Security Squawk - The Business of Cybersecurity Bryan Hornung Reginald Andre Randy Bryan & Ryan O'Hara

Welcome to this episode of the Security Squawk podcast, where our cyber experts bring you the latest updates on the top security news and trends. In today's episode, we cover the following stories:
Procter & Gamble falls victim to a ransomware attack by the notorious Clop group, highlighting the growing threat of ransomware to businesses and organizations.
Microsoft launches Exchange Online to prevent vulnerable servers from being exploited by hackers and block malicious emails from reaching users.
The theft of around 8 million driver's license numbers from Australia and New Zealand underscores the importance of securing personal data and the need for stronger data protection regulations.
We also discuss a recent bug discovered in Chat GPT, the AI language model, and its implications for data privacy and security.
Tune in to this episode for expert insights and analysis on these critical security issues.

Hosts: Brian Hornung, Reginald Andre, Randy Brian, and Ryan O'Hara
In this episode of the Security Squawk podcast, the hosts delve into several recent cybersecurity incidents. Firstly, they discuss the breach of the US Congress which led to the exposure of the personal information of 170,000 staff members. The hosts analyze the impact of this breach on the affected individuals and also consider the potential implications for future cybersecurity decisions made by Congress.
Next, the speakers examine the ransomware attack on Ring, a smart home security company owned by Amazon, which was carried out by a Russian group known as "Black Cat". The hosts critique Amazon's response to the attack and investigate the root cause of the incident.
Finally, the hosts discuss a recent hack on SpaceX's contractor, in which hackers threatened to sell 3,000 stolen drawings to the company's competitors. The speakers provide insight into how companies can safeguard their data when they collaborate with third-party vendors and contractors.

The Security Squawk Podcast discusses the recent vulnerabilities found in Trusted Platform Module (TPM) that could allow hackers to steal cryptographic keys and sensitive data. They also talk about recent cybersecurity incidents, such as the ransomware attack on Oakland and the data breach suffered by Acer. The hosts emphasize the need for businesses to take proactive measures to secure their data and prevent cyber-attacks.
They also mention the Medusa ransomware group's ransom demand for $1 million for the Minneapolis Public School hack.
The podcast ends with a discussion on the White House's updated National Cybersecurity Strategy for 2023, which focuses on shifting the burden of defending the country's cyberspace towards software vendors and service providers and the importance of collaboration between the public and private sectors.

Last Pass breach
In this episode of the Security Squawk podcast, the hosts analyze the latest cybersecurity incident with LastPass. LastPass, a popular password manager, suffered a data breach in August 2021. The company initially reported that the attackers had gained access to the backup server, but not the encrypted vaults containing user passwords. However, a recent update reveals that the attackers were able to obtain valid credentials for a senior DevOps engineer, giving them access to LastPass' data vault, among other things. The vault contained encryption keys for customer vault backups stored in Amazon S3 buckets. It is unclear whose vaults have been compromised, but the incident highlights the risks associated with remote work and the need for stronger security measures.
Ransomware attack on US Marshal Service
In this episode, the speakers also discuss the ransomware attack which hit the US Marshal Service. The attack targeted systems that contain sensitive law enforcement information, administrative information, and personally identifiable information. It is not known if it was a targeted attack, but it is believed that the attacker exfiltrated data before the attack. It is unlikely that they will turn over the keys for the ransom, especially after the FBI's recent successful takedown of Hive. Additionally, News Corp was breached over a year ago, and employees are only now being notified. It is believed that the Chinese government was behind the attack, and some personal information was compromised. The affected parties are being offered two years of free identity protection and credit monitoring.
GoDaddy Security breach
Further, the hosts discuss a series of security breaches that have recently occurred at GoDaddy, including spear phishing attacks and compromised passwords that have resulted in the theft of sensitive information belonging to thousands of customers. Despite being labeled as the work of "sophisticated threat actors," the author argues that most hacking attacks rely on con artistry and psychological tactics, rather than technical know-how. The article also highlights the importance of domain privacy and the risks associated with transferring domain names to unverified individuals.

The Security Squawk podcast crew discusses cybersecurity, where they examine various breaches and cyber threats. They analyze recent attacks against GoDaddy, which compromised the login credentials of their hosting customers and personnel. They discuss the importance of good password hygiene, multifactor authentication, and scanning for viruses and suspicious activity. They also talk about the proposed legalization of hacking in Russia for patriotic reasons and the recent FBI cybersecurity incident.

They dive into the rise of ransomware attacks against the semiconductor industry and the need for improved network security using government grants. The hosts also talk about a cybersecurity incident at Lehigh Valley Health Network, traced back to an unauthorized activity from a doctor's office. They emphasize the need for separate networks and awareness of the risks of connecting personal devices to corporate networks. The episode ended with a discussion about the use of BYOD devices in healthcare.

The Security Squawk podcast discusses the recent surge of ransomware attacks and their impact on cybersecurity. The hosts talk about the clop ransomware group's breach of 130 organizations using a zero-day vulnerability in the Go Anywhere MFT secure file transfer tool, highlighting the risks associated with file transfer tools that are installed on servers managed by companies and exposed to the internet without proper patching and firewall configurations. The conversation also discusses a recent supply chain breach involving GoAnywhere MFT software, with up to 10-13% of servers compromised, and expresses concern over the vulnerability of these companies and the potential disconnect between security professionals and management.
The article discusses multiple instances of cyber attacks on companies, including Pepsi Bottling Ventures, which was hit with malware that stole employees' personal information, and Nether Manufacturing, which was hit with ransomware. The article also mentions a new ransomware called Mortal Kombat that is targeting systems in the US and highlights the importance of proper security measures and not clicking on suspicious emails or files.
The news segment reports on a series of ransomware attacks in the United States, including on a school, a city, a police network, and a property appraisal website. The lack of cybersecurity maturity in some organizations is noted, and the need for companies to undertake third-party assessments of their network is emphasized.