The Ring of Defense

The U.S. FBI and CISA recently released guidance concerning a growing hobby. What are the concerns, and how does it relate to SASE and cybersecurity?Join Bill Carter as he demysifies governmental guidance, and provides you clear steps so you're ready for whatever's next.

In the first episode of 2024, Bill and Robin dive into a vulnerability impacting SSH across the world, as well as explore how something in your pocket may get you unwarranted attention.What is the Terrapin attack, and why should you leave your FlipperZero in check-in luggage?Learn all this and more on the latest episode of the Ring of Defense!

Join Bill and Robin as they dive into the latest and greatest cybersecurity news.In this week's episode, Bill covers the ever-present threat of Gootloader, and Robin dives into a recent 70+ page report published by the UK's National Cyber Security Center (NCSC.)What is Gootloader? What threats/trends have the NCSC identified, and what are their recommendations for the future?Learn all this and more on the latest episode

In this week's episode, Robin and Bill explore the recent SEC charges against Solarwinds (and their Chief Information Security Officer) with fraud, as well as a CVE with a perfect CVSS rating of 10.0 against Cisco!Why is a CISO getting charged with fraud? What does a a CVSS rating of 10 mean, and why should you be worried if you use Cisco IOS or IOS XE today?Learn all this and more on the latest episode

In this week's episode, Bill and Robin dive into the dangers of EvilProxy, as well as discuss a hot new vulnerability in the curl framework (CVE-2023-38545)Should you be concerned about this CVE? How can you tell if personal parameters are being sent to threat actors? and how can you help mitigate against these security challenges?Learn all this and more on the latest episode of The Ring of Defense!

In this week's episode, Bill and Robin dive deep into the techniques and tricks used by the masterminds behind the recent attacks on MGM and the Caesars Entertainment group, Scattered Spider and ALPHV. Why was MGM's business down for 10 days? Why did Caesars pay an alleged $15M ransom? What is BlackCat?  How can this have been prevented, and how would this map to something like the MITRE ATT&CK framework?Learn all this and more on the latest episode

In this week's episode, Bill and Robin explore the dangers of programmatic interfaces! The language-learning website, Duolingo, has fallen victim to an API exploit which has exposed 2.6 million user accounts, and there's threat actors on the dark web who are using Python to subversively change messages in Telegram threads.What's happening in the world, why should you care, and how can you stay protected?Learn all this and more in the latest episode of The Ring of Defense!

In this week's episode, Bill and Robin delve once again into the world of Zero Trust as they discuss how end-to-end encrypted messaging services have fallen victim to the BadBazaar trojan, as well as asking the question "Should you trust URLs on your children's snacks?"Learn all this and more on the latest episode of The Ring of Defense!

In this week's episode, Bill and Robin discuss the brand-new cybersecurity framework from the National Institute of Standards and Technology. Dubbed the NIST CSF 2.0, this expands on their first iteration by adding a new pillar of 'Governance.'What is the CSF, how is 2.0 different from 1.0, and why should you care?Learn all this and more on the latest episode of The Ring of Defense!

In this week's episode, Bill and Robin discover the dangerous world of an AI tool without guardrails: WormGPT. This AI tool is allowing people with limited technical experience to create potential chaos. When coupled with the rise in popularity of tools like the Wi-Fi pineapple, and Flipper Zero, do you need to be more worried about the next generation of script kiddies?Learn all this and more on the latest episode of The Ring of Defense!

In this week's episode, Bill and Robin respond to a viewer request, and delive into the world of State, Local Government and Education, and how they can stay protected and secured with limited budgets. We cover documents issued by the FBI regarding how to stay safe, and also discuss how some OEM vendors are advocating that SLED organisations should just pay whatever ransom has been asked.Will this make the threat actors go away, or will they be here to extort another day?Learn all this and more on the latest episode of The Ring of Defense!

TSMC, the world’s largest semiconductor manufacturer, has been listed on LockBit’s dark web blog, with the gang demanding $70 million for the stolen data. TSMC states that it was due to their IT hardware suppliers; yet another reason to pay attention to the supply chain.So, who are LockBit, how do they operate, and how can you prevent this from happening to you? Learn all this and more on the latest episode of The Ring of Defense!

In this episode, we take a look at how Reddit has dealt with a recent data breach leading to personal information theft, and a hefty $4.5m demand to not leak the information, as well as how the OpenAI foundation has 100,000 ChatGPT user credentials available for sale on the dark web. Raccoon, Vidar, RedLine, and other information stealers ahoy! Why should you be worried? How does this happen, and most importantly of all, how can you stay protected?

In this episode we explore how the BBC, British Airways, Aer Lingus and other organisations have become victim to a 'mass hack' due to an alleged vulnerability in the MOVEit secure file transfer system, as well as explore how an old iPhone vulnerability could give threat actors full access to your device, without you even opening a file or clicking a link....Why should you be worried? How does this happen, and most importantly of all, how can you stay protected?Learn all this and more in the latest episode

In this episode we dive into the concepts and attack vectors of DNS Tunnelling, as well as start exploring the dangerous OSINT tools of Shodan and Censys. Security through obscurity used to be acceptable, but with GPTs and Adversarial GANs appearing - is this still a valid approach?Explore the podcast

Cato Networks offers web-security protection using 'Remote Browser Isolation' (RBI), but do you know what it is, how it works, or why you should use it?Join Robin in this audio-only podcast monologue to learn more!Never heard about RBI before? No worries, we all have to start somewhere....

Domain Generating Algorithms (DGA): - Threat actors often rely on domain-generating algorithms to circumvent traditional URL filtering to establish a malicious connection with a deployed payload. But do you know what DGAs are, or how to protect against them?The 3CX Supply Chain Attack- On March 29th, a new supply chain attack was identified targeting 3CX, a VoIP IPXS developer. This exploit used a 10-year-old Microsoft vulnerability (CVE-2013-3900) that makes executables appear to be legitimately signed by Microsoft while, in fact, they are being used to distribute malware. How did this happen, and how can you prevent this from being a problem in your business environment?

Last week Bill was at the RSA Conference, where there were over 50,000 attendees and multiple security vendors present. But what topics were on the hears and minds of those who visited?Learn about the 'top 5' items which are currently concerning, and exciting, security practitioners in this latest episode.

* The Seventh Branch - Why Convergence is key-- The US Military Cyber Professional Association urged lawmakers this week to establish a U.S Cyber Force in this year's annual defence policy bill. It has been alleged that the current approach to Cybersecurity across the current 6 military branches has been divided, inconsistent, and inefficient, and that a dedicated security branch is needed. The Government is converging, why should you?* You've got Malicious Mail: CVE-2023-23397- A new critical vulnerability impacting Microsoft Outlook was recently published by Microsoft allowing hackers to steal hash information with zero-involvement required from the user. This exploit works via sending a calendar invite, which can eventually steal the net-NTLM hash along with username and domain names (to be used in a future attack.) How does this work?Are you protected? Well, you are if you are a Cato customer....