Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

%term

#145 - Exploring threat intelligence with Jamie Williams, Threat Intelligence Researcher at Unit 42

On this episode of the Cybersecurity Defenders podcast, we explore threat intelligence with Jamie Williams, Threat Intelligence Researcher at Palo Alto Networks' Unit 42. Jamie is a seasoned professional in the field of cybersecurity. Before joining Unit 42, he made significant contributions at the MITRE Corporation as a Senior Principal Cyber Operations Engineer. During his tenure at MITRE, Jamie led the development of MITRE ATT&CK for Enterprise, focusing on adversary emulation and behavior-based detections.

Generative AI: Workplace Innovation or Security Nightmare

The field of AI has been around for decades, but its current surge is rewriting the rules at an accelerated rate. Fuelled by increased computational power and data availability, this AI boom brings with it both opportunities and challenges. AI tools fuel innovation and growth by enabling businesses to analyse data, improve customer experiences, automate processes, and innovate products – at speed. However, as AI becomes more and more commonplace, concerns about misinformation and misuse arise.

How To Detect & Prevent Managerial Insider Threats

External cybersecurity threats are a well-known problem, but organizations should also be aware of managerial insider threats. These threats originate from individuals with privileged access and authority and can cause devastating damage to an organization’s data, reputation, and bottom line. In this guide, we’ll examine managerial insider threats and offer insights and strategies you can use to detect, prevent, and mitigate these risks.

Webinar Replay: The State of Cyber Defense: Manufacturing Cyber Resilience

Our exclusive webinar provides a holistic view of cyber risk for the manufacturing sector by combining the findings from our global survey of 1,000 security and risk leaders for the State of Cyber Defense: The False-Positive of Trust report, with frontline threat intelligence collected from 3,000+ incident response cases, 700,000+ endpoints under monitoring and 100,000+ hours of offensive security engagements.

When Patching Goes Wrong: Lessons Learned from The CrowdStrike Incident

Patches are a way of life for any network administrator and are the most efficient method in place to ensure systems are running the most up-to-date and secure versions of their various software applications. For the most part, updates take place behind the scenes, with the average person only noticing a patch being installed when they are asked to reboot their machine to install the new version.

Deep Dive and Simulation of a MariaDB RCE Attack: CVE-2021-27928

In early 2021, a new vulnerability, identified as CVE-2021-27928, was discovered and published. It affects multiple versions of the open-source relational database management systems (RDMBS) MariaDB and Percona Server, and the wsrep (write set replication) plugin for MySQL. Fortunately, security professionals swiftly released a patch to ensure that affected systems could be updated to mitigate risks.

Microsoft Remote Code Execution for Windows TCP/IP IPv6

Over the past three years, the second Tuesday of each month has turned into a hectic period of planning and remediation, driven by a 25% average annual growth rate in CVEs. Just last Tuesday, Microsoft revealed a critical TCP/IP remote code execution (RCE) vulnerability in the IPv6 stack, which has a CVSS score of 9.8 due to its criticality and ease of exploitation. For a more in-depth look, we recommend these resources.