Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Latest Videos

2022 in Review (and what's to come)

Join the team at LimaCharlie for an interactive open forum about much of what has happened in 2022. Dive into and learn about key feature releases and hear a little about what's to come for the future. 2022 was a major growth year for LimaCharlie and we'll discuss the wide range of capabilities we have added that enable our users to assemble a security stack unique to their organizations.

The Simply Cyber Report: December 27, 2022

New vulnerability found in WooCommerece Gift Cards Premium Wordpress plugin with CVSS score of 9.8. Fin7 has developed an AI-powered automated attacking tool called Checkmarks. Checkmarks is designed to auto-attack ms exchange systems, perform post exploitation actions, and grab enough data to allow FIN7 to understand their victim.

Power your threat detections with SnapAttack and LimaCharlie

LimaCharlie and SnapAttack are pleased to announce a new integration that gives organizations access to open-source intelligence objects and behaviorally-oriented detections developed by the SnapAttack threat research team as well as popular community tools, such as Atomic Red Team and Sigma. The ruleset contains high-confidence detections for most platforms that have been verified against true positive data by SnapAttack’s threat detection team.

The Simply Cyber Report: December 12, 2022

Unfortunately a novel technique has been developed by Or Yair, a security researcher to weaponize the file deletion functionality of most enterprise quality EDR solutions to include SentinelOne and Microsoft. If you're running or you support small business that runs F5 BIG-IP, Zyxel firewalls, Totolink and D-Link routers, and Hikvision cameras be on the lookout for a Go-based malware named Zerobot in the wild.

The Simply Cyber Report: November 29, 2022

Most commonly used passwords in 2022. A new red teaming tool called Nighthawk. Avast has published a report on the Venomsoft malware chrome extension. WhatsApp data leak: 500 million user records for sale. Recommendations that statistically reduces the number of cyber incidents experienced by a business by a whopping 85%.

Adventures in Open Source: A conversation about the journey and lessons learned

Open source as a philosophy was born alongside the Internet at a time when the world was much more optimistic. The naysayers said it couldn’t be done, that it wasn’t secure, and that it was just a matter of time before all these projects failed. Fast forward 30-40 years and the open source ecosystem is thriving. Linux runs on the top 500 super computers in the world, almost 95% of the world’s servers, and 85% of all smart phones.

The Simply Cyber Report: November 14, 2022

The top cyber news stories you need to know about right now. CISA make Cyber.org range available to all 50 states. New rules around blue checkmarks on Twitter cause swings in the stock market. Mondelez International has settled its lawsuit against Zurich American Insurance Company, which it brought because the insurer refused to cover the snack giant's $100-million-plus cleanup bill following the 2017 NotPetya outbreak.

Cybersecurity Expert Interview: Paul Caiazzo

LimaCharlie sits down with Paul Caiazzo: Cyber security expert, entrepreneur and strategist, CISO and CPO. Paul has dedicated his career to advancing the field of global cyber security. In his current role as Chief Growth Officer at SnapAttack, Paul focuses on product/market fit, strategic partnerships, and business development.

The Simply Cyber Report: October 31, 2022

The top cyber news stories you need to know about right now. Microsoft Security Threat Intelligence is reporting on the Raspberry Robin worm, having infected at least 3000 systems across 1000 organizations at time of this report. First reported by Red Canary in September, Raspberry Robin is spread via USB drive (yes this is still a viable attack vector, and very similar to how Stuxnet initially kicked off). It has very similar technical behavior to the FakeUpdates malvertising campaigns.