Cyber Security America

Welcome to the Cybersecurity America Podcast! In episode 21, we have an exciting lineup of topics that cover critical insights from the DeepSeas (https://www.deepseas.com/learn/) Cyber Threat Intelligence (CTI) desk and the latest in cybersecurity innovation with Salem Cyber. Prepare for an informative and engaging discussion! #malware #informationsecurity #infosec #windows #cyberattack #ciso Host, Joshua R Nicholson (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) Podcast Home Site: (https://www.voiceamerica.com/show/4125) In the first part of the episode, we bring you crucial insights on the recent MOVEit managed file transfer vulnerability, now identified as CVE-2023-34362. Learn about how threat actors exploited this vulnerability in Progress' MoveIt software as early as May 27th. Taking advantage of the Memorial Day weekend and limited staffing, they conducted scans and extracted files from multiple organizations. We delve into the tactics employed by threat actors, including the targeting of widely-used software and exploiting holidays when staffing is low. Microsoft and Mandiant have identified clap ransomware as the primary threat actor behind these attacks. What sets this incident apart is that clap ransomware instructed affected organizations to reach out and contact them instead of the usual extortion email. This unexpected approach raises questions about their motivations and capacity to handle a large cache of information. The second part of the episode shifts focus to cybersecurity innovation. We're joined by John Bagg, the co-founder and CEO of Salem Cyber, an AI cybersecurity startup. With over a decade of experience, John shares his expertise in implementing cyber technology and threat detection programs for top commercial organizations. He introduces us to their flagship technology, the Virtual Cyber Analyst, which addresses the challenge of alert overload faced by cybersecurity experts. By leveraging AI capabilities, organizations can prioritize alerts and empower their analysts to focus on critical matters. This episode highlights the significance of reducing attack surfaces, implementing robust monitoring systems, and having a well-defined playbook for incident response. We delve into crucial questions you need to ask within your cyber fusion center or IT department to enhance your cybersecurity measures. Join us for this thought-provoking discussion as we navigate the landscape of cybersecurity, starting with the MOVEit vulnerability incident and moving on to the innovative solutions offered by Salem Cyber. Stay tuned for valuable insights and updates on the latest trends in the field. #Cybersecurity #ThreatIntelligence #DataBreach #Ransomware #AttackSurfaceReduction #IncidentResponse #Innovation #AI #Startup #ThreatDetection #AlertFatigue #AnomalyDetection #SalemCyber #CVE-2023-34362

Welcome to our podcast, where we explore the fascinating world of generative AI and its profound impact on various fields. Join us as we delve into the intricate details of different models designed for specific tasks, such as text generation, native speech processing, and image/video generation. We also address the pressing concerns surrounding privacy and security in the realm of AI technologies, including the potential risks of phishing emails and deep fake attacks. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 In our discussions on text generation, we thoroughly examine popular models like ChatGPT, Bard, Lama, and Bloom, shedding light on the distinctions between closed-source, open-source, and academic models. Additionally, we emphasize the significance of leveraging open-source models from platforms like Hugging Face, while carefully considering the implications for cybersecurity. Discover how organizations can effectively navigate the use of AI models to protect their data and privacy. In this week's Intelligence report, we highlight notable cyber-attacks, including the insidious Akira ransomware and the successful neutralization of the Snake malware by the FBI. We delve into the details of the recent attack on Bluefield University, ensuring you stay informed on the latest developments in cybersecurity. Follow our insightful discussions on topics like AI, machine learning, and enterprise security, as we unveil the crucial intersections between these fields. The Akira ransomware has ruthlessly targeted and breached the security of 16 companies across diverse industries. Employing an encrypt-and-ransom tactic, they demand exorbitant sums of money from their victims. To intensify the pressure, the gang has created a unique data leaks site with a captivating 1980s retro aesthetic. Visitors to the site must navigate using console commands, adding an intriguing dimension to their illicit activities. The leaked data ranges from sizes as small as 5.9 GB to a staggering 259 gigabytes. Ransom demands vary from $200,000 to multimillion-dollar figures, with provisions for lower amounts if the target companies solely wish to prevent the leak of their stolen data. We also revisit the multinational operations that successfully neutralized the Snake malware, a highly sophisticated cyber espionage tool developed by Russia's Federal Security Service (FSB), known as Turla. This covert P2P network of infected computers spanned across 50 countries and targeted government research networks, research facilities, journalists, small businesses, media organizations, and critical infrastructure segments within the United States. #GenerativeAI #PrivacyConcerns #Cybersecurity #AIModels #Ransomware #Malware #FBI #Snake #Podcast #Tech #CybersecurityAwareness

Welcome to another episode of Cyber Security America with your host, Joshua Nicholson (https://www.linkedin.com/in/joshuanicholson/). In this episode, we delve into the world of cloud computing and its impact on cybersecurity. We explore the major cloud platforms such as AWS, Azure, and GCP, along with their deployment and service models. Discover the benefits of cloud computing, including Infrastructure as a Service (IAAS), Platform as a Service (PAAS), and Software as a Service (SAAS). Podcast Home Site: (https://www.voiceamerica.com/show/4125), YouTube Channel: (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) We also tackle the characteristics of cloud computing, including on-demand self-service, broad network access, resource pooling, rapid elasticity, measured service, virtualization, service-oriented architecture (SOA), grid computing, and utility computing. Gain insights into how these characteristics shape the cloud security landscape. This week's Intel briefing covers two critical vulnerabilities: CVE-2023-28771 affecting week's ZyWALL/USG series firmware and CVE-202-2868, a remote command injection vulnerability resulting from incomplete input validation of user-specified dot tar files. Furthermore, we dive into the fascinating topic of conducting Incident Response (IR) in the cloud versus on-premises. Explore the six major differences between these environments and understand the unique challenges and considerations for cloud-based IR. Joining us as our special guest is Martin Brough (Senior Manager of Cyber Defense Operations @ ARM semiconductors). He is a seasoned information security professional with over 20 years of experience. Martin's expertise spans various domains, including secure communications systems, email security, malware analysis, SIEM system logging, and cloud-based threat hunting. He is particularly well-versed in the field of Incident Response, with extensive knowledge in security design, training, and detection and response playbook writing. Martin has shared his insights at renowned conferences such as Def Con, Blackhat, and DerbyCon, and he has contributed to notable security publications like PenTest Magazine and Cyber Defense Magazine. Tune in as we explore the intricate world of cloud computing and its impact on cybersecurity. Stay informed and gain valuable insights on how to secure your cloud infrastructure effectively. This episode is a must-listen for both security professionals and enthusiasts alike. Remember to subscribe to Cyber Security America for more captivating discussions on the latest trends and challenges in the ever-evolving world of cybersecurity. Sponsored by (www.deepseas.com) #CyberSecurity #CloudComputing #AWS #Azure #GCP #IAAS #PAAS #SAAS #CloudSecurity #Virtualization #SOA #GridComputing #UtilityComputing #IncidentResponse #CloudIR #OnPremiseIR #InformationSecurity #Podcast #CyberSecurityAmerica #CybersecurityPodcast #DeepSeasSponsor

There is no doubt that corporate America and our Nation is in desperate need of #cybersecurity analysts and engineers to protect critical infrastructure. For most of the shows on the #CyberSecurityAmerica podcast, we focus on tactical areas of knowledge in order upskill security practitioners in management and executive #leadership. In this episode, we are taking on the sticky subject of mental fatigue and burnout on the job. We have all experienced it at one time or another. We get to a point of mental exhaustion and our well-being and health starts to slip. The stress builds up and we may find external chemical-based mood enhancers such as alcohol or drugs to address the stress, we started fighting with loved ones, friends, and co-workers, which could lead to us making bad employment decisions. In this episode, Chloé talks about what she feels is the greatest stress accelerator which is the number 1 cause of burn-out - poor leadership. Our guest today is Chloé Messdaghi, an accomplished security executive, CEO & Founder of Global Secure Partners, known for advising and developing solutions that have improved security teams and the industry. A sought-after public speaker and trusted source for national and sector reporters, her work has been featured in numerous outlets, and she has been recognized as a Power Player in #Cybersecurity by Business Insider and SC Media. Chloé is also dedicated to various charitable causes, demonstrating her commitment to driving positive change. This week's Intelligence briefing (www.deepseas.com) focusing on Nation State activities related to Operational Technology (OT) and ICS SCADA systems. The first one was a piece of malware that was discovered as Cosmic Energy by Mandiant and an implant from China named Volt Typhoon. Volt is another OT technology implant used primarily for espionage. #malware #informationsecurity #infosec #windows #cyberattack #ciso (https://www.linkedin.com/in/joshuanicholson/) YouTube Channel: https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg Podcast Home Site: https://www.voiceamerica.com/show/4125 Disclaimer: - This podcast is for informational purposes only and should not be considered legal or professional advice. - We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. - This podcast is not intended to replace professional technology advice. - The views expressed in this podcast may not be those of the host or the management.

Welcome to the Cyber Security America show, a platform for exploring the dynamic and ever-evolving world of cybersecurity and information technology. In episode 17, we delve deep into the topic of zero trust, a security model that assumes all users, devices, and applications are potentially hostile, and requires strict access controls and verification measures to prevent data breaches. We also discuss the national security situation surrounding Jack Teixeira and its impact on security controls in the future. #cybersecurity #zerotrust #nationalsecurity Our guest for today's episode is Gordon Lawson, CEO of Conceal.io, who brings years of experience and ability in implementing zero trust strategies for some of the largest organizations in the world. Together, we explore the concept of zero trust, its advantages and challenges, and how it differs from traditional security models. We also discuss the future of zero trust and how it's shaping the cybersecurity landscape, including the innovative ConcealBrowse technology that detects, defends, and isolates malicious internet traffic. #zerotrustimplementation Gordon Lawson has over 20 years of experience in the physical and cyber security space, with a focus on SaaS optimization and global enterprise business development. Prior to joining Conceal, he was President at RangeForce, a cyber training platform company, and SVP of Global Sales at Cofense through their $400MM acquisition by BlackRock in 2018. With his background as a U.S. Naval Officer and a graduate of the Air Force Command and Staff College and the Army Airborne School, Gordon offers unique insights into the implementation of zero trust strategies and the future of cybersecurity. #cybersecurityleader #militaryexperience Threat Intel Report: US Intelligence Agencies and international partners from the 5 Eyes alliance have released a report detailing Russia's Snake Malware, a peer-to-peer network that infected multiple devices, including diplomatic missions and NATO areas. The malware was a significant part of the Turla framework used by Russian cyber threat actors and attributed to the Federal Security Service Center 16 and military unit 71330, also known as Berserk bear. The report supplies recommendations for mitigations and scanner technology. Additionally, a cybersecurity firm reported a threat actor trying to extort executives by compromising new hire credentials, showing the need for ongoing monitoring and protection of human elements in cybersecurity. The growing impact of cyberattacks on physical outcomes is also noted. #cybersecuritythreats #malware #5eyesalliance

Welcome to the Cyber Security America Show, where we dive into the sea of complex technologies and provide real-world context to the world of Cyber Security and Information Technology. In episode 16, we explore the various jobs and roles within the industry, including penetration testers, vulnerability managers, detection analysts, threat hunters, Cloud Security Architects/Engineers, Cyber Security mentorship resources, and Incident Response (IR). Our Threat Intelligence briefing covers the Apple Rapid Response situation, where lack of proper and honest communication caused unnecessary mistrust. We also discuss the latest Ransomware attack against the City of Dallas, U.S. Cyber Teams, and the upcoming International Cyber Competition in San Diego later this year. Our guest for this episode is Steve Cobb, CISO for Security Scorecard, who brings over 30 years of leadership and consulting experience involving IT infrastructure, cybersecurity, incident response, and cyber threat intelligence. Steve is passionate about sharing his knowledge and experience with others through mentorship and training and is a coach for the US Cyber Team. Don't miss out on the US Cyber Games, North Carolina Cyber Academy, Black Hills Training, and Chris Saunders Training. Register now and take the next step in your Cyber Security journey. US Cyber Games - https://www.uscybergames.com/ North Carolina Cyber Academy - https://www.myncca.com/ Black Hills Training - https://www.antisyphontraining.com/ Chris Saunders Training - https://www.networkdefense.co/courses/ - Investigation Theory Join us on this informative episode and stay up to date with the latest Cyber Security news and trends. Follow us on social media and use the hashtags #CyberSecurityAmericaShow #CyberSecurity #InformationTechnology #ThreatIntelligence #USCyberGames #NorthCarolinaCyberAcademy #BlackHillsTraining #ciso #ChrisSaundersTraining to stay connected.

In today's hyper-connected world, no organization can tackle computer threats alone using just their own people, processes, and technology. A successful Chief Information Security Officer (CISO) or Director of Security Operations needs to engage and leverage technology vendors, strategic integrators, and consulting partners to accomplish their mission. That's why we're thrilled to have Mike Johnson, Vice President of Partners & Alliances at DeepSeas, as our expert guest in this episode titled Cyber Supply Risk Management: Defense Strategies for maximized outcomes. Mike brings a unique mix of technical and advisory skills, honed through his experience building successful partner networks at SIEM vendors LogRhythm and Securonix, SaaS GRC provider Pathlock, and now DeepSeas. But first, let's take a look at the latest cyber threats. This week's Cyber Threat Intelligence (CTI) report tracks the active exploitation of PaperCut, a remote code execution (RCE) vulnerability impacting all PaperCut MF or NG versions 8.0 or later (CVE-2023-27350). Additionally, an information disclosure flaw has been found in PaperCut MF or NG versions 15.0 or later (CVE-2023-27351). Reports indicate that the primary exploitation is being done by the ransomware operators of Lockbit and Clop. And if that's not enough, there's a new exploit kit on the block - MacOS Stealer or Atomic Mac OS Dealer (Amos) malware - being sold on Telegram for $1,000 per month. This kit can obtain iCloud Keychain passwords, files from the desktop or documents folder, and can also get the Mac OS password. Don't be caught unprepared - stay up to date with the latest cyber threats and defense strategies. And remember, the material and information presented here is for general information purposes only. Stay Secure and don't forget to Like, Subscribe, Comment, and turn on notifications

In the 14th episode of Cyber Security America, we explore one of the most devastating threats that small and large business face today. Ransomware is a form of malware designed to encrypt files on a device, rendering any files and the systems that rely on them unusable. Malicious actors then demand ransom in exchange for decryption. In recent years, ransomware incidents have become increasingly prevalent among the Nation’s state, local, tribal, and territorial (SLTT) government entities and critical infrastructure organizations. Ransomware incidents can severely impact business processes and leave organizations without the data they need to operate and deliver mission-critical services. Malicious actors have adjusted their ransomware tactics over time to include pressuring victims for payment by threatening to release stolen data if they refuse to pay and publicly naming and shaming victims as secondary forms of extortion. The monetary value of ransom demands has also increased, with some demands exceeding US $1 million. Ransomware incidents have become more destructive and impactful in nature and scope. Malicious actors engage in lateral movement to target critical data and propagate ransomware across entire networks. These actors also increasingly use tactics, such as deleting system backups, that make restoration and recovery more difficult or infeasible for impacted organizations. The economic and reputational impacts of ransomware incidents, throughout the initial disruption and, at times, extended recovery, have also proven challenging for organizations large and small. From https://www.cisa.gov/stopransomware/ransomware-guide This Ransomware Guide includes two resources: Part 1: Ransomware Prevention Best Practices Part 2: Ransomware Response Checklist • Policy-oriented or technical assessments help organizations understand how they can improve their defenses to avoid ransomware infection: https://www.cisa.gov/cyber-resource-hub Contacts: • SLTT organizations: CyberLiaison_SLTT@cisa.dhs.gov • Private sector organizations: CyberLiaison_Industry@cisa.dhs.gov Ransomware Quick References • Security Primer – Ransomware (MS-ISAC): Outlines opportunistic and strategic ransomware campaigns, common infection vectors, and best practice recommendations: https://www.cisecurity.org/white-papers/security-primer-ransomware/ • Ransomware: Facts, Threats, and Countermeasures (MSISAC): Facts about ransomware, infection vectors, ransomware capabilities, and how to mitigate the risk of ransomware infection: https://www.cisecurity.org/blog/ransomwarefacts- What are the lessons learned on how best to work together to break down the barriers of communications and prioritization. Don't miss this informative episode to learn more about the and its importance in securing your enterprise. Remember to like, subscribe, and turn on notifications for future episodes. Cyber Security America Podcast https://www.voiceamerica.com/show/4125

Don't forget to like, subscribe, and turn on notifications for future episodes. Welcome to the 13th episode of Cyber Security America, where we delve into the challenges and issues related to managing up and cultivating the complex relationship between the Chief Information Officer (CIO), Chief Information Security Officer (CISO), and the Board of Directors. Effective identification and mitigation of systemic corporate risk toward technology crown jewels and assets are crucial for the success or failure of a company's Cyber Security program. In this episode, we explore the lessons learned on how to work together to break down the barriers of communication and prioritization. Join us for this informative episode to learn more about this critical issue and its importance in securing your enterprise. Our guest speaker for this episode is George Tsantes, a renowned Cybersecurity expert with over 40 years of experience in delivering innovative solutions and securing enterprises across industries. He is the co-founder and CEO of CYBERPHOS, a Software as a Service (SAAS) focused on improving cybersecurity risk governance. He also operates GT3 Consulting, a boutique consultancy that helps clients across a wide spectrum of industries understand and manage their cybersecurity risk. During his career, Mr. Tsantes was a Principle at EY where he led the firm’s cybersecurity practice for the Financial Services Office (FSO) and advised many of EY’s key clients across a wide range of cyber topics and projects. He was also Executive Vice President and Chief Technology Officer of Intersections, Inc., and a Partner at Accenture, a global management consulting and technology services company. He is the co-author of Cybertax, Managing the Risks and Results and a frequent speaker at corporate and industry events. As part of this episode, we will also be discussing the latest Cybersecurity threats, including CVE-2023-21554 rated as a 9.8 CVSS score, a RCE vulnerability involving Microsoft Message Querying Services, and CVE-2023-28528252, an out of bound write vulnerability in Microsoft Windows that is being exploited by the Ransomware group known as Noco Ywa. Additionally, research shows that over 360,000 IP addresses are exposing Microsoft MSMQ services over the Internet via TCP port 1801, and the Lockbit 3.0 attack strikes again. Join us for an insightful discussion on Executive Development and how to avoid the CISO, CIO, and Board Communications chasm. Follow us on Cyber Security America Podcast https://www.youtube.com/@cybersecurityamerica_show/featured #cybersecurity #CISO #infosec #Iinformationsecurity #riskreduction #threatintelligence #computersecurity

Tune in to episode 12 of Cyber Security America, airing live on Tuesdays at Noon ET on VoiceAmerica. In this week's discussion, we will continue the conversation from the previous episode and delve deeper into the topic of Security Operations Center (SOC) delivery models. Join Josh and special guest, Mr. Paul Dwyer, as they explore the best practices and lessons learned for optimizing SOC performance and maturity. As a former Global IBM Security Partner with vast experience in SOC implementation and optimization, Mr. Dwyer brings invaluable insights to the table. Don't miss this opportunity to learn about SOC strategy design, implementation, and optimization techniques, as well as the latest developments in Risk Analytic Centers (Fusion Centers). Follow the links below to listen to the episode on Spotify and access more resources on the topics of SOC, threat detection, and cyber defense. #SOC #securityoperations #threatdetection #threatresponse #MDR #cybersecurity #cyberthreats #cyberdefense #cyberthreatintelligence #manageddetectionandresponse #threatintel #threatintelligence #deepseas https://www.linkedin.com/in/joshuanicholson/