss Symantec’s role in an FBI takedown of ad-fraud infrastructure dubbed Operation Eversion. We also discuss the latest developments in the Facebook/Cambridge Analytica scandal, as well as the most recent activity from Magecart. Also, the dangers of most phishing sites having the padlock sign beside their address, and the curious incident of a security researcher who responsibly reported a vulnerability but was still subsequently reported to the police.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+24+18-11-29.mp3Thu, 29 Nov 2018 14:00:00 +000000:21:28false241fullSpecial Report: Conficker’s 10th anniversaryOn this week’s episode of the Cyber Security Brief, Brigid O Gorman is joined by Candid Wueest to discuss the infamous Conficker worm, which marks its 10th anniversary this week. This worm first appeared on November 21, 2008, and despite the many changes that have occurred in the cyber security landscape since then we still see hundreds and thousands of detections of Conficker in the wild today. As well as Conficker, we also discuss some of the other old threats that are still around today – and speculate as to whether any of today’s threats are likely to have similar longevity.On this week’s episode of the Cyber Security Brief, Brigid O Gorman is joined by Candid Wueest to discuss the infamous Conficker worm, which marks its 10th anniversary this week. This worm first appeared on November 21, 2008, and despite the many changes that have occurred in the cyber security landscape since then we still see hundreds and thousands of detections of Conficker in the wild today. As well as Conficker, we also discuss some of the other old threats that are still around today – and speculate as to whether any of today’s threats are likely to have similar longevity.On this week’s episode of the Cyber Security Brief, Brigid O Gorman is joined by Candid Wueest to discuss the infamous Conficker worm, which marks its 10th anniversary this week. This worm first appeared on November 21, 2008, and despite the many changes that have occurred in the cyber security landscape since then we still see hundreds and thousands of detections of Conficker in the wild today. As well as Conficker, we also discuss some of the other old threats that are still around today – and speculate as to whether any of today’s threats are likely to have similar longevity.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+23+18-11-22.mp3Thu, 22 Nov 2018 14:00:00 +000000:35:31false231fullFormjacking, lots of vulnerabilities get patched, and a BEC scam costs a cinema company millionsIn this week’s Cyber Security Brief podcast, Dick O’Brien, Candid Wueest and Brigid O Gorman discuss new research into formjacking and the Megecart group; a subsidiary of French movie chain Pathe loses more than $20 million in a Business Email Compromise (BEC) scam, and a whole slew of vulnerabilities get patched.In this week’s Cyber Security Brief podcast, Dick O’Brien, Candid Wueest and Brigid O Gorman discuss new research into formjacking and the Megecart group; a subsidiary of French movie chain Pathe loses more than $20 million in a Business Email Compromise (BEC) scam, and a whole slew of vulnerabilities get patched.In this week’s Cyber Security Brief podcast, Dick O’Brien, Candid Wueest and Brigid O Gorman discuss new research into formjacking and the Megecart group; a subsidiary of French movie chain Pathe loses more than $20 million in a Business Email Compromise (BEC) scam, and a whole slew of vulnerabilities get patched.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+22+18-11-15.mp3Thu, 15 Nov 2018 14:00:00 +000000:22:16false221fullLazarus ATM attacks, Inception Framework uses new backdoor, and small businesses’ cyber riskIn this week’s Cyber Security Brief podcast we discuss the FASTCash attacks, in which the Lazarus group has been emptying ATMs, and highlight the research we have published into this activity. We also discuss a new report highlighting small businesses’ cyber risk, the Inception Framework using a new backdoor, and a vulnerability in a building management software.In this week’s Cyber Security Brief podcast we discuss the FASTCash attacks, in which the Lazarus group has been emptying ATMs, and highlight the research we have published into this activity. We also discuss a new report highlighting small businesses’ cyber risk, the Inception Framework using a new backdoor, and a vulnerability in a building management software.In this week’s Cyber Security Brief podcast we discuss the FASTCash attacks, in which the Lazarus group has been emptying ATMs, and highlight the research we have published into this activity. We also discuss a new report highlighting small businesses’ cyber risk, the Inception Framework using a new backdoor, and a vulnerability in a building management software.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+21+18-11-08.mp3Thu, 08 Nov 2018 14:14:40 +000000:22:52false211fullSamSam ransomware, Midterms 2018, new Emotet activity, and Docker APIs exploited for cryptojackingIn this week’s Cyber Security Brief podcast we discuss our newly-published research into the SamSam ransomware, exposed Docker APIs being used for cryptojacking, and some new activity from the Emotet botnet. With the midterm elections in the U.S. fast approaching we also take a look at some of the election security stories that have come up in the last week. Finally, we discuss a cautionary tale underlining why you shouldn’t use your work laptop to visit “adult” websites.In this week’s Cyber Security Brief podcast we discuss our newly-published research into the SamSam ransomware, exposed Docker APIs being used for cryptojacking, and some new activity from the Emotet botnet. With the midterm elections in the U.S. fast approaching we also take a look at some of the election security stories that have come up in the last week. Finally, we discuss a cautionary tale underlining why you shouldn’t use your work laptop to visit “adult” websites.In this week’s Cyber Security Brief podcast we discuss our newly-published research into the SamSam ransomware, exposed Docker APIs being used for cryptojacking, and some new activity from the Emotet botnet. With the midterm elections in the U.S. fast approaching we also take a look at some of the election security stories that have come up in the last week. Finally, we discuss a cautionary tale underlining why you shouldn’t use your work laptop to visit “adult” websites.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+20+18-11-01.mp3Thu, 01 Nov 2018 14:00:00 +000000:26:29false201fullSuper Micro spy chip story contradictions, Russian woman indicted in U.S. for conspiring to interfere in U.S. elections, and Twitter tackles disinformation campaignsIn this week’s Cyber Security Brief podcast, we discuss the claims and counter claims related to the Bloomberg Businessweek story published at the start of October that alleged Chinese spies had infiltrated U.S. companies by implanting secret chips on Super Micro motherboards – a story that has been rebutted by almost all the companies mentioned in it, including Super Micro itself, Apple and Amazon. With calls from those companies now for Bloomberg to retract the story, we discuss this ongoing saga. Also in the last week, a Russian woman was indicted in the U.S. on charges of playing a role in a conspiracy to interfere in the U.S. political system, meanwhile, Twitter released a huge trove of tweets it had identified that were attempting to influence political campaigns in the last couple of years. We consider the significance of that move from the social media giant.In this week’s Cyber Security Brief podcast, we discuss the claims and counter claims related to the Bloomberg Businessweek story published at the start of October that alleged Chinese spies had infiltrated U.S. companies by implanting secret chips on Super Micro motherboards – a story that has been rebutted by almost all the companies mentioned in it, including Super Micro itself, Apple and Amazon. With calls from those companies now for Bloomberg to retract the story, we discuss this ongoing saga. Also in the last week, a Russian woman was indicted in the U.S. on charges of playing a role in a conspiracy to interfere in the U.S. political system, meanwhile, Twitter released a huge trove of tweets it had identified that were attempting to influence political campaigns in the last couple of years. We consider the significance of that move from the social media giant.In this week’s Cyber Security Brief podcast, we discuss the claims and counter claims related to the Bloomberg Businessweek story published at the start of October that alleged Chinese spies had infiltrated U.S. companies by implanting secret chips on Super Micro motherboards – a story that has been rebutted by almost all the companies mentioned in it, including Super Micro itself, Apple and Amazon. With calls from those companies now for Bloomberg to retract the story, we discuss this ongoing saga. Also in the last week, a Russian woman was indicted in the U.S. on charges of playing a role in a conspiracy to interfere in the U.S. political system, meanwhile, Twitter released a huge trove of tweets it had identified that were attempting to influence political campaigns in the last couple of years. We consider the significance of that move from the social media giant.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+19+18-10-25.mp3Thu, 25 Oct 2018 13:00:00 +000000:19:43false191fullSpecial Report: What is it Really Like to Work in Cyber Security?Something a little different this week as we take a behind-the-scenes look at life in Symantec. Dick O’Brien chats to three Symantec engineers working in different parts of the company, and at different stages in their careers, to find out what it is really like to work as an engineer in a cyber security firm. Dick is joined by Symantec engineers Sayali Kulkarni, Conor Murray and Eric Chien to discuss the evolution of their careers in cyber security.Something a little different this week as we take a behind-the-scenes look at life in Symantec. Dick O’Brien chats to three Symantec engineers working in different parts of the company, and at different stages in their careers, to find out what it is really like to work as an engineer in a cyber security firm. Dick is joined by Symantec engineers Sayali Kulkarni, Conor Murray and Eric Chien to discuss the evolution of their careers in cyber security.Something a little different this week as we take a behind-the-scenes look at life in Symantec. Dick O’Brien chats to three Symantec engineers working in different parts of the company, and at different stages in their careers, to find out what it is really like to work as an engineer in a cyber security firm. Dick is joined by Symantec engineers Sayali Kulkarni, Conor Murray and Eric Chien to discuss the evolution of their careers in cyber security.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+18+18-10-18.mp3Thu, 18 Oct 2018 13:00:00 +000000:30:14false181fullGallmaker research, Navionics breach, and Fitbit data used by cops in murder investigationIn this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.In this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.In this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+17.mp3Thu, 11 Oct 2018 13:00:00 +000000:22:50false171fullAPT28 activity, cryptojacking research, and Face ID used to access criminal suspect’s phoneIn this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.In this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.In this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+16+18-10-04.mp3Thu, 04 Oct 2018 14:00:00 +000000:29:07false161fullFormjacking research, WordPress plugins cause problems, the dangers of plaintext password storage, and the Mojave zero dayIn this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.In this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.In this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+15.mp3Thu, 27 Sep 2018 13:00:00 +000000:24:54false151fullXbash threat, TripAdvisor fake review clampdown, blockchain casinos targeted, and who is behind DDoS attacks on UK unis?On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+14+18-09-20.mp3Thu, 20 Sep 2018 13:00:00 +000000:29:22false141fullDeep Dive: Symantec Takes on Software Supply Chain AttacksDick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.Dick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.Dick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+13+Arvind_Haik+18-09-13.mp3Thu, 13 Sep 2018 13:00:00 +000000:25:12false131fullOne billion dollars in Bitcoin on the move, data breaches, Mastercard and Google’s info-sharing deal, and MikroTik developmentsIn this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?In this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?In this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+12.mp3Thu, 06 Sep 2018 13:00:00 +000000:27:50false121fullAndromeda botnet, DNC “hack”, a new Windows zero day, and dark web developmentsOn this week’s podcast we discuss the DNC “hack” that wasn’t, developments on dark web marketplaces, and the release of a Windows zero day on Twitter. We also discuss the Andromeda botnet, following the release from prison of one of the people accused of being behind it.On this week’s podcast we discuss the DNC “hack” that wasn’t, developments on dark web marketplaces, and the release of a Windows zero day on Twitter. We also discuss the Andromeda botnet, following the release from prison of one of the people accused of being behind it.On this week’s podcast we discuss the DNC “hack” that wasn’t, developments on dark web marketplaces, and the release of a Windows zero day on Twitter. We also discuss the Andromeda botnet, following the release from prison of one of the people accused of being behind it.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Podcast+11.mp3Thu, 30 Aug 2018 13:00:00 +000000:21:42false111fullHow much do your mobile apps really know about you? Is your charging cable safe? And is end-to-end encryption under threat?This week, Dick O’Brien is joined by Symantec threat researcher Gillian Cleary, who discusses her recent research into the 100 most popular mobile apps, and how much information they are really gathering about their users. We also discuss an attack dubbed USBHarpoon that turns USB charging cables malicious, and we look at a court case in the U.S. where the government is reportedly attempting to compel Facebook to break the encryption on its Messenger service.This week, Dick O’Brien is joined by Symantec threat researcher Gillian Cleary, who discusses her recent research into the 100 most popular mobile apps, and how much information they are really gathering about their users. We also discuss an attack dubbed USBHarpoon that turns USB charging cables malicious, and we look at a court case in the U.S. where the government is reportedly attempting to compel Facebook to break the encryption on its Messenger service.This week, Dick O’Brien is joined by Symantec threat researcher Gillian Cleary, who discusses her recent research into the 100 most popular mobile apps, and how much information they are really gathering about their users. We also discuss an attack dubbed USBHarpoon that turns USB charging cables malicious, and we look at a court case in the U.S. where the government is reportedly attempting to compel Facebook to break the encryption on its Messenger service.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-08-22_Podcast.mp3Thu, 23 Aug 2018 13:00:00 +000000:23:14false101fullSpecial Report: Financial ThreatsThis week we bring you a special podcast taking an in-depth look at the financial threats cyber crime landscape. Brigid O’Gorman is joined by Symantec threat analysts Stephen Doherty and Eric Chien to discuss the threats facing both banking consumers and banks themselves. We also discuss the Lazarus group’s role in recent high-value attacks targeting financial institutions, and talk about the future of the financial threats landscape.This week we bring you a special podcast taking an in-depth look at the financial threats cyber crime landscape. Brigid O’Gorman is joined by Symantec threat analysts Stephen Doherty and Eric Chien to discuss the threats facing both banking consumers and banks themselves. We also discuss the Lazarus group’s role in recent high-value attacks targeting financial institutions, and talk about the future of the financial threats landscape.This week we bring you a special podcast taking an in-depth look at the financial threats cyber crime landscape. Brigid O’Gorman is joined by Symantec threat analysts Stephen Doherty and Eric Chien to discuss the threats facing both banking consumers and banks themselves. We also discuss the Lazarus group’s role in recent high-value attacks targeting financial institutions, and talk about the future of the financial threats landscape.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Financial_Threats_Podcast_v3_0.mp3Thu, 16 Aug 2018 13:00:00 +000000:27:24false91full“Security through obscurity”, Snapchat's source code leak, MikroTik coin mining campaign, and Symantec talks machine learning at Black HatIn this week’s cyber security news round-up, we chat about Threat Intel’s Liam O’Murchu’s Black Hat presentation: How To Use Machine Learning to Discover New Targeted Attacks. We also discuss the Snapchat source code leak, the coin mining campaign targeting MikroTik routers, and the concept of “security through obscurity” – adding more bugs to code to make it harder for black hat hackers to figure out which bugs are the exploitable ones.In this week’s cyber security news round-up, we chat about Threat Intel’s Liam O’Murchu’s Black Hat presentation: How To Use Machine Learning to Discover New Targeted Attacks. We also discuss the Snapchat source code leak, the coin mining campaign targeting MikroTik routers, and the concept of “security through obscurity” – adding more bugs to code to make it harder for black hat hackers to figure out which bugs are the exploitable ones.In this week’s cyber security news round-up, we chat about Threat Intel’s Liam O’Murchu’s Black Hat presentation: How To Use Machine Learning to Discover New Targeted Attacks. We also discuss the Snapchat source code leak, the coin mining campaign targeting MikroTik routers, and the concept of “security through obscurity” – adding more bugs to code to make it harder for black hat hackers to figure out which bugs are the exploitable ones.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-08-09_mixdown.mp3Thu, 09 Aug 2018 14:42:30 +000000:26:55false81fullCoin mining in games, SIM hijacking, connected car vulnerabilities, and attacks on the software supply chain within the supply chainWelcome to your weekly cyber security news round-up. This week we discuss the simple-seeming game that was exploiting users’ CPU to mine cryptocurrency. We look at the story of prisoners in the U.S. who hacked their prison-issued tablets, and discuss the teen who stole $5 million through SIM hijacking. We also consider some of the issues that can arise when you buy second-hand connected cars and, yet again, we cover another attack on the software supply chain.Welcome to your weekly cyber security news round-up. This week we discuss the simple-seeming game that was exploiting users’ CPU to mine cryptocurrency. We look at the story of prisoners in the U.S. who hacked their prison-issued tablets, and discuss the teen who stole $5 million through SIM hijacking. We also consider some of the issues that can arise when you buy second-hand connected cars and, yet again, we cover another attack on the software supply chain.Welcome to your weekly cyber security news round-up. This week we discuss the simple-seeming game that was exploiting users’ CPU to mine cryptocurrency. We look at the story of prisoners in the U.S. who hacked their prison-issued tablets, and discuss the teen who stole $5 million through SIM hijacking. We also consider some of the issues that can arise when you buy second-hand connected cars and, yet again, we cover another attack on the software supply chain.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-08-02_mixdown.mp3Thu, 02 Aug 2018 13:00:00 +000000:30:58false71fullLeafminer research, data breaches, credential stuffing, and IoT security failsIn this week’s round-up of all things cyber security we discuss newly-released research from Symantec detailing the activity of Leafminer, a threat actor carrying out campaigns that target organisations in the Middle East. We also discuss the continuing problem of data breaches, and how these can facilitate credential stuffing attacks by cyber criminals. The Internet of things (IoT), and the security failures that often occur in that space, is also up for discussion. In this week’s round-up of all things cyber security we discuss newly-released research from Symantec detailing the activity of Leafminer, a threat actor carrying out campaigns that target organisations in the Middle East. We also discuss the continuing problem of data breaches, and how these can facilitate credential stuffing attacks by cyber criminals. The Internet of things (IoT), and the security failures that often occur in that space, is also up for discussion. In this week’s round-up of all things cyber security we discuss newly-released research from Symantec detailing the activity of Leafminer, a threat actor carrying out campaigns that target organisations in the Middle East. We also discuss the continuing problem of data breaches, and how these can facilitate credential stuffing attacks by cyber criminals. The Internet of things (IoT), and the security failures that often occur in that space, is also up for discussion. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-07-26.mp3Thu, 26 Jul 2018 13:00:00 +000000:27:39false61fullPowershell risks, extortion scams that threaten embarrassment, Twitter clamps down on dodgy accounts, and the financial impact of data breachesThis week we look back at the week that was in cyber security. Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the latest research Symantec has just published about how Powershell is being leveraged by malicious actors. We also discuss extortion scams where people are tricked into transferring money to scammers who claim they have video of them visiting adult websites, how Twitter is trying to clean up its platform, and the financial cost of data breaches for business. This week we look back at the week that was in cyber security. Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the latest research Symantec has just published about how Powershell is being leveraged by malicious actors. We also discuss extortion scams where people are tricked into transferring money to scammers who claim they have video of them visiting adult websites, how Twitter is trying to clean up its platform, and the financial cost of data breaches for business. This week we look back at the week that was in cyber security. Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the latest research Symantec has just published about how Powershell is being leveraged by malicious actors. We also discuss extortion scams where people are tricked into transferring money to scammers who claim they have video of them visiting adult websites, how Twitter is trying to clean up its platform, and the financial cost of data breaches for business. https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+18-07-18.mp3Thu, 19 Jul 2018 13:34:53 +000000:31:29false51fullSpecial Report: Software Update Supply Chain AttacksIn this week’s podcast, we discuss software supply chain attacks, a subject we wrote about in this year’s ISTR. Software supply chain attacks increased by 200 percent between 2016 and 2017, with at least one attack every month in 2017. Dick O’Brien is joined by Symantec threat researchers Candid Wueest and Gavin O’Gorman to discuss this surge in attacks, and also to talk about two high-profile examples of these kind of attacks: the Petya/NotPetya and CCleaner attacks.In this week’s podcast, we discuss software supply chain attacks, a subject we wrote about in this year’s ISTR. Software supply chain attacks increased by 200 percent between 2016 and 2017, with at least one attack every month in 2017. Dick O’Brien is joined by Symantec threat researchers Candid Wueest and Gavin O’Gorman to discuss this surge in attacks, and also to talk about two high-profile examples of these kind of attacks: the Petya/NotPetya and CCleaner attacks.In this week’s podcast, we discuss software supply chain attacks, a subject we wrote about in this year’s ISTR. Software supply chain attacks increased by 200 percent between 2016 and 2017, with at least one attack every month in 2017. Dick O’Brien is joined by Symantec threat researchers Candid Wueest and Gavin O’Gorman to discuss this surge in attacks, and also to talk about two high-profile examples of these kind of attacks: the Petya/NotPetya and CCleaner attacks.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/supply_chain_podcast.mp3Thu, 12 Jul 2018 13:30:00 +000000:28:58false41fullMid-year review: Some of the biggest stories of 2018 so far, including VPNFilter, Orangeworm, and Meltdown and SpectreIn this week’s podcast we take a look back at the first six months of the year, and review some of the biggest cyber security stories. We discuss VPNFilter, a router malware that, unusually, is able to survive the router being rebooted, as well as highlighting the tool that Symantec has released to tell users whether or not their router is infected with VPNFilter. We also look back at investigations into the Orangeworm and Inception Framework attack groups, as well as reviewing the impact of the Meltdown and Spectre bugs. Finally we look to the world of IoT and discuss smart locks, and if they’re really as smart as they claim to be…In this week’s podcast we take a look back at the first six months of the year, and review some of the biggest cyber security stories. We discuss VPNFilter, a router malware that, unusually, is able to survive the router being rebooted, as well as highlighting the tool that Symantec has released to tell users whether or not their router is infected with VPNFilter. We also look back at investigations into the Orangeworm and Inception Framework attack groups, as well as reviewing the impact of the Meltdown and Spectre bugs. Finally we look to the world of IoT and discuss smart locks, and if they’re really as smart as they claim to be…In this week’s podcast we take a look back at the first six months of the year, and review some of the biggest cyber security stories. We discuss VPNFilter, a router malware that, unusually, is able to survive the router being rebooted, as well as highlighting the tool that Symantec has released to tell users whether or not their router is infected with VPNFilter. We also look back at investigations into the Orangeworm and Inception Framework attack groups, as well as reviewing the impact of the Meltdown and Spectre bugs. Finally we look to the world of IoT and discuss smart locks, and if they’re really as smart as they claim to be…https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Half+Year+Roundup+2018_mixdown.mp3Thu, 05 Jul 2018 11:19:12 +000000:33:07false31fullTicketmaster breach, insider attacks, the issue of legacy systems in businesses, and is encrypted ransomware a new trend?In this week’s essential cyber security news round-up, we discuss the recent data breach at Ticketmaster, and also look at encrypted ransomware and wonder whether it's set to become a new trend. Also, after news broke last week that an employee at Tesla had been caught changing code and passing sensitive company information to third parties, we discuss the dangers of insider threats for business, and we also look at the reasons why, in a recent survey, almost 90 percent of UK businesses admitted to running legacy systems in order to keep data accessible.In this week’s essential cyber security news round-up, we discuss the recent data breach at Ticketmaster, and also look at encrypted ransomware and wonder whether it's set to become a new trend. Also, after news broke last week that an employee at Tesla had been caught changing code and passing sensitive company information to third parties, we discuss the dangers of insider threats for business, and we also look at the reasons why, in a recent survey, almost 90 percent of UK businesses admitted to running legacy systems in order to keep data accessible.In this week’s essential cyber security news round-up, we discuss the recent data breach at Ticketmaster, and also look at encrypted ransomware and wonder whether it's set to become a new trend. Also, after news broke last week that an employee at Tesla had been caught changing code and passing sensitive company information to third parties, we discuss the dangers of insider threats for business, and we also look at the reasons why, in a recent survey, almost 90 percent of UK businesses admitted to running legacy systems in order to keep data accessible.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+roundup+18-06-28.mp3Thu, 28 Jun 2018 16:35:54 +000000:19:17false21fullNew Symantec research on the Thrip cyber espionage group, BEC scammers, and coinminers in court in JapanWe discuss a major law enforcement operation against Business Email Compromise (BEC) scammers, an interesting court case in Japan regarding the legality of browser-based coinmining, and we also talk to Jon Di Maggio, the Symantec investigator responsible for our latest research into the cyber espionage group Thrip.We discuss a major law enforcement operation against Business Email Compromise (BEC) scammers, an interesting court case in Japan regarding the legality of browser-based coinmining, and we also talk to Jon Di Maggio, the Symantec investigator responsible for our latest research into the cyber espionage group Thrip.We discuss a major law enforcement operation against Business Email Compromise (BEC) scammers, an interesting court case in Japan regarding the legality of browser-based coinmining, and we also talk to Jon Di Maggio, the Symantec investigator responsible for our latest research into the cyber espionage group Thrip.https://symantec-enterprise-podcasts.security.com/podcasts/assets/audio/Weekly+Roundup+June+20%2C+2018.mp3Thu, 21 Jun 2018 15:29:56 +000027:57false11