DEATH Labs: Cyber Threats and Research by Netenrich

Often when we think of cyber security, we think of financial fraud, ransomware, or data theft.  In recent years we've seen an increase in malware targeting industrial control systems such as sewage treatment plants, the power grid, and utilities necessary for basic human life.  We are joined by Jimmy Wylie of Dragos to discuss the trends and what he sees in this world, and how the problem is getting worse.  

Everything defenders do is public, which means threat actors can look us up in how we’re detecting them and adapt their techniques. The bad news is that they learn how to evade us. The good news is that since I’m a former latchkey kid who grew up in the 80s with a short attention span, there is always something new to research. Donald “Mac” MacCarthy from Open Source Context joins us to talk about how he sees threat actors changing using passive DNS and what we can do about it.

In this episode, we are joined by Dr. Anton Chuvakin, Office of the CISO, at Google Cloud Security, where we discuss the evolution of SIEM from on-premise to the Cloud, and to autonomic security operations. Can our industry innovate to move beyond current SIEM limitations to reach “ops nirvana” to a data analytics-fueled security operations?

We are joined this week by John Giglio, director of cloud security for SADA, with tales from the trenches on how automation has helped threat hunting and threat analytics to improve the lives of security organizations.

For this week’s interview, Netenrich’s John Bambenek chats with Merys Raymer, Partner Engineering at Google Cloud Security. Merys shares her personal journey as a former threat and security analyst, fighting fires in the SOC trenches. She provides real world insights on the need for advanced SIEMs, data analytics, and automation to optimize security operations.

Muddy Waters is an active and prolific APT threat using some unique tactics and malware to actual exfiltrate data. We are joined by Allison Wikoff, who is an expert in this threat actor to discuss what techniques they are using and what it means for enterprise defenses. 

In this episode, we’re joined by Juan Andres Guerrero-Saade discussing how language learning models can be used by security analysts, and those teaching, the next generation of cyber security professionals to aid them, and their work.

John Bambenek covers the rise of domain clustering of malicious phishing domains that security analysts need to care about. He is joined by cybersecurity expert Ed Gibbs, Field CTO at Whois API, who shares enlightening techniques on how to find, investigate and resolve these types of daily attacks.

John Bambenek talks with security expert Ronnie Tokazowski, Principal Threat Advisor at Cofense, on the rise of behavioral-led attacks impacting organizations. Recent exposures involving romance scams and pig butchering techniques target people and their emotions involving business email compromises. Ronnie delves into the methods organizations can detect and prevent issues from escalating. It centers on finding the gaps that traditional point solutions and ops systems are not currently tracking.

Host John Bambenek, threat researcher at Netenrich, interviews leading security experts and threat researchers on the latest cyberattacks and compromises impacting businesses today. Listeners will gain insights on proven techniques and approaches to advanced threat hunting, detection, and response.  Listen in to the witty and humorous conversations backed by decades of security and SOC expertise.