Episodes
-
This month we welcome guest Tom Tovar, CEO and Co-Creator of our sponsor Appdome to chat about this month’s biggest cyber headlines with our panelists Marco Estrela, Patrick Naoum, Bill Strub and Jason Williams.
To learn more about Appdome's consumer survey on mobile security mentioned in this episode visit: https://www.appdome.com/mobile-consumer-cyber-security-survey-2024/
Hot Topics:
Topic 1: Jason
Article title: 5 BCDR Oversights That Leave You Exposed to Ransomware
Source: https://thehackernews.com/2024/11/5-bcdr-oversights-that-leave-you-exposed-to-ransomware.html
Topic 2: Tom
Article title: FTC Announces Crackdown on Deceptive AI Claims and Schemes
Source: https://www.ftc.gov/news-events/news/press-releases/2024/09/ftc-announces-crackdown-deceptive-ai-claims-schemes
Topic 3: Patrick
Article title: November 2024 Patch Tuesday: Four Critical and Three Zero-Days Among 158 Vulnerabilities Patched
Source: https://www.crowdstrike.com/en-us/blog/patch-tuesday-analysis-november-2024/?srsltid=AfmBOoq9S5iR8ldC-N4ax9j6Unz_18KPZZAuzULZHlnG8iqQt6YiuZAU
Topic 4: Bill
Article title: Rethinking Cybersecurity From Cost Center To Value Driver
Source: https://www.forbes.com/councils/forbesfinancecouncil/2024/11/18/rethinking-cybersecurity-from-cost-center-to-value-driver/
Topic 5: Jason
Article title: New Google Pixel AI feature analyzes phone conversations for scams
Source: https://www.bleepingcomputer.com/news/google/new-google-pixel-ai-feature-analyzes-phone-conversations-for-scams/
Topic 6: Patrick
Article title: Autonomous Discovery of Critical Zero-Days
Source: https://zeropath.com/blog/0day-discoveries
-
This month we're joined by Mike Melo, CISO of Ontario’s Life Labs, for a Q&A about his CISO role, what keeps him up at night and the pitfalls of trying to achieve cyber-resilience. If you’re interested in having a sneak peek into the daily life of a CISO, you won’t want to miss this interview.
Hot Topics segment includes: Utilities getting attacked (again!), is quantum computing threatening Bitcoin, vulnerable API headaches and we will see if collaboration is achievable in the face of rising cyberthreats.
Sources:
Topic 1: Jason #1
Article title: Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually
Source: https://thehackernews.com/2024/10/vulnerable-apis-and-bot-attacks-costing.html
Topic 2: Bill #1
Article title: America's largest water utility hit by cyberattack at time of rising threats against U.S. infrastructure
Source: https://www.cnbc.com/amp/2024/10/08/american-water-largest-us-water-utility-cyberattack.html
Topic 3: Jason #2
Article title: Chinese researchers crack military-grade encryption: is bitcoin safe?
Source: https://cybernews.com/crypto/quantum-crack-military-grade-encryption-bitcoin-danger/
Topic 4: Bill #2
Article title: Escalating Cyber Threats Demand Stronger Global Defense and Cooperation
Source: https://blogs.microsoft.com/on-the-issues/2024/10/15/escalating-cyber-threats-demand-stronger-global-defense-and-cooperation/
-
Episodes manquant?
-
This month we welcome guest and sponsor Lisa Jones-Huff of Elastic to chat about this month’s biggest cyber headlines with our panelists Marco Estrela, Patrick Naoum, Bill Strub and Jason Williams.
Hot Topics:
Topic 1: Jason
Article title: Microsoft summit plots end of kernel access for EDR security clients
Source: https://www.csoonline.com/article/3523753/microsoft-summit-plots-end-of-kernel-access-for-edr-security-clients.html
Topic 2: Patrick
Article title: Mastercard acquires Recorded Future: How will threat intelligence transform the payments industry?
Source: https://www.csoonline.com/article/3518765/mastercard-acquires-recorded-future-how-will-threat-intelligence-transform-the-payments-industry.html
Topic 3: Bill
Article title: TfL directs 30,000 employees to verify identities and reset passwords after data breach
Source: https://www.techmonitor.ai/news/:~:text=Transport%20for%20London%20(TfL)%20has%20directed%20all%20employees,measures%20to%20secure%20the%20organisation%E2%80%99s%20systems%20and%20data.
Topic 4: Lisa
Article title: N/A – Lisa wants to talk about “all the acquisitions and mergers in the SIEM|Analytics space, will the Platform Story drive more organizations to consider consolidating their spending and move away from purchasing best of breed solutions?”
Source: N/A
Extras: 3000 pagers kill several and injuring thousands in Lebanon; Spotlight from Lisa Jones-Huff on how AI is impacting the way cybersecurity analysts do their jobs
-
Back from our summer hiatus, we have a brand new episode of Behind the Shield! This month we’ve brought back one of our favorite special guests, Chris Vincent, to chat about this month’s biggest cyber headlines with our panelists Marco Estrela, Patrick Naoum, Bill Strub and Jason Williams.
Hot Topics: CrowdStrike’s global blue screen of death debacle, splitting the CISO role, Oracle’s NetSuite woes and, the largest password leak of all time?!?
-
The Behind the Shield team is back with the latest in cybersecurity! This month is a Hot Topics only show with panelists Patrick Naoum, Bill Strub, Jason Williams and your host Marco Estrela.
Hot Topics: Fortigates get breached, Do you recall when Recall was recalled?, medical-related ransomware breaking all kinds of records (Recorded Future study), arrests in the Desjardins hack, update on the Snowflake debacle, and another Microsoft flaw causing headaches via WIFI.
Sources:
Topic 1: Jason #1
Article title: Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
Source: https://www.wired.com/story/change-healthcare-22-million-payment-ransomware-spike/?utm_brand=wired&utm_medium=social&utm_source=twitter&utm_social-type=owned&mbid=social_twitter
Topic 2: Patrick #1
Article title: The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
Source: https://www.wired.com/story/snowflake-breach-advanced-auto-parts-lendingtree/
Topic 3: Bill #1
Article title: Recall Recalled: Is AI On Windows 11 Already Doomed?
Source: https://www.forbes.com/sites/barrycollins/2024/06/14/recall-recalled-is-ai-on-windows-11-already-doomed/
Topic 4: Jason #2
Article title: Chinese hackers breached 20,000 FortiGate systems worldwide
Source: https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/
Topic 5: Bill #2
Article title: Urgent Windows security flaw lets hackers infect your PC over Wi-Fi — update right now
Source: https://www.tomsguide.com/computing/malware-adware/urgent-windows-security-flaw-lets-hackers-infect-your-pc-over-wi-fi-update-right-now
Topic 6: Marco #1
Article title: 5 arrested and 3 on the run in Desjardins hack case
Source: https://ici.radio-canada.ca/nouvelle/2080454/principal-suspect-vol-desjardins-arrete
-
Expert panelists and host Marco Estrela bring you behind our shield to discuss current cybersecurity topics ripped from the headlines.
This episode's Hot Topics include: Do bounties for ransomware work? Black Basta, wreaking havoc again! Google accidentally wiping out a huge account and APT28 cybercrime group updates. Stay tuned to the end of this episode for some bonus insights from some of the biggest cyber conferences including RSA 2024, IBM think and, ITSec.
Sources:
Topic 1: Patrick #1
Article title: 10M$ Bounty
Source: https://www.clubic.com/actualite-525003-les-etats-unis-mettent-la-tete-de-4-hackers-iraniens-a-prix-avec-a-la-cle-10-millions-de-dollars-de-recompense.html
Topic 2: Jason #1
Article title: Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Source: https://thehackernews.com/2024/05/black-basta-ransomware-strikes-500.html
Topic 3: Patrick #2
Article title: Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’
Source: https://amp-theguardian-com.cdn.ampproject.org/c/s/amp.theguardian.com/australia-news/article/2024/may/09/unisuper-google-cloud-issue-account-access
Topic 4: Jason #2
Article title: Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Source: https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html
-
Behind the Shield host Marco Estrela and panelists Patrick Naoum and Jason Williams are joined by Bruno Germain of this episode's sponsor: Zscaler.
This episode's hot topics include:
Sources:
Topic 1: Jason
Article title: Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Source: https://thehackernews.com/2024/04/hackers-deploy-python-backdoor-in-palo.html
Topic 2: Patrick
Article title: Email scam drained $814,000 from Just for Laughs' coffers: report
Source: https://montrealgazette.com/news/local-news/email-scam-drained-814000-from-just-for-laughs-coffers-report#:~:text=The%20Montreal%20company%20that%20operates,it%20seeks%20to%20avoid%20bankruptcy
Topic 3: Jason
Article title: Roku cyberattack impacts 576,000 accounts
Source: https://cybernews.com/news/roku-cyberattack-impacts-576000-accounts/
Zscaler spotlight: Bruno (and panelists) discuss the topic: “SDXCentral reports: “SASE is future, ZT is past, but SSE is right now”; The many ways this is wrong!”
-
Expert panelists (including our new panelist Jason Williams) and host Marco Estrela bring you behind our shield to discuss current cybersecurity topics ripped from the headlines.
This episode's all Hot Topics format includes: The Volt Typhoon announcement, Cyberattack on US healthcare payment system, SEC Cybersecurity Disclosure coming into effect, Lessons from the Microsoft's Password Spray Hack, and Why Companies Are Bringing Data In-House.
Sources:
Topic 1: Patrick #1
Article title: CISA and GOV Volt Typhoon announcement
Source: https://www.cisa.gov/sites/default/files/2024-03/Fact-Sheet-PRC-State-Sponsored-Cyber-Activity-Actions-for-Critical-Infrastructure-Leaders-508c.pdf
Topic 2: Bill #1
Article title: Cyberattack paralyzes largest US healthcare payment system
Source: https://www.nytimes.com/2024/03/05/health/cyberattack-healthcare-cash.html
Topic 3: Jason #1
Article title: Cybersecurity Disclosure by the SEC coming into effect
Source: https://www.sec.gov/news/statement/gerding-cybersecurity-disclosure-20231214
Topic 4: Bill #2
Article title: Key Lesson from Microsoft's Password Spray Hack: Secure Every Account
Source: https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html
Topic 5: Jason #2
Article title: The Rise Of Cloud Repatriation: Why Companies Are Bringing Data In-House
Source: https://www.forbes.com/sites/forbestechcouncil/2023/04/18/the-rise-of-cloud-repatriation-why-companies-are-bringing-data-in-house/?sh=3af3d57358f7
-
Expert panelists, including our guest Matt Konwiser from this month's sponsor IBM Security, and host Marco Estrela discuss current cybersecurity topics ripped from the headlines.
This episode's Hot Topics include: Open AI’s concerns about #GenAI, the data security of AI boy/girlfriends, Matt’s take on the #AppleProVision, and LockBit’s recent bust by the UK government.
If you want to talk to us about our 24/7 SOC, powered by IBM Security’s QRadar, you can reach us at 1-800-401-TECH or virtualguardian.com.
Sources:
Topic 1: Bill
Article title: Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
Source: https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html
Topic 2: Patrick
Article title: “AI girlfriends” are a privacy nightmare
Source: https://www.wired.com/story/ai-girlfriends-privacy-nightmare/
Topic 3: Bill
Article title: Lockbit cybercrime gang faces global takedown with indictments and arrests
Source: https://www.reuters.com/technology/cybersecurity/us-indicts-two-russian-nationals-lockbit-cybercrime-gang-bust-2024-02-20/
-
Virtual Guardian's BTS panelists and guest Jane Arnett of Check Point cover hot topics, revisit the highs and lows of cybersecurity in 2023, and make their predictions and wishes for 2024.
Hot Topic Sources:
Article title: Hackers Extort Victim with SEC Whistleblower Complaint
Source: https://www.jdsupra.com/legalnews/hackers-extort-victim-with-sec-2694993/#:~:text=In%20an%20unintended%20consequence%20of,isn%27t%20even%20required%20yet.
Article title: We tried to quantify how harmful hospital ransomware attacks are for patients. Here’s what we found
Source: https://www.statnews.com/2023/11/17/hospital-ransomware-attack-patient-deaths-study/
-
We didn't have time to get to all of our Hot Topics in the Nov 2nd Behind the Shield! Ready for a little more cyber news from Marco, Bill and Patrick?
Bonus Hot Topics:
AI Kidnapping Hoaxes: https://www.darkreading.com/black-hat/virtual-kidnapping-ai-tools-enabling-irl-extortion-scamsJohnson Controls Breach - An Update from Patrick from last week's discussion. https://www.msspalert.com/news/johnson-controls-struck-by-king-size-ransomware-attack-demanding-51-million-payoffFraudsters target Booking.com customers claiming hotel stay could be cancelled . https://grahamcluley.com/fraudsters-target-booking-com-customers-claiming-hotel-stay-could-be-cancelled/Okta breach à One Password: https://www.darkreading.com/black-hat/virtual-kidnapping-ai-tools-enabling-irl-extortion-scams -
November 2023 Episode (Recorded on 11.02.2023) – Special #AIWeek Episode
Expert panelists, including our guest Chris ‘Tito’ Sestino of HiddenLayer, and host Marco Estrela discuss current cybersecurity topics ripped from the headlines.
Hot Topics: Credit card fraud while traveling; AI generated phishing attacks, Johnson Controls Breach, Emerging AI Regulations & Effects
Spotlight: “Securing AI Innovation: Safeguarding AI Amid Emerging Threats” - Chris Sestito, Co-founder & CEO of HiddenLayer, a cybersecurity start-up dedicated to preventing adversarial artificial intelligence attacks.
Sources:
Topic 1: Credit card fraud and tips for guarding credit cards while traveling.
Source: N/A
Topic 2: Bill
Article title: AI generates convincing phising attacks
Source: https://www.csoonline.com/article/656698/generative-ai-phishing-fears-realized-as-model-develops-highly-convincing-emails-in-5-minutes.html
Topic 3: Patrick
Article title: Jonhson Controls breach
Source: https://www.msspalert.com/news/johnson-controls-struck-by-king-size-ransomware-attack-demanding-51-million-payoff
Topic 4: Tito
Article title: Emerging AI Regulations & Its Effect on Innovation
Source: N/A
-
September 2023 Episode (Recorded on 9.21.2023)
Expert panelists and host Marco Estrela discuss current cybersecurity topics ripped from the headlines.
Hot Topics: MGM and Caesar’s Cyberattack, TransUnion Data stolen, Microsoft AI Employee Accidental Leak, Canadian Airports DOS, Clorox Breach
Extras: CISCO’s $28B purchase of SPLUNK, NaviLogic’s name change to Virtual Guardian
Sources:
Topic 1: Bill #1
Article title: MGM and Caesar’s cyberattack
Source: https://www.reviewjournal.com/business/casinos-gaming/mgm-hackers-could-have-tried-to-get-slots-to-spit-out-money-2907417/
https://www.bloomberg.com/news/articles/2023-09-13/caesars-entertainment-paid-millions-in-ransom-in-recent-attack?embedded-checkout=true
Topic 2: Patrick #1
Article title: Law 25 Event in Montreal
Source: N/A
Topic 3: Marco #1
Article title: TransUnion data stolen, but they say their weren’t hacked!
Source: https://www.techradar.com/pro/security/transunions-data-stolen-in-major-data-breach
Topic 4: Bill #2
Article title: Microsoft AI Employee Accidentally Leaks 38TB of Data
Source: https://www.pcmag.com/news/microsoft-ai-employee-accidentally-leaks-38tb-of-data?utm_medium=browser_notifications&utm_source=pushly&utm_campaign=3558823&utm_country_code=CA
Topic 5: Patrick #2
Article title: Source: Canadian Airports DOS
Source: https://www.lapresse.ca/actualites/national/2023-09-19/agence-des-services-frontaliers/la-panne-dans-les-aeroports-provenait-bien-d-une-attaque-informatique.php?utm_campaign=internal+share&utm_content=ulink&utm_medium=referral&utm_source=lpp&redirectedFrom=https%253A%252F%252Fplus.lapresse.ca%252Fscreens%252Fbd53d576-4f02-4d19-853b-a9f64e7d1a31__7C___0.html%253Futm_campaign%253Dinternal%252520share%2526utm_content%253Dulink%2526utm_medium%253Dreferral%2526utm_source%253Dlpp
Topic 6: Marco #2
Article title: Clorox Breach
Source: https://www.cnn.com/2023/09/18/business/clorox-cyberattack-production-disruption/index.html
-
August 2023 Episode (Recorded on 8.3.2023)
Hot Topics: Cybersecurity labeling for smart devices, New 4-Day disclosure requirement by SEC, Chinese Malware’s Potential Impacts to US, WormGPT, JumpCloud hack linked to North Korea, US’s Data Breach Record
Extras: Rapid Fire Q&A for the panel; Remembering Kevin Mitnick, 1990s “Most Wanted Computer Outlaw”
Sources:
Topic 1: Patrick #1
Article title: Cybersecurity labeling for smart devices aims to help people choose those less vulnerable to hacking
Source: https://apnews.com/article/cybersecurity-smart-devices-fcc-cyber-trust-mark-74af5829296ba65cddd2b2287b47422a
Topic 2: Bob #1
Article title: SEC now requires companies to disclose cyberattacks in 4 days
Source: https://www.bleepingcomputer.com/news/security/sec-now-requires-companies-to-disclose-cyberattacks-in-4-days/
Topic 3: Bill #1
Article title: Chinese Malware Could Cut Power To U.S. Military Bases, Businesses And Homes, Report Claims
Source: https://www.forbes.com/sites/tylerroush/2023/07/29/chinese-malware-could-cut-power-to-us-military-bases-businesses-and-homes-report-claims/?sh=397fec1224ae
Topic 4: Patrick #2
Article title: WormGPT: New AI Tool Allows Cybercriminals to Launch Sophisticated Cyber Attacks
Source: https://thehackernews.com/2023/07/wormgpt-new-ai-tool-allows.html?m=1
Topic 5: Bob #2
Article title: JumpCloud hack linked to North Korea after OPSEC mistake
Source: https://www.bleepingcomputer.com/news/security/jumpcloud-hack-linked-to-north-korea-after-opsec-mistake/
Topic 6: Bill #2
Article title: US on Track For Record Number of Data Breaches
Source: https://www.infosecurity-magazine.com/news/us-track-record-number-data/
-
June 2023 Episode (Originally Aired Live on 6.15.2023)
Hot Topics: US-based white hat researcher, Eaton Zveare, discovers serious flaws in well-known carmaker; Phishing controversy using pay raise as bait; Making progress in the war against cybercrime.
Special Guest Panelist: Graham Cluley of the award-winning “Smashing Security” podcast.
Spotlight: Rudolph Araujo, Arista Networks: IoT, Ransomware, Insider Threats and Your Data: Threat Hunting to the Rescue
Sources:
Topic 1
Source: https://www.securityweek.com/vulnerabilities-in-honda-ecommerce-platform-exposed-customer-dealer-data/
https://eaton-works.com/2023/06/06/honda-ecommerce-hack/
Topic 2:
Source: https://www.economist.com/by-invitation/2023/05/26/ciaran-martin-argues-that-cyberspace-is-finally-if-unevenly-getting-safer
Topic 3:
Source: https://grahamcluley.com/staff-salary-phishing-test-backfire/
https://www.rollonfriday.com/news-content/exclusive-incredulity-firm-sends-lawyers-fake-pay-rise-emails
-
May 2023 Episode (Originally Aired Live on 5.18.2023)
Hot Topics: Cisco IOS vulnerabilities and UQAM’s 2023 Report on geopolitical cyber incidents.
Spotlight: Amber Borgersen, Product Manager for IBM Security's Threat Management functionalities - the QRadar Suite, discusses “SIEM is dead! Or is it…?”
-
April 2023 Episode (Originally Aired Live on 04.19.2023 in front of a live audience at Esterel Resort, Quebec Canada)
Panelists: Pulitzer Prize Winning Journalist Byron Acohido (lastwatchdog.com), VG CEO Patrick Naoum, Co-Founders of NaviLogic Bill Strub and Bob Bennett, and VG’s Sr. Director Cybersecurity and host of the show, Marco Estrela.
Hot Topics:
Topic 1: Article title: Six arrested in Quebec as police dismantle international identity theft network
Source: https://montreal.ctvnews.ca/six-arrested-in-quebec-as-police-dismantle-international-identity-theft-network-1.6344156
Topic 2: Article title: Putin’s secret weapon: weaponized ransomware
Source: https://www.bleepingcomputer.com/news/security/new-ransomware-attacks-in-ukraine-linked-to-russian-sandworm-hackers/
https://www.bleepingcomputer.com/news/security/security-firms-find-thin-lines-connecting-notpetya-to-ukraine-power-grid-attacks/
Topic 3: Article title: SlashNext's 2023 Mobile BYOD Security Report Reveals 71% of Employees Have Sensitive Work Information on their Personal Devices; 43% Were the Target of Phishing Attacks
Source: https://www.prnewswire.com/news-releases/slashnexts-2023-mobile-byod-security-report-reveals-71-of-employees-have-sensitive-work-information-on-their-personal-devices-43-were-the-target-of-phishing-attacks-301785360.html
Sponsor/Spotlight: Byron Acohido “Network security reborn: Leveraging machine learning, automation to drive legacy defenses into obsolescence.”
Bonus Segment: Rapid Fire Topics with Byron Acohido
This is a recording of an event that took place live, virtual and in-person. To attend future virtual Behind the Shield events and ask the panelists questions, register at virtualguardian.com/event
-
March 2023 Episode (Originally Aired Live on 03.16.2023)
Hot Topics: Multi Factor Authentication Blind Spots, T-Mobile's Security Breach (API Attack vector), TikTok ban (US & Canada governments), Return of IceFire Ransomware.
Sponsor/Spotlight: Branden Williams, VP of IAM Strategy at Ping Identity: "Fostering Collaboration to Build Trust in an Untrustworthy World.
This is a recording of an event that took place live. To attend live Behind the Shield events and ask the panelists questions, register for future events at virtualguardian.com/event
-
Hot Topics: Mortgage Broker 8Twelve’s leak (where everything went wrong), Reddit cyberattack, AI in the wrong hands, and clickbait article of the month: “Cyber Apocalypse 2023: Is The World Heading For A ‘Catastrophic’ Event”.
Spotlight Speaker & Sponsor: Mike Britton, CISO for Abnormal Security (sponsor), brings guest customer Joel Godbout, Cybersecurity Manager at PCL Construction, to discuss “Securing Your Cloud Email Platform from Socially-Engineered Attacks”.
Sources:
Topic 1:
Article title: Customer database of Canadian mortgage broker left open on internet
Source: https://www.itworldcanada.com/article/customer-database-of-canadian-mortgage-broker-left-open-on-internet/525096
Topic 2:
Article title: Hackers breach Reddit to steal source code and internal data
Source: Hackers breach Reddit to steal source code and internal data (bleepingcomputer.com)
Topic 3:
Article title: Security risks of ChatGPT and other AI text generators
Source: Security risks of ChatGPT and other AI text generators | SC Media (scmagazine.com)
Topic 4 (Bonus):
Article title: Cyber Apocalypse 2023: Is The World Heading For A ‘Catastrophic’ Event?
Source: Cyber Apocalypse 2023: Is The World Heading For A ‘Catastrophic’ Event? (forbes.com)
Register free to attend the live virtual taping of the March 2023 episode at www.virtualguardian.com/event
-
Monthly cybersecurity podcast from Virtual Guardian experts and friends. This episode is a special "Year In Review" featuring 7 panelists talking the most memorable 2022 cybersecurity hacks and events, followed by their wishes and predictions for 2023. This event originally aired on 1/19/2023. To join future Behind the Shield events and ask your questions live, visit www.virtualguardian.com/event.
- Montre plus