InfoSec ICU

InfosecICU is closing its doors, and Steve and Gerry hop in the studio for a final farewell and thank you to the community that made this show such a pleasure and a success. Thank you for all the support through the 2 years we were publishing. It was a pleasure and an honor to serve you all. Show Notes Resources: Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steve Cardinal @sgcardinal

Gerry and Aaron discuss the exponential growth of cyber breaches in 2019, the explosion of Emotet in September, and out for comments CMS Exceptions to providing security services for free to competitors. As always they end with One Cool Thing. Show Notes Resources: Breaches up to 7.9 Billion in 2019 https://cyware.com/news/data-breaches-become-worse-as-79-billion-records-get-exposed-in-the-first-nine-months-of-2019-42139fbc Emotet surges 730% https://cyware.com/news/emotet-activity-increases-by-730-after-being-in-dormant-state-for-nearly-four-months-84a384c1 CMS Exemptions https://www.modernhealthcare.com/cybersecurity/hhs-carves-out-stark-law-exception-cybersecurity-tech One Cool Thing NueroNet Dialogue https://talktotransformer.com/ Malware Analysis – Live Stream https://www.youtube.com/watch?v=F-vWcQPVJks Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steve Cardinal @sgcardinal

Gerry is riding solo this week. Laser attacks on personal digital assistants, a review on research showing a correlation between ransomware and increased heart attacks, Google’s Project Nightingale. As always they end with One Cool Thing. Show Notes Resources: Light Commands https://lightcommands.com/ Ransomware Leads to Heart Attacks https://krebsonsecurity.com/2019/11/study-ransomware-data-breaches-at-hospitals-tied-to-uptick-in-fatal-heart-attacks/ Google Project Nightingale https://www.wsj.com/articles/behind-googles-project-nightingale-a-health-data-gold-mine-of-50-million-patients-11573571867 EyeBaller AI https://github.com/BishopFox/eyeballer   One Cool Thing Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steve Cardinal @sgcardinal

Steve is back in studio for a special 100th Infosec ICU episode. The guys discuss an industry state of phishing report, the cover the problem with mHealth, and they revisit their bold cyber predictions for 2019 they made in 2018. As always they end with One Cool Thing. Show Notes Resources: Cofense Phishing Report https://cofense.com/phishing-report-2019/ 2018 Prediction Infosec ICU Episode https://podcast.musc.edu/podcast/infosec/e56-infosecicu/ mHealth https://www.medicalnewstoday.com/articles/322865.php One Cool Thing Couch to 5k http://www.c25k.com/ 14 year old Inventor https://news.slashdot.org/story/19/11/01/2241213/14-year-old-inventor-solves-blind-spots Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Steve Cardinal @sgcardinal

Its the PRIVACY Episode! Gerry and Matt review privacy implications of SRLabs recently released research on using digital assistants as eavesdropping devices. They interview Privacy Officer Kellie Mendoza for her perspective and reflect afterward on the interview. As always they end with One Cool Thing. Show Notes Resources: Digital Assistant Spies https://www.scmagazine.com/home/security-news/iot/malicious-voice-apps-can-turn-alexa-and-google-home-devices-into-spies-say-researchers/ Kellie Mendoza Expert Interview https://education.musc.edu/MUSCApps/FacultyDirectory/Mendoza-Kellie One Cool Thing Man internally brews beer https://arstechnica.com/science/2019/10/man-charged-with-dwi-after-alcohol-fermenting-yeast-in-his-gut-got-him-wasted/  Top 10 Strategic Tech Trends in 2020 https://www.gartner.com/smarterwithgartner/gartner-top-10-strategic-technology-trends-for-2020/  Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Matt Jones (TBD)

Gerry and Matt dig into the proposed federal regulation ‘Mind Your Own Business Act’ and how it could shape privacy. They examine how to build a cybersecurity culture at your organization, and reflect on the recently released Ponemon global report on SMB cybersecurity. As always they end with One Cool Thing. Show Notes Resources: Mind Your Own Business Act https://www.wyden.senate.gov/download/mind-your-own-business-act-of-2019-bill-text How to Build a Rock-Solid Cybersecurity Culture https://www.darkreading.com/edge/theedge/how-to-build-a-rock-solid-cybersecurity-culture/b/d-id/1336109 SMBs Still Struggling https://www.darkreading.com/threat-intelligence/state-of-smb-insecurity-by-the-numbers/d/d-id/1336073 2019 IT Security Employment Salary Survey https://www.esecurityplanet.com/network-security/2019-it-security-employment-outlook.html Small Businesses Backbone of Economy https://www.inc.com/jared-hecht/are-small-businesses-really-the-backbone-of-the-economy.html One Cool Thing Draw.io Quantum Computing Reverses Time http://astronomy.com/news/2019/03/scientists-used-ibms-quantum-computer-to-reverse-time-possibly-breaking-a-law-of-physics Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Matt Jones (TBD)

Gerry and Brandon discus various methods for malware analysis, the infosec job market, and multifactor authentication. As always they end with One Cool Thing. Show Notes Resources: Malware Analysis https://app.any.run/ Infosec Job Market https://www.cyberseek.org/heatmap.html Black Hills Information Security – 5 Year Path: Success in Infosec FBI Warning Around MFA https://www.zdnet.com/article/fbi-warns-about-attacks-that-bypass-multi-factor-authentication-mfa/   One Cool Thing Malware Traffic Analysis http://malware-traffic-analysis.net/index.html cyberseek.org https://www.hex-rays.com/products/ida/ https://www.winitor.com/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon interview professional red teamer and penetration test expert Paul Ihme. As always they end with One Cool Thing. Show Notes Resources: Paul Ihme https://www.linkedin.com/in/ihme/ One Cool Thing Security Onion https://github.com/Security-Onion-Solutions/security-onion/wiki/IntroductionToSecurityOnion Wappalyzer https://www.wappalyzer.com/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss trends in malspam, a permanent iOS vulnerability, and a significant webkit exploit campaign. As always they end with One Cool Thing. Show Notes Resources: Malspam Trends https://www.zdnet.com/article/most-malspam-contains-a-malicious-url-these-days-not-file-attachments/ iOS Permenant Vulnerability https://www.healthcareinfosecurity.com/apple-ios-has-permanent-bootrom-vulnerability-a-13159 Webkit Zeroday for Mac and iOS https://arstechnica.com/information-technology/2019/09/webkit-zeroday-exploit-besieges-mac-and-ios-users-with-malvertising-redirects/ One Cool Thing Wu-Tang: An American Saga https://www.youtube.com/watch?v=w37TQZwnjXY Asset Discovery https://rumble.run/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss an absurd amount of public cloud misconfigurations, IoT door locks, and things you can do to be involved with October’s National Cyber Security Awareness. As always they end with One Cool Thing. Show Notes Resources: Public Cloud Misconfigurations https://www.zdnet.com/article/99-percent-of-all-misconfiguration-in-the-public-cloud-go-unreported/ Digital and IoT Physical Security https://threatpost.com/hack-of-high-end-hotel-smart-locks-shows-iot-security-fail/147178/ National Cyber Security Awareness Month https://niccs.us-cert.gov/national-cybersecurity-awareness-month-2019 One Cool Thing BSides Charleston https://bsideschs.ticketbud.com/bsideschs2019 Awesome Threat Detection https://github.com/0x4D31/awesome-threat-detection Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss risk when working through merger and acquisitions and Gerry interviews Cyber Risk Underwriter’s Jeffrey Smith about cyber insurance. As always they end with One Cool Thing. Show Notes Resources: Mergers and Acquisitions Put Your IP at Risk https://www.scmagazine.com/home/opinion/executive-insight/ma-gone-bad-the-brutal-truths-about-insider-threat/ Interview with Cyber Risk Underwriter’s Jeffrey Smith Interview Commentary and Cyber Insurance One Cool Thing Python 2 EOL Canary Tokens https://canarytokens.org Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss Health Industry Cybersecurity Matrix – Information Sharing Organizations (HIC-MISO), ask how insider threats can affect your organization, and mention a NIST initiative for securing PACS systems. As always they end with One Cool Thing. Show Notes Resources: Health Industry Cybersecurity – Matrix of Information Sharing Organizations (HIC-MISO) https://healthsectorcouncil.org/hic-miso/ Insider Threats https://www.ekransystem.com/en/blog/insider-threat-statistics-facts-and-figures Securing PACS https://www.nccoe.nist.gov/projects/use-cases/health-it/pacs One Cool Thing Talos Ghida https://blog.talosintelligence.com/2019/09/ghida.html JPCERT – Logon Tracer https://blogs.jpcert.or.jp/en/2017/11/visualise-event-logs-to-identify-compromised-accounts—logontracer-.html Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Aaron discuss the current state of a HIPAA lawsuit featuring Google and UChicago Medical Center as defendants. They discuss the emerging security concerns surrounding Telehealth and what NIST is doing about it. They wrap up the main show discussing yet another major player in the market apologizing for letting humans hear private recordings. As always they end with One Cool Thing. Show Notes Resources: Google, Medical Center Ask Court to Dismiss Privacy Lawsuit https://www.healthcareinfosecurity.com/google-medical-center-ask-court-to-dismiss-privacy-lawsuit-a-12999 Apple apologizes for humans listening to Siri clips, changes policy https://nakedsecurity.sophos.com/2019/08/30/apple-apologizes-for-humans-listening-to-siri-clips-changes-policy/ National Cybersecurity Center of Excellence (NCCoE) Securing Telehealth Remote Patient Monitoring Ecosystem https://www.federalregister.gov/documents/2019/08/29/2019-18666/national-cybersecurity-center-of-excellence-nccoe-securing-telehealth-remote-patient-monitoring One Cool Thing Tropical TidBits https://www.tropicaltidbits.com/storminfo/ Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss a breach at Massachusetts General Hospital, patient privacy reform around addiction treatment, and how to solve the cyber security problem. As always they end with One Cool Thing. Show Notes Resources: Breach at Massachusetts General Hospital https://www.idigitalhealth.com/news/data-breach-of-10k-at-mgh-puts-study-participants-genetic-info-at-risk Patient Privacy Reform for Addiction Treatment https://healthitsecurity.com/news/hhs-proposes-reform-of-patient-privacy-rules-for-addiction-treatment Solving the Cyber Security Problem https://www.hackread.com/solving-cyber-security-problem-mission-impossible/ One Cool Thing Red Canary’s Atomic Red Team https://github.com/redcanaryco/atomic-red-team Data Science at the Command Line https://www.datascienceatthecommandline.com Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)

Gerry and Brandon discuss the coordinated attack on Texas municipalities, CHISL – a healthcare leadership security certification, and a third-party lawsuit from Delta for inadequate security. As always they end with One Cool Thing. Show Notes Resources: Texas Ransomware https://threatpost.com/coordinated-ransomware-attack-hits-23-texas-government-agencies/147457/ CHISL https://www.healthcareinfosecurity.com/interviews/new-credential-for-healthcare-security-leaders-i-4415 Delta Lawsuit https://www.scmagazine.com/home/security-news/data-breach/delta-sues-ai-vendor-over-2017-breach-exposing-info-on-825k/ One Cool Thing Unit 42 Playbook Viewer https://pan-unit42.github.io/playbook_viewer/?pb=windshift T-Mobile “Scam Likely” #662# https://www.t-mobile.com/news/scamblockparty Contact Email infosecicu@musc.edu Twitter: * Gerry Auger (@Gerald_Auger) * Brandon Stephens (@bstephens418)