Behind the Shield - A Virtual Guardian Podcast

This month we're joined by Mike Melo, CISO of Ontario’s Life Labs, for a Q&A about his CISO role, what keeps him up at night and the pitfalls of trying to achieve cyber-resilience. If you’re interested in having a sneak peek into the daily life of a CISO, you won’t want to miss this interview.
Hot Topics segment includes: Utilities getting attacked (again!), is quantum computing threatening Bitcoin, vulnerable API headaches and we will see if collaboration is achievable in the face of rising cyberthreats. 
 
Sources:
Topic 1: Jason #1
Article title: Vulnerable APIs and Bot Attacks Costing Businesses Up to $186 Billion Annually
Source: https://thehackernews.com/2024/10/vulnerable-apis-and-bot-attacks-costing.html
Topic 2: Bill #1
Article title: America's largest water utility hit by cyberattack at time of rising threats against U.S. infrastructure
Source: https://www.cnbc.com/amp/2024/10/08/american-water-largest-us-water-utility-cyberattack.html
Topic 3: Jason #2
Article title: Chinese researchers crack military-grade encryption: is bitcoin safe?
Source: https://cybernews.com/crypto/quantum-crack-military-grade-encryption-bitcoin-danger/
Topic 4: Bill #2
Article title: Escalating Cyber Threats Demand Stronger Global Defense and Cooperation
Source: https://blogs.microsoft.com/on-the-issues/2024/10/15/escalating-cyber-threats-demand-stronger-global-defense-and-cooperation/

This month we welcome guest and sponsor Lisa Jones-Huff of Elastic to chat about this month’s biggest cyber headlines with our panelists Marco Estrela, Patrick Naoum, Bill Strub and Jason Williams.
Hot Topics: 
Topic 1: Jason
Article title: Microsoft summit plots end of kernel access for EDR security clients
Source: https://www.csoonline.com/article/3523753/microsoft-summit-plots-end-of-kernel-access-for-edr-security-clients.html
 
Topic 2: Patrick
Article title: Mastercard acquires Recorded Future: How will threat intelligence transform the payments industry?
Source: https://www.csoonline.com/article/3518765/mastercard-acquires-recorded-future-how-will-threat-intelligence-transform-the-payments-industry.html
 
Topic 3: Bill
Article title: TfL directs 30,000 employees to verify identities and reset passwords after data breach
Source: https://www.techmonitor.ai/news/:~:text=Transport%20for%20London%20(TfL)%20has%20directed%20all%20employees,measures%20to%20secure%20the%20organisation%E2%80%99s%20systems%20and%20data.
 
Topic 4: Lisa
Article title: N/A – Lisa wants to talk about “all the acquisitions and mergers in the SIEM|Analytics space, will the Platform Story drive more organizations to consider consolidating their spending and move away from purchasing best of breed solutions?”
Source: N/A
Extras: 3000 pagers kill several and injuring thousands in Lebanon; Spotlight from Lisa Jones-Huff on how AI is impacting the way cybersecurity analysts do their jobs

Back from our summer hiatus, we have a brand new episode of Behind the Shield! This month we’ve brought back one of our favorite special guests, Chris Vincent, to chat about this month’s biggest cyber headlines with our panelists Marco Estrela, Patrick Naoum, Bill Strub and Jason Williams.
Hot Topics: CrowdStrike’s global blue screen of death debacle, splitting the CISO role, Oracle’s NetSuite woes and, the largest password leak of all time?!?

The Behind the Shield team is back with the latest in cybersecurity! This month is a Hot Topics only show with panelists Patrick Naoum, Bill Strub, Jason Williams and your host Marco Estrela. 
Hot Topics: Fortigates get breached, Do you recall when Recall was recalled?, medical-related ransomware breaking all kinds of records (Recorded Future study), arrests in the Desjardins hack, update on the Snowflake debacle, and another Microsoft flaw causing headaches via WIFI.
 
Sources:
Topic 1: Jason #1
Article title: Medical-Targeted Ransomware Is Breaking Records After Change Healthcare’s $22M Payout
Source: https://www.wired.com/story/change-healthcare-22-million-payment-ransomware-spike/?utm_brand=wired&utm_medium=social&utm_source=twitter&utm_social-type=owned&mbid=social_twitter
 
Topic 2: Patrick #1
Article title: The Snowflake Attack May Be Turning Into One of the Largest Data Breaches Ever
Source: https://www.wired.com/story/snowflake-breach-advanced-auto-parts-lendingtree/
 
Topic 3: Bill #1
Article title: Recall Recalled: Is AI On Windows 11 Already Doomed?
Source: https://www.forbes.com/sites/barrycollins/2024/06/14/recall-recalled-is-ai-on-windows-11-already-doomed/
 
Topic 4: Jason #2
Article title: Chinese hackers breached 20,000 FortiGate systems worldwide
Source: https://www.bleepingcomputer.com/news/security/chinese-hackers-breached-20-000-fortigate-systems-worldwide/
 
Topic 5: Bill #2
Article title: Urgent Windows security flaw lets hackers infect your PC over Wi-Fi — update right now
Source: https://www.tomsguide.com/computing/malware-adware/urgent-windows-security-flaw-lets-hackers-infect-your-pc-over-wi-fi-update-right-now
 
Topic 6: Marco #1
Article title: 5 arrested and 3 on the run in Desjardins hack case
Source: https://ici.radio-canada.ca/nouvelle/2080454/principal-suspect-vol-desjardins-arrete
 
 

Expert panelists and host Marco Estrela bring you behind our shield to discuss current cybersecurity topics ripped from the headlines.
This episode's Hot Topics include: Do bounties for ransomware work? Black Basta, wreaking havoc again! Google accidentally wiping out a huge account and APT28 cybercrime group updates. Stay tuned to the end of this episode for some bonus insights from some of the biggest cyber conferences including RSA 2024, IBM think and, ITSec.
 
Sources:
Topic 1: Patrick #1
Article title: 10M$ Bounty
Source: https://www.clubic.com/actualite-525003-les-etats-unis-mettent-la-tete-de-4-hackers-iraniens-a-prix-avec-a-la-cle-10-millions-de-dollars-de-recompense.html
 
Topic 2: Jason #1
Article title: Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Source: https://thehackernews.com/2024/05/black-basta-ransomware-strikes-500.html
 
Topic 3: Patrick #2
Article title: Google Cloud accidentally deletes UniSuper’s online account due to ‘unprecedented misconfiguration’
Source: https://amp-theguardian-com.cdn.ampproject.org/c/s/amp.theguardian.com/australia-news/article/2024/may/09/unisuper-google-cloud-issue-account-access
 
Topic 4: Jason #2
Article title: Microsoft Outlook Flaw Exploited by Russia's APT28 to Hack Czech, German Entities
Source: https://thehackernews.com/2024/05/microsoft-outlook-flaw-exploited-by.html

Behind the Shield host Marco Estrela and panelists Patrick Naoum and Jason Williams are joined by Bruno Germain of this episode's sponsor: Zscaler. 
 
This episode's hot topics include:
Sources:
Topic 1: Jason
Article title: Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack
Source: https://thehackernews.com/2024/04/hackers-deploy-python-backdoor-in-palo.html
 
Topic 2: Patrick
Article title: Email scam drained $814,000 from Just for Laughs' coffers: report
Source: https://montrealgazette.com/news/local-news/email-scam-drained-814000-from-just-for-laughs-coffers-report#:~:text=The%20Montreal%20company%20that%20operates,it%20seeks%20to%20avoid%20bankruptcy
 
Topic 3: Jason
Article title: Roku cyberattack impacts 576,000 accounts
Source: https://cybernews.com/news/roku-cyberattack-impacts-576000-accounts/
 
Zscaler spotlight: Bruno (and panelists) discuss the topic: “SDXCentral reports: “SASE is future, ZT is past, but SSE is right now”; The many ways this is wrong!”

Expert panelists (including our new panelist Jason Williams) and host Marco Estrela bring you behind our shield to discuss current cybersecurity topics ripped from the headlines.
This episode's all Hot Topics format includes: The Volt Typhoon announcement, Cyberattack on US healthcare payment system, SEC Cybersecurity Disclosure coming into effect, Lessons from the Microsoft's Password Spray Hack, and Why Companies Are Bringing Data In-House.
Sources:
Topic 1: Patrick #1
Article title: CISA and GOV Volt Typhoon announcement
Source: https://www.cisa.gov/sites/default/files/2024-03/Fact-Sheet-PRC-State-Sponsored-Cyber-Activity-Actions-for-Critical-Infrastructure-Leaders-508c.pdf
 
Topic 2: Bill #1
Article title: Cyberattack paralyzes largest US healthcare payment system         
Source: https://www.nytimes.com/2024/03/05/health/cyberattack-healthcare-cash.html
 
Topic 3: Jason #1
Article title: Cybersecurity Disclosure by the SEC coming into effect
Source: https://www.sec.gov/news/statement/gerding-cybersecurity-disclosure-20231214
 
Topic 4: Bill #2
Article title:  Key Lesson from Microsoft's Password Spray Hack: Secure Every Account      
Source: https://thehackernews.com/2024/03/key-lesson-from-microsofts-password.html
 
Topic 5: Jason #2
Article title: The Rise Of Cloud Repatriation: Why Companies Are Bringing Data In-House
Source: https://www.forbes.com/sites/forbestechcouncil/2023/04/18/the-rise-of-cloud-repatriation-why-companies-are-bringing-data-in-house/?sh=3af3d57358f7
 

Expert panelists, including our guest Matt Konwiser from this month's sponsor IBM Security, and host Marco Estrela discuss current cybersecurity topics ripped from the headlines.
This episode's Hot Topics include: Open AI’s concerns about #GenAI, the data security of AI boy/girlfriends, Matt’s take on the #AppleProVision, and LockBit’s recent bust by the UK government.
If you want to talk to us about our 24/7 SOC, powered by IBM Security’s QRadar, you can reach us at 1-800-401-TECH or virtualguardian.com. 
Sources:
Topic 1: Bill
Article title: Microsoft, OpenAI Warn of Nation-State Hackers Weaponizing AI for Cyber Attacks
Source: https://thehackernews.com/2024/02/microsoft-openai-warn-of-nation-state.html
 
Topic 2: Patrick
Article title: “AI girlfriends” are a privacy nightmare 
Source: https://www.wired.com/story/ai-girlfriends-privacy-nightmare/
 
Topic 3: Bill
Article title: Lockbit cybercrime gang faces global takedown with indictments and arrests
Source: https://www.reuters.com/technology/cybersecurity/us-indicts-two-russian-nationals-lockbit-cybercrime-gang-bust-2024-02-20/
 
 
 

Virtual Guardian's BTS panelists and guest Jane Arnett of Check Point cover hot topics, revisit the highs and lows of cybersecurity in 2023, and make their predictions and wishes for 2024. 
 
Hot Topic Sources:
Article title: Hackers Extort Victim with SEC Whistleblower Complaint
Source: https://www.jdsupra.com/legalnews/hackers-extort-victim-with-sec-2694993/#:~:text=In%20an%20unintended%20consequence%20of,isn%27t%20even%20required%20yet.
 
Article title: We tried to quantify how harmful hospital ransomware attacks are for patients. Here’s what we found 
Source: https://www.statnews.com/2023/11/17/hospital-ransomware-attack-patient-deaths-study/
 

We didn't have time to get to all of our Hot Topics in the Nov 2nd Behind the Shield!  Ready for a little more  cyber news from Marco, Bill and Patrick?
Bonus Hot Topics:
AI Kidnapping Hoaxes: https://www.darkreading.com/black-hat/virtual-kidnapping-ai-tools-enabling-irl-extortion-scams
Johnson Controls Breach - An Update from Patrick from last week's discussion. https://www.msspalert.com/news/johnson-controls-struck-by-king-size-ransomware-attack-demanding-51-million-payoff
Fraudsters target Booking.com customers claiming hotel stay could be cancelled . https://grahamcluley.com/fraudsters-target-booking-com-customers-claiming-hotel-stay-could-be-cancelled/
Okta breach à One Password: https://www.darkreading.com/black-hat/virtual-kidnapping-ai-tools-enabling-irl-extortion-scams