The Signal Incident

On this week's episode, Adam and Andy talk about CISA's DDoS protection guidance. This follows the episode on Microsoft's Digital Defense Report where DDoS attacks and protections were also highlighting in the report. ------------------------------------------- YouTube Video Link: https://youtu.be/_9puZjc05H4 ------------------------------------------- Documentation: https://www.cisa.gov/sites/default/files/publications/understanding-and-responding-to-ddos-attacks_508c.pdf https://www.cisa.gov/cisa-tabletop-exercise-packages https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bcRe?culture=en-us&country=us ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

5 Joulu 202218min

On this week's episode, Adam and Andy talk about Microsoft's Digital Defense Report. This report has a wealth of information on the state of cybersecurity, current trends, attack vectors, and defense suggestions for organizations. They break down some key points so listen in if you do not have time to read the entire report. ------------------------------------------- YouTube Video Link: https://youtu.be/CS5F8puZQXo ------------------------------------------- Documentation: https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bUvv?culture=en-us&country=us https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE5bcRe?culture=en-us&country=us ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

28 Marras 202238min

On this week's episode, Adam is back and joined by Andy to talk about Mastodon. This decentralized social media platform has been around since 2016 and recently has been growing exponentially due to the Twitter migration. Critical mass has already happened for many communities including the infosec community so it is in our best interest to learn about it and learn how to use it. ------------------------------------------- Youtube Video Link: https://youtu.be/Rc40W8bcAs0 ------------------------------------------- Documentation: https://grahamcluley.com/mastodon-what-you-need-to-know-for-your-security-and-privacy/ https://www.hughrundle.net/home-invasion/ https://www.cyberscoop.com/twitter-dumpster-fire-infosectwitter/ ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

21 Marras 202234min

This week, friend of the pod, Shannon Fritz, fills in for Adam and he and Andy talk about the big update for Patch Tuesday, the Medibank double extortion incident, and the meltdown happening at Twitter. ------------------------------------------- Youtube Video Link: ------------------------------------------- Documentation: https://support.microsoft.com/en-us/topic/november-8-2022-kb5019980-os-build-22621-819-b503e08b-b850-469a-8de9-74df8aebd5f4 https://www.9news.com.au/technology/medibank-hack-suspected-cybercriminal-releases-sample-of-australian-customer-data/26aa6096-f730-4a8c-83a1-b0d3da6519d7 https://twitter.com/leakissner/status/1590706305102381058?s=46&t=b1TkB4mKrocmPYWcffWQtg https://www.theverge.com/2022/11/10/23451198/twitter-ftc-elon-musk-lawyer-changes-fine-warning https://www.technologyreview.com/2022/11/08/1062886/heres-how-a-twitter-engineer-says-it-will-break-in-the-coming-weeks/ https://www.technologyreview.com/2022/11/11/1063162/twitters-imminent-collapse-could-wipe-out-vast-records-of-recent-human-history/ ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

14 Marras 202229min

This week, Adam and Andy talk about the Dropbox and Twilio breach where old phishing tricks worked and attackers were able to get credentials. They also talk about CISA's new guidance on phish resistant MFA and Enhance Phishing Protection in Windows 11 22H2. ------------------------------------------- Youtube Video Link: https://youtu.be/06lGGC6GSJM ------------------------------------------- Documentation: https://dropbox.tech/security/a-recent-phishing-campaign-targeting-dropbox https://www.cisa.gov/sites/default/files/publications/fact-sheet-implementing-phishing-resistant-mfa-508c.pdf https://learn.microsoft.com/en-us/windows/security/threat-protection/microsoft-defender-smartscreen/phishing-protection-microsoft-defender-smartscreen?tabs=intune ------------------------------------------- Contact Us: Website: https://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

7 Marras 202218min

This week, Adam and Andy talk about the SOCRadar disclosure of a misconfigured Microsoft endpoint that led to a data privacy incident. They talk about what happened and what you should know as a Microsoft customer. They also go over some of the highlights from Ignite 2022 with new features and brands for endpoint management, identity, and security. ------------------------------------------- Youtube Video Link: https://youtu.be/mMlkJnpT9us ------------------------------------------- Documentation: https://msrc-blog.microsoft.com/2022/10/19/investigation-regarding-misconfigured-microsoft-storage-location-2/ https://news.microsoft.com/ignite-2022-book-of-news/ https://www.microsoft.com/security/blog/2022/10/12/5-cybersecurity-capabilities-announced-at-microsoft-ignite-2022-to-help-you-secure-more-with-less/ https://learn.microsoft.com/en-us/azure/active-directory/governance/what-are-lifecycle-workflows https://learn.microsoft.com/en-us/azure/active-directory/authentication/concept-authentication-strengths https://techcommunity.microsoft.com/t5/tech-community-live/microsoft-technical-takeoff-windows-and-microsoft-intune/ev-p/3632740 ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

31 Loka 202244min

This week, Adam and Andy talk about IBM's Incident Responder Report. This report has some great empirical data on incident responder perceptions and how incidents impact mental health. Listen in as they discuss some of the key findings in this report. ------------------------------------------- Youtube Video Link: https://youtu.be/hhnxHMbvASw ------------------------------------------- Documentation: https://www.ibm.com/downloads/cas/XKOY5OLO ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

24 Loka 202234min

This week, Adam and Andy talk about how to look at BYOD policies in a Zero-Trust architecture. They go over a blueprint put out by Microsoft Middle East and Africa that's a little bit older but is a great reference for anyone looking for guidance. ------------------------------------------- Youtube Video Link: https://youtu.be/pze2b0Ix8QI ------------------------------------------- Documentation: https://www.microsoft.com/en-us/insidetrack/transitioning-to-modern-access-architecture-with-zero-trust https://news.microsoft.com/wp-content/uploads/prod/sites/133/2021/03/MEA-Blueprint-for-BYOD-Use-v1.0-Final-Version.pdf ------------------------------------------- Contact Us: Website: http://bluesecuritypod.com Twitter: https://twitter.com/bluesecuritypod Linkedin: https://www.linkedin.com/company/bluesecpod Youtube: https://www.youtube.com/c/BlueSecurityPodcast Instagram: https://www.instagram.com/bluesecuritypodcast/ Facebook: https://www.facebook.com/bluesecpod Twitch: https://www.twitch.tv/bluesecuritypod ------------------------------------------- Andy Jaw Twitter: https://twitter.com/ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Email: andy@bluesecuritypod.com ------------------------------------------- Adam Brewer Twitter: https://twitter.com/ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/ Email: adam@bluesecuritypod.com

17 Loka 202230min