Cybersecurity Headlines

This podcast covers topics such as DearCry ransomware, Google facing lawsuit over snooping, detecting deepfakes through eye reflections, and Canada Revenue Agency locking user accounts. It also discusses Netgear switch flaws, Windows 10 printing crashes, PDF document leakage, and beer production disruption.

Topics discussed include encryption hacking claims, unsecured webcam feeds, Russia blocking itself by mistake, pro-Chinese influence operation, proxy log-on exploit, new Linux malware, Linux backdoor, exchange server attacks, WordPress plugin bug exploitation, and a CISO series video chat reminder.

Dan Walsh, CISO, VillageMD, joins the show to discuss topics such as emergency patching by Microsoft, impact of a data center fire on a cloud company's downtime, rise of 'hog' ransomware demanding victims to join a Discord server, supply chain vulnerabilities, China's plan to reduce tech dependency, challenges of China's tech supply chain self-sufficiency, frequency and impact of zero-day vulnerabilities in 2021, and speculations on post-pandemic cyber threats.

Cloud hosting data centers burned down, open source supply chain security, dependency confusion attacks, government IT funding, USCIO appointment, China's tech dependency reduction plan, sensitive data on GitHub, leaks on GitHub, perception of cybersecurity in organizations

Microsoft's March Patch Tuesday fixes 82 flaws and 2 zero-days. Hackers breach surveillance cameras at Tesla, Cloudflare, and banks. CISA warns about Exchange Server exploitation. Discussion on Android app malware and vaccine-related phishing scams. Various cyber attacks, fake unemployment benefit websites, and iOS call recording app vulnerability.

Topics discussed in the podcast include the supernova malware, Intel's work on fully homomorphic encryption, gender disparity in cyber security, Microsoft Exchange hack, Trend Micro's cybersecurity solutions, PayPal's acquisition of Curve, WhatsApp's password protection plan, McAfee's sale of enterprise security business, and Chrome security measures.

Ransomware gang uses voice calls to pressure victims. New Microsoft tool checks Exchange Servers. Phishing attacks target US brokers with fake FINRA audits. OpenAI's neural network vulnerability. AI-powered YouTube captions for chips.

Fake news performs better on Facebook than real news, security firm Qualys experiences a data breach, CISA issues emergency directive for Exchange zero-days, Microsoft reveals investigation results on a security incident, discussion on new scam tactics by BEC scammers, and promotion of a CISO series video chat on systemic risk hacking.

In this episode, John Overbaugh, vp, security, CareCentrix, discusses the SolarWinds breach, the rise of Go Malware, the potential impact of the convergence of kinetic and electronic warfare on information security, the importance of skepticism and securing third-party dependencies, and the prevalence of social engineering and the need for stronger authentication.

Topics discussed include Virginia's new Consumer Data Protection Act, exploitation of zero-day vulnerabilities, Facebook lifting its political ad ban, TrustMAPP as the sponsor, critical vulnerabilities in GAB, U.S. government's recovery from the SolarWinds attack, Flock security cameras, and security risks of sharing work-from-home photos.