News and Interviews from BlackHat 2023 – ESW #328
Full Audio
View Show IndexSegments
1. CheckPoint buys Perimeter81, SecureWorks Cuts 300 Jobs, and News from BlackHat – ESW #328
In the enterprise security news,
- Check Point buys Perimeter 81 to augment its cybersecurity
- 2023 Layoff Tracker: SecureWorks Cuts 300 Jobs
- Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating
- ‘DoubleDrive’ attack turns Microsoft OneDrive into ransomware
- NYC bans TikTok on city-owned devices
Announcements
Security Weekly listeners: Now is your chance to join the infosec community as they come together at InfoSec World 2023, September 23 – 28, 2023 at Disney's Coronado Spring Resort in Lake Buena Vista, FL. Hear keynotes from Scott Shapiro, Founding Director at Yale CyberSecurity Lab’s and Rachel Wilson, Managing Director and Head of Cybersecurity at Morgan Stanley.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20! Register today: securityweekly.com/infosecworld2023
Hosts
- 1. Tools alone won’t save us but if we have tools – why don’t we at least use them?
- 2. Sam Bankman-Fried sent to jail as judge revokes bail over witness tampering, VPN use
- 3. Hackers Rig Casino Card-Shuffling Machines for ‘Full Control’ Cheating
- 4. Don’t expect quick fixes in ‘red-teaming’ of AI models. Security was an afterthought
- 1. Bomb threat causes mass evacuation at DEF CON hacking convention
- 2. CrowdStrike at BlackHat: Speed, Interaction, Sophistication of Threat Actors Rising in 2023
- 3. Hackers red-teaming A.I. are ‘breaking stuff left and right,’ but don’t expect quick fixes from DefCon: ‘There are no good guardrails’
- 4. Researcher says they were behind iPhone pop-ups at Def Con
- 5. Want to pwn a satellite? Turns out it’s surprisingly easy
- 6. ‘DoubleDrive’ attack turns Microsoft OneDrive into ransomware
- 7. Black Hat USA 2023: Five Lessons in Artificial Intelligence
- 8. Google Chrome will summarize entire articles for you with built-in generative AI
- 9. AI fears overblown? Theoretical physicist calls chatbots ‘glorified tape recorders’
- 10. 22% of BlackHat USA attendants believe AI takeover is already here
- 11. Veilid: A secure peer-to-peer network for apps that flips off the surveillance economy
- 12. Microsoft may store your conversations with Bing if you’re not an enterprise user
- 13. NYC bans TikTok on city-owned devices
- 14. US watchdog to announce plans to regulate ‘surveillance industry’
- 15. Windows feature that resets system clocks based on random data is wreaking havoc
“Hey people,” he wrote. “If you manage Active Directory domain controllers, I want to give you some UNOFFICIAL advice that is solely my personal opinion: Disable Secure Time Seeding for w32time on your DCs.”
- 16. Squirrel: 3D printer nightmare fuel: Bambu X1C and P1P started printing while owners were asleep
2. Edge Ecosystem in Healthcare, Active Directory Modernization, Security Data Pipelines – Matthias Vallentin, Mickey Bresman, Theresa Lanowitz – ESW #328
As more organizations explore edge computing, understanding the entire ecosystem is paramount for bolstering security and resiliency, especially within a critical industry like healthcare. In this segment, Theresa Lanowitz, Head of Cybersecurity Evangelism at AT&T Business, will provide a deep dive into the state of edge computing—specifically, how it is revolutionizing healthcare.
This segment is sponsored by AT&T Cybersecurity. Visit https://securityweekly.com/attcybersecuritybh to learn more about them!
With Active Directory (AD) exploited in 9 out of 10 cyberattacks, delaying AD modernization—especially after a merger or acquisition—can compound security risks. Security is the most compelling reason to migrate to a pristine AD forest or perform an AD forest or domain consolidation, but many organizations delay such projects due to the effort and planning they require. We talk with Mickey Bresman about the keys to a smooth and secure AD modernization strategy.
This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisbh to learn more about them!
Security organizations are increasingly adopting data lakes and cloud services as additions or alternatives to traditional SIEMs, but face challenges like scarcity of data engineering expertise and high data ingestion and cloud compute costs. To overcome these, a new security data stack is emerging, guided by models like SecDataOps and supported by solutions like Tenzir. In this segment, we will be talking about what is driving the heavy use of data in security operations, why that is stressing traditional security operations tools and processes, and what some early-adopter organizations are doing to meet these challenges.
This segment is sponsored by Tenzir. Visit https://securityweekly.com/tenzirbh to learn more about them!
Sponsored By
Guests
Mickey began his technical career in the Navy. Mickey’s comfort zone is on the front lines, helping organizations thwart and respond to cyberattacks. The long-time cybersecurity expert and entrepreneur has an extensive track record of driving revenue growth and scaling organizations across the globe.
Prior to co-founding Semperis, Mickey held the position of CTO at YouCC Technologies, a Microsoft Gold Partner integration company. As a cybersecurity thought leader, Mickey has been quoted or featured in many major publications, including Forbes, CNBC, and others. He has a B.A. in Technical Management and a Minor in Electronic Engineering.
Theresa Lanowitz is the Chief Cybersecurity Evangelist at LevelBlue, a strategic alliance between AT&T and WillJam Ventures, that simplifies cybersecurity for the businesses fueling our global economy.
With a distinguished career in the technology industry, she has held influential roles at companies including Gartner, Borland, Taligent, and Sun Microsystems, significantly impacting application security and emerging technologies.
Theresa is a globally respected leader known for her deep and diverse experience in cybersecurity. Theresa frequently speaks at major industry conferences, sharing her insights on high tech trends, AI integration, and the evolving threat landscape.
Theresa holds a Bachelor of Science in Computer Science from the University of Pittsburgh, Pittsburgh, PA.
Building on his PhD in scalable network forensics from UC Berkeley, Matthias Vallentin founded Tenzir. As CEO, he leads Tenzir’s mission to transform security data operations. Matthias has extensive experience in building large-scale distributed systems, which he now applies to developing a data-centric security analytics platform for threat detection and response.
Hosts
3. Managing Threats, Reduce your Attack Surface, MDR Evolved – Antonio Sanchez, Randy Watkins, Richard Yew – ESW #328
The rapid growth of APIs used to build microservices in cloud-native architecture has left many enterprises in the dark when it comes to knowing where, how many, and what types of APIs they have. Edgio's new advanced API security capabilities give customers integrated and unparalleled protection at the edge, protecting APIs that are critical to modern businesses. Edgio delivers these services as part of its fully integrated holistic Web Application and API protection solutions giving customers the ability to respond to threats quicker. An edge-enabled holistic security platform can effectively reduce the attack surface, and improve the effectiveness of the defense while reducing the latency of critical web applications via its multi-layered defense approach. Edgio's security platform “shrinks the haystacks” so that organizations can better focus on delivering key business outcomes.
This segment is sponsored by Edgio. Visit https://securityweekly.com/edgiobh to learn more about them!
Offensive security is a proactive approach that identifies weaknesses using the same exploitation techniques as threat actors. It combines vulnerability management with pen testing and red team operations to “expose and close” vulnerabilities before they are exploited.
This segment is sponsored by Fortra. Visit https://securityweekly.com/fortrabh to learn more about them!
Join us at Black Hat as we delve into the world of Managed Detection and Response (MDR) providers. In this podcast, we'll explore the critical factors to consider when selecting an MDR provider, uncover the common shortcomings in their services, and discuss the necessary evolution required to ensure ongoing effectiveness and enhanced value for customers. Get ready to unravel the complexities of MDR and gain insights into the future of this vital cybersecurity solution.
This segment is sponsored by Critical Start. Visit https://securityweekly.com/criticalstartbh to learn more about them!
Sponsored By
Guests
Randy Watkins is the Chief Technology Officer (CTO) for Critical Start and an emerging thought-leader in the security industry. As CTO, Randy is responsible for designing and executing the company’s strategic technology initiatives, which includes defining the strategy and direction of Critical Start’s Managed Detection and Response (MDR) services delivered by the Zero-Trust Analytics Platform (ZTAP).
Previously, Randy served as Critical Start’s Director of Security Architecture, where he set the strategy for emerging vendor technologies, created the Defendable Network reference architecture, and set product direction for the company’s internally-developed Security Orchestration Automation and Response platform. Watkins was employee number five when he joined Critical Start in 2012.
Randy is a respected author and speaker on security trends and is well-versed in applying security technologies, in practical and meaningful ways, to improve risk management and security infrastructure for enterprise customers. He holds numerous security certifications in data analysis, data science, computer science, and leadership. Randy earned a bachelor’s degree in Information Systems Security and an associate degree in Computer Networking Systems, both from ITT Technical Institute.
In his free time, Randy continues to contribute to the security community through his consultancy to security product manufacturers to help them drive value to the customer through their solutions.
Richard Yew is Senior Director, Product Management for Edgio Security. With more than 10+ years of security technology experience worldwide, Richard is on top of the latest trends and technologies including WAAP, DDoS protection, bot management and enterprise security. Richard comes to Edgio from Yahoo-Edgecast and, prior to this, he was with Verizon Media Platform for a number of years. Richard also spent a brief time at Akamai before moving back to Verizon Digital Media Services as Head of Product for Security. He has led teams involving technical scope and developed strategic solutions for customers and prospects. He was educated at the Illinois Institute of Technology, and later at DePaul University, rising through a technical and engineering background to a managerial role.
Antonio Sanchez is Principal Evangelist at Fortra. As a subject matter expert for Fortra’s security portfolio, Antonio helps drive market recognition for the Fortra brand. He joined Fortra from Alert Logic in 2023, where he developed the messaging, positioning, and technical content for the managed detection and response (MDR) business. Alert Logic was acquired by Fortra in 2022.
Antonio has over 20 years in the IT industry focusing on cybersecurity, information management, and disaster recovery solutions to help organizations of all sizes manage threats and improve their security posture. He is a Certified Information Systems Security Professional (CISSP).
Antonio has held various product management, technical sales, and strategic marketing roles with Dell, Forcepoint, and Symantec. At the latter, he was responsible for developing and leading the Competitive Intelligence Program for the core security unit.
Antonio is a life-long learner and skilled at translating complex topics into simple terms. He is also a big supporter of education for underprivileged communities and an active mentor for people from minority groups who are interested in a career in cybersecurity.
Host
