IANS Cyber Intel

IANS Research
  • 5,0 (1)
  • ACTUALITÉS TECHNOLOGIQUES
  • DEUX FOIS PAR MOIS

IANS Cyber Intel Podcast addresses must-know-now topics, such as AI risk, prominent breaches, Zero Day exploitation, compliance updates, and much much more. Each podcast provides actionable, practical guidance for CISOs and Information Security professionals. The podcast includes exclusive highlights from IANS client-only weekly Tech Briefings. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

  1. 13 AOÛT

    Security Briefing: Exchange Vulns, SonicWall Zero Day That Wasn’t, GitHub to Join MSFT’s CoreAI

    August 13th, 2025 Security Briefing with IANS Faculty ⁠Jake Williams⁠ and ⁠Jessica Hebenstreit This Episode Details: Exchange Server Vulns: Researchers from Outsider Security presented on a new vulnerability in Exchange Server on premises that could allow a threat actor to take control of associated M365 tenants under certain circumstances. The SonicWall Zero Day That Wasn’t: In July, security researchers noticed increased exploitation of SonicWall devices. This lead many to theorize that there was another zero day in SonicWall’s software.GitHub CEO Leaves, Microsoft Won’t Be Replacing Him: The CEO of GitHub, Thomas Dohmke, has announced he is leaving the company. Microsoft has announced it is not replacing Dohmke. Instead GitHub will no longer function as an independent organization from Microsoft. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    28 min

  2. 9 JUIL.

    Security Briefing: SEC and SolarWinds, Crypto Agility and TLS Rotation, Ingram Micro Ransomware Attack

    July 9th, 2025 Security Briefing with IANS Faculty ⁠Wolfgang Goerlich⁠ and ⁠Jessica Hebenstreit⁠ This Episode Details: SEC and SolarWinds Make a Deal: The U.S. Securities and Exchange Commission (SEC) and SolarWinds have reached a preliminary agreement to settle the high-profile lawsuit stemming from the 2020 cyberattack.Instagram Rotating Certificates Daily: Earlier this year, the CA/Browser Forum agreed to drastically reduce the lifespan of public certificates (Ballot SC081v3). The agreed upon enforcement schedule is 398 days in 2025, 200 days starting in 2026, 100 days starting in 2027, and 47 days starting in 2029.IT Supplier the Latest Ransomware Victim: Ingram Micro found itself grappling with a ransomware incident that took key internal systems offline just as the July 4 holiday weekend began. While details remain thin and statements tight-lipped, what’s emerging looks like a familiar but increasingly frustrating playbook: Attackers leveraged credential-based access to a Palo Alto GlobalProtect VPN, moved laterally, and escalated privileges. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    31 min

  3. 4 JUIN

    Security Briefing: Mobile Provider Leaks Location Data, ConnectWise Breach, Red Canary Acquired

    June 4th, 2025 Security Briefing with IANS Faculty Jake Williams and Jessica Hebenstreit This Episode Details: Virgin Media O2 Exposed Customers’ Geolocations: A network security flaw in Virgin Media O2’s 4G network and Wi-Fi calling features exposed sensitive customer data, including geolocation via Cell ID, SIM card information, and phone model details.ConnectWise Breached by Nation-State Actors: On May 28, 2025, ConnectWise confirmed it had “recently learned of suspicious activity within our environment that we believe was tied to a sophisticated nation-state actor, which affected a very small number of ScreenConnect customers.”Zscaler Acquires MDR Provider Red Canary: On May 27, 2025, Zscaler announced an agreement to acquire Red Canary, a leading Managed Detection and Response (MDR) provider. This move reflects the ongoing consolidation and platformization trend across the cybersecurity market. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    30 min

  4. 30 AVR.

    Security Briefing: Verizon DBIR 2025 Highlights, Mobile Security, Darcula GenAI Concerns

    April 30th, 2025 Security Briefing with IANS Faculty Dave Shackleford⁠⁠⁠⁠ and ⁠⁠Shannon Lietz This Episode Details: Verizon DBIR 2025: In this year’s version of the Verizon Data Breach Investigations Report (DBIR), there were several main takeaways.State of Mobile Security 2025: With adversaries' growing interest in mobile attack vectors, this year’s State of Mobile Security report by NowSecure introduces a need to help users understand that they should minimize what they add to their phones.Darcula Gets GenAI Features: Netcraft researchers have documented the extension of Darcula with GenAI features, reducing the barrier to entry for attackers looking to create their own phishing campaigns. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    30 min

  5. 9 AVR.

    Security Briefing: EU Souring on US Cloud Providers, CISA Cuts, Supply Chain Cautionary Tale

    April 9th, 2025 Security Briefing with IANS Faculty ⁠⁠⁠⁠Jake Williams⁠⁠⁠ and ⁠Jessica Hebenstreit⁠ This Episode Details: EU Companies Exploring Alternatives to US Cloud Providers - WIRED reported that some EU companies are exploring ways to de-risk their involvement with U.S. cloud providers by looking at alternatives to Amazon, Google, and Microsoft. More Cuts at CISA - Reporters at Politico (among others) are reporting additional staffing cuts coming to CISA imminently. Some reports detail expectations of as many as 1300 of CISA's 3300 remaining staff to be cut. Novel Supply Chain Bug Bounty - In February, Roni Carta (aka Lupin) published a post-mortem on a bug bounty that involved a complex supply chain attack. The impact was so severe that the organization paid Carta and his partner Snorlhax $50k for the report With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    30 min

  6. 5 MARS

    Security Briefing: Pause on Offensive Ops Against Russia, DPRK’s Bybit Heist, Copilot Exposes GitHub Pages

    March 5th, 2025 Security Briefing with IANS Faculty ⁠⁠⁠Jake Williams⁠⁠ and Wolfgang Goerlich This Episode Details: U.S. Pauses Offensive Cyber Ops Against Moscow - The United States has suspended its offensive cyber activities targeting Russia. This decision, authorized by U.S. Defense Secretary, aims to encourage Moscow to engage in negotiations to end the ongoing conflict in Ukraine. DPRK Behind the $1.5B Bybit Heist - The FBI confirmed that the North Korean Lazarus Group (also known as TraderTraitor) was responsible for the recent theft of approximately $1.5 billion in virtual assets from the cryptocurrency exchange Bybit. Copilot Exposes Private GitHub Pages - The AI security firm Lasso has identified GitHub Copilot, an AI coding assistant, was inadvertently exposing private GitHub Pages. So called “zombie repositories" (repositories that were once public and are now private) were retrievable using specific Copilot prompts. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    30 min

  7. 17 FÉVR.

    The State of the CISO in 2025

    CISOs are currently under more pressure than ever to deliver results with lean teams and increasingly scrutinized budgets. CISOs’ scope continues to expand while boards and leaders are continually focused on cyber budgets and program execution. At the same time, resources are tight and orgs are still figuring out how to navigate emerging areas of digital risk – particularly AI and its corresponding data governance implications. CISOs who navigate these challenges successfully will set themselves apart by enhancing their personal brand and the reputation and success of the programs they lead. In this session, IANS Faculty Steve Martano and IANS Senior Research Director Nick Kakolowski will provide a deep dive into the current state of the CISO role. They’ll cover: How the job scope of the CISO is shifting and what CISOs think about those changes.Trends in how CISOs are interacting with the board and advice for influencing at the highest levels of the organization.Market observations and anecdotal guidance on how to position yourself to achieve your career goals. Interested in learning more about IANS and Artico's State of the CISO findings? Download ⁠IANS State of the CISO Summary Report! Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    55 min

  8. 15 JANV.

    Infosec Trends you should be watching in 2025

    2025 Deep Dive Webinar and Podcast with IANS Faculty⁠⁠Jessica Hebenstreit⁠ and ⁠⁠⁠Jake Williams⁠ Infosec teams are stretched. Budgets are flat, resources are strained, and we’re always trying to stay one step ahead of adversaries. Layer in new regulations, the integration of AI into seemingly all aspects of the business, and other disruptions. It’s no wonder CISOs and their teams are constantly challenged as to where to prioritize their time, resources, and activities. In this podcast, IANS Faculty Jake Williams and Jessica Hebenstreit call out the areas they believe will be most impactful to CISOs and their teams in 2025. Hear an overview of the trends and recommendations of actionable steps to work into your roadmap. Topics of discussion include: How to ensure you’re getting value out of AI in security operations (and words of caution)The evolving role of the SOC in the face of increased coverage of MDR services (e.g., Falcon Complete)Cyber resiliency and planning for CrowdStrike 2.0Implications of the new EU product liability directive With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams. Any views or opinions presented in this document are solely those of the Faculty and do not necessarily represent the views and opinions of IANS. Although reasonable efforts will be made to ensure the completeness and accuracy of the information contained in our written reports, no liability can be accepted by IANS or our Faculty members for the results of any actions taken by the client in connection with such information, opinions, or advice.

    54 min
Tout afficher (23)

À propos

IANS Cyber Intel Podcast addresses must-know-now topics, such as AI risk, prominent breaches, Zero Day exploitation, compliance updates, and much much more. Each podcast provides actionable, practical guidance for CISOs and Information Security professionals. The podcast includes exclusive highlights from IANS client-only weekly Tech Briefings. With ⁠IANS Research⁠, get security expertise at speed. IANS Research is a clear-headed resource for decision making and articulating risk, providing experience-based security insights for Chief Information Security Officers and their teams.

Informations

  • Création
    IANS Research
  • Années d’activité
    2024 - 2025
  • Épisodes
    23
  • Classification
    Tous publics
  • Copyright
    © IANS Research
  • Site web de l’émission
    IANS Cyber Intel

Vous aimeriez peut‑être aussi