Symantec Cyber Security Brief Podcast 3z18u

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the latest Symantec blog, some updated research about the Yanluowang ransomware gang, with fresh activity appearing to show that this ransomware isn’t a flash-in-the-pan. We also discuss how quickly exposed cloud services are compromised by malicious actors, how off-putting strong s are for attackers employing brute-forcing techniques, and apparent attempts by Russian hackers to collaborate with Chinese-speaking actors. Also, the Conti gang’s possible role in the return of Emotet, and North Korean actors continue to target security researchers with fake job offers. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some recent attack campaigns aimed at critical infrastructure organizations in several countries around the world, the possible return of the Emotet botnet, and some law enforcement activity that has led to the arrest of people involved with both the REvil and Gandcrab ransomware. We also discuss some new techniques being used by the BazarLoader gang, and an FBI system being compromised and used to send out fake information security alerts. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss some of our recent blogs, including at least one BlackMatter ransomware using a new data exfiltration tool in attacks, and also the breaking news that the BlackMatter ransomware operation is apparently winding down. We also discuss another recent blog we published about banking Trojan activity in Latin America, while recent law enforcement activity cracking down on ransomware criminals is also up for discussion. Elsewhere, we also talk about SquirrelWaffle, a reasonably new malware that is used as a loader and has been mentioned as a potential successor to the notorious Emotet for the delivery of threats. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss several new blogs that the Symantec Threat Hunter Team has published recently. Firstly, we uncovered a new ransomware threat that we dubbed Yanluowang, which appears to be deployed in a targeted fashion and is certainly a new threat as various indications point towards it still being in development. We also published two blogs detailing two separate campaigns targeting organizations in Asia. The Harvester group is a previously unknown, likely nation-state backed group targeting victims in South Asia, while elsewhere a new espionage campaign is targeting the defense, healthcare, and ICT sectors in South East Asia. Meanwhile, we also discuss new activity from a targeted attack group dubbed LightBasin, and the return of the Lyceum group. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss how the UK and the U.S. are planning to increase their efforts to tackle cyber crime, ransomware being blamed in court for the death of a baby, and the arrests of some ransomware criminals in Ukraine. Also, the Conti ransomware gang makes some threats, evidence of the Pegasus spyware allegedly found on the phones of French cabinet ministers, and an interesting targeted phishing campaign. Listen at Symantec Enterprise Podcasts

We are back for Season 4 after our summer break, and on this week’s Cyber Security Brief podcast Dick O’Brien and Brigid O Gorman spend a lot of time discussing the subject that also dominated the last season of the podcast - ransomware. We discuss some of the ransomware stories we missed while we were off air, as well as a ransomware whitepaper we recently worked on and made available to our customers. Apart from ransomware, we also discuss Mēris - a huge botnet that emerged over the summer and has aimed massive DDoS attacks at various organizations around the world. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, we discuss some recent ransomware stories, as well as giving a sneak peek into some research we have been doing into ransomware. We also talk about recent announcements from U.S. authorities that attributed some recent cyber attacks, including the Microsoft Exchange Server campaign, to Chinese actors, and we also discuss the rising cost of data breaches. This is the last podcast of season 3, we will be taking a short break and will return with new episodes in September. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Gavin O’Gorman s us to discuss the Kaseya ransomware supply chain attack that occurred over the July 4 holiday weekend in the U.S. The REvil/Sodinokibi ransomware gang were behind this attack, and Gavin and Dick O’Brien discuss whether this is a sign that we now need to be aware of ransomware actors targeting victims through supply chain attacks, which would more traditionally be associated with state-sponsored hackers, as well as some of the other interesting aspects of this attack. Meanwhile, Brigid O Gorman discusses the latest news of a new vulnerability in SolarWinds software being exploited by a Chinese hacking group, energy companies being targeted in a year-long espionage campaign, and the rising cost of cyber insurance. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Dick O’Brien fills us in on the latest research we have published on our blog about how a growing number of ransomware attackers are using virtual machines in their attacks. We also discuss a few other ransomware-related stories, including REvil introducing a new Linux version of its ransomware, a Babuk ransomware builder being leaked online, and a couple of stories showing the amount of money that can be involved in ransomware operations. Elsewhere, the FBI recently released a report stating that over-60s lost around $1 billion through online fraud in 2020, the U.S. Secret Service released a cyber crime Most Wanted list, a FIN7 gang member was jailed, and the EU launched a new cyber security unit. Listen at Symantec Enterprise Podcasts

In this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O Gorman discuss some of the biggest cyber security stories of the last two weeks. Ransomware has once again dominated the news headlines, with news about huge ransom payments and ransom recovery operations being reported. Meanwhile, cyber security comes to the fore in the political sphere following pronouncements from the G7 and NATO summits. Elsewhere, attackers leveraged Slack to attack one of the world’s biggest gaming companies, one of the largest online marketplaces for stolen credentials in the world was taken down by authorities, and how law enforcement used a backdoored chat app to spy on criminals, leading to hundreds of arrests. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman are ed by Symantec threat researcher Gavin O’Gorman to discuss the Conti ransomware attack on Ireland’s national health service, how the response to this attack is going, and what the likely consequences of it may be. Elsewhere, another ransomware attack, this time on the world’s largest meat producer, JBS Foods, and Sweden’s Public Health Agency is also hit with some hack attempts. Meanwhile, the alleged leader of an ATM fraud gang responsible for stealing more than $1 billion from tourists, is arrested in Mexico. Listen at Symantec Enterprise Podcasts

In this week’s Cyber Security Brief, Dick O’Brien and Brigid O’Gorman discuss the implications of the Colonial Pipeline ransomware attack and the activities of the group behind it, Darkside. We also talk about what appears to be a reasonably new ransomware - Avaddon - that has been used in a string of attacks recently, while we also discuss an idea Brian Krebs wrote about that could potentially help deter ransomware actors from infecting your network. Away from the world of ransomware we talk about Lemon Duck and something of a resurgence in crypto mining, while we also discuss what CISOs are most worried about in 2021. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss some research we have recently been working on at Symantec. First, we discuss a blog we published this week, which looks at multi-factor authentication and how it has become a headache for malicious actors, leading them to adopt new attack techniques in an attempt to by or avoid it completely. We also discuss a report that we shared with customers recently looking at living off the land attack techniques and the activity and trends in that area, as well as some steps you can take to try and protect your network from this kind of activity. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Alan Neville s Brigid O Gorman and Dick O’Brien to discuss the recent discovery of a zero-day vulnerability in popular VPN product Pulse Secure. We also discuss some recent developments in the SolarWinds and Microsoft Exchange Server stories. Finally, we discuss a recent potential data breach at software testing company Codecov, and look at why UK authorities are warning government employees about potential approaches from foreign spies on social media. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief, Brigid O Gorman and Dick O’Brien discuss the big Facebook data leak that has made headlines around the world this week, as well as a cyber attack aimed at European Union institutions, and a cyber incident impacting Australia’s parliament. We also discuss warnings from authorities in the U.S. about attackers attempting to exploit vulnerabilities in Fortinet FortiOS, while authorities in the UK have issued warnings about an increased risk of ransomware attacks targeting the education sector. Meanwhile, some cyber criminals have started using call centers to distribute malware, with the tactic reportedly proving quite successful for several cyber crime groups. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien discuss how ransomware attackers are now attempting to leverage the vulnerabilities in Microsoft Exchange Server. We also talk about an interesting interview given by one of the ReEvil ransomware gang to Recorded Future, evidence that ransomware payments increased over the last year, and the s of WeLeakInfo falling victim to their own data breach. Also, we warn U.S. taxpayers to be on the lookout for phishing campaigns at this time of year, and the hacker who made headlines a few weeks ago for hacking security cameras used in Tesla offices and elsewhere is indicted on numerous hacking charges in the U.S. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Brigid O Gorman and Dick O’Brien are ed by Symantec threat researcher Alan Neville to discuss the biggest cyber security story of the last couple of weeks - the vulnerabilities in Microsoft Exchange Server. Alan gives a comprehensive overview of the vulnerabilities, what’s happened since they became public knowledge last week, and the steps you can take to keep your organization’s network safe. He also talks about some of the post-compromise activity that Symantec has seen. We also chat about some other topics: new research into the SolarWinds hack, and the arrest of an alleged GandCrab ransomware gang member. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman discuss some of the biggest cyber security stories of the last few weeks. Among the stories up for discussion are the bugs in Accellion’s 20-year-old FTA product, which led to multiple companies worldwide reporting breaches related to it. We also talk about the reports saying the Sandworm group has been carrying out a long-running spying campaign against multiple French IT services providers by compromising an open-source IT monitoring tool called Centreon, and a Chinese APT group reportedly cloning an Equation group tool. Some interesting law enforcement activity in recent weeks is also up for discussion. Listen at Symantec Enterprise Podcasts

On this week’s Cyber Security Brief podcast, Dick O’Brien and Brigid O’Gorman round up some of the biggest cyber security stories of the last two weeks. We bring you the latest developments in the SolarWinds hack investigation, and chat about the significance of the disruption to the Emotet botnet. We also discuss some other recent takedowns and arrests, as well as some of the biggest ransomware stories of the last couple of weeks. We also talk about the recently reported cyber attack on a water treatment plant in the Florida town of Oldsmar - was this just a one-off incident or do industrial control systems like water plants need to be on high alert? Listen at Symantec Enterprise Podcasts

Old threats and new feature in this week’s Cyber Security Brief podcast. Dick O’Brien and Gavin O’Gorman discuss the latest developments in the Solarwinds hack investigation, including how Symantec investigators found Raindrop, an additional piece of malware used in the SolarWinds attacks against a select number of victims that were of interest to the attackers. We published a blog about Raindrop last week, and Dick and Gavin discuss how this new malware was discovered. Also, romance scams and DDoS attacks make a comeback. Listen at Symantec Enterprise Podcasts