The Threatpost Podcast

Derek Manky Chief, Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs is joined by Threatpost podcast host Cody Hackett about the cybersecurity supply chain. What is it? How is it funded? And who are the victims and criminals within this multi-million dollar dark economy?  

Weeks after the disclosure around the ProxyLogon group of security bugs, exploitation attempts against unpatched Microsoft Exchange servers have skyrocketed. Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that last week researchers with FortiGuard Labs saw activity double over two days for cybercriminals targeting the vulnerabilities. The attackers are using the flaws to deploy cryptominers, ransomware (such as the recently discovered DearCry ransomware) and other malicious campaigns, he said.

Ransomware attacks continue to be a top security issue plaguing companies, with researchers from Fortinet's Fortiguard Labs saying they saw an explosion in ransomware activity towards the end of the fourth quarter of 2020.

Yaniv Balmas, the head of cyber research with Check Point Software, and Oded Vanunu, the head of products vulnerability research with Check Point Software, talk on this week's Threatpost podcast about the new discoveries around the NSA-linked exploit tools, as well as the implications of the SolarWinds supply-chain hack.

Law enforcement have been on a malware-takedown rampage: Last week, several agencies took down servers supporting the Emotet malware. Sherrod DiGrippo, senior director of threat research and detection with Proofpoint, said that no activity involving Emotet has been detected since the takedown effort occurred last week.

Joe Biden's inauguration ceremony last week marked a new strategy for the government's cybersecurity initiatives, with the US president's COVID-19 relief plan including $10 billion in funding for various cybersecurity defense initiatives - from hiring key security personnel to support for the Cybersecurity Infrastructure Security Agency (CISA).

In this week’s Threatpost podcast, senior editor Lindsey Welch talks with Steve Moore, chief security strategist with Exabeam, about the data privacy challenges posed by impending exposure notification implementations in the workplace.

Threatpost editors Tom Spring, Tara Seals and Lindsey Welch break down the top security stories to look out for in this week's first podcast of 2021 - from the SolarWinds hack to surging ransomware hospital cyberattacks. 

Security defense strategy can be very complex - with security teams not dealing with mere small bits of information, but instead dealing with tens of thousands of data points, from IoCs to TTPs, said Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet.

From eCommerce threats, to security concerns in connected speakers, Fortinet researchers discuss the top evolving threats of 2020, heading into the new year.

Researchers - as well as the U.S. Cybersecurity Infrastructure Security Agency (CISA) - are warning of a set of serious vulnerabilities affecting TCP/IP stacks. The flaws impact millions of Internet-of-Things (IoT) devices and embedded systems, including smart thermometers, smart plugs and printers, Forescout researcher Daniel dos Santos said during this week's Threatpost podcast.

Peter Lowe, security researcher with DNSFilter, talks to Cody Hackett on this week's Threatpost Podcast about how DNS filtering tactics are evolving to keep up with new cybercriminal tricks, as well as how companies can protect themselves.

Matt Lewis, research director at NCC Group discloses serious security and privacy in 11 different smart doorbells, which could be exploited by attackers to physically switch off the devices.

Cybercriminals are recognizing that the data that automotive companies have to offer - from customer and employee personal identifiable information (PII) to financial data - are invaluable. Paul Proudhomme, cyber threat intelligence analyst at IntSights, warns that this is translating into cyberattacks - whether it's aimed at Intellectual Property (IP) theft, or ransomware. And, with the ongoing pandemic shaking up both the sales and supply chain across the automotive industry, the risks of cyberthreats are only adding on to an existing pile of problems.

Cybercriminals behind botnets are increasingly shifting their infrastructure from the cloud to Internet of Things (IoT) devices, according to Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs.

Threatpost talks to Dragos' Lesley Carhart about the top cybersecurity challenges facing manufacturers during the pandemic.

This Halloween week, Threatpost editors break down the scariest stories haunting the security space, including: A wave of ransomware attacks targeting a number of hospitals, sparking worries about healthcare security and the impact on patents during COVID-19 "Zombie" vulnerabilities - including Zerologon and SMBGhost - that continued to haunt system admins this week Election security scares, from disinformation campaigns to cyberattacks hitting election infrastructure.

Chris Eng, chief research officer with Veracode, warns that the deluge of in-person shoppers during the pandemic has pushed restaurants, boutique shops and other retailers to utilize new online software ecommerce platforms - but they aren't prepared for implementing the correct security measures for these platforms.

Derek Manky, Chief of Security Insights & Global Threat Alliances at Fortinet's FortiGuard Labs, said that cybercriminals cashed in on the surge of COVID-19  earlier this year with phishing emails purporting to be from healthcare professionals offering more resources and information about the pandemic.

The Threatpost editors break down the top security stories of the week ended Oct. 16, including: Patch Tuesday insanity, with Microsoft and Adobe releasing fixes for severe vulnerabilities - including a critical, potentially wormable remote code execution Microsoft vulnerability Barnes and Noble being hacked - and why some readers are unhappy with how the book purveyor announced the cyberattack DDoS extortion email threats hitting various companies across the globe - including Travelex Zoom finally rolling out end-to-end encryption on the video conferencing platform - and why this is different than the video conferencing application's earlier "full encryption" claims