On this week’s show Dmitri Alperovitch, Sherrod DeGrippo and Joe Slowik join host Patrick Gray to talk through the week’s news:
- MalwareBytes the latest victim in the increasingly poorly-named “SolarWinds campaign”
- FireEye issues helpful guidance, tools, to help orgs detect “golden SAML” and related techniques
- Rob Joyce, Anne Neuberger, Michael Sulmeyer all get promoted! Wooo!
- Much, much more
This week’s show is brought to you by Airlock Digital. They make what we’re calling an execution control platform. Its central feature is easy-to-use and hard-to-bypass allowlisting. It’s a bunch of sensible and useable controls packaged up into a 7Mb. It slices, it dices, it slays lolbins and user powershell rights, and it comes in a beautiful suede pouch! It’s the endpoint protection you get when it’s built by practitioners in concert with people who actually understand windows internals. That’s right! Patrick is drinking the Kool-Aid on this one! Airlock founders Dave Cottingham and Daniel Schell join in this week’s sponsor interview to talk through allow-listings second wave of popularity.
Links to everything are below!
Show notes
- Malwarebytes said it was hacked by the same group who breached SolarWinds | ZDNet
- Fourth malware strain discovered in SolarWinds incident | ZDNet
- FireEye releases tool for auditing networks for techniques used by SolarWinds hackers | ZDNet
- Hackers alter stolen regulatory data to sow mistrust in COVID-19 vaccine | Ars Technica
- Rob Joyce named new NSA cybersecurity director - CyberScoop
- Biden team taps NSA Cybersecurity Director Anne Neuberger for NSC - CyberScoop
- Michael Sulmeyer, who held cyber posts under Trump and Obama, gets Biden White House gig
- Airbnb to Cancel All DC Bookings in Inauguration Week
- CISA tells agencies to consider ad blockers to fend off 'malvertising'
- Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs | ZDNet
- Iranian cyberspies behind major Christmas SMS spear-phishing campaign | ZDNet
- Joker's Stash, the internet's largest carding forum, is shutting down | ZDNet
- After judge orders release of hacker tied to ISIS, US says 'Not so fast'
- A security researcher commandeered a country’s expired top-level domain to save it from hackers | TechCrunch
- Scam-as-a-Service operation made more than $6.5 million in 2020 | ZDNet
- Signal endures 'technical difficulties' amid new popularity - CyberScoop
- Introducing Malvuln.com – the first website ‘exclusively dedicated’ to revealing security vulnerabilities in malware | The Daily Swig
- Critical zero-day RCE in Microsoft Office 365 awaits third security patch | The Daily Swig
- FBI investigating whether woman stole laptop from Pelosi's office to sell it to Russia - POLITICO
- Linux Mint fixes screensaver bypass discovered by two kids | ZDNet
- Text of a Letter to the Speaker of the House of Representatives and the President of the Senate | The White House
- Request an Airlock Product Demonstration - Airlock Digital