Cyber Security Grey Beard®

Discussion with AlgoSec around ransomware based off of the Extrahop Cyber Confidence Index 2022 [https://www.extrahop.com/resources/papers/cyber-confidence-index-2022/].  I cover numerous questions about what organizations are doing today and what they should change to improve cyber defenses.  The crux of this study shows the cognitive dissonance of cyber security leaders and IT decision makers.  They believe one thing whereas the evidence completely contradicts what they say. Visit this link [https://www.algosec.com/resources/cloud-network-security/] to learn more about Network Security in Cloud, Cloud Application Networks, and Application Network Security. Visit this link [https://www.algosec.com/solutions/firewall-management/] to learn more about Firewall Management tooling, Firewall Management Policy, and Firewall Management Services. Visit this link [https://www.algosec.com/resources/network-security-policy-management/] to learn more about Application Security, Network and Application Security, and Network policy management. Support the show [https://www.buzzsprout.com/477067/support]

In this episode I discuss cyber-attacks in the Summer of 2022.  I’ll review who was attacked, its impact, and the aftermath.  While I would love to go into the technical details about the attacks, that data becomes harder and harder to find with each breach and news release.  Victims are tight lipped and apparently being told more and more to not share technical details.    We know that both China and Russia have increased cyber-attacks due to global tension in Taiwan (Chinese Taipei) and Ukraine.  I am certain there have been many, many, more that we are not hearing about for internal security reasons as well as not “tipping our hand” that we know what’s happening or who we believe is doing the attacks.  Attribution for attacks is extremely difficult as mentioned previously with the swatting incident on an American federal representative.  Sign up for NewsBits [https://www.sans.org/newsletters/newsbites/] from SANS Sign up for the OUCH [https://www.sans.org/newsletters/ouch/]! Newsletter at SANS; (Scroll down and signup in the lower right) PWC Cyber Survey [https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/library/global-risk-survey.html] Extrahop Survey [https://assets.extrahop.com/whitepapers/CyberConfidenceIndex2022.pdf] Security Magazine offers solid content [https://www.securitymagazine.com/] More Information about the Hive RaaS Organization: Hive Targets Costa Rica [https://www.spiceworks.com/it-security/security-general/articles/why-hive-ransomware-is-dangerous/] LAUSD Attack [https://www.foxla.com/news/lausd-approves-emergency-declaration-after-cyber-attack] North Korea, US Feds, Ransomware and Healthcare Organizations [https://www.upi.com/Top_News/World-News/2022/07/07/ransomware-cybersecurity-FBI-hack-hospitals-healthcare/8991657180214/?utm_source=wnd&utm_medium=wnd&utm_campaign=syndicated] North Korea Crypto Heist [https://www.upi.com/Top_News/World-News/2022/04/15/Ronin-Axie-Infinity-Ethereum-Lazarus-Group-crypto-heist-cyberattack/4001650010398/] OSC/Key Bank Attack [https://www.timesunion.com/business/article/KeyBank-mortgages-hit-with-data-breach-17447100.php] Support the show [https://www.buzzsprout.com/477067/support]

This episode covers online tools and lab environments that cyber security students and early professionals can use to learn and increase technical skills.  While these environments are usually meant for those that want to get very deep with the technical side of cyber security, non-technical folks can certainly use these as well.  The tools/trainings go as deep as the user wants.  I also go over building a lab at home using Virtual Box or VMWare.  I also provide insight and recommendations for building a Cloud based lab environment in Azure or AWS.  This episode came out of comments made by Adrianus Warmenhove in S4E8 around VPN's and NordVPN. Send comments, questions, and episode ideas to: cybergreybeard@gmail.com [cybergreybeard@gmail.com]  Rangeforce [https://www.rangeforce.com/] Hack The Box [https://www.hackthebox.com/] Infosec Institute Skills [https://www.infosecinstitute.com/skills/infosec-skills-course-catalog/] Hacker Rank for Developers [https://www.hackerrank.com/dashboard] Hacktory.ai [https://hacktory.ai/] Azure [https://azure.microsoft.com/en-us/pricing/purchase-options/pay-as-you-go/] AWS [https://portal.aws.amazon.com/billing/signup?nc2=h_ct&src=header_signup&redirect_url=https%3A%2F%2Faws.amazon.com%2Fregistration-confirmation#/start/email] Cloud Comparisons [https://www.serverwatch.com/virtualization/aws-ec2-vs-azure/] MITRE ATT&CK [https://attack.mitre.org/] Kali.org Downloads [https://www.kali.org/get-kali/] (Then select “Virtual Machines) Sourceforge Comparison Page [https://sourceforge.net/software/product/RangeForce/alternatives] Network Security Management Companies [https://www.algosec.com/resources/firemon-alternatives-competitors/] Network Security Management Comparison [https://www.algosec.com/algosec-vs-tufin/] Support the show [https://www.buzzsprout.com/477067/support]

In this episode I spend 30-minutes talking with Adrianus Warmenhoven, Defensive Strategist at Nordvpn.   We dove into virtual private networks (VPN) and networking.  Hear how VPN's work, when to use them and why.  We discuss real-world examples and talk security stories as well as some cyber security history. Send comments, questions, and episode ideas to: cybergreybeard@gmail.com [cybergreybeard@gmail.com]  NordVPN [https://nordvpn.com/leading-vpn-site/] RFC1918 [https://www.rfc-editor.org/rfc/rfc1918] Tim Berners-Lee [https://www.britannica.com/biography/Tim-Berners-Lee] OSINT [https://osint.tools/] Tools – Open-Source Intelligence Tooling For those interested in supporting Josh, my mentee looking to relocate to Canada and study cyber security, please visit GiveSendGo [https://www.givesendgo.com/joshuagbemisolagoestocanada].  Support the show [https://www.buzzsprout.com/477067/support]

Here I talk about different avenues within cyber security.  We use terms such as red team, blue team, and purple team when discussing offense, defense, and a merger of the two.  I’ll go over different technologies, teams that cover each of these areas and jobs that involve each team.  We have these teams and terms due to the size and complexity of the overall cyber security profession.   This episode provides a lot of insight on technologies and jobs to help listeners better focus on their cyber security journey. Send comments, questions, and episode ideas to: cybergreybeard@gmail.com [cybergreybeard@gmail.com]  Redscan [https://www.redscan.com/news/purple-teaming-can-strengthen-cyber-security/] Red Team Tools [https://phoenixnap.com/blog/best-penetration-testing-tools] by Goran Jevtic [https://www.linkedin.com/in/goran-jevtic-89387160/] Medium Article [https://medium.com/technology-hits/being-a-purple-team-member-in-cyber-security-f39880425aea] by Anil Yelken [https://www.linkedin.com/in/ayelk/] Crowdstrike CTI [https://www.crowdstrike.com/cybersecurity-101/threat-intelligence/] Halborn exploit development [https://halborn.com/what-is-exploit-development/] by Rob Behnke [https://www.linkedin.com/in/rbehnke/] FRSecure [https://frsecure.com/services/purple-team/] NodeZero [https://www.horizon3.ai/nodezero/] Cyber Ranges [https://www.cyberranges.com/] CISA Tabletop exercise packages [https://www.cisa.gov/cisa-tabletop-exercises-packages] For those interested in supporting Josh, my mentee looking to relocate to Canada and study cyber security, please visit GiveSendGo [https://www.givesendgo.com/joshuagbemisolagoestocanada]. Support the show [https://www.buzzsprout.com/477067/support]