Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

On today's episode, we cover a recent Department of Justice operation that resulted in taking down a major ransomware organization. After that, we cover two recent publications from CISA, the first on malicious use of legitimate RRM software and the second giving guidance to K-12 on how to address cybersecurity concerns. The 443 Security Simplified is a weekly podcast that gets inside the minds of leading white-hat hackers and security researchers, covering the latest cybersecurity headlines and trends.

Microsoft has started blocking the execution of XLL add-ins downloaded from the Internet. The hacking group DragonSpark is leveraging Golang source code interpretation to evade detection. Threat actors are turning to Sliver to replace more popular frameworks Cobalt Strike and Metasploit. Over 4,500 WordPress sites have been hacked and Emote malware makes a comeback.

Tines gives a presentation on showing the value of automation by using the Automation Capability Matrix at The Future of Security Operations: San Francisco 2023.

The report – “The State of Application Security Q4 2022” is based on a sample size of 1400+ applications. With new threats rising daily, application security is the primary concern for many businesses today. It exposes sensitive information like customer data to the outside world. To benchmark your security program and stay on top of the emerging threat, we conducted an in-depth analysis of application security.

Watch Christina Cacioppo (CEO & Co-Founder at Vanta), Diane Garcia (Director of Operations at Scratchpad), and Bil Harmer (Operating Partner, Security at Craft Ventures) for a conversation about the importance of trust and compliance and how to execute a strategy that works for your company and customers.

2022 was awesome for us at Astra Security 🚀 We hit new milestones, improved security & saved millions in potential loss for our users, launched tonnes of new features and had a lot of fun doing it all! A big "THANK YOU" to our team, customers & everyone who has supported us throughout 🙏

Kevin Mitnick, KnowBe4's Chief Hacking Officer, demonstrates how bad actors conduct "password sprays". A password spray is when a cybercriminal chooses a single password and tries it against everyone in their target organization. We strongly recommend that you use a password manager to reduce password reuse and improve complexity, but you may be wondering if it’s really worth the risk. Is it safe to store all of your passwords in one place? Can cybercriminals hack them? Are password managers a single point of failure?

The security industry is full of complex terminology like threat, vulnerability, and mitigations. Definitions matter as we design processes that scale. At Datadog, the Security Research functions are focused on detection and response to specific types of threats and vulnerabilities. Workload vulnerabilities, cloud control plane vulnerabilities, and even cloud service provider vulnerabilities. Each security finding based on specific risk indicators needs to be addressed differently at Datadog and in our communications to the broader community.

Introduction For added security on supported websites and apps, use Keeper to store two-factor authentication codes. When setting up 2FA on a site or app, Keeper for iOS can serve as your time-based one-time password or “TOTP” generator. This video will review how users can easily add a two-factor verification setup code or secret key from a website or app to a new or existing Keeper record.