The 443 - Security Simplified

Its getting to be the end of the year which means its time to take a look back at WatchGuard Threat Lab's 2021 security predictions and give ourselves a grading on how well we did! On this episode, we'll go through our 8 predictions for 2021, recap the trends that fueled them, and discuss either the events that occurred or failed to come true.

This week on the podcast we discuss how a recent CISA alert on specific threat actor activity tipped off a separate adversary, leading to a new wave of attacks against vulnerable systems across multiple industries. We also cover the latest US and international law enforcement crackdowns on ransomware operators as well as a breakthrough on video game console hacking.  

On this week's episode of the podcast, we cover a newly discovered method for hiding malicious source code in plain sight, CISA's new Known Exploited Vulnerabilities Catalog, and action from the US Department of Commerce on the Pegasus spyware manufacturer NSO Group.

This week on the podcast, we cover a heist of over $130 million worth of cryptocurrency from a distributed financial (DeFi) organization and have an in depth discussion on why cryptocurrency-related platforms continue to suffer substantial breaches. Before that though, we cover an apparent ransomware attack against the National Rifle Association and an FBI raid on a popular payment card platform.

This week on the podcast, we cover the latest news on REvil, the ransomware-as-a-service organization responsible for the Kaseya attack earlier this year among many others. After that, we cover an update from the US Commerce Department on new export rules around selling hacking tools outside of the United States, nearly 6 years after the initial proposal caused a firestorm in the security community. Finally, we cover the latest research from Google's Threat Analysis Group, this time on a cookie theft hacking gang targeting YouTube streamers around the world.

This week on the podcast we cover VirusTotal's first ever global ransomware report which analyzes ransomware trends over the last year from the unique position of the world's largest malware intelligence platform. Before that though, we cover another APT group with a ridiculous name found exploiting a zero-day vulnerability in Windows.

This week on the podcast we discuss a breach that lasted over 5 years involving a company responsible for routing SMS messages for 95 of the top 100 mobile carriers in the world. Before that though, we'll cover the recent Facebook downtime incident as well as the seemingly total compromise of the video game streaming platform Twitch.

This week on the podcast we cover the latest quarterly Internet Security Report from the WatchGuard Threat Lab. We'll go over the latest attack trends and key findings from Q2 2021 as well as defensive tips for keeping your systems safe from the latest threat landscape.

This week on the podcast we discuss the recently disclosed identify of the"Trusted Third Party" that Kaseya acquired the REvil ransomware master decryption key from, as well as the morals around a decision to hold on to the decryption key for multiple weeks before handing it off to Kaseya. We then cover a new APT discovered by researchers at ESET and the latest CISA alert on ransomware activity.

This week on the podcast we discuss the recently patched zero-click vulnerability in iOS, macOS and WatchOS that researchers at TheCitizen Lab discovered while investigating NSO Group's Pegasus spyware. After that, we cover a vulnerability in the OMI Agent that comes automatically installed on all Azure Linux virtual machines. We finish by covering Microsoft's latest efforts to kill passwords for good.

This week on the podcast we discuss the first update to the OWASP Top 10 since 2017. OWASP servers as an excellent resource for improving web application security so we're excited to run through the latest refresh of their top security weaknesses. We also discuss phishing attacks that abuse Internationalized Domain Names (IDNs) in emails and a critical vulnerability in Microsoft Office.

This week on the podcast we cover ProxyWare, a form of malware that monetizes your internet access for the benefit of the attacker. After that, we discuss ChaosDB, a vulnerability that could have enabled any Azure user to gain full access to any other user's CosmosDB instance. Finally, we end with a discussion of location tracking vulnerabilities and how a few popular dating apps have tackled them.

This week on the podcast we dig back in the archives to 2019 where we discussed how web servers manage to track users across sites using browser fingerprinting methods. Even though some improvements like removing third-party cookies have been made to limit tracking, plenty of additional fingerprinting options still remain.

This week on the podcast we cover one of the largest cryptocurrency heists in history, with a surprising twist of an ending! Before that we'll chat about the latest T-Mobile data breach and what we can learn about protecting user identity. We end the episode with a discussion about one of the latest episodes of Last Week Tonight with John Oliver, watchable here https://www.youtube.com/watch?v=WqD-ATqw3js, where he talked about the ongoing ransomware pandemic.

This week on the podcast we chat about a few of our favorite presentations from the 2021 edition of the DEF CON security conference out of Las Vegas. If haven't checked them out yourself, visit the DEF CON YouTube channel or media.defcon.org to view this year's and all previous year's content.