Spotlight On: BEC scams – an expensive threat
On this week’s Cyber Security Brief, Dick O’Brien, Candid Wueest and Brigid O’Gorman focus on business email compromise (BEC) scams, which are a major issue for enterprises and organizations. The FBI has estimated that between June 2016 and July 2019 more than $26 billion was lost to BEC scams globally. Our experts discuss some recent examples of BEC scams, the common tactics and techniques many of these scams share, and the steps you can take to mitigate the danger to your business from these types of scams.
28 Nov 2019
Round-up: Ransomware, vulnerabilities, and eavesdropping
In this week’s Cyber Security Brief, Candid Wueest and Brigid O’Gorman bring you a round-up of the biggest cyber security news stories of the last week. We discuss the Shlayer malware, the publication of exploits for a vulnerability in Windows Remote Desktop Gateway, and how attackers may be able to eavesdrop on your conference calls. Also this week, there were a whole slew of news stories about ransomware, so we discuss some of those as well.
30 Jan 2020
A second supply chain attack attempt against CCleaner, voice-controlled home assistants spying on owners, and dodgy mobile biometric authentication
In this week's Cyber Security Brief, Dick O'Brien and Candid Wueest discuss some of the biggest cyber security stories of the past week. Topics this week include a second supply chain attack attempt aimed at compromising CCleaner, how Amazon Alexa and Google Home devices can be used to spy on their owners using malicious third-party applications, problems for Samsung and Google arising from issues with biometric authentication on their mobile devices, and how a Chinese cyber-espionage group has been targeting SQL servers.
24 Oct 2019
Holiday shopping special: Scams to watch out for this Black Friday and Cyber Monday
On this week’s Symantec Cyber Security Brief, we bring you a holiday shopping cyber security special in advance of Black Friday, Cyber Monday, and the holiday shopping period in general. We discuss the dangers people need to be aware of when shopping online, including formjacking, fake shops, and social media scams. We discuss common scams that try to trick victims using fake delivery notices, as well as point of sale malware, which is still a threat, even as more people move to doing their shopping online.
21 Nov 2019
Most Popular Podcasts
One billion dollars in Bitcoin on the move, data breaches, Mastercard and Google’s info-sharing deal, and MikroTik developments
In this week’s podcast we discuss how insiders are often the ones to blame for data breaches, and how often data breaches are caused by human error more often than malicious attackers. We look at the implications of a deal between Mastercard and Google that allows advertisers to figure out how effective their ads are at getting consumers to make purchases in the real world, and a development in the MikroTik routers hack. Also, we discuss $1 billion in Bitcoin that has suddenly started to move – and ask who might be in control of it?
6 Sep 2018
Gallmaker research, Navionics breach, and Fitbit data used by cops in murder investigation
In this week’s Cyber Security Brief, Dick O’Brien is joined by Symantec threat researchers Jon DiMaggio and Candid Wueest to discuss the big cyber security stories of the last week. We talk about Symantec’s latest research on a previously-unknown attack group called Gallmaker, which is using “living off the land” and publicly-available hack tools to target organizations in the government and defense sectors. We also discuss the hack of the SpankChain cryptocurrency project, the breach at Garmin-owned boating app Navionics, and how Fitbit data has been used in a murder investigation.
11 Oct 2018
Deep Dive: Symantec Takes on Software Supply Chain Attacks
Dick O’Brien is joined by Symantec product manager Arvind Rao and architect Haik Mesropian to discuss their work, and what they are doing to combat software supply chain attacks, the products they are building, and how they are hoping their efforts will help developers combat these attacks.
13 Sep 2018
APT28 activity, cryptojacking research, and Face ID used to access criminal suspect’s phone
In this week’s Symantec Cyber Security Brief we discuss two of our recently-published pieces of research. First, we are joined by Threat Analyst Stephen Doherty to discuss the recent activity of APT28 (aka Swallowtail, Fancy Bear), which made headlines in 2016 due to its involvement in cyber attacks against an organisation involved in the U.S. presidential election. Then, we talk about our newly published whitepaper examining the topic of cryptojacking – one of the hottest subjects in the world of cyber security in 2018. Finally, we discuss a first-of-its-kind case in the U.S. where a criminal suspect was forced by the FBI to use Face ID to unlock his iPhone.
4 Oct 2018
Xbash threat, TripAdvisor fake review clampdown, blockchain casinos targeted, and who is behind DDoS attacks on UK unis?
On this week’s podcast Dick O’Brien is joined by threat researchers Candid Wueest and Brigid O Gorman to discuss the biggest cyber security stories of the week. We take a look at the newly-discovered Xbash malware family and what it can do, as well as discussing the first case of its kind where a man was convicted and imprisoned for writing fake reviews on TripAdvisor. Also, we look at some recent hacks against blockchain casinos, and speculate on the likely perpetrators behind DDoS attacks on UK university networks.
20 Sep 2018
Formjacking research, WordPress plugins cause problems, the dangers of plaintext password storage, and the Mojave zero day
In this week’s Symantec Cyber Security Brief, we discuss recent research Symantec has published on formjacking, as well as the formjacking attacks that have been carried out by the Magecart group. We also discuss how outdated plugins are allowing malicious code to be injected into WordPress sites, the Apple macOS Mojave zero day, and why it’s never a good idea for companies to store their customers’ passwords in plaintext.
27 Sep 2018
Attack Group of the Month: Shamoon – targeting the Middle East with disk-wiping malware
On this week’s Cyber Security Brief podcast we are introducing a new feature – Attack Group of the Month. Every month we will bring in one of our expert threat researchers for a deep dive into the history, tactics, and techniques of notable attack groups, and discuss what you should do to keep your company safe from these sophisticated attackers. This week we look at Shamoon, an attack group that first appeared in 2012, causing waves when it wiped the disks on thousands of computers in two companies in Saudi Arabia. Threat researcher Gavin O’Gorman brings us through the history of the group, what makes it so interesting, and why he thinks we haven’t seen the last of Shamoon yet.
5 Dec 2019
Spotlight On: Iranian cyber espionage activity
On this week’s Cyber Security Brief, we decide to take a look at an issue that is very topical at the moment – Iranian cyber espionage activity. Dick O’Brien and Gavin O’Gorman discuss some past campaigns we have seen carried out by Iranian actors, and the kind of cyber capabilities the country has. Threat researcher Gavin gives his opinion on what is likely to happen next when it comes to cyber activity, and if we are likely to see any cyber attacks by Iranian actors targeting U.S. organisations.
9 Jan 2020
Privacy concerns, election campaign worries, and phish-y meeting invites
On this week’s Symantec Cyber Security Brief, Dick O’Brien is joined by Brigid O’Gorman and Candid Wueest to discuss some of the big cyber security stories of the last week. This week, Ubiquiti customers are annoyed after a firmware update led to their routers sending information back to Ubiquiti HQ without their consent, a “sophisticated” attack on the UK Labour Party’s digital platforms causes consternation in the middle of an election campaign – but was it really that serious? Also, a (complicated) way to gain access to people’s Wi-Fi networks via Amazon’s Ring doorbell, a new ruling in the U.S. on whether or not border police are entitled to search your electronic devices when you’re entering the country, and beware of suspicious meeting invites.
14 Nov 2019
Spotlight On: Software vulnerabilities and patch management
On this week’s Cyber Security Brief, we discuss a timely issue – the importance of patching software vulnerabilities and the necessity for organizations to have good patch management. We decided to cover this topic as it is something that has been much in the news recently: CVE-2020-0601, a vulnerability in Microsoft’s Windows CryptoAPI, that was reported to the software giant by the NSA and was described as “severe” by the security agency, has made many headlines in the last week. Vulnerabilities in software from Citrix, and in Pulse Secure VPN servers, which were first revealed in December and April 2019, respectively, were also in the news in the last week or so. The vulnerabilities in the Pulse VPN servers were patched back in April - but despite this they are suspected of having been exploited in several cyber attacks since then, demonstrating that patches are not always being applied in a timely fashion. We discuss why that might be, and a variety of other issues, in this podcast.
23 Jan 2020
Spotlight On: Targeted ransomware – a major trend in 2019
On this week’s Cyber Security Brief, we turn the spotlight onto targeted ransomware – one of the most active threats we observed in 2019. Targeted ransomware has seen huge growth since the start of 2018, with 2019, in particular, seeing a big rise in the number of targeted ransomware families operating. We take a look at the reasons for this growth, outline the activities of some of the most interesting targeted ransomware families that have emerged in 2019, take you through how an attack like this works, and provider some essential tips to help you keep your business safe from targeted ransomware.
12 Dec 2019
Cyber Security Brief’s Review of the Year
This week’s episode of the Cyber Security Brief is the last one of 2019, so we are taking a look back at some of the big stories of the year in the world of infosec. Brigid O’Gorman, Dick O’Brien and Candid Wueest discuss a range of topics, including targeted ransomware, living off the land, supply chain attacks, extortion scams, and formjacking. We are taking a short break for the holidays but will be back in January 2020 with lots more chat about the world of cyber security.
19 Dec 2019
Fancy Bear attack campaign, ransomware hits Johannesburg again, and malware hijacks Discord client
In this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest infosec stories of the week. This week we discuss Fancy Bear’s campaign against at least 16 anti-doping and sporting organizations, yet another ransomware attack on Johannesburg, and the malware that was turning the Discord client into an info-stealing backdoor. Also this week, the security researcher who discovered they could hack other people’s pet feeders, and the man who still has access to the connected car he rented – and returned – several months ago.
31 Oct 2019
Spotlight On: Living off the land
On this week’s Cyber Security Brief, we discuss “living off the land”, where attackers use legitimate tools on your device or network for malicious purposes. Dick O’Brien is joined by Candid Wueest, who wrote a whitepaper on this very topic just before the holidays, to discuss the tools that are most commonly exploited by attackers using living off the land techniques, the prevalence of this kind of activity, and what organizations can do to protect themselves. As well as this, we give an overview of CVE-2020-0601, the vulnerability in the Windows CryptoAPI that was patched by Microsoft on Tuesday.
16 Jan 2020
Lasers, Bluekeep, and BEC scammers continue to cash in
On this week’s Cyber Security Brief, Dick O’Brien is joined by Candid Wueest and Brigid O’Gorman to discuss the biggest cyber security news stories of the week. On this episode, we chat about how lasers could be used to hack your voice-controlled devices – including your phone, the Bluekeep attacks that have been spotted in the wild, and the ongoing repercussions surrounding the WhatsApp zero-day that was discovered in May. Also, BEC scammers cash in, the QSnatch malware hits thousands of NAS devices, and a new vulnerability in Microsoft Office for Mac.
7 Nov 2019
Round-up: A whole host of vulnerabilities, and the hackers hacking other hackers
In this week's Cyber Security Brief podcast, Brigid O'Gorman and Dick O'Brien discuss some of the biggest infosec news stories of the last week, including, new vulnerabilities in Intel chips, and the Microsoft SMB protocol, as well as the Rowhammer vulnerability being back in the headlines. As well as this, there is an intricate phishing scam targeting Russian speakers that uses a chatbot to help you hand over your information, a mysterious Vietnam-based group is releasing Trojanized hacking tools to try and hack other hackers, the chief suspect thought to be behind the Deer[.]io online marketplace is arrested, and BEC scammers make the headlines once again.
12 Mar 2020