- 1 Paul's Security Weekly Episode #675 - November 19, 2020
- 2 1. Mimecast - 06:00 PM-06:45 PM
- 3 2. Michael Roytman, Kenna Security - 07:00 PM-07:45 PM
- 4 3. Security News - 08:00 PM-09:30 PM
Paul's Security Weekly Episode #675 - November 19, 2020
Subscribe to all of our shows and mailing list by visiting: https://securityweekly.com/subscribe
1. Mimecast - 06:00 PM-06:45 PM
Segment Description Coming Soon!
2. Michael Roytman, Kenna Security - 07:00 PM-07:45 PM
Segment Description Coming Soon! This segment is sponsored by Kenna Security. Visit https://securityweekly.com/kennasecurity to learn more about them!
Michael Roytman is Chief Data Scientist at Kenna Security
Michael Roytman is a recognized expert in cybersecurity data science. At Kenna Security, Michael is responsible for building the company's core analytics functionality focusing on security metrics, risk measurement, and vulnerability measurement. Named one of Forbes' 30 Under 30, Michael's strong entrepreneurship skills include founding organizations such as Dharma Platform, a cloud-based data management platform, and TruckSpotting, a mobile app for tracking food trucks. He also serves on the board of Cryptomove, a moving target data protection startup. In addition, Michael chairs the Board of Dharma Platform, is a board member and the program director at the Society of Information Risk Analysts (SIRA), and is a co-author of the Exploit Prediction Scoring System (EPSS). Michael is a frequent speaker at security industry events, including Black Hat, BSides, Metricon, RSA, SIRACon, SOURCE, and more. Michael holds a Master of Science in Operations Research degree from Georgia Institute of Technology.
Doug White - Professor at Roger Williams University Jeff Man - Sr. InfoSec Consultant at Online Business Systems Joff Thyer - Security Analyst at Black Hills Information Security Tyler Robinson - Managing Director of Network Operations at Nisos, Inc
3. Security News - 08:00 PM-09:30 PM
Segment Description Coming Soon!
Doug White's Content:
Jeff Man's Content:
Joff Thyer's Content:
Lee Neely's Content:
- Ransomware attack takes web hosting provider Managed.com servers offline Managed.com, one of the world's largest web hosting providers, has disclosed it was forced to shut down its entire web hosting infrastructure after being hit by a ransomware attack on Nov. 16 that also reportedly took down "a small number" of customer websites.
- Hacking group exploits ZeroLogon in automotive, industrial attack wave The possibly Chinese government state-sponsored "Cicada" (APT10, Stone Panda, Cloud Hopper) advanced persistent threat (APT) group has been spotted leveraging the "Zerologon" vulnerability (CVE-2020-1472) in a worldwide attack campaign targeting businesses connected to Japan in order to access and exfiltrate sensitive information.
- Microsoft fixes Windows Kerberos authentication issues in OOB update Microsoft has released out-of-band optional updates to fix a known issue that causes Kerberos authentication problems on enterprise domain controllers CVE-2020-17409. Low risk, high complexity and high priv level needed to exploit.
- Australian government warns of possible ransomware attacks on health sector The Australian government has issued a security alert today urging local health sector organizations to check their cyber-security defenses, attacks targeting the health care sector with the "SDBBot" remote access Trojan (RAT), which is a known precursor to "Clop" ransomware infections.
- Vertafore data breach exposed data of 27.7 million Texas drivers Vertafore announced that information of 27.7 million Texas drivers has been exposed in a data breach caused by a human error. Vertafore announced that after an employee inadvertently stored three files containing the PII on an unsecured external storage service that was ultimately accessed by an unknown third party.
- More than 200 systems infected by new Chinese APT 'FunnyDream' A new Chinese state-sponsored hacking group "FunnyDream" has infected more than 200 systems across Southeast Asia. Activity leverages RIGHTSIDE and ENDRANT malware, among others.
- Over 80,000 ID Cards and Fingerprint Scans Exposed in Cloud Leak Misconfigured Amazon S3 bucket belonging to Canoga Park, Calif.-based used electronics reseller TronicsXchange exposed on the Internet containing more than 2.6 million files that included victims' personally identifiable information (PII) and biometric images.
- Millions of Bumble users put at risk after online dating hack