Episódios
-
A family of multitasking, multi-user computer operating systems that derive from the original Unix system built by Ken Thompson and Dennis Ritchie in the 1960s.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A network monitoring and filtering technique that examines both the header information and the payload of every packet traversing a network access point.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Estão a faltar episódios?
-
A clandestine set of applications designed to give hackers access and control over a target device.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A set of behaviors that precisely describes a cyber adversary attack campaign.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Information used by leadership to make decisions regarding the cybersecurity posture of their organization.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
In this case Identity is the set of credentials, usually electronic that vouch for who you are and theft is to steal. The theft of a person's identity for purposes of fraud.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A probability simulation technique used to understand the impact of risk and uncertainty in complex problems.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A software, hardware or hybrid encryption layer between two devices on the network that makes the traffic between the sites opaque to the other devices on the same network.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipment for this operation but most modern switches have this capability built in.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A reflection or amplification distributed denial-of-service attack in which hackers query Internet network time protocol servers, NTP servers for short, for the correct time, but spoof the destination address of their target victims.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
From the intrusion kill-chain model, the delivery of a “lure” via a text message to a potential victim by pretending to be some trustworthy person or organization in order to trick the victim into revealing sensitive information. Smishing is a portmanteau word made of two other words, the acronym “SMS” and the cyber coinage “Phishing“. It’s a text-message-centric variation of the email-based phishing scams that have been around since the 1990s. The term “Smishing” arose in the late 2000s.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A network switch configuration setting that forwards a copy of each incoming and outgoing packet to a third switch port. Also known as SPAN or Switched Port Analyzer, RAP or Roving Analysis Port, and TAP or Test Access Point. When network managers and security investigators want to capture packets for analysis, they need some sort of generic TAP or Test Access Point. You can buy specialized equipment for this operation but most modern switches have this capability built in.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
NDR tools provide anomaly detection and potential attack prevention by collecting telemetry across the entire intrusion kill chain on transactions across the network, between servers, hosts, and cloud-workloads, and running machine learning algorithms against this compiled and very large data set. NDR is an extension of the EDR, or endpoint detection and response idea that emerged in 2013.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
Technology, software and hardware deployed without explicit organizational approval. In the early days of the computer era from the 1980s through the 2000s security and information system practitioners considered shadow IT as completely negative. Those unauthorized systems were nothing more than a hindrance that created more technical debt in organizations that were already swimming in it with the known and authorized systems.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
The resilience discipline of controlled stress test experimentation in continuous integration/continuous delivery environments, CI/CD environments, to uncover systemic weaknesses.
CyberWire Glossary link: https://thecyberwire.com/glossary/chaos-engineering
Audio reference link: Farnam Street, 2009. Richard Feynman Teaches you the Scientific Method [Website]. Farnam Street. URL https://fs.blog/mental-model-scientific-method/
Learn more about your ad choices. Visit megaphone.fm/adchoices -
From the intrusion kill chain model, a program that provides command and control services for an attack campaign. While the first ever deployed RAT is unknown, one early example is Back Orifice made famous by the notorious hacktivist group called “The Cult of the Dead Cow,” or cDc, Back Orifice was written by the hacker, Sir Dystic AKA Josh Bookbinder and released to the public at DEFCON in 1998.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A mathematical method by which one party (the prover) can prove to another party (the verifier) that something is true, without revealing any information apart from the fact that this specific statement is true.
CyberWire Glossary link: https://thecyberwire.com/glossary/zero-knowledge-proof
Audio reference link: Staff, 2022. Zero Knowledge Proofs [Video]. YouTube. URL https://www.youtube.com/watch?v=5qzNe1hk0oY
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A social engineering scam where fraudsters spoof an email message from a trusted company officer that directs a staff member to transfer funds to an account controlled by the criminal.
Learn more about your ad choices. Visit megaphone.fm/adchoices -
A U.S. law designed to improve the portability and accountability of health insurance coverage.
CyberWire Glossary link: https://thecyberwire.com/glossary/hipaa
Audio reference link: Dr. Dana Brems, 2021. Doctor reacts to “HIPAA violations” [Video]. YouTube. URL https://www.youtube.com/shorts/Ksk00s8a_IU
Learn more about your ad choices. Visit megaphone.fm/adchoices - Mostrar mais