Artificial Intelligence: Automating SOC Workflows - Salem Cyber

Welcome to the Cybersecurity America Podcast! In episode 21, we have an exciting lineup of topics that cover critical insights from the DeepSeas (https://www.deepseas.com/learn/) Cyber Threat Intelligence (CTI) desk and the latest in cybersecurity innovation with Salem Cyber. Prepare for an informative and engaging discussion! #malware #informationsecurity #infosec #windows #cyberattack #ciso Host, Joshua R Nicholson (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Podcast Home Site: (https://www.voiceamerica.com/show/4125) In the first part of the episode, we bring you crucial insights on the recent MOVEit managed file transfer vulnerability, now identified as CVE-2023-34362. Learn about how threat actors exploited this vulnerability in Progress' MoveIt software as early as May 27th. Taking advantage of the Memorial Day weekend and limited staffing, they conducted scans and extracted files from multiple organizations. We delve into the tactics employed by threat actors, including the targeting of widely-used software and exploiting holidays when staffing is low. Microsoft and Mandiant have identified clap ransomware as the primary threat actor behind these attacks. What sets this incident apart is that clap ransomware instructed affected organizations to reach out and contact them instead of the usual extortion email. This unexpected approach raises questions about their motivations and capacity to handle a large cache of information. The second part of the episode shifts focus to cybersecurity innovation. We're joined by John Bagg, the co-founder and CEO of Salem Cyber, an AI cybersecurity startup. With over a decade of experience, John shares his expertise in implementing cyber technology and threat detection programs for top commercial organizations. He introduces us to their flagship technology, the Virtual Cyber Analyst, which addresses the challenge of alert overload faced by cybersecurity experts. By leveraging AI capabilities, organizations can prioritize alerts and empower their analysts to focus on critical matters. This episode highlights the significance of reducing attack surfaces, implementing robust monitoring systems, and having a well-defined playbook for incident response. We delve into crucial questions you need to ask within your cyber fusion center or IT department to enhance your cybersecurity measures. Join us for this thought-provoking discussion as we navigate the landscape of cybersecurity, starting with the MOVEit vulnerability incident and moving on to the innovative solutions offered by Salem Cyber. Stay tuned for valuable insights and updates on the latest trends in the field. #Cybersecurity #ThreatIntelligence #DataBreach #Ransomware #AttackSurfaceReduction #IncidentResponse #Innovation #AI #Startup #ThreatDetection #AlertFatigue #AnomalyDetection #SalemCyber #CVE-2023-34362