エピソード

  • S3 Ep16: [Bonus Episode] Professional Growth and Security Strategies with Arun DeSouza

    S3 Ep16: [Bonus Episode] Professional Growth and Security Strategies with Arun DeSouza
    2025/01/24
    In this episode of Intel 471's Out of the Woods: Threat Hunting Podcast, Arun DeSouza shares insights from his journey as a cybersecurity leader, including the importance of zero trust, identity management, and data sovereignty. Arun emphasizes the value of strong relationships, mentorship, and continuous learning in overcoming challenges like IoT risks and responsible AI adoption.

    Packed with practical advice, this conversation offers valuable takeaways for cybersecurity professionals at any stage of their career.

    Connect with Arun: https://www.linkedin.com/in/arundesouza/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    29 分
  • S3 Ep15: Trust but Verify

    S3 Ep15: Trust but Verify
    2025/01/22
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up --> https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    [LIVE] Threat Hunting Workshop: Hunting for Initial Access – Level 2
    February 12, 2025 | 12:00 – 1:00 PM ET
    Sign Up --> https://intel471.com/resources/webinars/threat-hunting-workshop-14-hunting-for-initial-access-level-2


    ----------


    Top Headlines:

    1. Sekoia.ai Blog | Sneaky 2FA: Exposing a New AiTM Phishing-as-a-Service: https://blog.sekoia.io/sneaky-2fa-exposing-a-new-aitm-phishing-as-a-service/
    2. Netcraft | The Truth of the Matter: Scammers Targeting Truth Social Users: https://www.netcraft.com/blog/truth-social-scam-threat-review/
    3. Silverfort | Think You Blocked NTLMv1? Bypassing NTLM Authentication is Still Possible: https://www.silverfort.com/blog/ntlmv1-bypass-in-active-directory-technical-deep-dive/
    4. Cybersecurity News | CVE-2025-0411: 7-Zip Security Vulnerability Enables Code Execution – Update Now: https://securityonline.info/cve-2025-0411-7-zip-security-vulnerability-enables-code-execution-update-now/?&web_view=true

    ----------


    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    34 分
  • S3 Ep14: Some Things are Better Left Unstructured

    S3 Ep14: Some Things are Better Left Unstructured
    2025/01/15
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up -->     https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    Top Headlines:

    1. Truffle Security | Millions of Accounts Vulnerable due to Google's OAuth Flaw: https://trufflesecurity.com/blog/millions-at-risk-due-to-google-s-oauth-flaw
    2. Halcyon | Abusing AWS Native Services: Ransomware Encrypting S3 Buckets with SSE-C: https://www.halcyon.ai/blog/abusing-aws-native-services-ransomware-encrypting-s3-buckets-with-sse-c
    3. Horizon3 | Critical Vulnerabilities in SimpleHelp Remote Support Software: https://www.horizon3.ai/attack-research/disclosures/critical-vulnerabilities-in-simplehelp-remote-support-software/
    4. Sekoia | Double-Tap Campaign: Russia-nexus APT possibly related to APT28 conducts cyber espionage on Central Asia and Kazakhstan diplomatic relations: https://blog.sekoia.io/double-tap-campaign-russia-nexus-apt-possibly-related-to-apt28-conducts-cyber-espionage-on-central-asia-and-kazakhstan-diplomatic-relations/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    38 分
  • S3 Ep13: Unpacking Gifts After Christmas: Extensions, Packages, and Fiascos

    S3 Ep13: Unpacking Gifts After Christmas: Extensions, Packages, and Fiascos
    2025/01/07
    [LIVE] Out of the Woods Podcast
    January 30, 2025 | 12:00 - 1:30 PM ET
    Sign Up -->     https://intel471.com/resources/podcasts/the-art-of-the-hunt-turning-intel-into-action

    Top Headlines:

    1. Socket | Quesar RAT Disguised as an npm Package for Detecting Vulnerabilities in Etherium Smart Contract: https://socket.dev/blog/quasar-rat-disguised-as-an-npm-package
    2. BleepingComputer | Windows 10 Users Urged to Upgrade to Avoid “Security Fiasco: https://www.bleepingcomputer.com/news/microsoft/windows-10-users-urged-to-upgrade-to-avoid-security-fiasco/?&web_view=true
    3. The Hacker News | When Good Extensions Go Bad: Takeways from the Campaign Targeting Browser Extensions: https://thehackernews.com/2024/12/when-good-extensions-go-bad-takeaways.html?m=1
    4. The Python Package Index Blog | Project Quarantine – The Python Package Index Blog: https://blog.pypi.org/posts/2024-12-30-quarantine/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    40 分
  • S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked

    S3 Ep12: Declawing, Disguising, and Destroying: Modern Cyber Threats Unmasked
    2024/12/17
    Top Headlines:

    1. Elastic Security Labs | Declawing PUMAKIT: https://www.elastic.co/security-labs/declawing-pumakit
    2. XLab | Glutton: a New Zero-Day Detection PHP Backdoor from Winnti Targets Cybercriminals: https://blog.xlab.qianxin.com/glutton_stealthily_targets_mainstream_php_frameworks-en/
    3. Claroty | Inside a New OT/IoT Cyberweapon: IOCONTROL - https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
    4. SecureList | Careto is Back: What's New After 10 Years of Silence?: https://securelist.com/careto-is-back/114942/

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    46 分
  • S3 Ep11: Attack Away, Same Tricks Will Stay

    S3 Ep11: Attack Away, Same Tricks Will Stay
    2024/12/10
    Top Headlines:

    1. Embrace The Red | DeepSeek AI: From Prompt Injection to Account Takeover: https://embracethered.com/blog/posts/2024/deepseek-ai-prompt-injection-to-xss-and-account-takeover/
    2. Huntress | Cleo Software Actively Being Exploited in the Wild: https://www.huntress.com/blog/threat-advisory-oh-no-cleo-cleo-software-actively-being-exploited-in-the-wild
    3. Zscaler | Unveiling RevC2 and Venom Loader: https://www.zscaler.com/blogs/security-research/unveiling-revc2-and-venom-loader
    4. Cyble | Threat Actor Targets Manufacturing Industry with Malware: https://cyble.com/blog/threat-actor-targets-manufacturing-industry-with-malware/?&web_view=true

    ----------

    Stay in Touch! Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    37 分
  • S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt

    S3 Ep10: [LIVE] The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt
    2024/12/09
    Welcome to Out of the Woods: The Threat Hunting Podcast! In this episode, "The Ideal Outcome: The Gift of a Well-Crafted Threat Hunt," our expert team dives into what it means to reach the “ideal outcome” as a threat hunter, offering actionable insights to help you build an effective and enduring approach.

    This episode discussed:

    • Long-Term Impact: Discover how a structured threat hunt can benefit both hunters and their organizations, reinforcing stronger security measures and insights that last.
    • Security Stack Essentials: Learn about the ideal tools and technologies that make up a robust security stack, empowering you to align hunting efforts with broader security goals.
    • Integration and Team Synergy: Find out how to integrate threat hunting with security operations teams, fostering collaboration to create a well-rounded defense approach.
    • Skills for the Future: We’ll also discuss the critical skills and techniques that help threat hunters stay effective in an evolving threat landscape.

    Interesting Artifacts:
    • https://gptzero.me/
    • https://atomicgen.io/
    • https://securitydatasets.com/introduction.html

    🔗 Join us on Discord: https://discord.gg/Ka6tsEc3


    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    1 時間 28 分
  • S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI

    S3 Ep9: [Bonus Episode] Dr. Joshua Scarpino on Guardrails for Responsible AI
    2024/12/02
    **Out of the Woods: The Threat Hunting Podcast [LIVE EPISODE]
    December 5, 2024 | 12:00 - 1:30 PM EST
    Sign Up Here:     https://intel471.com/resources/podcasts/the-ideal-outcome-the-gift-of-a-well-crafted-threat-hunt

    ----------

    In this episode of Out of the Woods: The Threat Hunting Podcast, host Scott Poley speaks with Dr Joshua Scarpino, VP of Information Security at TrustEngine and CEO of Assessed.Intelligence, during the Information Security Summit in Cleveland. Josh shares insights from his extensive career in IT and security, diving into responsible technology deployment and the challenges of managing AI systems.

    Learn how organizations can implement guardrails to mitigate risks, tackle scope creep, and build foundational frameworks like the NIST AI Risk Management Framework (RMF). Josh also emphasizes the importance of addressing unknown risks and the need for diverse perspectives in AI system development to ensure fairness and accountability.

    Tune in to gain practical strategies for assessing risks, establishing governance, and driving secure innovation in today’s evolving tech landscape.

    *Connect with Dr. Joshua Scarpino: https://www.linkedin.com/in/joshuascarpino/

    ----

    Stay in Touch!
    Twitter: https://twitter.com/Intel471Inc
    LinkedIn: https://www.linkedin.com/company/intel-471/
    YouTube: https://www.youtube.com/channel/UCIL4ElcM6oLd3n36hM4_wkg
    Discord: https://discord.gg/DR4mcW4zBr
    Facebook: https://www.facebook.com/Intel471Inc/
    続きを読む 一部表示
    9 分