A conversation with Rob Allen from ThreatLocker, UL's Black Friday sale, Finland's internet disrupted, and more... âĄď¸ Get Your Free Cloud Security Scan with Wiz: wiz.io/ul Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
In this conversation, I speak with Rob Allen, Chief Product Officer at ThreatLocker. We talk about: ThreatLockerâs Unique Zero Trust Approach to Cybersecurity:How ThreatLockerâs "deny by default, permit by exception" methodology, along with automated application learning and built-in definitions for over 4,000 applications, simplifies allowlisting and enhances endpoint security. Innovations in ThreatLockerâs Control Features:How ThreatLockerâs ringfencing prevents unauthorized application interactions and data access, and dynamic firewalls mitigate risks like lateral movement and ransomware attacks through endpoint-level network segmentation. Recent Developments and Cloud Expansion:How ThreatLocker Detect and Cloud Detect provide advanced detection capabilities for endpoint and cloud environments, including Office 365, enabling anomaly detection, centralized alerts, and proactive threat management. And more. Into (00:00:00)ThreatLocker's Zero Trust Cybersecurity Approach (00:00:31)Understanding Allow Listing in Cybersecurity (00:01:49)Managing Software Updates with ThreatLocker (00:02:13)Automated Application Updates for Over 4000 Programs (00:04:11)Vendor Collaboration for Early Software Updates (00:05:40)Challenges and Risks of Immediate Software Updates (00:06:53)Assuming Breach: A Core Cybersecurity Principle (00:08:10)Implementing Zero Trust Strategies with Ring Fencing (00:09:30)Controlling Application Interactions to Prevent Threats (00:09:50)Advanced Data Protection with Storage Control (00:13:17)Dynamic ACLs for Smarter Network Control (00:15:48)Ransomware Risks from Open Ports (00:16:50)Using Shodan to Identify Open Port Vulnerabilities (00:17:19)Building Application Allow Lists with Contextual Data (00:18:43)Learning Mode for Application and Traffic Visibility (00:19:36)Balancing User Behavior Control and Workflow (00:20:44)Integrating Detection and Control with ThreatLocker Detect (00:21:44)Why Detection is Critical in Cybersecurity Layers (00:22:41)Response Mechanisms and Automated Remediation (00:24:02)Lockdown Mode: Ultimate Isolation from Threats (00:25:38)Streamlined Application Approvals with Cyber Hero (00:26:36)Breaking Down Ransomware Attack Stages (00:27:46)Introducing Cloud Detect for Cloud Security (00:29:39)How to Learn More About ThreatLocker Solutions (00:30:47)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
My conversation with Jason Haddix from Flare, Google finds a Zero-Day with AI, Robot Dogs Protecting Mar-a-Lago, and more... Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Â Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Streamline Your Cybersecurity with Flare Here: https://try.flare.io/unsupervised-learning/ In this conversation, I speak with Jason Haddix, founder of Arcanum Security and CISO at Flare. We talk about: Flare's Unique Approach to Threat Intelligence:How Flare's capability to uncover compromised credentials and cookies from the dark web and private forums has been crucial in red team engagements. Challenges of Credential Theft and Advanced Malware Techniques:How adversaries utilize tools like the RedLine Stealer malware to gather credentials, cookies, and other sensitive information, and this stolen data enables attackers to bypass authentication protocols, emphasizing the need for comprehensive exposure management. Jason's Journey To Founding Arcanum & Arcanum's Security Training Programs:How Jason now advises on product development and threat intelligence as Flare's CISO and his journey to fund Arcanum, a company focused on red teaming and cybersecurity, and Arcanum's specialized training programs focusing on offensive security and using AI in security roles. And more Introduction to the Podcast (00:00:00)Guest Excitement on Podcast (00:00:20)Jason's New Business and Flare Role (00:00:24)Career Shift from Ubisoft to Red Teaming (00:01:02)Evolution of Adversary Tactics (00:02:04)Flare's Credential Exposure Management (00:02:58)Synergy Between Arcanum and Flare(00:03:55)Dark Web Credential Compromise (00:04:45)Challenges with Two-Factor Authentication (00:06:25)Cookie Theft and Unauthorized Access (00:07:39)Redline Malware and Its Impact (00:08:12)Flare's Research Capabilities (00:09:50)Potential for Advanced Malware Detection (00:11:40)Expansion of Threat Intelligence Services (00:12:15)Vision for a Unified Security Dashboard (00:13:25)Integrating Threat Intelligence with Identity Management (00:14:00)Credential Update Notifications via API (00:15:54)Automated Credential Management Potential (00:17:28)AI Features in Security Platforms (00:17:32)Exploration of Automated Security Responses (00:18:38)Introduction to Arcanum Security (00:19:25)Overview of Arcanum Training Courses (00:20:25)Necessity for Up-to-Date Training (00:22:15)Guest Experts in Training Sessions (00:23:08)Upcoming Features for Flare (00:25:11)Integrating Vulnerability Management (00:28:08)Accessing Flare's Free Trial (00:28:25)Learning More About Arcanum (00:29:09)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
AI Avatar Breaches, Gullibility is Vulnerability: Conspiracy is Threat, Caldera's New Plugin, and more... Try Out the ThreatLocker to take your security to the next level: https://www.threatlocker.com/ul Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
This episode, "How My Projects Fit Together," is a follow-up to a previous post called "What I Am Doing & How It's Going". Here, Daniel Miessler addresses the most commonly asked questions: "I see all your projects, but what are they? How are they related?" He takes an individual look at his various projects (Substrate, Fabric, Telos, Daemon, and Human 3.0) and then how they work together to tackle big issues such as the lack of purpose and meaning in people's lives, preparing people for the impact of AI in society, and the need for holistic human development. For all the projectsâ links,visit: https://danielmiessler.com/p/how-my-projects-fit-together - Intro (00:00:00)- Identifying Major Problems (00:00:47)- Lack of Purpose and Meaning (00:01:50)- Impact of AI on Society (00:01:50)- Training for Full-Spectrum Individuals (00:03:02)- Security as a Core Focus (00:03:02)- Helios: Attack Surface Monitoring (00:04:11)- Daemon: Security Program Management (00:05:16)- Substrate: Enhancing Human Understanding (00:06:21)- Argument Components in Substrate (00:07:35)- AI and Argument Detection (00:10:59)- Fabric: Augmenting Humans with AI (00:15:26)- Fabric Patterns for Problem Solving (00:16:31)- Fabric Overview (00:19:36)- Telos Introduction (00:20:50)- Articulating the Mission (00:21:50)- Telos File Example (00:22:53)- Managing Personal Life with Telos (00:23:57)- AI and Purpose (00:26:10)- Daemon Introduction (00:28:21)- API Concept in Daily Life (00:29:28)- Digital Assistants and APIs (00:31:40)- Human Connection through Sharing (00:37:52)- Daemon Personal API Broadcast (00:39:53)- Human 30 Introduction (00:43:07)- Human 30 Philosophy (00:45:22)- Impact of AI on Work (00:48:47)- Human 30 Platform Overview (00:51:00)- Summary of Projects (00:54:03)- Vision of Future AI Integration (00:56:21)- Encouragement for Clarity and Purpose (00:57:39)- Encouragement for Purpose (00:59:47)- Articulating Your Work (01:00:46)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Human 3.0 is here. In this conference for the United Nations, Daniel Miessler introduces the topic of Human 3.0 philosophy and the skills and mental frameworks needed to thrive in an AI-driven world. Learn about: - The future of work and the human 3.0 economy. - How AI will revolutionize startups and entrepreneurship. - How one-person billion-dollar companies are becoming a reality. - Creative expression and AI. - The importance of personal visibility and authenticity. - How to survive and thrive in today's rapidly evolving technological landscape. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
China prepping for kinetic using cyber?, Automatic podcast creation using NotebookLM, VM + AI, and more... Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
This is a NotebookLM podcast based on a long conversation I had with my AI, DARSA, on the topic of whether AIs truly understand things and/or are capable of creativity.Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Venture capitalists aren't looking for nice founders; they want risk-takers. Nate Silver highlights that 70% of the billionaires on the 2023 Forbes 400 list are self-made, often coming from modest backgrounds. Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one! Â Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Comedians are increasingly using AI to help write jokes and brainstorm ideas, with mixed results. I think this is similar to the Turing Test in terms of the importance of AI progress. If AI can write a full set of comedy and make humans laugh, thatâs f*cking huge. Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Trump shared a fake image of Harris speaking at a Communist event. This one looks fairly fake, but 1) lots of people will still believe itâs real, and 2) current tech can already make more believable ones. Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!  Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
A new Fabric web app called FabricUI!, Many AI Eyes, PagerAttack Analysis, a new Ripgrep, and more... Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
A whole bunch of right-wing influencers received millions from Russia in return for promoting pro-Russian talking points. Hilarious to me since their whole narrative is to be skeptical and discerning. Except when it comes to obvious Russian propaganda. Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
The more I think about it, the more I think a major career for creators going forward will be building entire realities for people to live inside of. So think post-AG/SI and post UBI, and where games are extraordinarily immersive. I think there will be a huge market for creative people building the story lines and stat systems and look and feel of entire worlds that people will live inside of for a period of years at a time. Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Here are my first thoughts after using OpenAI's New Strawberry Model for a couple of hours Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
80% Chinese Cranes, Drones vs. Abrahams, a RAG kickstart, a Canary-based Security Maturity Model, and more... Check out Wiz for a Free Could Security Scan:https://www.wiz.io/ul Subscribe to the newsletter at:Â https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
In this conversation, I speak with Shiladitya Sircar, Senior VP of Product Engineering and Data Science at BlackBerry. We talk about: The Rise of Deepfakes and Cyber ThreatsInnovation Meets Malicious Intent: Deepfakes are not just a tech novelty; theyâre a growing threat. From text-based phishing to hyper-realistic fake videos and audio, the landscape of cyber threats is evolving rapidly. Deepfake technology can clone voices, making it easier for cybercriminals to impersonate individuals and bypass security measures. Understanding Identity CompromiseVoice Cloning Dangers: Our brains are wired to trust familiar voices, making voice cloning particularly insidious. We share a chilling story about a cybercriminal impersonating Ferrariâs CEO. The attackerâs deepfake was so convincing that it almost led to a major scam. The Impact on TrustEroding Trust in Systems: Deepfakes can undermine trust in institutions and systems, much like traditional scams but with a high-tech twist. Beyond individual attacks, deepfakes can manipulate public opinion and even influence elections. Organizations need to train employees to spot deepfakes, and thereâs a pressing need for laws that specifically address deepfakes and identity spoofing. And more Intro (00:00:00)Main Cyber Threats from Deepfakes (00:00:56)Identity Compromise Explained (00:02:47)Impact of Deepfakes on Trust (00:06:23)Deepfakes in Attack Chains (00:08:15)Case Studies of Deepfake Attacks (00:09:41)Emerging Threat Landscape (00:13:56)Defending Against Deepfake Attacks (00:15:07)Regulatory Frameworks Needed (00:16:28)The Role of Education and Technology (00:18:57)Future of Content Authenticity (00:20:53)Legislation and Authenticity Mechanisms (00:22:04)Real-Time Deepfake Validation (00:23:18)Government and Industry Partnership (00:24:07)Media Forensic Research (00:24:23)Zero Knowledge Proofs (00:25:36)Content Provenance and Authenticity (00:26:52)Trust Network Expansion (00:28:00)Puppeteering Technology (00:29:20)Stream Authentication Challenges (00:30:21)Hardware-Level Trust (00:32:00)Fragmentation in Standards (00:32:29)Trust in Communication Protocols (00:33:51)Collaboration for Solutions (00:35:22)Apple's Unique Position (00:36:47)Erosion of Trust (00:37:31)AI Agents for Detection (00:38:11)Short-term and Long-term Solutions (00:38:45)Awareness and Education (00:41:23)Predictions for Deepfake Technology (00:41:48)Community Action Against Deepfakes (00:43:09)Learning More About BlackBerry's Work (00:43:29)Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
Life changing books, defining your core problems, the Apple updates, and much more... ⥠Check out Vanta and get $1000 off:vanta.com/unsupervised Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
KnowBe4 accidentally hired a North Korean state actor who tried to install info-stealing malware on their devices. They caught it in time, but it shows how good North Korean hackers are at pretending to be IT staff. | Bill Toulas | MORE Subscribe to the newsletter at: https://danielmiessler.com/subscribe Join the UL community at:https://danielmiessler.com/upgrade Follow on X:https://twitter.com/danielmiessler Follow on LinkedIn:https://www.linkedin.com/in/danielmiessler See you in the next one!Become a Member: https://danielmiessler.com/upgradeSee omnystudio.com/listener for privacy information.
KeyboardMonkey
This guy is great at research and fact aggregation but terrible with narration.