Collective Intelligence

Live from RSA Conference 2018, Flashpoint Editorial Director Mike Mimoso talks to intelligence analyst Liv Rowley about her presentation on the Spanish-language cybercrime underground. Liv provides her characterization of this segment of the cybercrime dark web with a particular focus on the Cebolla Chan forum. Liv has studied this forum for quite some time, and brings insight into the type of activity and sophistication on Cebolla Chan, what happened during an 18-month period of inactivity that ended last month, and what defenders need to consider when in the crosshairs of those active on the forum. 

Question: What do you get when you connect a bunch of friends who have worked in or written about security for a long time over a few drinks and fried chicken? Answer: A 62-minute dissection of the RSA Conference, security buzzwords, marketing missteps and lots more that's top-of-mind in the industry. This semi-annual podcast was recorded this week in San Francisco during the RSA Conference and features Flashpoint's Mike Mimoso and Jennifer Leggio, Decipher journalists Dennis Fisher and Fahmida Rashid and Tendermint head of security Jessy Irwin.  Up for discussion is a wide array of topics starting with blockchain and its applicability—if any—for information security, as well as privacy, the impending GDPR deadline, hardware bug disclosures, RSA Conference and how to do security marketing correctly without introducing more harm or risk.   

Flashpoint Editorial Director Mike Mimoso talks to Eva Galperin of the Electronic Frontier Foundation (EFF) about the high stakes of online privacy, defending human rights, and protecting vulnerable populations against surveillance and censorship. 

Flashpoint Editorial Director Mike Mimoso talks to security expert, cryptography pioneer and author Bruce Schneier about the security and privacy implications of rampant data collections by organizations. Mike and Bruce also discuss whether market pressure can impose a change on these practices, or if legislation is the inevitable outcome. Bruce also discusses how privacy has changed in recent years and how younger generations have "different defaults" when it comes to sharing personal information. 

Flashpoint Editorial Director Mike Mimoso talks to Flashpoint analyst Paul Burbage about the recent compromise of more than 1,000 Magento ecommerce platform admin panels. Threat actors used brute-force attacks to access sites guarded with default or known credentials. Once they had access, they were loading data-stealing malware and cryptocurrency mining software onto Magento-powered sites. Paul talks about the research and what site admins should be doing to counter this threat. 

Flashpoint Editorial Director Mike Mimoso talks to director of research Vitali Kremez about the arrest of the leader of the Carbanak cybercrime gang. Carbanak was responsible for more than $1 billion USD in losses and the arrest is a victory for international law enforcement and cross-jurisdictional cooperation between authorities.  Mike and Vitali talk about the effects such a high-profile arrest on not only on Carbanak, but also on the rest of the cybercrime underground, as well as the tactics, techniques and procedures employed by Carbanak in their operations.  

Flashpoint Editorial Director Mike Mimoso talks to Chad Seaman and Lisa Beegle of the security intelligence response team at Akamai about the recent and record-setting memcached DDoS attacks. The attacks leveraged memcached servers that were exposed to the internet and topped out at well more than a terabyte of traffic used to take down targets. The volume of traffic used in these attacks are the highest seen in publicly reported attacks and Chad and Lisa were among the first to investigate and report on them.

Flashpoint Editorial Director Mike Mimoso talks with Flashpoint senior malware analyst Ronnie Tokazowski about the staggering fraud attributed to business email compromise and what can be done about it. BEC has cost businesses billions of dollars in losses in the last half-decade, according to the FBI, and Ronnie goes into some details about why these scams work through effective social engineering, phishing and stolen credentials. They also discuss the lifecycle and different stages of of BEC, and the layers of collaboration and cooperation needed between authorities worldwide to get in front of this type of fraud.

Flashpoint Editorial Director Mike Mimoso talks to Mac malware expert and researcher Patrick Wardle about his involvement in investigating two pieces of malware targeting the Mac platform since the start of the year. Wardle, chief research officer at Digita Security, recently published his research into CrossRAT, a cross-platform Java-based implant used in a global espionage campaign, as well as MaMi, a MacOS DNS hijacker. MaMi replaces the root certificate on a Mac machine and redirects traffic to an attacker's server. Wardle discusses both with Mike as well as a bigger discussion on some of the continuing misperceptions about the security of Mac computers. 

Flashpoint Editorial Director Mike Mimoso talks to Gary McGraw, vice president of security technology at Synopsys and one of the pioneers of software security. Mike and Gary discuss Synopsys' recent CISO Report, which identifies four approaches to the chief information security officer role in the enterprise. The report provides security executives with data culled from interviews with CISOs at 25 large companies, identifying key characteristics and discriminators, and providing some insight on career development and progression. Gary and Mike also discuss how quickly information security has become a mainstream topic and part of the fabric of every day life.  Download the CISO Report Follow this podcast and more content from Flashpoint analysts.