YusufOnSecurity.com YusufOnSecurity.Com

In this week's episode, we will continue with part 2 on "Preparing for and responding to ransomeware attack"
As I said last week, ransomware is a threat that will be around us for the foreseeable future.
Do listen to part 1 before you listen to this episode.

With that out of the way, lets have a look a top trending piece of update for you.


There is large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
https://blog.talosintelligence.com: Large-scale brute-force activity targeting VPNs, SSH services with commonly used login credentials
- https://attack.mitre.org: Turla
- https://www.chainalysis.com: ransomware 2024
- https://www.cohesity.com: Ransomware Recovery
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.

Ransomware is a threat that will be around us for the foreseeable future.
 In this week's episode we will look at the history of ransomware, the common TTPs in use by threat actors such as Turla, how to align our incident response to that threat and others, and finally how to contain, eradicate, and recover from it.
In addition we will answer the following pertinent question that are top of minds for the SOC team. Questions such as:
- What are the best methods to inhibiter Threat actor's lateral movement?
- What are the critical components that drive ransomware?
etc...
But before we dig into these gems, lets touch one important top trending piece of news. And that is:

- CISA makes its malware analysis system publicly available

- https://www.cisa.gov: CISA Announces Malware Next-Gen Analysis
- https://attack.mitre.org: Turla
- https://www.chainalysis.com: ransomware 2024
- https://www.cohesity.com: Ransomware Recovery






Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.

This week we will dive into a collection of powerful system utilities and tools designed to help users diagnose, troubleshoot, and monitor Windows operating system.
These utilities provide advanced functionality beyond what is typically available in Windows, as they offer insights into system internals, processes, file systems, networking, and more.

But before we dig into these gems, lets touch one important top trending piece of news. And that is:


There is a Post Authentication Stack Overflow on a NetGear Router.- https://blog.talosintelligence.com: Netgear wireless router open to code execution after buffer overflow vulnerability
https://www.talosintelligence.com:
Netgear RAX30 JSON Parsing getblockschedule() stack-based buffer overflow vulnerability
- https://kb.netgear.com: Security Advisory for Post Authentication Stack-Overflow on the RAX30
- https://learn.microsoft.com: PSTools
- https://learn.microsoft.com: SysInternals
- https://en.wikipedia.org/wiki: Mark Russinovich
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.

AI is getting into all sorts of places but no less than in cybersecurity in both a good way and bad ways. In a good way with bolstering Incident response live cycle but unfortunately in a bad way with generating convincing phishing email or assisting with script and coding etc.

In this week's episode we will focus on how AI is helping IR in getting to the bottom of what might have happened.

Before we get into the main topic, lets touch one important top trending piece of news. And that is:
RedHat warns of a backdoor in a tool used in most of Linux distributions.- https://www.redhat.com: Urgent security alert Fedora 41 and rawhide users
- https://www.cisa.gov: Reported supply chain compromise affecting XZ Utils data compression library CVE-2024-3094
- https://www.ciscolive.com: AI Assistance (page 52)
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.

In our second episode, we continue exploring  the  concept of adopting a platform security. 
In this second part we will continue where we left off from last week and will encourage you to listed to the first episode if you have not done so.

Before we get into the main topic, lets touch one important top trending piece of news this week. And that is:


- Github added AI powered vulnerability auto-fix feature
- https://www.cisco.com: XDR- Platform approach to security
- https://github.blog: Introducing Code Ccanning Auto-Fix Powered By Ggithub Copilot And CodeQL


Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.

Welcome and thank you for tuning in to YusufOnSecurity, the cyber-security podcast for everyday defender from analyst to the C-Suites, in plain english.

In this episode, we explore  the recently much talked about concept of adopting a platform security. As technology advances, cyber criminals continually adapt their tactics. Engaged in a constant cat-and-mouse game, staying ahead is crucial. It begins with a deep understanding of which strategies best align with your objectives, safeguarding not only your digital assets but also your bottom line.

Before we get into the main topic, lets touch a top trending piece of news this week. And that is:
The United States lost record $12.5 billion to online crime in 2023
- https://www.ic3.gov:2023 IC3 Report
- https://www.cisco.com: XDR- Platform approach to security
Be sure to subscribe!
If you like the content. Follow me @iayusuf or read my blog at https://yusufonsecurity.com
You will find a list of all previous episodes in there too.