Jacob Torrey, an expert from Thinkst Canary, dives into the critical flaws in Cleo file transfer appliances and the ongoing exploitation by ransomware groups. He also discusses Snowflake's upcoming shift to mandatory multi-factor authentication to combat credential theft. With a focus on innovative cybersecurity techniques, Torrey reveals fascinating operating system tricks, including canary tokens that can trigger alarms in your environment. Plus, he delves into the complexities of enhancing security in Windows, keeping attackers at bay!

Jerrod Chong, COO and President of Yubico, discusses exciting advancements in YubiKey technology, including the new pre-registration feature that facilitates easier onboarding for enterprises. He highlights the seamless integration with Okta and Microsoft, streamlining security measures for staff. Jerrod shares insights from his recent trip to Singapore, focusing on the critical cybersecurity challenges facing the energy sector and emphasizes the importance of proactive risk management in infrastructure. The conversation also touches on the slow adoption of passwordless authentication in various industries.

In this discussion, Vijit Nair, VP of Product at Corelight, sheds light on the future of cloud security, revealing the complexities organizations face in multi-cloud environments. He emphasizes the need for standardized monitoring approaches. The conversation also highlights recent trends in cybercrime, notably Russian hackers facing severe consequences. Nair dives into the inadequacies of traditional security solutions in cloud contexts and advocates for innovative tools that can enhance protection across dynamic infrastructures.

Matt Muller from Tines, a security automation expert, dives into the provocative assertion by Gartner that SOAR is dead. The chat reveals the complexities of ransomware attacks, focusing on Blue Yonder and the tough choices companies must make when traditional recovery fails. They also discuss how the evolving tactics of state-backed hackers, particularly Salt Typhoon's telecom assaults, have raised national security alarms. The conversation wraps up with insights on the integration of AI in security and the necessity for adaptive approaches in ever-changing cyber landscapes.

Andrew Morris, the founder of GreyNoise, dives into the world of cybersecurity, highlighting alarming vulnerabilities in edge devices. He reveals a new zero-day discovered by their AI system, emphasizing that the threat landscape is even worse than commonly perceived. The conversation also tackles the ineffectiveness of phishing training and underscores the critical security flaws in high-security IP cameras. As always, the episode blends humor with serious insights, making it both engaging and informative.

Chris Tarbell, a former FBI agent famed for his role in the Silk Road case, shares dramatic insights into combating cybercrime. He discusses the complexities of Ross Ulbricht’s story and the potential implications of a changing political landscape. Feross Aboukhadijeh, founder of Socket.dev, argues for a centralized tracking system for supply chain attacks, highlighting vulnerabilities in software ecosystems. The conversation delves into Apple’s new security feature limiting law enforcement access and the ongoing evolution of cybersecurity challenges in today’s digital landscape.

In this insightful discussion, Josh Kamdjou, co-founder of Sublime Security, shares his journey from offensive security to pioneering innovative email protection. He critiques traditional opaque email security solutions for their inefficiencies and high false positive rates. Josh introduces a new programmable detection engine that adapts to diverse user environments, addressing emerging threats like AI-driven phishing. The conversation emphasizes the necessity for smarter, more customizable email security measures in the face of evolving cyberattack tactics.

On this week’s show Patrick Gray and Adam Boileau discuss the week’s cybersecurity news, including: Sophos drops implants on Chinese firewall exploit devs Microsoft workshops better just-in-time Windows admin privileges Snowflake hacker arrested in Canada Okta has a fun, but not very impactful auth-bypass bug Russians bring dumb-but-smart RDP client attacks And much, much more. Special guest Sophos CISO Ross McKerchar joined us to talk about its “hacking back” campaign. The full interview is available on Youtube for those who want to really live vicariously through Sophos doing what every vendor probably wants to do. This week’s episode is sponsored by attack surface mapping vendor runZero. Founder and CEO HD Moore joins to talk about marrying up the outside and inside views of your network. You can also watch this episode on Youtube Show notes Okta AD/LDAP Delegated Authentication - Username Above 52 Characters Security Advisory Does bcrypt have a maximum password length? - Information Security Stack Exchange Local Administrator Protection | Privilege Protection Inside Sophos' 5-Year War With the Chinese Hackers Hijacking Its Devices | WIRED A Deeper Look at FortiJump (FortiManager CVE-2024-47575) | Bishop Fox Man Arrested for Snowflake Hacking Spree Faces US Extradition | WIRED Google uses large language model to discover real-world vulnerability GreyNoise Intelligence Discovers Zero-Day Vulnerabilities in Live Streaming Cameras with the Help of AI Thousands of hacked TP-Link routers used in yearslong account takeover attacks - Ars Technica CISA warns of foreign threat group launching spearphishing campaign using malicious RDP files | Cybersecurity Dive Chinese state-backed hackers breached 20 Canadian government networks over four years, agency warns India-Canada row: Canadian officials confess to leaking 'intel' against India to Washington Post - India Today Amid diplomatic row, Canada names India in ‘cyberthreat adversary’ list, accuses it of ‘likely spying’ | World News - The Indian Express The Untold Story of Trump's Failed Attempt to Overthrow Venezuela's President | WIRED Risky Biz News: The mystery at Mango Park North Korean hackers seen collaborating with Play ransomware group, researchers say

Daniel Ayala, Chief Security and Trust Officer at Dotmatics, shares insights on data security challenges in cloud environments. Rajan Kapoor from Material Security discusses the importance of securing data in platforms like M365 and Google Workspace. The conversation delves into the investigation of Chinese wiretap hacks, the rise of cybercrime, and the impact of recent breaches on corporate accountability. They also highlight the necessity for robust email security measures and data governance strategies to protect sensitive information from misuse.

Haroon Meer, founder of Thinkst Canary, shares insights from a decade in deception technology. He discusses how Thinkst continues to lead the deception game with user-friendly solutions. The conversation delves into the innovative use of internal honeypots and canary tokens for risk management. Meer also reflects on the importance of establishing genuine connections at cybersecurity conferences, blending humor with practical advice. He touches on the evolving landscape of security and the persistent preference for hardware devices over cloud solutions.