DrZeroTrust

Home cybersecurity insurance? What's that all about. Some great research from Google on talking to the board about cybersecurity. Microsoft Defender "auto-secures" machines now. How viable is that? Some points on the conflict currently ongoing and cyberwarfare as well.

What's the scariest sound you can hear in the middle of the night? It's not what you think. Microsoft and Bing have some "splaining" to do as their system is helping generate images of SpongeBob and other cartoons attack the World Trade Center. WithSecure has some really solid insights on the tactics and tools that bad guys use. Cisco Talos found that QakBot is back, shocker. And how will AI and deepfakes affect elections, ask Slovakia. Those points and more on this episode!

How does a CEO of a unicorn company view cybersecurity? How does the board of such a company look at the risks of cyber threats? Does insurance make sense for those leaders? What about the big acquisition in recent days, does that affect the overall market? Those questions and more on this episode!

Rick Moy and I discuss ZT and the cloud. How developers can and should look at security (it's not how you think). Dealing with ethereal assets, 5G and a whole bunch of other great issues in this episode!

Should executives ever be exempt from security standards and practices, the answer rhymes with bell no. MGM got his with ransomware via a third party and some social engineering, but they spend hundreds of millions on security. So what should we learn from that? CISA wants to offer free scans for utilities, is that a good or bad thing? Congress wants to legislate around deepfakes for elections, how will that work? And a major university was found to be fudging their self certification for compliance, whoops! Those and more on this one!

What is Surf's new RBI extension? How does this fit with Zero Trust strategically? Why is RBI now a "thing" in security? Is this just for enterprises or all businesses? How hard is it to configure this thing? What about third parties and developers, does this help them be more secure? Those questions and more on this one!

Data from Blackberry points to the same methods of exploitation, shocker. Some recent revelations from the National Security Agency and #china threat. Additionally, more insights on some of the flaws in our #compliance and #regulatory #cyber spaces. SeeTickets gets hacked, again. What's up with that Dallas City hack? Those and more on this episode!

Cyberpsychology and the hacker mindset, what should we think? Malwarebytes and their funding and layoffs, what does that indicate about the market? AI and LLM's aren't people, stop treating them like they are from MIT. Compliance does not equal security, say what? Phishing as a service get smarter according to Microsoft. The FBI "brought down" a massive botnet, they'll never come back right? And a very suspect claim from a vendor on their "response time". All that and more on this one!

Thoughts on the recent RNC candidate debate where cybersecurity never came up, super. China is using Linkedin to recruit spies, how can you know when you are targeted? Trustwave published new research on BEC hacks, what do we get from that research? Two guys are arrested for laundering money via crypto, is that a treasonous act? MAC's get some new malware, hurray! Ransomware group deletes a providers entire customer base's data, whoops! Those and more on this one!

How to defend from a "Zero Day" attack that is "not in any anti-virus" engine. Proxy wars from AT&T. Interesting data from Flashpoint on the underground market. Is CISA really enforcing effective controls if they rely on training? Irish police department have a data breach that might lead to terrorist targeting, yikes! And rethinking the terminology and understanding around cyberwar! Those points and more on this episode!