Symantec Cyber Security Brief Podcast

Candid Wueest and Dick O’Brien join the Cyber Security Brief from the RSA Conference in San Francisco this week. Both Candid and Dick were presenting at RSA this week – Dick on the topic of targeted ransomware, and Candid on the subject of formjacking. They fill us in on how their presentations went, the other interesting sessions they attended, what the big themes of the conference are this year, and their overall impressions of RSAC 2020.

This week’s Cyber Security Brief is part of our regular Attack Group of the Month series, though this time around it’s more like Tool of the Month, as we take a closer look at Pegasus. Pegasus is a mobile spyware that is owned and sold by Israeli company the NSO Group, which says it is a legitimate tool that it sells exclusively to law enforcement and government agencies. However, there have been many cases where Pegasus appears to have been misused and has been found on the phones of journalists, activists and government critics in some countries. Symantec engineer Alexey Kleymenov has examined Pegasus extensively, and joins Dick O’Brien to discuss the malware and its technical abilities and sophistication.

In this week’s Cyber Security Brief, we discuss the various cyber security concerns facing the healthcare sector. Ransomware attacks are now one of the biggest challenges facing organizations in the healthcare industry, while data breaches also remain a major concern. Meanwhile, developments in medtech and the increased connectivity of hospitals and other healthcare organizations pose new challenges for practitioners and patients. We discuss the main threats facing the sector, and the steps you can take to keep your organization safe.

In this week’s edition of the Cyber Security Brief, Brigid O’Gorman, Candid Wueest and Dick O’Brien discuss the U.S. Department of Defense’s new cyber security framework for its contractors, how easy it was for a performance artist in Germany to cause a fake traffic jam on Google Maps, and the way the coronavirus outbreak is being exploited by cyber scammers. Also this week, Google halves its Chrome patch gap, Microsoft Teams gets knocked offline, and how bugs in Microsoft Azure could have allowed cloud servers to be hacked.

In this week’s Cyber Security Brief, Candid Wueest and Brigid O’Gorman bring you a round-up of the biggest cyber security news stories of the last week. We discuss the Shlayer malware, the publication of exploits for a vulnerability in Windows Remote Desktop Gateway, and how attackers may be able to eavesdrop on your conference calls. Also this week, there were a whole slew of news stories about ransomware, so we discuss some of those as well.

On this week’s Cyber Security Brief, we discuss a timely issue – the importance of patching software vulnerabilities and the necessity for organizations to have good patch management. We decided to cover this topic as it is something that has been much in the news recently: CVE-2020-0601, a vulnerability in Microsoft’s Windows CryptoAPI, that was reported to the software giant by the NSA and was described as “severe” by the security agency, has made many headlines in the last week. Vulnerabilities in software from Citrix, and in Pulse Secure VPN servers, which were first revealed in December and April 2019, respectively, were also in the news in the last week or so. The vulnerabilities in the Pulse VPN servers were patched back in April - but despite this they are suspected of having been exploited in several cyber attacks since then, demonstrating that patches are not always being applied in a timely fashion. We discuss why that might be, and a variety of other issues, in this podcast.

On this week’s Cyber Security Brief, we discuss “living off the land”, where attackers use legitimate tools on your device or network for malicious purposes. Dick O’Brien is joined by Candid Wueest, who wrote a whitepaper on this very topic just before the holidays, to discuss the tools that are most commonly exploited by attackers using living off the land techniques, the prevalence of this kind of activity, and what organizations can do to protect themselves. As well as this, we give an overview of CVE-2020-0601, the vulnerability in the Windows CryptoAPI that was patched by Microsoft on Tuesday.

On this week’s Cyber Security Brief, we decide to take a look at an issue that is very topical at the moment – Iranian cyber espionage activity. Dick O’Brien and Gavin O’Gorman discuss some past campaigns we have seen carried out by Iranian actors, and the kind of cyber capabilities the country has. Threat researcher Gavin gives his opinion on what is likely to happen next when it comes to cyber activity, and if we are likely to see any cyber attacks by Iranian actors targeting U.S. organisations.

This week’s episode of the Cyber Security Brief is the last one of 2019, so we are taking a look back at some of the big stories of the year in the world of infosec. Brigid O’Gorman, Dick O’Brien and Candid Wueest discuss a range of topics, including targeted ransomware, living off the land, supply chain attacks, extortion scams, and formjacking. We are taking a short break for the holidays but will be back in January 2020 with lots more chat about the world of cyber security.

On this week’s Cyber Security Brief, we turn the spotlight onto targeted ransomware – one of the most active threats we observed in 2019. Targeted ransomware has seen huge growth since the start of 2018, with 2019, in particular, seeing a big rise in the number of targeted ransomware families operating. We take a look at the reasons for this growth, outline the activities of some of the most interesting targeted ransomware families that have emerged in 2019, take you through how an attack like this works, and provider some essential tips to help you keep your business safe from targeted ransomware.

On this week’s Cyber Security Brief podcast we are introducing a new feature – Attack Group of the Month. Every month we will bring in one of our expert threat researchers for a deep dive into the history, tactics, and techniques of notable attack groups, and discuss what you should do to keep your company safe from these sophisticated attackers. This week we look at Shamoon, an attack group that first appeared in 2012, causing waves when it wiped the disks on thousands of computers in two companies in Saudi Arabia. Threat researcher Gavin O’Gorman brings us through the history of the group, what makes it so interesting, and why he thinks we haven’t seen the last of Shamoon yet.

On this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these types of scams.

On this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shopping online.

On this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (complicated) way to gain access to people’s Wi-Fi networks via Amazon’s Ring doorbell, a new ruling in the U.S. on whether or not border police are entitled to search your electronic devices when you’re entering the country, and beware of suspicious meeting invites.

On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac.