Symantec Cyber Security Brief Podcasthttp://www.tianbu8.com/podcasts/symantec-cyber-security-brief-podcasten-us2019 © Symantec CorporationSecurity Response TeamYour weekly dose of cyber security news, hosted by threat researchers from Symantec Security ResponseYour weekly dose of cyber security news, hosted by threat researchers from Symantec Security ResponseepisodicAdminsymantecentgsm@gmail.comnofullTortoiseshell APT group, vBulletin zero-day, and Facebook suspends thousands of apps Tortoiseshell APT group, vBulletin zero-day, and Facebook suspends thousands of appsWe’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.We’re back! The Cyber Security Brief returns for season 2. In our first episode, Dick O’Brien is joined by Brigid O’Gorman and Gavin O’Gorman (no relation) to discuss our recent research into Tortoiseshell, an APT group we recently discovered using both custom and off-the-shelf malware to target IT providers in Saudi Arabia in what appear to be supply chain attacks with the end goal of compromising the IT providers’ customers. We also discuss the recently revealed vulnerability in vBulletin, the release of iOS 13, a ransomware attack on a healthcare facility in Wyoming, and Facebook suspending thousands of apps from its platform.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+53+Tortoiseshell+Facebook+vBulletin.mp3Thu, 26 Sep 2019 13:00:00 +000000:23:13no12fullCloud security, telecoms companies compromised, and can someone else access your Nest camera? Cloud security, telecoms companies compromised, and can someone else access your Nest camera?In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at http://www.tianbu8.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel. In this week’s Cyber Security Brief, it’s episode 52, and the last one before we take a short summer break – we will be back with you in August, with more essential stories and trends from the world of cyber security. This week, we discuss the Cloud Security Threat Report that was recently released by Symantec, reports that APT10 compromised the networks of at least 10 telecoms companies, and the unusual circumstances that led to the arrest of a member of the Anonymous Belgium hacking group. Also, how a bug allowed the past owners of Nest cameras to spy on current owners, even after a factory reset. Finally, as the value of Bitcoin surges again, we have two cryptocurrency-related stories as two brothers are arrested in relation to the massive Bitfinex hack that occurred in 2016, and a new coinminer is emulating Linux to target both Windows and Mac systems. Don’t forget, while we are off air, we will still be posting blogs and tweets, so make sure to follow us on Twitter (@ThreatIntel), and to read our blogs at http://www.tianbu8.com/blogs/threat-intelligence and on Medium at https://medium.com/threat-intel. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+52+19-06-27.mp3Thu, 27 Jun 2019 09:50:04 +000000:18:51no521fullWaterbug, “smart” TVs, and BEC scam hits Canadian city Waterbug, “smart” TVs, and BEC scam hits Canadian cityIn this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.In this week’s Cyber Security Brief podcast, we discuss the drama that ensued when Samsung tweeted about scanning their smart TVs for malware, a city in Canada lost CA$500,000 to a BEC scam, and three universities in the U.S. revealed in the same week that they were hit by data breaches. Also, we discuss new research just published by Symantec into the Waterbug/Turla group, and two different Android threats that were in the news this week.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+51+19-06-20.mp3Thu, 20 Jun 2019 11:22:47 +000000:24:26no511fullBug bounties, bad passwords, and Radiohead Bug bounties, bad passwords, and RadioheadOn this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal. On this week’s Cyber Security Brief, it's episode 50! We discuss the EU’s bug bounty program, bad password security practice, and why “secure” websites are becomingly increasingly untrustworthy. We also chat about the start-up that hacked its own customers’ cryptocurrency wallets – in order to safeguard their funds, a further update on the RDP vulnerability we’ve discussed previously, and how the Spanish soccer league La Liga was misusing its mobile app. Finally, the story of how Radiohead called the bluff of a ransomware criminal. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+50+19-06-13.mp3Thu, 13 Jun 2019 10:52:46 +000000:21:39no501fullTwitterbots, ransomware retirements, and email mishaps Twitterbots, ransomware retirements, and email mishapsOn this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.On this week’s Cyber Security Brief, we chat about our report looking into the Internet Research Agency's disinformation campaign targeting the 2016 US presidential election. We also talk about the apparent retirement of the operators behind GandCrab, and red faces in both the New Zealand government and the Dutch Data Protection Authority.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+49+19-06-05.mp3Thu, 06 Jun 2019 13:08:10 +000000:19:07no491fullTube users’ data to be collected, Baltimore ransomware attack continues to cause problems, and the latest on the BlueKeep vulnerability Tube users’ data to be collected, Baltimore ransomware attack continues to cause problems, and the latest on the BlueKeep vulnerabilityOn this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online. On this week’s Cyber Security Brief podcast, Candid Wueest and Dick O’Brien discuss Transport for London’s plans to start collecting data about the customers using its Wi-Fi, and what that might mean for people’s privacy. Also, the ongoing repercussions of the ransomware attack that hit the U.S. city of Baltimore, including revelations about the use of the EternalBlue tool by the attackers, plus an update on activity surrounding the BlueKeep RDP vulnerability that was patched by Microsoft a few weeks ago. Also this week, the teen who appeared in court in Australia charged with hacking Apple, and the latest Bitcoin scams doing the rounds online. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+48+19-05-30.mp3Thu, 30 May 2019 10:26:00 +000000:21:25no481fullBlueKeep bug, ransomware “recovery”, and the dismantling of the GozNym network BlueKeep bug, ransomware “recovery”, and the dismantling of the GozNym networkIn this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.In this week’s Cyber Security Brief podcast, we discuss the government employee who was charged with using his work IT systems to mine cryptocurrency, how Google is scanning your emails to collect information about your purchases, and the proof of concept exploits that have been created for the BlueKeep bug. We also chat about ransomware “recovery” services that are just paying the ransom, the dismantling of the GozNym network, and how Intel CPUs have been impacted by new MDS side-channel attacks.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+47+19-05-23.mp3Thu, 23 May 2019 13:00:00 +000000:21:05no471fullGDPR Special: The Impact of the Regulation One Year On GDPR Special: The Impact of the Regulation One Year OnIn this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.In this week’s Cyber Security Brief podcast, we mark the one-year anniversary of the introduction of the General Data Protection Regulation – more commonly known as GDPR. To mark the introduction of GDPR, Brigid O’Gorman talks to Zoltan Precsenyi, Symantec’s director of GDPR strategy. We discuss the impact of the introduction of GDPR on companies and members of the public, whether or not the regulation is fulfilling its stated purpose, and the new data protection and privacy challenges that are likely to face companies in the future.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+46+GDPR.mp3Wed, 15 May 2019 11:22:11 +000000:25:27no461fullBuckeye’s use of Equation group tools pre Shadow Brokers leak, IoT security, and targeted ransomware Buckeye’s use of Equation group tools pre Shadow Brokers leak, IoT security, and targeted ransomwareOn this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.On this week’s Cyber Security Brief podcast, we discuss our newly-released research into the Buckeye espionage group, and its use of Equation group tools prior to the Shadow Brokers leak. Dick O’Brien is joined by Symantec analyst Sylvester Segura to discuss the findings and to share more details about Symantec’s investigation into this activity. Also this week, we chat about the growing threat of targeted ransomware, and look at what the UK government is planning to do to improve the security of IoT devices.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+45+Buckeye+Equation+Group+Shadow+Brokers.mp3Thu, 09 May 2019 11:22:46 +000000:19:51no451fullBeapy cryptojacking worm, Emotet’s new hiding technique, and set-top box dangers Beapy cryptojacking worm, Emotet’s new hiding technique, and set-top box dangersOn this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.On this week’s Cyber Security Brief podcast, we discuss our recently published research into the Beapy cryptojacking worm, which is using the EternalBlue exploit to spread, and is primarily impacting enterprises in China. We also talk about data breaches, the dangers your set-top box might pose, why some GPS apps need to upgrade their security, and what the Emotet criminals are up to now.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+44+19-05-02.mp3Thu, 02 May 2019 13:22:34 +000000:24:02no441fullInterview: Martijn Grooten, Editor, Virus Bulletin Interview: Martijn Grooten, Editor, Virus BulletinOn this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.On this week’s Cyber Security Brief podcast, we are joined by Martijn Grooten, editor of Virus Bulletin. We discuss Martijn’s career and how he ended up in his role at Virus Bulletin, as well as the threats that need tackling on the current cyber security landscape. We also take a look at the email space, and the way threats there have developed.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+43+19-04-25.mp3Wed, 24 Apr 2019 14:13:33 +000000:19:26no431fullSymantec’s role in Bayrob convictions, Silk Road 2.0 founder jailed, and who’s listening to your Alexa recordings? Symantec’s role in Bayrob convictions, Silk Road 2.0 founder jailed, and who’s listening to your Alexa recordings?On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?On this week’s Cyber Security Brief, we discuss the conviction of two members of the Bayrob gang – and the role Symantec played in their capture and conviction. Also, the founder of Silk Road 2.0 is sentenced to jail time in the UK, the personal data of thousands of law enforcement personnel is reportedly published online by a hacking group, and we discuss the Windows Tiles sub-domain takeover. Finally, when you’re talking to your smart speaker, who hears what you say?Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+42+19-04-18.mp3Thu, 18 Apr 2019 11:18:27 +000000:23:32no421fullHotel booking privacy, dark marketplace selling your digital fingerprint, and Mar-a-Lago intruder update Hotel booking privacy, dark marketplace selling your digital fingerprint, and Mar-a-Lago intruder updateOn this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing customers into surrendering an excessive amount of personal information, and the discovery of a dark marketplace called Genesis that is selling the digital fingerprints of thousands of people.On this week’s Cyber Security Brief podcast, we discuss our new research into the privacy of your hotel booking details, and how we found that two in three hotel websites leak guest booking details and allow access to personal data. We also have an update on the case of the Chinese national who tried to gain access to President Trump’s Mar-a-Lago resort while carrying a malware-laden thumb drive. We also discuss a complaint against audio equipment maker Sonos in the UK alleging it is coercing customers into surrendering an excessive amount of personal information, and the discovery of a dark marketplace called Genesis that is selling the digital fingerprints of thousands of people.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+41+19-04-11.mp3Thu, 11 Apr 2019 13:00:00 +000000:23:22no411fullMalware sneaked onto Trump property, Albany ransomware attack, and Tesla tricked Malware sneaked onto Trump property, Albany ransomware attack, and Tesla trickedOn this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.On this week’s Cyber Security Brief, we discuss the strange story of the Chinese woman who was apprehended after attempting to sneak into President Donald Trump’s Mar-a-Lago resort with a malware-infected thumb drive. We also discuss the researchers who tricked a Tesla, a ransomware attack on the city of Albany, and the latest tricks being used by scammers to get you to click on annoying pop-up ads.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+40+19-04-04.mp3Thu, 04 Apr 2019 11:41:44 +000000:19:54no401fullElfin research, ASUS software supply chain attack, insider threats, and mobile security Elfin research, ASUS software supply chain attack, insider threats, and mobile securityOn this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security. On this week’s Cyber Security Brief podcast, we discuss our new research into the Elfin espionage group, which we have seen targeting multiple organisations in Saudi Arabia and the U.S. We also talk about one of the big stories of the last week – ASUS’ software update system being hijacked to send out malicious updates, as well as discussing the ongoing issue of insider threats, and some new research into how mobile apps could be compromising your privacy and online security. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+39+19-03-28.mp3Thu, 28 Mar 2019 14:00:00 +000000:22:44no391fullInterview: Neil Jenkins, Chief Analytic Officer, Cyber Threat Alliance Interview: Neil Jenkins, Chief Analytic Officer, Cyber Threat AllianceIn today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.In today’s Cyber Security Brief, Dick O’Brien is joined by Neil Jenkins, the Chief Analytic Officer at the Cyber Threat Alliance (CTA). The CTA brings together various vendors in the cyber security community to help them better protect their customers and the public at large. Neil tells Dick about the aims of the CTA, its achievements and challenges so far, and the alliance’s plans for the future.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+38+19-03-21.mp3Thu, 21 Mar 2019 12:59:42 +000000:24:16no381fullHighlights from RSA Conference 2019 Highlights from RSA Conference 2019In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes. In this week's Cyber Security Brief, we chat about some of the highlights from this year's RSA conference including zero trust security, tackling fake news, the impending 5G network, IoT security, and a Symantec demonstration showing how much damage attackers can carry out in under seven minutes. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+37+19-03-14.mp3Thu, 14 Mar 2019 14:58:53 +000000:31:58no371fullISTR Special: Enterprise ISTR Special: EnterpriseThis week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.This week’s Cyber Security Brief is the second of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman, and Candid Wueest discuss some of the events and trends that affected enterprises the most in 2018.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+36+19-03-07.mp3Thu, 07 Mar 2019 14:43:50 +000000:28:19no361fullISTR Special: Consumers ISTR Special: ConsumersThis week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most. This week’s Cyber Security Brief is the first of two special episodes delving into the findings of Symantec’s Internet Security Threat Report (ISTR). The ISTR uses Symantec’s broad intelligence sources, researchers and analysts to bring you an insight into the key events and trends of 12 months in cyber security. In this episode, Dick O’Brien, Brigid O’Gorman and Candid Wueest take a look at the 2018 events and trends that hit consumers the most. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+35+19-02-28.mp3Thu, 28 Feb 2019 13:45:00 +000000:33:38no351fullGoogle backtracks, Apple gets sued, and Australia a victim of state-sponsored cyber attack Google backtracks, Apple gets sued, and Australia a victim of state-sponsored cyber attackIn this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, and the “sophisticated state actor” reportedly responsible for cyber attacks targeting Australia’s parliament and a number of its political parties. And also, two UK soaps team up for a cyber security special… In this week’s Cyber Security Brief podcast, we recap Google’s decision to backtrack on proposed changes to its Chrome web browser that would have rendered many ad blocking extensions inoperable. We also discuss the two security issues that were recently addressed by Facebook, including one that could have allowed accounts to be taken over. We also chat about another batch of online accounts that have been put up for sale on the dark web, the man who is suing Apple because he doesn’t like 2FA, and the “sophisticated state actor” reportedly responsible for cyber attacks targeting Australia’s parliament and a number of its political parties. And also, two UK soaps team up for a cyber security special… Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+34+19-02-21.mp3Thu, 21 Feb 2019 12:38:46 +000000:23:22no341fullStolen data for sale, Mac malware, and container vulnerabilities Stolen data for sale, Mac malware, and container vulnerabilitiesIn this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.In this week’s Cyber Security Brief, we chat about a slew of stolen online account data found for sale on the dark web, malware targeting Macs, and container vulnerabilities. Also this week, we look at a Wi-Fi connected USB cable that can allow for remote attacks on targeted computers.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+33+19-02-14.mp3Thu, 14 Feb 2019 11:27:07 +000000:21:38no331fullInsecure IoT devices, password breach checks, and misleading phone apps Insecure IoT devices, password breach checks, and misleading phone appsIn this week’s Cyber Security Brief, we discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.In this week’s Cyber Security Brief, we discuss a bad week for cryptocurrencies, the new Google Chrome extension that will let you know if your password has been breached, why parents should be wary of kids’ smartwatches, and why we all should be wary of phone apps that promise to make you look beautiful. Plus, we chat about the experience of one Illinois family who felt the heat after their suite of Nest devices was hacked.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+32+19-02-07.mp3Thu, 07 Feb 2019 14:00:00 +000000:24:56no321fullJapan to hack civilians’ IoT devices, Apple Facetime bug, and an evolution in BEC scams Japan to hack civilians’ IoT devices, Apple Facetime bug, and an evolution in BEC scamsIn this week’s Symantec Cyber Security Brief we discuss authorities' pursuit of Webstresser users, Japan allowing officials to hack civilians’ IoT devices in an attempt to improve security, and the much-discussed Apple Facetime bug. We also chat about the Razy malware attempting to steal cryptocurrencies, an evolution of business email compromise (BEC) scams, and a bizarre sting operation targeting the Citizen Lab internet watchdog group.In this week’s Symantec Cyber Security Brief we discuss authorities' pursuit of Webstresser users, Japan allowing officials to hack civilians’ IoT devices in an attempt to improve security, and the much-discussed Apple Facetime bug. We also chat about the Razy malware attempting to steal cryptocurrencies, an evolution of business email compromise (BEC) scams, and a bizarre sting operation targeting the Citizen Lab internet watchdog group.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+31+19-01-30.mp3Thu, 31 Jan 2019 13:59:53 +000000:25:17no311fullAttacks on financial institutions in Africa, dodgy free mobile VPN apps, and Facebook shutters multiple “inauthentic” accounts Attacks on financial institutions in Africa, dodgy free mobile VPN apps, and Facebook shutters multiple “inauthentic” accountsOn this week’s Cyber Security Brief podcast, Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform. On this week’s Cyber Security Brief podcast, Symantec threat researcher Stephen Doherty joins us to discuss our recently published research into a wave of attacks against financial institutions in West Africa. We also discuss some new research that found that many free mobile VPNs could actually compromise people’s privacy, a hitman who was convicted thanks to evidence found on his smartwatch, and an embarrassing compromise of the ATLAS MMO game. Also this week, Russia is back in the headlines again, with the DNC revealing it was targeted once again by a spear-phishing campaign originating in Russia in November last, while Facebook also removed a number of “inauthentic” accounts that it says were based in Russia and involved in spreading misinformation on the social media platform. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+30+19-01-24.mp3Thu, 24 Jan 2019 14:00:00 +000000:22:49no301fullUkrainians indicted, cash for Tesla hacks, and cryptocurrency exchanges breached Ukrainians indicted, cash for Tesla hacks, and cryptocurrency exchanges breachedIn this week’s Cyber Security Brief, we discuss the indictment of two Ukrainian nationals for their role in a conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems. We also chat about the recent controversy about GoDaddy quietly injecting scripts onto websites without the website owners knowing, and recent attacks on cryptocurrency exchanges. We also cover the Pwn2Own contest offering cash prizes for hacks on a Tesla vehicle for the first time, and how credit card scammers are using smartcard technology to their advantage. In this week’s Cyber Security Brief, we discuss the indictment of two Ukrainian nationals for their role in a conspiracy to hack into the Securities and Exchange Commission’s (SEC) computer systems. We also chat about the recent controversy about GoDaddy quietly injecting scripts onto websites without the website owners knowing, and recent attacks on cryptocurrency exchanges. We also cover the Pwn2Own contest offering cash prizes for hacks on a Tesla vehicle for the first time, and how credit card scammers are using smartcard technology to their advantage. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+29+19-01-17.mp3Thu, 17 Jan 2019 14:00:00 +000000:24:05no291fullGerman data leak, untrustworthy IoT devices, and PewDiePie hackers go quiet German data leak, untrustworthy IoT devices, and PewDiePie hackers go quietWelcome to the first Cyber Security Brief podcast of 2019! On this week’s episode we discuss the fact that most people don’t trust their internet of things devices, but also aren’t that willing to pay extra for improved security. We also chat about the major leak of personal data of high-profile politicians and others in Germany, and developments in the campaign of the hackers taking over printers and Chromecasts to express their support for PewDiePie (and highlight security issues). Finally, we take a look at some research highlighting the fact that facial recognition on smartphones still isn’t foolproof.Welcome to the first Cyber Security Brief podcast of 2019! On this week’s episode we discuss the fact that most people don’t trust their internet of things devices, but also aren’t that willing to pay extra for improved security. We also chat about the major leak of personal data of high-profile politicians and others in Germany, and developments in the campaign of the hackers taking over printers and Chromecasts to express their support for PewDiePie (and highlight security issues). Finally, we take a look at some research highlighting the fact that facial recognition on smartphones still isn’t foolproof.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+28+19-01-10.mp3Thu, 10 Jan 2019 14:00:00 +000000:22:29no281fullWhat Were the Top 5 Cyber Security Stories of 2018? What Were the Top 5 Cyber Security Stories of 2018?In the final Cyber Security Brief podcast of 2018, we take a look back at the year that has gone by in cyber security, and count down the top 5 biggest cyber security stories of 2018. Listen to find out what we thought they were!In the final Cyber Security Brief podcast of 2018, we take a look back at the year that has gone by in cyber security, and count down the top 5 biggest cyber security stories of 2018. Listen to find out what we thought they were!Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-12-20.mp3Thu, 20 Dec 2018 14:58:53 +000030:34no271fullMoney mule arrests, grandparent scams, and new research into the Seedworm group Money mule arrests, grandparent scams, and new research into the Seedworm groupOn this week’s Cyber Security Brief podcast, money is a big theme! We discuss a series of heists on banks in Eastern Europe that sound like something out of a Hollywood movie, a rise in the money lost to so-called “grandparent scams”, a crackdown by cops on money mules operating throughout Europe, and a new twist to the sextortion email scams we have previously discussed on this podcast. Also this week, we chat about new research Symantec has just published into the Seedworm group (aka Muddywater), which has hit more than 130 victims in 30 organisations since September 2018.On this week’s Cyber Security Brief podcast, money is a big theme! We discuss a series of heists on banks in Eastern Europe that sound like something out of a Hollywood movie, a rise in the money lost to so-called “grandparent scams”, a crackdown by cops on money mules operating throughout Europe, and a new twist to the sextortion email scams we have previously discussed on this podcast. Also this week, we chat about new research Symantec has just published into the Seedworm group (aka Muddywater), which has hit more than 130 victims in 30 organisations since September 2018.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+26+18-12-12.mp3Thu, 13 Dec 2018 13:31:26 +000000:24:41no261fullSamSam developments, an AI gaffe, and some massive data breaches SamSam developments, an AI gaffe, and some massive data breachesSymantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+25+18-12-06.mp3Thu, 06 Dec 2018 14:00:00 +000000:24:38no251fullOperation Eversion, Magecart, and the UK parliament takes on Facebook Operation Eversion, Magecart, and the UK parliament takes on FacebookOn this week’s Cyber Security Brief, we discuss Symantec’s role in an FBI takedown of ad-fraud infrastructure dubbed Operation Eversion. We also discuss the latest developments in the Facebook/Cambridge Analytica scandal, as well as the most recent activity from Magecart. Also, the dangers of most phishing sites having the padlock sign beside their address, and the curious incident of a security researcher who responsibly reported a vulnerability but was still subsequently reported to the police.On this week’s Cyber Security Brief, we discuss Symantec’s role in an FBI takedown of ad-fraud infrastructure dubbed Operation Eversion. We also discuss the latest developments in the Facebook/Cambridge Analytica scandal, as well as the most recent activity from Magecart. Also, the dangers of most phishing sites having the padlock sign beside their address, and the curious incident of a security researcher who responsibly reported a vulnerability but was still subsequently reported to the police.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+24+18-11-29.mp3Thu, 29 Nov 2018 14:00:00 +000000:21:28no241fullSpecial Report: Conficker’s 10th anniversary Special Report: Conficker’s 10th anniversaryOn this week’s episode of the Cyber Security Brief, Brigid O Gorman is joined by Candid Wueest to discuss the infamous Conficker worm, which marks its 10th anniversary this week. This worm first appeared on November 21, 2008, and despite the many changes that have occurred in the cyber security landscape since then we still see hundreds and thousands of detections of Conficker in the wild today. As well as Conficker, we also discuss some of the other old threats that are still around today – and speculate as to whether any of today’s threats are likely to have similar longevity.On this week’s episode of the Cyber Security Brief, Brigid O Gorman is joined by Candid Wueest to discuss the infamous Conficker worm, which marks its 10th anniversary this week. This worm first appeared on November 21, 2008, and despite the many changes that have occurred in the cyber security landscape since then we still see hundreds and thousands of detections of Conficker in the wild today. As well as Conficker, we also discuss some of the other old threats that are still around today – and speculate as to whether any of today’s threats are likely to have similar longevity.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+23+18-11-22.mp3Thu, 22 Nov 2018 14:00:00 +000000:35:31no231fullFormjacking, lots of vulnerabilities get patched, and a BEC scam costs a cinema company millions Formjacking, lots of vulnerabilities get patched, and a BEC scam costs a cinema company millionsIn this week’s Cyber Security Brief podcast, Dick O’Brien, Candid Wueest and Brigid O Gorman discuss new research into formjacking and the Megecart group; a subsidiary of French movie chain Pathe loses more than $20 million in a Business Email Compromise (BEC) scam, and a whole slew of vulnerabilities get patched.In this week’s Cyber Security Brief podcast, Dick O’Brien, Candid Wueest and Brigid O Gorman discuss new research into formjacking and the Megecart group; a subsidiary of French movie chain Pathe loses more than $20 million in a Business Email Compromise (BEC) scam, and a whole slew of vulnerabilities get patched.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+22+18-11-15.mp3Thu, 15 Nov 2018 14:00:00 +000000:22:16no221fullLazarus ATM attacks, Inception Framework uses new backdoor, and small businesses’ cyber risk Lazarus ATM attacks, Inception Framework uses new backdoor, and small businesses’ cyber riskIn this week’s Cyber Security Brief podcast we discuss the FASTCash attacks, in which the Lazarus group has been emptying ATMs, and highlight the research we have published into this activity. We also discuss a new report highlighting small businesses’ cyber risk, the Inception Framework using a new backdoor, and a vulnerability in a building management software.In this week’s Cyber Security Brief podcast we discuss the FASTCash attacks, in which the Lazarus group has been emptying ATMs, and highlight the research we have published into this activity. We also discuss a new report highlighting small businesses’ cyber risk, the Inception Framework using a new backdoor, and a vulnerability in a building management software.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+21+18-11-08.mp3Thu, 08 Nov 2018 14:14:40 +000000:22:52no211fullSamSam ransomware, Midterms 2018, new Emotet activity, and Docker APIs exploited for cryptojacking SamSam ransomware, Midterms 2018, new Emotet activity, and Docker APIs exploited for cryptojackingIn this week’s Cyber Security Brief podcast we discuss our newly-published research into the SamSam ransomware, exposed Docker APIs being used for cryptojacking, and some new activity from the Emotet botnet. With the midterm elections in the U.S. fast approaching we also take a look at some of the election security stories that have come up in the last week. Finally, we discuss a cautionary tale underlining why you shouldn’t use your work laptop to visit “adult” websites.In this week’s Cyber Security Brief podcast we discuss our newly-published research into the SamSam ransomware, exposed Docker APIs being used for cryptojacking, and some new activity from the Emotet botnet. With the midterm elections in the U.S. fast approaching we also take a look at some of the election security stories that have come up in the last week. Finally, we discuss a cautionary tale underlining why you shouldn’t use your work laptop to visit “adult” websites.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+20+18-11-01.mp3Thu, 01 Nov 2018 14:00:00 +000000:26:29no201fullSuper Micro spy chip story contradictions, Russian woman indicted in U.S. for conspiring to interfere in U.S. elections, and Twitter tackles disinformation campaigns Super Micro spy chip story contradictions, Russian woman indicted in U.S. for conspiring to interfere in U.S. elections, and Twitter tackles disinformation campaignsIn this week’s Cyber Security Brief podcast, we discuss the claims and counter claims related to the Bloomberg Businessweek story published at the start of October that alleged Chinese spies had infiltrated U.S. companies by implanting secret chips on Super Micro motherboards – a story that has been rebutted by almost all the companies mentioned in it, including Super Micro itself, Apple and Amazon. With calls from those companies now for Bloomberg to retract the story, we discuss this ongoing saga. Also in the last week, a Russian woman was indicted in the U.S. on charges of playing a role in a conspiracy to interfere in the U.S. political system, meanwhile, Twitter released a huge trove of tweets it had identified that were attempting to influence political campaigns in the last couple of years. We consider the significance of that move from the social media giant.In this week’s Cyber Security Brief podcast, we discuss the claims and counter claims related to the Bloomberg Businessweek story published at the start of October that alleged Chinese spies had infiltrated U.S. companies by implanting secret chips on Super Micro motherboards – a story that has been rebutted by almost all the companies mentioned in it, including Super Micro itself, Apple and Amazon. With calls from those companies now for Bloomberg to retract the story, we discuss this ongoing saga. Also in the last week, a Russian woman was indicted in the U.S. on charges of playing a role in a conspiracy to interfere in the U.S. political system, meanwhile, Twitter released a huge trove of tweets it had identified that were attempting to influence political campaigns in the last couple of years. We consider the significance of that move from the social media giant.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+19+18-10-25.mp3Thu, 25 Oct 2018 13:00:00 +000000:19:43no191fullSpecial Report: What is it Really Like to Work in Cyber Security? Special Report: What is it Really Like to Work in Cyber Security?Something a little different this week as we take a behind-the-scenes look at life in Symantec. Dick O’Brien chats to three Symantec engineers working in different parts of the company, and at different stages in their careers, to find out what it is really like to work as an engineer in a cyber security firm. Dick is joined by Symantec engineers Sayali Kulkarni, Conor Murray and Eric Chien to discuss the evolution of their careers in cyber security.Something a little different this week as we take a behind-the-scenes look at life in Symantec. Dick O’Brien chats to three Symantec engineers working in different parts of the company, and at different stages in their careers, to find out what it is really like to work as an engineer in a cyber security firm. Dick is joined by Symantec engineers Sayali Kulkarni, Conor Murray and Eric Chien to discuss the evolution of their careers in cyber security.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+18+18-10-18.mp3Thu, 18 Oct 2018 13:00:00 +000000:30:14no181fullGallmaker research, Navionics breach, and Fitbit data used by cops in murder investigation Gallmaker research, Navionics breach, and Fitbit data used by cops in murder investigationIn this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.In this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+17.mp3Thu, 11 Oct 2018 13:00:00 +000000:22:50no171fullAPT28 activity, cryptojacking research, and Face ID used to access criminal suspect’s phone APT28 activity, cryptojacking research, and Face ID used to access criminal suspect’s phoneIn this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.In this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+16+18-10-04.mp3Thu, 04 Oct 2018 14:00:00 +000000:29:07no161fullFormjacking research, WordPress plugins cause problems, the dangers of plaintext password storage, and the Mojave zero day Formjacking research, WordPress plugins cause problems, the dangers of plaintext password storage, and the Mojave zero dayIn this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.In this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+15.mp3Thu, 27 Sep 2018 13:00:00 +000000:24:54no151fullXbash threat, TripAdvisor fake review clampdown, blockchain casinos targeted, and who is behind DDoS attacks on UK unis? Xbash threat, TripAdvisor fake review clampdown, blockchain casinos targeted, and who is behind DDoS attacks on UK unis?On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+14+18-09-20.mp3Thu, 20 Sep 2018 13:00:00 +000000:29:22no141fullDeep Dive: Symantec Takes on Software Supply Chain Attacks Deep Dive: Symantec Takes on Software Supply Chain AttacksDick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.Dick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+13+Arvind_Haik+18-09-13.mp3Thu, 13 Sep 2018 13:00:00 +000000:25:12no131fullOne billion dollars in Bitcoin on the move, data breaches, Mastercard and Google’s info-sharing deal, and MikroTik developments One billion dollars in Bitcoin on the move, data breaches, Mastercard and Google’s info-sharing deal, and MikroTik developmentsIn this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?In this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+12.mp3Thu, 06 Sep 2018 13:00:00 +000000:27:50no121fullAndromeda botnet, DNC “hack”, a new Windows zero day, and dark web developments Andromeda botnet, DNC “hack”, a new Windows zero day, and dark web developmentsOn this week’s podcast we discuss the DNC “hack” that wasn’t, developments on dark web marketplaces, and the release of a Windows zero day on Twitter. We also discuss the Andromeda botnet, following the release from prison of one of the people accused of being behind it.On this week’s podcast we discuss the DNC “hack” that wasn’t, developments on dark web marketplaces, and the release of a Windows zero day on Twitter. We also discuss the Andromeda botnet, following the release from prison of one of the people accused of being behind it.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Podcast+11.mp3Thu, 30 Aug 2018 13:00:00 +000000:21:42no111fullHow much do your mobile apps really know about you? Is your charging cable safe? And is end-to-end encryption under threat? How much do your mobile apps really know about you? Is your charging cable safe? And is end-to-end encryption under threat?This week, Dick O’Brien is joined by Symantec threat researcher Gillian Cleary, who discusses her recent research into the 100 most popular mobile apps, and how much information they are really gathering about their users. We also discuss an attack dubbed USBHarpoon that turns USB charging cables malicious, and we look at a court case in the U.S. where the government is reportedly attempting to compel Facebook to break the encryption on its Messenger service.This week, Dick O’Brien is joined by Symantec threat researcher Gillian Cleary, who discusses her recent research into the 100 most popular mobile apps, and how much information they are really gathering about their users. We also discuss an attack dubbed USBHarpoon that turns USB charging cables malicious, and we look at a court case in the U.S. where the government is reportedly attempting to compel Facebook to break the encryption on its Messenger service.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-08-22_Podcast.mp3Thu, 23 Aug 2018 13:00:00 +000000:23:14no101fullSpecial Report: Financial Threats Special Report: Financial ThreatsThis week we bring you a special podcast taking an in-depth look at the financial threats cyber crime landscape. Brigid O’Gorman is joined by Symantec threat analysts Stephen Doherty and Eric Chien to discuss the threats facing both banking consumers and banks themselves. We also discuss the Lazarus group’s role in recent high-value attacks targeting financial institutions, and talk about the future of the financial threats landscape.This week we bring you a special podcast taking an in-depth look at the financial threats cyber crime landscape. Brigid O’Gorman is joined by Symantec threat analysts Stephen Doherty and Eric Chien to discuss the threats facing both banking consumers and banks themselves. We also discuss the Lazarus group’s role in recent high-value attacks targeting financial institutions, and talk about the future of the financial threats landscape.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Financial_Threats_Podcast_v3_0.mp3Thu, 16 Aug 2018 13:00:00 +000000:27:24no91full“Security through obscurity”, Snapchat's source code leak, MikroTik coin mining campaign, and Symantec talks machine learning at Black Hat “Security through obscurity”, Snapchat's source code leak, MikroTik coin mining campaign, and Symantec talks machine learning at Black HatIn this week’s cyber security news round-up, we chat about Threat Intel’s Liam O’Murchu’s Black Hat presentation: How To Use Machine Learning to Discover New Targeted Attacks. We also discuss the Snapchat source code leak, the coin mining campaign targeting MikroTik routers, and the concept of “security through obscurity” – adding more bugs to code to make it harder for black hat hackers to figure out which bugs are the exploitable ones.In this week’s cyber security news round-up, we chat about Threat Intel’s Liam O’Murchu’s Black Hat presentation: How To Use Machine Learning to Discover New Targeted Attacks. We also discuss the Snapchat source code leak, the coin mining campaign targeting MikroTik routers, and the concept of “security through obscurity” – adding more bugs to code to make it harder for black hat hackers to figure out which bugs are the exploitable ones.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-08-09_mixdown.mp3Thu, 09 Aug 2018 14:42:30 +000000:26:55no81fullCoin mining in games, SIM hijacking, connected car vulnerabilities, and attacks on the software supply chain within the supply chain Coin mining in games, SIM hijacking, connected car vulnerabilities, and attacks on the software supply chain within the supply chainWelcome to your weekly cyber security news round-up. This week we discuss the simple-seeming game that was exploiting users’ CPU to mine cryptocurrency. We look at the story of prisoners in the U.S. who hacked their prison-issued tablets, and discuss the teen who stole $5 million through SIM hijacking. We also consider some of the issues that can arise when you buy second-hand connected cars and, yet again, we cover another attack on the software supply chain.Welcome to your weekly cyber security news round-up. This week we discuss the simple-seeming game that was exploiting users’ CPU to mine cryptocurrency. We look at the story of prisoners in the U.S. who hacked their prison-issued tablets, and discuss the teen who stole $5 million through SIM hijacking. We also consider some of the issues that can arise when you buy second-hand connected cars and, yet again, we cover another attack on the software supply chain.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-08-02_mixdown.mp3Thu, 02 Aug 2018 13:00:00 +000000:30:58no71fullLeafminer research, data breaches, credential stuffing, and IoT security fails Leafminer research, data breaches, credential stuffing, and IoT security failsIn this week’s round-up of all things cyber security we discuss newly-released research from Symantec detailing the activity of Leafminer, a threat actor carrying out campaigns that target organisations in the Middle East. We also discuss the continuing problem of data breaches, and how these can facilitate credential stuffing attacks by cyber criminals. The Internet of things (IoT), and the security failures that often occur in that space, is also up for discussion. In this week’s round-up of all things cyber security we discuss newly-released research from Symantec detailing the activity of Leafminer, a threat actor carrying out campaigns that target organisations in the Middle East. We also discuss the continuing problem of data breaches, and how these can facilitate credential stuffing attacks by cyber criminals. The Internet of things (IoT), and the security failures that often occur in that space, is also up for discussion. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-07-26.mp3Thu, 26 Jul 2018 13:00:00 +000000:27:39no61fullPowershell risks, extortion scams that threaten embarrassment, Twitter clamps down on dodgy accounts, and the financial impact of data breaches Powershell risks, extortion scams that threaten embarrassment, Twitter clamps down on dodgy accounts, and the financial impact of data breachesThis week we look back at the week that was in cyber security. Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the latest research Symantec has just published about how Powershell is being leveraged by malicious actors. We also discuss extortion scams where people are tricked into transferring money to scammers who claim they have video of them visiting adult websites, how Twitter is trying to clean up its platform, and the financial cost of data breaches for business. This week we look back at the week that was in cyber security. Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the latest research Symantec has just published about how Powershell is being leveraged by malicious actors. We also discuss extortion scams where people are tricked into transferring money to scammers who claim they have video of them visiting adult websites, how Twitter is trying to clean up its platform, and the financial cost of data breaches for business. Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+18-07-18.mp3Thu, 19 Jul 2018 13:34:53 +000000:31:29no51fullSpecial Report: Software Update Supply Chain Attacks Special Report: Software Update Supply Chain AttacksIn this week’s podcast, we discuss software supply chain attacks, a subject we wrote about in this year’s ISTR. Software supply chain attacks increased by 200 percent between 2016 and 2017, with at least one attack every month in 2017. Dick O’Brien is joined by Symantec threat researchers Candid Wueest and Gavin O’Gorman to discuss this surge in attacks, and also to talk about two high-profile examples of these kind of attacks: the Petya/NotPetya and CCleaner attacks.In this week’s podcast, we discuss software supply chain attacks, a subject we wrote about in this year’s ISTR. Software supply chain attacks increased by 200 percent between 2016 and 2017, with at least one attack every month in 2017. Dick O’Brien is joined by Symantec threat researchers Candid Wueest and Gavin O’Gorman to discuss this surge in attacks, and also to talk about two high-profile examples of these kind of attacks: the Petya/NotPetya and CCleaner attacks.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/supply_chain_podcast.mp3Thu, 12 Jul 2018 13:30:00 +000000:28:58no41fullMid-year review: Some of the biggest stories of 2018 so far, including VPNFilter, Orangeworm, and Meltdown and Spectre Mid-year review: Some of the biggest stories of 2018 so far, including VPNFilter, Orangeworm, and Meltdown and SpectreIn this week’s podcast we take a look back at the first six months of the year, and review some of the biggest cyber security stories. We discuss VPNFilter, a router malware that, unusually, is able to survive the router being rebooted, as well as highlighting the tool that Symantec has released to tell users whether or not their router is infected with VPNFilter. We also look back at investigations into the Orangeworm and Inception Framework attack groups, as well as reviewing the impact of the Meltdown and Spectre bugs. Finally we look to the world of IoT and discuss smart locks, and if they’re really as smart as they claim to be…In this week’s podcast we take a look back at the first six months of the year, and review some of the biggest cyber security stories. We discuss VPNFilter, a router malware that, unusually, is able to survive the router being rebooted, as well as highlighting the tool that Symantec has released to tell users whether or not their router is infected with VPNFilter. We also look back at investigations into the Orangeworm and Inception Framework attack groups, as well as reviewing the impact of the Meltdown and Spectre bugs. Finally we look to the world of IoT and discuss smart locks, and if they’re really as smart as they claim to be…Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Half+Year+Roundup+2018_mixdown.mp3Thu, 05 Jul 2018 11:19:12 +000000:33:07no31fullTicketmaster breach, insider attacks, the issue of legacy systems in businesses, and is encrypted ransomware a new trend? Ticketmaster breach, insider attacks, the issue of legacy systems in businesses, and is encrypted ransomware a new trend?In this week’s essential cyber security news round-up, we discuss the recent data breach at Ticketmaster, and also look at encrypted ransomware and wonder whether it's set to become a new trend. Also, after news broke last week that an employee at Tesla had been caught changing code and passing sensitive company information to third parties, we discuss the dangers of insider threats for business, and we also look at the reasons why, in a recent survey, almost 90 percent of UK businesses admitted to running legacy systems in order to keep data accessible.In this week’s essential cyber security news round-up, we discuss the recent data breach at Ticketmaster, and also look at encrypted ransomware and wonder whether it's set to become a new trend. Also, after news broke last week that an employee at Tesla had been caught changing code and passing sensitive company information to third parties, we discuss the dangers of insider threats for business, and we also look at the reasons why, in a recent survey, almost 90 percent of UK businesses admitted to running legacy systems in order to keep data accessible.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+roundup+18-06-28.mp3Thu, 28 Jun 2018 16:35:54 +000000:19:17no21fullNew Symantec research on the Thrip cyber espionage group, BEC scammers, and coinminers in court in Japan New Symantec research on the Thrip cyber espionage group, BEC scammers, and coinminers in court in JapanWe discuss a major law enforcement operation against Business Email Compromise (BEC) scammers, an interesting court case in Japan regarding the legality of browser-based coinmining, and we also talk to Jon Di Maggio, the Symantec investigator responsible for our latest research into the cyber espionage group Thrip.We discuss a major law enforcement operation against Business Email Compromise (BEC) scammers, an interesting court case in Japan regarding the legality of browser-based coinmining, and we also talk to Jon Di Maggio, the Symantec investigator responsible for our latest research into the cyber espionage group Thrip.Symantec Podcasts]]>http://www.tianbu8.com/podcasts/assets/audio/Weekly+Roundup+June+20%2C+2018.mp3Thu, 21 Jun 2018 15:29:56 +000027:57no11 茄子视频官网