Cloud Security, Attack surface mgmt, Email security

ESW #227

May 12, 2021



What lessons can others still learn from the attack on the Florida water treatment facility? How does this incident shine a light on cybersecurity risks associated with the convergence of OT and IT? And what can be done to mitigate these risks?

Segment Resources:
https://newsroom.nccgroup.com/news/insight-florida-citys-water-supply-attack-420952 https://www.cnn.com/2021/02/13/us/florida-hack-remote-access/index.html Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Florida Water Treatment Facility Hack, and the Convergence of OT & IT

Guests

Damon Small

Damon Small – Technical Director of Security Consulting at NCC Group

@damonsmall

Damon Small, MSc.IA, CISSP, is Technical Director of Security Consulting at NCC Group North America (https://www.nccgroup.com/us/), where he consults with global leaders in critical infrastructure defense with specialty in oil and gas, aerospace and healthcare. He’s a founding member of the Operational Technology Cyber Security Alliance (https://otcsalliance.org/wp-content/uploads/2019/10/Introduction-to-the-OTCSA.pdf) and has deep expertise in operational technology.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Do you want to stay in the loop on all things Security Weekly? Visit https://securityweekly.com/subscribe to subscribe on your favorite podcast catcher or our Youtube channel, sign up for our mailing list, join our Discord Server, and follow us on our newest live-streaming platform, Twitch!

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!



Sponsored By


sponsor
Visit https://securityweekly.com/ciscoumbrella for more information!

Cyberattackers have not been slowed down by the worldwide pandemic. Phishing, cryptojacking, and trojans all continue to dominate the cybersecurity threat charts. It’s critical to know what security issues are most likely to crop up within your organization and their potential impacts. The challenge is that the most active threats change over time as the prevalence of different attacks ebb and flows. Register to learn about key threat trends facing businesses like yours in 2021. We’ll be joined by Data Scientist, Austin McBride, and Security Researcher, Artsiom Holub. We’ll tackle tough questions and take a deeper dive into recent threats to help you craft a strategy that helps you investigate threats, simplify operations, and scale security.
Segment Resources:
What attacks aren’t you seeing?
The modern cybersecurity landscape: Scaling for threats in motion
Cloud Security Buyers Guide

This segment is sponsored by Cisco Umbrella.

Visit https://securityweekly.com/ciscoumbrella to learn more about them! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Chart Topping Threats – How Attacks will Rage in 2021

Guests

Artsiom Holub

Artsiom Holub – Senior Security Analyst at Cisco Umbrella

Artsiom Holub is a Senior Security Analyst on the Cisco Umbrella Research team. Throughout the course of the day, he works on Security Threat Reports for existing and potential clients, works closely with the Customer Support Team, finds new threats and attacks by analyzing global DNS data coming from Cisco Umbrella resolvers, and designs tactics to track down and identify malicious actors and domains. Frequent presenter at major cybersecurity conferences including RSA, Black Hat and THEFirst. Currently focused on analysis and research of various cybercrime campaigns, and building defensive mechanisms applying OSINT and HUMINT approaches powered with ML.

Austin McBride

Austin McBride – Data Scientist at Cisco Umbrella

Austin McBride is a Data Scientist at Cisco Umbrella who identifies unclassified threat vectors, discovers emerging trends in malware distribution, and analyzes and evaluates the impact of security threats on customers. His current research focuses on the significance of cryptocurrency in the ever-evolving threat landscape, which abets malicious actors to remain anonymous while purchasing infrastructure and avariciously amassing profit which has been unprecedented in traditional financial markets in recent history. Austin speaks at international and national conferences and regularly contribute to the Cisco Umbrella Security Blog. His background is in data mining, analytics, security research, and data visualization.

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • Security Weekly listeners save $100 on their RSA Conference 2021 All Access Pass! RSA Conference will be a fully virtual experience from May 17th-20th, 2021. Security Weekly will be live streaming Monday-Thursday in the virtual broadcast alley, interviewing some of the top sponsors and speakers for the event. To register using our discount code, please visit https://securityweekly.com/rsac2021 [securityweekly.com] and use the code 5U1CYBER! We hope to “see” you there!



This week in the Enterprise News: XM Cyber Announces Integration with Palo Alto Network’s Cortex XSOAR, API Security Lessons Learned, Cycode Raises $20 Million, HelpSystems Acquires Beyond Security, Accurics Terrascan integrates with the Argo Project, Cequence Security API Sentinel 2.0, Seclore Security24 protects sensitive data, Who’s Really Behind the Colonial Pipeline Cyberattack?, Forcepoint acquires Cyberinc, Sophos launches industry’s only XDR solution for endpoint, server, firewall and email security?, and more! Visit https://www.securityweekly.com/esw for all the latest episodes!

Full Episode Show Notes

Accurics Terrascan, Sophos XDR Solution, & API Security Need to Know

Hosts

Adrian Sanabria

Adrian Sanabria – Senior Research Engineer at CyberRisk Alliance

@sawaba

Adrian is an outspoken researcher that doesn’t shy away from uncomfortable truths. He loves to write about the security industry, tell stories, and still sees the glass as half full.

Paul Asadoorian

Paul Asadoorian – Founder at Security Weekly

@securityweekly

Paul Asadoorian is the founder of Security Weekly, which was acquired by CyberRisk Alliance. Paul spent time “in the trenches” implementing security programs for a lottery company and then a large university. Paul is offensive, having spent several years as a penetration tester. As Product Evangelist for Tenable Network Security, Paul built a library of materials on the topic of vulnerability management. When not hacking together embedded systems (or just plain hacking them) or coding silly projects in Python, Paul can be found researching his next set of headphones.

Tyler Shields

Tyler Shields – CMO at JupiterOne

@txs

Tyler advises, guides, and operates high tech startups primarily in the B2B security space. He is a former market analyst, engineer, product manager, marketing leader, and partnership manager. In other words, Tyler builds and grows businesses – in all aspects. He’s a board advisor, angel investor, and board member at multiple firms and an investment advisor for a venture debt business. He loves to play guitar and poker in his free time.

Announcements

  • In our next technical training webcast on May 13th at 11am ET, see how attackers gain access to endpoints, and learn how to use defensive strategies to protect against those attacks! In our May 27th webcast at 11am ET, we’ll explore the latest attacks against DNS and the latest techniques that make it possible to discover and disrupt attacks. Then join our webcast on June 3 to learn about pen testing tools and why every organization should be using them regularly. Visit https://securityweekly.com/webcasts to register now! If you missed any of our previously recorded webcasts or technical trainings, they are available for your viewing pleasure at https://securityweekly.com/ondemand

prestitial ad