ConversingLabs Podcast brings you conversations with the best and brightest minds in malware analysis, threat hunting, incident response and software assurance. Hosted by Paul Roberts, Cyber Content Lead at ReversingLabs, ConversingLabs digs into cutting edge topics that are most pressing in the world of cybersecurity.
…
continue reading
In this episode, host Paul Roberts chats with Security Researcher Sam Curry about his own experience being hacked via the Internet of Things and how it led to a shocking discovery regarding modem security. More broadly, the conversation touches on how APIs can leave consumers vulnerable, the increasing popularity of IoT attacks, and how to mitigate…
…
continue reading
In this episode, host Paul Roberts chats with Beau Woods, Founder & CEO of Stratigos Security, about the history of the software bill of materials (SBOM) – from its beginnings, to its modern-day use, to efforts underway to adapt it for the future. SBOMs have exploded in popularity within the past two years, and are oftentimes considered synonymous …
…
continue reading
1
Is Cybersecurity Ready for the SolarWinds Prosecution?
27:01
27:01
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
27:01
In this episode, host Paul Roberts chats with Tarah Wheeler, CEO of Red Queen Dynamics, about her recent Council on Foreign Relations piece regarding what the U.S. SEC’s prosecution of SolarWinds and new disclosure rules mean for the cybersecurity industry at-large. Wheeler believes that these new moves from the Commission emphasize the concept of …
…
continue reading
1
Chinese APT Group Exploits SOHO Routers
22:46
22:46
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:46
In this episode of the ConversingLabs podcast, host Paul Roberts chats with Daniel Adamitis, a Principal Information Security Engineer at Lumen Technologies’ Black Lotus Labs. They discuss his team’s discovery of an impossible-to-kill botnet packed with end-of-life SOHO routers, which is being used by a Chinese nation-state backed APT group as a co…
…
continue reading
In this episode, host Paul Roberts chats with Kevin Fu, an Electrical & Computer Engineering Professor at Northeastern University, about the new federal standards for the cybersecurity of medical devices, which includes the submission of software bills of materials (SBOMs) to the FDA. The two will discuss the new mandates for medical device manufac…
…
continue reading
In this episode, host Paul Roberts chats with Ali Khan, Field CISO at ReversingLabs, about the recent takedown of the LockBit ransomware group, which is considered to be one of the most prolific cybercrime groups globally.Bởi ReversingLabs
…
continue reading
1
The State of Software Supply Chain Security 2024
26:21
26:21
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
26:21
In this episode, host Paul Roberts chats with Karlo Zanki, a Reverse Engineer at ReversingLabs, about the state of software supply chain security in 2024. The two will review key findings on the software supply chain threat landscape in 2023, as well as what security and development teams can expect from malicious actors in 2024. Zanki will also hi…
…
continue reading
1
The State of Open Source Software Security
27:56
27:56
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
27:56
In this episode, host Paul Roberts chats with Mikaël Barbero, Head of Security at the Eclipse Foundation, about the state of open source software security. Eclipse has been around for more than two decades and has for a long time prioritized the mitigation of threats to open source projects. In their conversation, Mikaël chats with Paul about where…
…
continue reading
1
Apple Devices as a Growing Attack Vector
7:33
7:33
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
7:33
In this episode, host Paul Roberts chats with Devin Byrd, Director of Threat Intelligence at Kandji on the sidelines of the 2023 Black Hat USA conference. In their conversation, Byrd discusses how Kandji has grown into a major security provider for macOS users, and how the attack vector for macOS and iOS users has increased in recent years. He expl…
…
continue reading
1
The Art of Security Chaos Engineering
12:22
12:22
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
12:22
In this episode, host Paul Roberts chats with Kelly Shortridge, a Senior Principal at Fastly, on the sidelines of the 2023 Black Hat USA Conference. In their conversation, they discuss her new book, Security Chaos Engineering: Sustaining Resilience in Software and Systems, as well as her Black Hat talk, “Fast, Ever-Evolving Defenders: The Resilienc…
…
continue reading
1
Modern Risks to the Internet of Things and Software Supply Chains
18:53
18:53
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
18:53
In this episode of ConversingLabs, host Paul Roberts chats with Thomas Pace, the CEO & co-founder of the firmware security firm NetRise. Thomas and Paul talk about the shifting ground of threats and attacks as the Internet of Things grows and works its way into homes, businesses and industries - including critical infrastructure. They also talk abo…
…
continue reading
1
Lemons & Liability: What it Means for Software Applications
12:26
12:26
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
12:26
In this episode, host Paul Roberts chats with Daniel Woods, a Cybersecurity Lecturer at The University of Edinburgh on the sidelines of the 2023 Black Hat USA conference about his briefing: “Lemons and Liability: Cyber Warranties as an Experiment in Software Regulation.”Bởi ReversingLabs
…
continue reading
1
Creating the Standard for Supply Chain Risk
22:47
22:47
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:47
In this episode, host Paul Roberts chats with Robert Martin of MITRE and Cassie Crossley of Schneider Electric about their session at this year’s RSA Conference. They explained how MITRE’s System of Trust can serve as a standard for software supply chain risk. The two also chatted with Paul about the greater issues facing software supply chains tod…
…
continue reading
1
How Do You Trust Open Source Software?
15:40
15:40
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
15:40
In this episode, host Paul Roberts chats with Naveen Srinivasan, an OpenSSF Scorecard Maintainer, about his talk at this year’s RSA Conference on how to better trust open source software. In their conversation, Naveen explains how the OpenSSF Scorecard tool can help developers understand the security posture of open source dependencies.…
…
continue reading
In this episode, we interview Chris Romeo, CEO of Kerr Ventures and long-time application security (app sec) practitioner on the sidelines of the 2023 RSA Conference. He gives a rundown on the state of app sec and comments on other software threats posed to organizations today.Bởi ReversingLabs
…
continue reading
In this episode of ConversingLabs, host Paul Roberts chats with John Jackson, a security researcher, about the work he and research group Sakura Samurai did in looking at exposed secrets and other threats on Indian government websites.Bởi ReversingLabs
…
continue reading
1
SBOM skeptics and talks about the importance of software supply chain transparency
22:15
22:15
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:15
In this special Café edition of ConversingLabs, host Paul Roberts interviews Joshua Corman, the Vice President of Cyber Safety Strategy at Claroty and the Founder of I Am The Cavalry on the sidelines of the RSA Conference 2023 in San Francisco. Josh speaks with Paul about his RSAC track session, The Opposite of Transparency, which takes on skeptici…
…
continue reading
1
Malware & Software Supply Chain Security
16:56
16:56
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
16:56
In this special edition episode of ConversingLabs, host Paul Roberts interviews ReversingLabs Director of Product Management, Charlie Jones, on the sidelines of the 2023 RSA Conference in San Francisco. Charlie speaks with Paul about his RSAC track session: The Rise of Malware Within the Software Supply Chain.…
…
continue reading
1
Contextualizing the National Cybersecurity Strategy
37:46
37:46
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
37:46
In this episode, host Paul Roberts chats with Devin Lynch, Director of Supply Chain and Technology Security for the Office of the National Cyber Director, about the National Cybersecurity Strategy released by the White House last month. They discuss the motivations behind this policy move, what its impact will be in the short and long term, as well…
…
continue reading
In this episode, host Paul Roberts chats with Katie Mousourris, CEO and Founder of Luta Security. Mousourris has a robust background in creating and running bug bounty programs as well as professional hacking. In their conversation, she discusses the evolution of professional hacking and how important bug bounty programs have become to the cybersec…
…
continue reading
1
The Road to Software Supply Chain Security Compliance
35:46
35:46
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
35:46
In this episode, host Paul Roberts chats with Steve Lasker, a former Azure Program Manager with over 20 years of experience at Microsoft. Lasker touched on his industry experience to explain how the effort to secure software has evolved into what it is today. He then explained how government standards for software supply chain security globally wil…
…
continue reading
1
A Closer Look at the Enduring Security Framework’s Guidance
26:47
26:47
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
26:47
The U.S. Federal Government's Enduring Security Framework (ESF) Working Panel released a guidance on "Securing The Software Supply Chain" in September, 2022. The ESF is made up of both government officials and industry practitioners, and this guidance with the intention of it being a "practical guide" for software developers. In this episode, host …
…
continue reading
1
ZetaNile - Open Source Software Trojans
22:41
22:41
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
22:41
In September 2022, Microsoft released a report on a group they track as ZINC (also known as Lazarus), which is a state-sponsored group out of North Korea. The report details how ZINC has been using a set of trojanized, open source software implants dubbed ZetaNile (also known as BLINDINCAN) to attack a number of organizations since June 2022. The R…
…
continue reading
1
The Silent Epidemic of Business Email Compromise (BEC) Attacks
51:51
51:51
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
51:51
Online fraud is among the most pernicious and devastating forms of cybercrime- measured by the financial and psychological toll it takes on victims. Phony tech support, online romance and business email compromise scams drain billions from our economy annually and take a huge toll on families, businesses and communities. And yet, it is often overlo…
…
continue reading
Software Bills of Materials (SBOMs) are a helpful first step for an organization looking to secure its software supply chain. SBOMs serve as an ingredients list, pointing out all of the components that make up a software product, such as open source software packages, third party software and more. Federal guidance in the U.S. now strongly recommen…
…
continue reading
Supply chain attacks are not limited to SaaS (software-as-a-service) applications. Specific kinds of software, such as firmware, are also at risk of suffering supply chain attacks. Firmware is typically used to control hardware devices, and sits at a lower level, connecting high-level software with an operating system. It is important for the cyber…
…
continue reading
The exploit known as Follina resurfaced in late May 2022 as researchers discovered its use in a phishing document campaign. ReversingLabs Malware Researcher Joseph Edwards hunted for Follina exploitation samples to observe what final payloads are being delivered in-the-wild. He joins host Paul Roberts for this episode of ConversingLabs to share his…
…
continue reading
YARA rules have been a proven tool for threat detection and hunting. Organizations who want to be mindful of today’s most serious threats, such as wiper malware and ransomware, should be leveraging this tool however they can. For this episode of ConversingLabs, we invited ReversingLabs Malware Researcher Hrvoje Samardžić plus Roman Hüssy of Abuse.c…
…
continue reading
1
Lessons Learned from CI/CD Compromises
20:27
20:27
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
20:27
In this special edition episode, ConversingLabs host Paul Roberts interviewed researchers Iain Smart and Viktor Gazdag of NCC Group from the showroom floor at Black Hat 2022. Paul chatted with the researchers about their Black Hat session on compromises to CI/CD pipelines, being an integral part of software supply chain security.…
…
continue reading
1
Déjà Vu: Uncovering Stolen Algorithms in Commercial Products
38:59
38:59
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
38:59
A systemic issue impacting the cybersecurity community is the theft and unauthorized use of algorithms by corporate entities. This is an issue that Patrick Wardle, Founder of the Objective-See Foundation, has brought to the forefront as a speaker at this year’s Black Hat USA Conference. His talk at Black Hat presented the techniques to spot unautho…
…
continue reading
1
Not All Developers Can Be Security Jedis
43:16
43:16
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
43:16
At this year’s Black Hat Conference in Las Vegas, software supply chain security was top of mind for the InfoSec community. One of the biggest obstacles to improving the security of organizations and critical infrastructure is the poor state of software security. Alas: training developers to produce secure code is expensive, and time intensive. Or …
…
continue reading
1
IconBurst - The Newest Software Supply Chain Attack
36:43
36:43
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
36:43
ReversingLabs recently discovered a software supply chain attack known as IconBurst. This incident is a widespread campaign, consisting of the installation of malicious NPM modules that are harvesting sensitive data from forms embedded in mobile applications and websites. Karlo Zanki, a Reverse Engineer at ReversingLabs, was the first to discover t…
…
continue reading
AstraLocker is a fork of the Babuk ransomware family. Babuk is a past Ransomware-as-a-Service (RaaS) threat group, selling ransomware tools to affiliate cybercriminals. AstraLocker 2.0 was first seen in March 2022, but new research has surfaced about its capabilities. ReversingLabs Malware Researcher Joseph Edwards joined us for the first episode o…
…
continue reading
1
Bryson Bort of Scythe.io talks Colonial Pipeline: Lessons Learned
30:02
30:02
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
30:02
Bryson Bort of Scythe.io spoke with host Paul Roberts about the May 2021 Colonial Pipeline hack that caused a fuel shortage on America's southeastern coast. Bort tackles the question: “What the hell happened?” He mentions that the incident truly was a “watershed moment” for the industry, since this ransomware attack directly impacted the lives of e…
…
continue reading
1
Steve Lipner of SAFECODE on Supply Chain Security - Is It Even Possible?
27:57
27:57
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
27:57
In this conversation, Steve Lipner of SAFECODE explains what secure software is, and recounts his own experiences on Microsoft’s Software Security Development Lifecycle Team as the point of the spear in Microsoft’s Trustworthy Computing Initiative. Lipner stresses that secure software must come from within (so to speak). Outside consultants may be …
…
continue reading
1
Robert Martin of MITRE on Supply Chain System of Trust
25:11
25:11
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
25:11
In this conversation, Robert Martin of MITRE talks about how the software supply chain is highly complicated, due to an increasing number of things in society becoming cyber-enabled. He and MITRE created the System of Trust (SoT) so that organizations can consider the most important aspects of the software supply chain, giving a more holistic conte…
…
continue reading
1
Dependency Confusion As A Tool For Targeted NPM Hacks
42:20
42:20
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
42:20
NPM dependency confusion has emerged as a potent software supply chain attack vector via platforms like npm, with malicious packages surreptitiously added to these repositories, maintained by leading firms. In this episode, we're joined by ReversingLabs Reverse Engineer Karlo Zanki to dig into some of our recent findings that show dependency confus…
…
continue reading
1
Local Threat Intel - You're Soaking In It!
59:32
59:32
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
59:32
Even small organizations are sitting on top of a wealth of threat intel: their own IT environment. It’s essential for enterprises of all kinds to understand how to tap into this intelligence to better protect their operations. In this episode, we chatted with ReversingLabs’ very own Hrvoje Samardžić and Independent Malware Hunter Luigi De Mori/JAME…
…
continue reading
1
Emotet Unbound: Understanding the Risk
59:24
59:24
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
59:24
Emotet is one of the most prolific pieces of malware on the Internet. What started as software designed to hijack online banking sessions is now a Swiss Army Knife of ill intent, including features for botnets, spam distribution and malicious downloads. Even worse, Emotet has been embraced by one of the Internet’s most dangerous groups: Conti (aka …
…
continue reading
The Conti ransomware group —a.k.a. Wizard Spider; a.k.a. TrickBot; a.k.a Ryuk—is one of the most prolific ransomware gangs around. It is believed to have been active, in various incarnations, since about 2016. Just in the last year, Conti is believed to be responsible for high profile attacks, including the city government in Tulsa, Oklahoma and Ir…
…
continue reading
1
Cyberwar in Europe: Unpacking the Ukrainian Wipers
40:48
40:48
Nghe Sau
Nghe Sau
Danh sách
Thích
Đã thích
40:48
Even before Russian tanks began rolling across Ukraine’s borders on February 24, the cyber war on the country had begun. In the days before the kinetic war began, a string of attacks battered Ukrainian government, defense and civil society websites and networks. Among them: massive denial of service attacks and targeted malware attacks. In this epi…
…
continue reading