📌 We apologize for the technical issues experienced while filming this episode. Now onto the episode details: Oracle recently faced a major security scare after a hacker claimed to have stolen 6 million data records — a breach that has everyone talking. After initially denying the breach, Oracle is now saying their Oracle Cloud Infrastructure has n…

The Bybit crypto exchange was hacked for a record-breaking $1.5 billion theft of Ether cryptocurrency – perhaps the largest scale theft of all time. The FBI has linked the attack to TraderTraitor, a sub-cluster of the Lazarus Group, who leveraged a compromised machine of Safe{Wallet} to execute a supply chain attack on the Bybit platform. Matt and …

DeepSeek, the Chinese AI startup dominating news feeds, has experienced exponential growth while wiping almost $1 trillion off the U.S. stock market. However, the model's rise has now been overshadowed by a surge of malicious attacks. On this special episode of State of Cybercrime, Matt and David explore the rise of this innovative AI tool, the sub…

On this episode of State of Cybercrime, Matt and David cover the most recent Chinese state-sponsored APT attack by Silk Typhoon on the U.S. Treasury Department. They discuss how the attackers used a remote support tool to enable unauthorized access to Treasury workstations and unclassified documents. They also dive into some of the most pressing cy…

In this episode, Matt and David delve into the evolving story of Salt Typhoon, a Chinese state-sponsored group, and their use of the innovative 'GhostSpider' backdoor to infiltrate telecommunication service providers. This sophisticated and far-reaching cyberattack, which is much larger than previously understood, has compromised sensitive cellular…

Russia's APT29, a.k.a "Midnight Blizzard," is arguably one of the world's most notorious threat actors. You might recall their involvement in the 2019 SolarWinds attack where they operated under the alias "Cozy Bear." The group is back with more relentless attacks—breaching cloud credentials and targeting over 100 organizations worldwide. In this e…

In this episode of the SecurityANGLE, our cybersecurity-focused series, I’m joined by Matt Radolec, VP of Incident Response, Cloud Operations, & SE EU at Varonis, for a conversation about navigating the security risks posed by generative AI and thoughts on how organizations can adopt AI but also manage to mitigate risk at the same time. Varonis hos…

This episode of the SecurityANGLE features host Shelly Kramer, managing director and principal analyst at theCUBE Research, and Jo Peterson, analyst, engineer, and member of theCUBE Collective community of independent analysts and Teradata CISO Billy Spears for a conversation exploring data warehouse security strategies. Today, the average size of …

Hosts Matt Radolec and David Gibson explain how cybercriminals are manipulating AI models like ChatGPT to plant false memories and steal data, along with other cybercrime-related stories like Salt Typhoon. Salt Typhoon is a Chinese hacking group that has reportedly breached multiple key U.S. broadband providers, raising significant concerns about t…

Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by fellow analyst and frequent co-host Jo Peterson on the SecurityANGLE podcast for a conversation about deception technology, a strategy designed to attract cybercriminals away from an enterprise’s true assess and divert them to a decoy or trap, is gaining tractio…

In this episode of the SecurityANGLE, I'm joined by Global Strategy Leader for IBM Security Sam Hector for a deep dive into one of my favorite annual reports, the 19th annual IBM Cost of a Data Breach Report. This year’s report is based on insights from 604 organizations impacted by data breaches between March 2023 and February 2024. The research i…

In this episode of the SecurityANGLE our conversation revolves around cyber resiliency and how embracing a proactive security approach can not only help address gaps in visibility, but also ensure organizations the business resilience they seek, as well as help them keep up with the rapid pace of innovation that is our reality today. My guest today…

The North Korean Lazarus group is running multiple high-risk campaigns: one exploiting Windows and another installing malware through fraudulent blockchain job offers. State of Cybercrime hosts Matt Radolec and David Gibson discuss the various APT groups, including a prolific ransomware-as-a-service operation and a Chinese cyber espionage gang know…

In this episode of the SecurityANGLE, Jo Peterson and I break down some key takeaways from Black Hat 2024, a look at Ivanti's State of Cybersecurity 2024 Report and some of its findings, as well as an overview of some of the briefings we were most interested in, along with vendors who either had interesting news and/or cool product launches/updates…

Matt Radolec and David Gibson discuss how an unknown attacker recently exploited a vulnerability in Proofpoint’s email routing system, allowing them to bypass security measures and send millions of spoofed emails on behalf of major companies. The co-hosts also cover: + The North Korean threat actor hired using AI + The biggest ransomware payment ev…

In this episode of the SecurityANGLE, our podcast series on all things security, Shelly Kramer, managing director and principal analyst at theCUBE Research. I’m joined by my friend and fellow analyst, Jo Peterson, for a conversation today about Secure Enterprise Browsers and how we see these as the new endpoint. Browsers. It’s hard to think that th…

This episode of the SecurityANGLE features Shelly Kramer, managing director and principal analyst at theCUBE Research and Tanium CEO Dan Streetman, for a conversation about the renewed interest in business resilience and business continuity following the massive CrowdStrike outage of a few weeks past as well as the fact that multi-cloud is becoming…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research reviews the findings from Zscaler ThreatLabz' 2024 Ransomware Report with Brett Stone-Gross, senior director of threat intelligence at Zscaler, for a walk through the newly released Zscaler ThreatLabz 2024 Ransomware Report.…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research, is joined by Douglas McKee, executive director, threat research at SonicWall to unpack some of the key findings from SonicWall's 2024 Mid-Year Cyberthreat Report. This year’s report takes a look at the rapidly evolving threat lands…

In this episode of State of Cybercrime, co-hosts Matthew Radolec and David Gibson dive into the details around LockBit, and cover other news including: + The MOVEit authentication bypass flaw + Developments in the Polyfill supply chain attack affecting millions of websites + Updates on the targeted campaign against Snowflake +A massive insider brea…

By SiliconANGLE

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by Manoj Saxena, founder and chairman of Trustwise, for a conversation about AI and the role technology can play in AI application performance, risk management, and corporate sustainability initiatives. Trustwise is offici…

Snowflake, a cloud storage platform used by some of the largest companies in the world, is investigating a targeted attack on its users who lack multifactor authentication. Join Matt Radolec and David Gibson for an episode of State of Cybercrime in which we discuss the increased attacks on Snowflake customers and share our five-point checklist for …

In this episode of the SecurityANGLE, Shelley Kramer, managing director and principal analyst at theCUBE Research, is joined by fellow analyst, engineer and member of theCUBE Collective community, Jo Peterson, for a conversation with Cassie Crossley, VP of supply chain security, cybersecurity and product security office at Schneider Electric. Check…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research, is joined by Zscaler’s CSO, Deepen Desai, for a conversation about the findings in the company’s newly released 2024 AI Security Report. The survey relied on more than 18 billion transactions across the company’s cloud security pla…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by fellow analyst Zeus Kerravala, principal of ZK Research, to discuss Fortinet Accelerate 2024, held in Vegas this past week, with a whopping 4,000 people in attendance. In November 2023, Fortinet announced a reorganizati…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research, is joined by fellow analyst, engineer, and member of theCUBE Collective community for a conversation exploring generative AI, security, and law firm readiness for Microsoft 654 Copilot with Jason Thomas. Thomas is the CIO at Cole, …

In this episode of the SecurityANGLE, guest host Jo Peterson, member of theCUBE Collective community of independent analysts, is joined by Chuck Brooks, president of Brooks Consulting. In addition to his strategic consulting work, Brooks is also an adjunct professor at Georgetown University, where he teaches courses on risk management, homeland sec…

In this episode of the SecurityANGLE, theCUBE Research's Shelly Kramer is joined by Jo Peterson, analyst, engineer, and member of theCUBE Collective community, for an exploration of four of the most pressing generative AI risks that keep CISOs up at night: - Model training and attack surface vulnerabilities - Data privacy - Corporate intellectual p…

In this episode of the SecurityANGLE, theCUBE Research analysts Shelly Kramer and David Linthicum are joined by fellow analyst, engineer, and member of theCUBE Collective community, Jo Peterson, for a conversation about the transformative nature of cloud and AI. With the global cloud computing marketing expected to reach an estimated $600 billion U…

A new data leak of more than 500 documents published to GitHub reveals the big business behind China’s state-sponsored hacking groups — from top-secret surveillance tools to details of offensive cyber ops carried out on behalf of the Chinese government. Join Matt and David for a special State of Cybercrime, which dives into China's espionage campai…

In this episode of the SecurityANGLE, host Shelly Kramer, managing director and principal analyst at theCUBE Research is joined by fellow analyst, engineer, and member of theCUBE Collective Community, Jo Peterson and Bil Harmer, operating partner and CISO at Craft Ventures. Our conversation today centered on the rise of AI-enhanced vishing and smis…

CISA issued an emergency directive to mitigate Ivanti Connect Secure and Ivanti Policy Secure vulnerabilities after learning of malware targeting the software company, allowing unauthenticated threat actors to access Ivanti VPNs and steal sensitive data. CISA is requiring all federal agencies to disconnect from affected Ivanti products by EOD Febru…

In this episode of the SecurityANGLE, our series focused on all things security, theCUBE Research managing director/principal analyst Shelly Kramer is joined by fellow analyst, engineer, and member of theCUBE Collective community, for a conversation around the top five enterprise risk management trends to watch in 2024 and a dive into why ERM aware…

In this episode of The #SecurityANGLE, Shelly Kramer, managing director and principal analyst at #theCUBEResearch, is joined by Jo Peterson, VP of cloud and security services at #Clarify360 and a member of #theCUBECollective community of independent analysts. Check out theCUBE for the latest in enterprise tech https://siliconangle.com/category/cube…

This is theCUBE's latest episode in our series, The Road to Intelligent Data Apps, which focuses on the evolution of the modern data stack into the new platform for applications, or what we’re calling “the sixth data platform.” This modern data stack is becoming the new platform for applications as raw cloud infrastructure recedes into the backgrou…

In this episode of the #SecurityANGLE, our focus is on the evolution of #AI as a threat, where we explore the three stages that we expect to see this evolution unfold in 2024. The three stages we discuss on today's show are: Check out theCUBE for the latest in enterprise tech https://siliconangle.com/category/cube-event-coverage/ - AI Threat Actors…

In this episode of our #AnalystANGLE, theCube Research's Shelly Kramer talks with Zeus Kerravala, principal analyst at ZK Research and member of theCUBE Collective community, about the news of #HPE's acquisition talks with #JuniperNetworks for a rumored $14 billion. Check out theCUBE for the latest in enterprise tech https://siliconangle.com/catego…

Enjoy our first State of Cybercrime episode of 2024 as Matt Radolec and David Gibson cover: Who is to blame for 23andMe’s big breach SEC’s X account getting hacked Threat actors swatting patients Varonis Threat Labs research on a new, widespread vulnerability: https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes Mentioned…

In this episode of 'State of Cybercrime', the hosts discuss various topics including an executive order on Artificial Intelligence(AI) by President Biden promoting a balance between AI safety, security, privacy and innovation, as well as implications for American leadership in AI. They covered the disruptive Mozi Botnet, SolarWinds CISO's challenge…

Few breaches have drawn as much social media fervor as the recent 23andMe incident, in which the genomics company was victim to a massive credential stuffing attack that leveraged leaked and reused passwords to target accounts without MFA. What differentiates this attack from others is that 23andMe itself was not breached, but an entire wave of its…

Join Matt Radolec and David Gibson for this episode of the State of Cybercrime, recording from Black Hat 2023, as they cover the latest threats you need to know about.Also be sure to check out our webinar, New SEC Cyber Rules: Action Plan for CISOs and CFOs on Tuesday, August 22 | 12 p.m. ET. Link here:https://info.varonis.com/en/webinar/what-the-n…

The Storm-0558 incident has proven to be even more widespread than initially reported. While Microsoft originally stated that only Outlook.com and Exchange Online were affected, Wiz Research has discovered that the compromised signing key may have allowed the cybercriminal group to forge access tokens for SharePoint, Teams, OneDrive, and every othe…

A Microsoft zero-day vulnerability has allowed hacking group Storm-0558 to forge Azure AD authentication tokens, and breach organizations — including U.S. government agencies — in the past week.Watch this State of Cybercrime episode to hear our experts break down how this attack happened, see the discoveries made by the Varonis Threat Labs team, an…

Across the globe, CL0P ransomware group is extorting hundreds of organizations after exploiting an unknown SQL injection vulnerability in file transfer service MOVEit. The victims need to contact the ransomware group by June 14 or their stolen data will be published publicly on the group’s extortion site.Join Matt Radolec, David Gibson, and special…

In the wake of the U.S. defense leak, the Pentagon CIO has given a one-week deadline for all defense agencies to ensure compliance with DOD information security protocols. But what does that actually mean?Join Matt, David, and Varonis Team Lead Engineer for U.S. Public Sector Trevor Brenn for a State of Cybercrime episode that breaks down what the …

Links mentioned in this episode: • Video course (free) on building an IR plan: https://info.varonis.com/thank-you/course/cyber-incident-response • Blog post about LockBit: https://www.varonis.com/blog/anatomy-of-a-ransomware-attack • Blog post about HardBit: https://www.varonis.com/blog/hardbit-2.0-ransomware Want to join us live? Save a seat here:…

Recent cyberattacks, zero-days, and APTs have positioned China as a cybersecurity adversary.Join Matt Radolec and David Gibson for a special State of Cybercrime episode, during which the two will discuss the recent wave of stealth Chinese cyberattacks against U.S. private networks and what this means for U.S.-Chinese relations in 2023.Matt and Davi…

Still reeling from last year’s data breach, password manager LastPass recently shared that the same attacker who targeted the organization in August has struck again, this time using stolen data to hack an employee’s home computer. Join Matt Radolec and David Gibson as they walk you through the multi-stage attack, revisiting the discussion of the i…

We're back! Kind of. We'll soon relaunch this podcast and wanted to give you a quick update on what's happening. Want to join us live? Save a seat here:https://www.varonis.com/state-of-cybercrimeMore from Varonis ⬇️ Visit our website: https://www.varonis.comLinkedIn: https://www.linkedin.com/company/varonisX/Twitter: https://twitter.com/varonisInst…