Studio 471

If you’re the buyer of security products for a large company, how do you ensure that a product works as promised? Security software testing puts products such as firewalls, endpoint protection and intrusion detection systems through their paces. But security software testing has been a contentious area, with vendors sparring over results and occasional accusations of cheating. In this edition of Studio 471, Simon Edwards of SE Labs walks through how his company conducts ethical, realistic tests based on the cyber kill chain and MITRE ATT&CK, an index of attacker tactics, techniques and procedures.Participants:Simon Edwards, Founder and CEO, SE LabsJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/

Learn about how vulnerability management, the KEV list, and threat intelligence can help with patching. Patching remains one of the most difficult security tasks organizations face. Zero-day vulnerabilities may catch the headlines, but the truth is most organizations are caught out by n-day vulnerabilities where patches have been available for some time. The U.S. Cybersecurity and Infrastructure Security Agency has tried to simplify patching efforts by publishing the Known Exploited Vulnerabilities list, or KEV. The KEV is a list of vulnerabilities under active exploitation, and federal agencies have two weeks to patch ones on the list. In this edition of Studio 471, Patrick Garrity of Nucleus Security shares the effects of the KEV list across the security industry, his research into the KEV and how threat intelligence can guide patching efforts.Participants:Patrick Garrity, Researcher and Vice President of Marketing, Nucleus SecurityJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/

Listen to Mandiant's year review on ransomware and extortion and see how it impacts organizations and victims.  Mandiant, which is now owned by Google Cloud, is one of the top-tier incident response and forensics firms. It has visibility into some of the most prominent intrusions, data breaches and ransomware attacks. In this edition of Studio 471, Mandiant CTO Charles Carmakal says half of all ransomware or extortion victims are paying ransoms. Sometimes that is to prevent the release of sensitive data, while others pay to speed up recovery – even if the organizations have backups. Carmakal says the Scattered Spider threat group is posing risks to organizations through its persistence and honed social engineering skills. But it’s not all gloom, and Carmakal says that organizations can discover their weaknesses by emulating real-world adversaries in attack simulations.Participants:Charles Carmakal, CTO, Mandiant, Google CloudJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/

Learn about the Ransomware Task Force’s progress in combating cyber extortion, as Megan Stifel shares insights on strategies, ransom policies, and security improvements.The Ransomware Task Force was created in 2021 to bring together government, private industry and civil society to create strategies to fight cybercriminal gangs extorting organizations. This year has been challenging with rising attacks, but Megan Stifel of the Institute for Security and Technology says progress is being made. In this edition of Studio 471, Megan discusses the future of the Ransomware Task Force, whether ransom payments should be banned and how organizations are strengthening baseline security.Participants:Megan Stifel, Chief Strategy Officer, Institute for Security and TechnologyJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/

In this video, learn about the evolution of ransomware attacks. Ransomware attacks have sharply increased in 2023, and payments to ransomware gangs and affiliates are nearing all-time highs. With law enforcement and governments sharply focused on disrupting and imposing costs on ransomware groups, why is ransomware stubbornly sticking around? In this edition of Studio 471, Jacqueline Burns Koven of Chainalysis discusses how ransomware is evolving and what challenges it poses for defenders.Participants:Jacqueline Burns Koven, Head of Cyber Threat Intelligence, ChainalysisJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/

Discover how strong authentication methods, such as biometric and device-based verification, can prevent credential reuse and significantly improve security against cybercriminal threats.Access credentials and session tokens are among the most popular illicit digital products in underground digital marketplaces. The reuse of credentials is often the starting point that leads to a data breach and ransomware. But tying authentication to unspoofable factors – a person’s fingerprint, a device footprint – provides a much higher level of assurance that only legitimate users are accessing systems. This strong authentication provides higher security and a better user experience.In this video, Brett Winterford of Okta and Intel 471’s Jeremy Kirk discuss strong authentication, paths to strengthening authentication, and what Intel 471 analysts observe around credential theft in the underground cybercriminal.Participants:Brett Winterford, Regional Chief Security Officer, APJ, OktaJeremy Kirk, Executive Editor, Cyber Threat Intelligence, Intel 471----------Stay in Touch!Twitter: https://twitter.com/Intel471IncLinkedIn: https://www.linkedin.com/company/intel-471/YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkgDiscord: https://discord.gg/DR4mcW4zBrFacebook: https://www.facebook.com/Intel471Inc/