DrZeroTrust

Why isn't cyber getting any better nationally with all this legislation?  How should we view CISA's new rules?  What about the Committees that congress and the Senate sit on?  Analysis on a deepfake that has some very interesting implications.  Where can we do better?

Where can you go to learn how to "do" a deepfake, I'll tell you, but be careful.  My thoughts on "getting involved in the conflict" in Ukraine from a cyber perspective.  The Conti group had a leak and some great reporting was published on it, wow!  Analysis on wiper malware, and the "most advanced malware ever", lol.  Also, some finer points on what Zero Trust means and how to enable this strategy from a variety of vendors, and a new report on 9 steps to ZT, most of them are business related!  Say what?

Zero Trust world was a blast, well done Threatlocker!  Microsoft has done some great work in helping people to understand Zero Trust.  Misinformation for critical infrastructure and corporate security is hard to do without a solid technology in place, especially at scale.  Reference architectures for Zero Trust are available.  Is the IRS the agency that can finally help with the ransomware problem and crypto crime?  The Justice Department's three year plan to move to Zero Trust and how they are approaching the issue, and an example of a state and local government that is enabling Zero Trust.  Check it out!

#cyberwarfare and first strike capabilities in the Ukraine conflict?  Finding vulnerable SCADA and electric systems in @shodan isn't hard, how much is out there?  How did the #fbi get back stolen #crypto?  Should we be "afraid" of hacking and cyber threats (weird things are happening everywhere lately, are you worried)?  Some tips on how to read through congressional documents that are available on the hill.  Also, some pork that is being tossed into the new protecting America act that has been passed.  Lastly, how should we think about getting and using threat intelligence without paying for it.  Check it out!

More ways cyber insurers are getting out of paying.  Two students hack a school system and ask for a job, awesome.  Microsoft talks about the lack of good IAM for Azure.  Google breaks down cryptojacking in it's cloud.  The insanity around threat intelligence and naming a threat actor group, and more on this episode.

Interesting points on a Zero Trust report by Illumio.  How to stop the majority of ransomware, it's not that hard.  How did we allow the US DoD to buy drone technology that was financed by China?  And what about some Shodan results that we should be aware of (like a submarine)?

What is threat intelligence, and what is the value in data?  Does brand defense make a difference?  Do his customers worry about deepfakes?  What is attack surface management and how is that market changing?  And more on this episode.

The new memorandum on cyber security for the federal government and Zero Trust.  Drones are used to attack an airport in the Middle East.  Lawyers and cyber insurance team up as they address the issues we face in cyber, and more on this episode.

Predictions from vendors for 2022.  Are the leaders on Capitol Hill actually doing anything on the cyber front?  The first log4j malware attacks are showing up, what can we do?  What about insider trading using hacked systems to gain a financial advantage?  Those questions and more on this episode!

A look back at 2021 and the major hacks we endured.  How did they happen?  What should we learn?  Where did it all go wrong?  Can we defend ourselves from these threats in the future?  Does Zero Trust really make sense?