social engineering

Multi-Site Mastery: Strategies for Effective Risk Assessments

Posted on by Admin
Multi-Site Mastery: Strategies for Effective Risk Assessments

In this episode of The Security Podcasts we sit down with Mark Landry, National Accounts Director at AMAROK, to discuss navigating multi-site risk assessment effectively. “In order to approach your risk assessment, especially when you’ve got vast or disparate geographies – meaning you’ve got a location in Portland, Maine and location in Portland, Oregon – you have to be able to accurately convey the risk across both of those locations that have very different risk…

Read More

Proving physical security value across an organization

Posted on by Admin
Proving physical security value across an organization

In this episode of The Security Podcasts we sit down with Thomasina Martin, a Key Account Manager specializing in Energy and Utilities at Genetec, Inc., to talk about proving the value of physical security across an organization. “One of the primary challenges I think a lot of us see, I think it’s universal in the security industry when trying to secure a budget, is that physical security often competes with other critical business units or…

Read More

Balancing Risk and Innovation – A CISO Perspective

Posted on by Admin
Balancing Risk and Innovation – A CISO Perspective

In this episode of The Security Podcasts featuring Jill Knesek, CISO of Blackline, and former FBI Special Agent in the Cyber Crime Squad, we talk about balancing risk & innovation from a CISO’s perspective. “The message I like to give is we can be both innovative and secure.,” Knesek says. “They’re not mutually exclusive, and they shouldn’t be. By shifting left and embedding strong security practices and controls earlier into our development lifecycle, we can…

Read More

Researchers discovered a new phishing kit on the dark web

Posted on by Admin
Researchers discovered a new phishing kit on the dark web

Researchers at SlashNext discovered a new phishing kit on the dark web. This phishing kit, known as FishXProxy Phishing Kit, starts with uniquely generated links that can evade initial suspicion. Cybercriminals on underground forums are advertising this kit as “The Ultimate Powerful Phishing Toolkit” due to the sophisticated tools it provides. Capabilities this phishing kit provides includes: Sophisticated antibot systems that utilize Cloudfare’s CAPTCHA and filter out security measures Redirection abilities that obscure intended destinations Page…

Read More

Cybersecurity at the Paris Summer Olympics

Posted on by Admin
Cybersecurity at the Paris Summer Olympics

In this episode of The Security Podcasts featuring Mark Manglicmot, SVP of Security Services at Arctic Wolf, we discuss how individuals and businesses can defend against cyber threats during the Olympics.  “For this year’s Olympics specifically, the risks of AI being manipulated by bad actors is increasingly high and a new threat for this Olympics compared to the past with the emergence of the technology. This is why individuals, athletes, administrators, coaches and anybody else attending…

Read More

Cisco Talos: Top Ransomware TTPs Exposed

Posted on by Admin
Cisco Talos: Top Ransomware TTPs Exposed

Cisco Talos analyzed the top 14 ransomware groups between 2023 and 2024 to expose their attack chain and highlight interesting Tactics,Techniques and Protocols. The security company also exposed the most leveraged vulnerabilities being triggered by ransomware actors. Ransomware attack chain: What Cisco Talos researchers learned Ransomware actors nearly all use the same attack chain. Typical ransomware attack chain. Image: Cisco Talos Step one for ransomware actors The first step for the threat actor consists of…

Read More

Does GPT-4 risk accelerating cybercrime?

Posted on by Admin
Does GPT-4 risk accelerating cybercrime?

Artificial intelligence is continuing to evolve and advance at a rapid rate. Its heightened integration into business models has grown, with large language models (LLMs) like GPT-4 (the one that is arguably dominating most of the recent discourse) continuing to illustrate possibilities and risks. While the technological breakthrough of GPT-4 holds immense potential for streamlining tasks and augmenting human teams, it also raises several security concerns and risks accelerating cybercrime. A recent report suggested that…

Read More

Untrained users are the greatest weakness in a cyber defense plan

Posted on by Admin
Untrained users are the greatest weakness in a cyber defense plan

KnowBe4 has released its 2024 Phishing by Industry Benchmarking Report. This report measures the likelihood that an organization’s employees would fall for a phishing or social engineering scam, assessing the status of security preparedness and awareness across global industries such as government, healthcare and critical infrastructure.  54 million simulated phishing tests were analyzed in the report. These tests involved more than 11.9 million individuals from 55,675 organizations across 19 industries. Through this analysis, the report found…

Read More

Navigating political polarization in the workplace

Posted on by Admin
Navigating political polarization in the workplace

In this episode of The Security Podcasts featuring Scott McHugh, retired CSO at LyondellBasell Chemical Company and Faculty at Rice University, we discuss the challenges security leaders face when navigating political polarization in the workplace. “This is actually not a new phenomenon,” Scott McHugh says. “It really started in the late ’90s, in the Clinton administration, and it’s just been manifesting itself through the years ever since then. And it’s become much more of a…

Read More

Olympics 2024: Cyber Attackers are Targeting Companies Associated With Paris Games

Posted on by Admin
Olympics 2024: Cyber Attackers are Targeting Companies Associated With Paris Games

Organisations linked to the Paris Olympics 2024 have an increased risk of cyber attacks, including ransomware, credential leaks and phishing campaigns, a study has found. Insikt Group, the threat research division of security firm Recorded Future, has already observed posts advertising access to Games-related organisations in France and compromised credentials using “paris2024[dot]org” domains on the Dark Web. These findings were published in a new report highlighting high-priority threats to the Games, based on an assessment…

Read More
1 2 3 6