Two Guys and an Opinion

This week's episode is (nearly) all about those pesky passwords that won't  go away and how one industry giant told Richard how he can't wait for them to 'Die'!We explore the concept of the 'password-less' future, how Coinbase got hacked by some rascals bypassing MFA and why you should listen to Michael McIntyre on the subject too.  See below!Show Links:Michael McIntyre - You should probably change your password!

Back by zero demand, as if they never went away, REvil's back and up to their old tricks.  Was it as simple as a nice summer break or something more sinister?Also - is it time we rewrite the rules of business continuity and incidence recovery processes?  Should be be placing more focus on the ability to deflect, rather the ability to recover, from a cyber incident?Listen to find out!

In this week's roundup of our industry's SNAFU's, we delve into the 'Worst Vulnerability Ever Found' in a cloud provider, the largest fine ever dealt out by the Irish Data Protection Commission, and LockBit strikes again!Notes:The WhatsApp story.The ChaosDB story.The Lockbit story.

SEASON 2! We're back and we're bold!  And bald....Vlad and Richard pick from where they left off at the end of Season 1.  But now with added edginess!  Unlike the rest of the world, the bad guys don't seem to have taken a summer break; the most noteworthy event being the Accenture hack by a LockBit affiliate last week.Also, Vlad relives his time at Black Hat Las Vegas...  well, he didn't actually get to Las Vegas, but his interviewer, Dany Appelgate, Co-Founder of rThreat was there!!We also attempt to wring out the soggy middle in an effort to help meet the latest craze of net-zero IT budgets...  That'll all make sense when you listen!

In this final episode of the season, we cover two of the most notable cyber incidents in recent weeks; PrintNightmare and the Kaseya breach.  As a result, we lament the problem of the  'soggy middle' taking the 'tickbox' approach to cybersecurity.  Also Vlad and Richard go through several 'triggered' moments trying once again to get security leaders and marketeers to drop the cheese,  engage the business, and get the cybersecurity agenda on the board table before you become the next headline!  We even go as far as telling you how to do it!

VENDOR SPOTLIGHT:KnowBe4In another of our sub-series where we focus on a particular vendor in our portfolio, we welcome Javvad Malik, a Security Awareness Advocate from KnowBe4.It's a given that the majority of successful cybersecurity breaches start with a social engineering attack; the majority of them being a Phishing email.  So, how do we help people avoid being caught out?  Training, testing, training, testing, training, repeat....But: not all users are alike and not all user-awareness training schemes are alike and so a carefully designed and deployed program is the only way to really make a difference.Javvad does a great job of trying to use more analogies than Richard in the pursuit of bringing the KnowBe4 capabilities to life, but it's safe to say: this is the podcast for you if you ever needed help to justify a program of awareness training in your organisation!

This week we talk about the concept of 'SOC Burnout' and the need for companies to recognise the condition and support the analysts.  Tenuously related to SOC burnout, we examine (destroy!), the 'Artificial Intelligence' myth that Cybersecurity vendors peddle on a daily basis.It's machine-learning, people!  Open invitation:  Any Cybersecurity vendor that would like to come on the show and explain how their product is 'intelligent' - we would love to have you on!Notes:The article concerning 'SOC burnout':  https://www.helpnetsecurity.com/2021/06/23/soc-burnout-is-real/

This week's episode is dominated by the snafu at Fastly that brought the Internet to its knees.  And following the news this week that the FBI was able to 'recover' a significant portion of the ransom paid to the DarkSide gang after the incident at Colonial Pipeline, we ask the rather fundamental question, 'is anything safe anymore?!'Vlad dons his foil hat and ends up down several rabbit holes whilst contemplating the answer!

In this second episode of our sub-series of 'VENDOR SPOTLIGHT's, we introduce Agari - a leading vendor delivering enterprise email security by leveraging unique AI technology to protect your organisation and your inbox.We're joined by Chris Spencer - one of Agari's Email Security Practitioners to discuss the product suite and it's capabilities.  We demystify DMARC and the holy grail of 'p=reject'.  And we couldn't go through an entire episode without talking about ransomware! Agari Brand Protection (ABP) and Agari Phishing Defence (APD) offer an unrivalled antidote to the scourge plaguing organisations globally.

In this episode we cover the cybersecurity news from the past two weeks which is again dominated by more ransomware attacks wreaking havoc across the private and public sector alike...However, in a break from the norm Vlad and I go toe-to-toe over a thorny issue that divided the camp at The RANt Group office.We'd love to hear your opinion: hello@TheRANtGroup.com.  The most considered argument will get you a mention in the next episode.

In a break from the norm, this week we're focussing purely on a single vendor that recently joined our portfolio: rThreat.  We're delighted to be joined by Dany Applegate, their Co-Founder and Head of Marketing.rThreat specialises in Breach and Attack Emulation (BAE - see episode 12), allowing companies to safely detonate REAL known and unknown malware into your endpoints and networks.  The capability couldn't be a more perfect fit for our continuing mission to enable companies to achieve a Permanent State of Readiness.How else are you going to be able to validate your investment in your cybersecurity defences without testing them with REAL-world malware?!www.rThreat.com 

In this episode we discuss one heck of an 'own-goal' that leads to a rather embarrassing situation for an unlucky student.  And could we actually see the beginning of the end for Ransomware?  We cover the newly formed Ransomware Task Force and how effective we think their approach may be.Episode Notes:The NCSC early warning service: https://www.earlywarning.service.ncsc.gov.uk/The NCSC mitigating malware paper: https://www.ncsc.gov.uk/guidance/mitigating-malware-and-ransomware-attacks

In this episode we discuss this week's New Kids on the Block-chain; QLocker and their rather well-executed and profitable Ransomware debut.Also covered is the no. 1 attack vector for these increasingly well-organised gangs and what your organisation should be doing to thwart their efforts.As always - get in touch to understand how you can reach a Permanent State of Readiness! hello@therantgroup.com

Breaking news this week:  A Pulse Secure VPN zero-day vulnerability found with NO FIX!We unpack what that means for the thousands of customers out there and what measures could be put in place to be in a Permanent State of Readiness should you get breached by a vulnerability such at this.And of course we couldn't let the Facebook incident go without an honorable mention along with their take on how to handle the PR of  such a huge leak...Get in touch for an inside scoop on how you can protect your organisation from zero-day threats.  hello@therantgroup.com

Now you may be forgiven for thinking that this episode is a montage of  3 or 4 of our previous podcasts...  but alas, no...We do however visit some old friends like SolarWinds,  Travelex  and HAFNIUM as  they all become topical again following the US/UK sanctions imposed on Russia this week.Of course Russia, 'does not conduct offensive operations in the cyber domain', but we unpick what is being reported anyway, and again arrive at two indubitable facts of cyber-readiness.....

BAE.  No, not the aerospace company, your kid's bestie or the Danish for 'poop', but in fact an exciting and emerging capability in the war on cybercrime.Breach and Attack Emulation.  This is the real deal. It may sound crazy, but we're saying we're going to deploy REAL malware into your network (safely of course!), to see what happens.  What better way to validate your cyber-defence budget than emulating a real attack!?We'd love to hear from you if you think this is a good idea or would like to see it in action!  Get in touch.Hello@therantgroup.com

In a shocking turn of events, Richard gets triggered regarding the seemingly inexorable rise and rise of Ransomware attacks on organisations big and small.  Vlad stays uncharacteristically calm!We discuss the facts and figures of cyber breaches during 2020 and also attempt to fix the whole sorry problem with a few off-piste thought experiments...

In this episode we're joined by James Linton, AKA Sinon_reborn, AKA the Email Prankster.  James shot to fame in 2017 following a series of audacious and outrageous email scams that targeted international banking institutions, high-profile politicians and even the Trump administration!We quiz James on his motivations, methods and how his email scamming spree led to him landing a dream job at Agari's Cyber Intelligence Division (ACID).James now uses his social engineering powers and acquired knowledge to help organisations master email security awareness.Links:Agari's Cyber Intelligence Division (ACID) James Linton

Yes, yes... you DO need another acronym!  Or more specifically, an initialism!  In this episode we introduce the concept of P.S.R.  A 'Permanent State of Readiness'.Achieving PSR from an information and / or cybersecurity point of view should be seen as the holy grail of your cyber combat status.  It won't be easy getting there and every day you need to ensure your PSR is maintained, but nonetheless, once achieved, you stand the greatest chance of minimising the negative impact of a cybersecurity incident.Also, we leak details of a very cool guest joining us on the next episode, be sure to listen to find out who!

BREAKING NEWS!This week's brief podcast is recorded live from the front line of a potentially breached customer.  Following on from last week's announced 'HAFNIUM' attacks on vulnerable Microsoft Exchange on-premise servers, we perform in-depth analysis on a potentially breached system. Also - Vlad gets triggered... again...