Leadership, Network security, Data security, Malware, Remote access, Social engineering

PSW #752 – Greg Conti & Chris Blask

This week: Greg Conti joins us to discuss InfoSec Lessons from Military Strategy, Tactics, and Operational Art. Online conflict is widespread and at times the internet hurts more than it helps. In this segment, we’ll discuss ways to inform today’s enterprise defense by better understanding strategy, tactics and operational art from government influence operations, electronic warfare, and cyberspace operations!

Then, Larry, Doug, Lee, Josh, and Chris Blask cover the security news from this week!

Visit https://www.securityweekly.com/psw for all the latest episodes!

Visit https://securityweekly.com/acm to sign up for a demo or buy our AI Hunter!

Follow us on Twitter: https://www.twitter.com/securityweekly

Like us on Facebook: https://www.facebook.com/secweekly

View Show Index

Full Audio

Segments

1. InfoSec Lessons from Military Strategy, Tactics, and Operational Art – Greg Conti – PSW #752

We don’t like it, but the hopeful internet we envisioned doesn’t look much like the internet as it exists today. Online conflict is widespread and at times the internet hurts more than it helps. In this podcast, we’ll discuss ways to inform today’s enterprise defense by better understanding strategy, tactics and operational art from government influence operations, electronic warfare, and cyberspace operations.

Announcements

  • Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!

Guest

Greg Conti
Greg Conti
Principal at Kopidion Cybersecurity

Greg Conti is a Principal at Kopidion, a cyber security training and professional services firm. He is a seven-time Black Hat speaker and nine-time DEFCON speaker. He teaches courses at Black Hat Trainings and in private engagements on military strategy and tactics for cybersecurity, information operations, hacking bureaucracy, adversarial thinking, and election security. Formerly he served as Director of Security Research at IronNet, Director of the U.S. Army Cyber Institute, and on the West Point faculty for more than a decade where he led their cybersecurity research, innovation, and education efforts. A former career military intelligence and cyber operations officer he also served at NSA, U.S. Cyber Command, and in two combat zones. Greg is co-author of the recently published book, On Cyber: Towards an Operational Art for Cyber Conflict, as well as approximately 100 articles, papers, and talks covering cyber conflict, dark patterns, security analytics, cybersecurity innovation, and security visualization.

Hosts

Larry Pesce
Larry Pesce
Principal Managing Consultant and Director of Research & Development at InGuardians
Doug White
Doug White
Professor at Roger Williams University
Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory

2. StarLink Hacks, Ramsomware Extortion, Signal/Twilio Compromise, Hacking Cars and Trac – PSW #752

Larry, Doug, Lee, Josh, and Chris Blask cover the security news!

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Chris Blask
Chris Blask
Global Director, Industrial Control Systems Security at Unisys

A well regarded figure, Chris has been involved in the ICS and information security industries for more than 25 years, spanning the breadth of the cybersecurity spectrum. He invented one of the first commercial firewall products, built a multibillion-dollar firewall business at Cisco, co-founded an early Security Information and Event Management (SIEM) vendor and co-authored the first book on SIEM. He chairs the Industrial Control System Information Sharing and Analysis Center (ISAC), serves on the Board of Directors for the International Association of Certified ISAOs (Information Sharing and Analysis Organizations) and is involved with a wide range of national and international cybersecurity efforts. Chris lives in Orlando, Florida.

Hosts

Josh Marpet
Josh Marpet
Executive Director at RM-ISAO
Lee Neely
Lee Neely
Information Assurance APL at Lawrence Livermore National Laboratory
  1. 1. Cybersecurity Toolkit to Protect Elections - The US Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Joint Cyber Defense Collaborative (JCDC), has published a guide for election systems cybersecurity. Designed to help US state and local election officials, the Cybersecurity Toolkit to Protect Elections includes a tool to assess risk profile as well as information about tools and services that can be used to help secure election infrastructure assets.
  2. 2. CVE-2022-0028 PAN-OS: Reflected Amplification Denial-of-Service (DoS) Vulnerability in URL Filtering - A high severity vulnerability in Palo Alto Networks’ PAN-OS is being actively exploited to conduct reflected and amplified TCP denial-of-service attacks. The URL filtering policy misconfiguration flaw affects six versions of PAN-OS; a fix is available for one of the versions; Palo Alto Networks says it will release updates for the remaining versions of PAN-OS this week.
  3. 3. A Single Flaw Broke Every Layer of Security in MacOS - Apple has released updates to address a vulnerability that could be exploited by a process injection attack to break multiple levels of Apple security. The issue was discovered by Thijs Alkemade, a researcher from the cybersecurity firm Computest.
  4. 4. Realtek SDK Vulnerability Exposes Routers From Many Vendors to Remote Attacks - A vulnerability in the SIP application layer gateway (ALG) included in Realtek's software development kit for its RTL819xD system on a chip devices exposes routers to a simple stack based buffer overflow. Patches are available from Realtek but have not yet been included by all vendors in updated firmware images. This vulnerability is exploitable via a single UDP packet sent to the router even if the web based administrative interface is not exposed.
  5. 5. Critical Infrastructure at Risk as Thousands of VNC Instances Exposed - Security researchers have warned that countless global organizations might be at risk of remote compromise after discovering more than 8000 exposed VNC servers without passwords.
  6. 6. Signal accounts hacked: Here’s how to check whether you’re affected - Phone numbers of nearly 1900 Signal users were exposed in a data breach , after Twilio, the company that provides Signal with phone number verification service was hit by a phishing attack during which attackers sent a customer support executive a link that, after being clicked, gave them access to the Twilio customer support system.
  7. 7. Microsoft Disrupts Russian Cyber-Espionage Group Seaborgium - Microsoft claims to have disrupted a prolific Russian state-backed threat group known for conducting long-running cyber-espionage campaigns against mainly NATO countries. (Callisto Group, ColdRiver, TA446)
  8. 8. New Windows 10 21H2 build improves ransomware protection and language management - Windows upcoming 21H2 Build 19044.1947 will enhance its built-in antivirus app with enhanced ransomware detection/interception capabilities. [Note: the version 11 update is still being offered for free from the vendor; version 11 has anti-ransomware protection]
  9. 9. Zoom’s latest update on Mac includes a fix for a dangerous security flaw - Zoom has issued a patch for a bug on macOS that could allow a hacker to take control of a user’s operating system. Apply manual update.
  10. 10. QBot phishing uses Windows Calculator DLL hijacking to infect devices - Lots of people still use Version 7 of the world’s most popular OS. Hackers understand this – and they developed a nifty piece of malware (aka: Qbot) that leverages how that OS version’s calculator loads .DLL runtime files to infect machines.
prestitial ad