Security Stories

This episode of Security Stories is a little different from usual, but for good reason! With the help of some very special guests, we take a comprehensive look back at the Not Petya cyber attack, the Sandworm hackers, and the context behind this act of cyber warfare.

First to join us is Noureen Njoroge, a senior cybersecurity engineer and threat intelligence analyst at Cisco. Noureen is a passionate advocate for women and minorities in the IT industry, and is the founder of Cisco's global mentoring program, as well as the president of North Carolina Women in Cybersecurity (WiCyS) Affiliate chapter. We learn about Noureen's passion for mentoring, as well as her thoughts on the threat landscape.

Then we're joined by Andy Greenberg, senior cybersecurity investigative journalist for Wired Magazine, and author of the book "Sandworm: A New Era of Cyberwar and the Hunt for the Kremlin's Most Dangerous Hackers". The book tells the true story of the desperate hunt to identify and track an elite team of Russian agents who are bent on digital sabotage. It starts out as a detective story but it soon turns into a disaster story as the truth starts to come to the fore.

Andy also talks to Hazel about how he spent time in Russia and Ukraine, gathering sources, and learning about this new emergence and type of cyber criminal. And he has a fascinating take on how the hacker culture has evolved in recent years.

Finally, we're joined by senior threat analysts from the Cisco Talos team, including Craig Williams, Matt Olny and Mitch Neff. We chat to them about what happened on the day of the attack (June 27th 2017), the process the investigative team used to find out what was really happening, and what impact the attack has left on the threat landscape and the world at large.

This really is a fascinating episode with some incredible guests, who each share their insights, experience and advice for the benefit of the wider cybersecurity community.

Trigger warning - {child abuse} content filtration is a sensitive topic that covers some of the harsh realities of our world that folks on trust and security teams have to deal with on a daily basis.
In this episode, Taz speaks with Yasmin Abdi, CEO and Founder of NoHack and Security engineering manager at Snap. They cover a wide range of topics from Yasmin's career trajectory, her experience on a content filtration team and her transition into entrepreneurship as a new founder.
Yasmin Abdi is an experienced technical advisor on security, privacy, and data protection. She has over 5 years of experience as a software engineer and has built and managed in-house software and security solutions at Snap, Meta, and Google. Yasmin was also a founding member of Meemo, an AI-powered social finance app, which was recently acquired by Coinbase. The technologies she has built are currently being used by 100+ million daily active users worldwide.

Ms. Abdi has several years of experience leading organizations, providing thought leadership, and assisting private sector clients in the areas of software engineering, security infrastructure and best practices, IT solutions, and corporate strategy consulting. Given her unrelenting entrepreneurial spirit and keen interest for information security, Yasmin founded noHack, a government contracting company focused on cyber security services and solutions. As the CEO of noHack, Ms. Abdi takes a hands-on approach to delivering high-impact solutions. Her goal is to protect her clients by providing an extra layer of all-around protection.

Outside of tech, Ms. Abdi’s passion is to help bridge the gap between minority students and tech companies. Yasmin has mentored and helped over 50 students land jobs within tech.

Ms. Abdi also holds a Bachelor of Science in Computer Science with a focus in cyber security engineering from the University of Maryland.

Here’s Yasmin, hope you enjoy.
Links:

• https://www.nohackllc.com/
• https://www.linkedin.com/in/yasminyabdi/

Today we welcome two guests to the Security Stories pod. Firstly Martin Lee from Talos drops by to give us an update on wiper malware, and how it’s been playing a part in cyber attacks on Ukrainian organizations and infrastructure.
We talk about the history of wiper malware, where it’s cropped up before, it’s role in the kill chain and possible threat actor motivations, as well as what organizations can be doing to prevent this type of attack.
Secondly, we welcome Jerry Gamblin, Director of Security Research at Kenna Security to join us for an in depth chat about his career. Jerry’s story is a really interesting one, from starting out on the IT helpdesk, to working on security networks at the Misouri House of Representatives, and onto his role at Kenna where he has built several tools to help people understand the different types of vulnerabilities and how to mitigate them.
We discuss Jerry’s approach – how he inspires his team to think differently, and how personally he’s driven a sense of thinking outside of the job description. We also discuss how organizations can deal with the ever growing list of new vulnerabilities, and how you can prirotise them.
Head here for Kenna's Prioritization to Prediction report
Head here for Jerry's vulnerability analysis and graphing CVE.ICU

Since there’s been a lot of discussion and debate about Extended Detection and Response (XDR) at the moment, we thought we would bring on two experts to talk about it.
Enric Cuixeres is a Cisco Secure customer who has implemented an XDR strategy within his organization Leng D'Or. Our other expert is former US army CID special agent and computer forensic examiner Jessica Bair. Jessica is the Director of Technical Alliances at Cisco, who has been helping many of our customers with their XDR strategies.
We discuss the practical implications of implementing XDR, as told by people who have been there and done it – and also what benefits will it really bring, including how it can help overburdened security staff.
For more on this topic, take a look at our ebook "Extended Detection and Response for Dummies."
Learn more about the Cisco Gateway community as mentioned in the episode.
Before that, Lindsey O’Donnell Welch, executive editor of Decipher, is back with us for the second week in a row. Lindsey discusses the just-announced Cyber Safety Review Board and its role in assessing “significant cybersecurity events”. For more information about this check out Decipher's report.
And finally, you can view the on-demand broadcast "Defending Against Critical Threats" in which six experts from across Cisco Secure came together to analyze what's been happening in the realms of ransomware, supply chain attacks, vulnerabilities, log4J, Emotet and the rise in Mac OS malware.

On today's episode we’re heading into the murky waters of online manipulation campaigns, and particularly how they’re used to try and influence political elections.
To do that, we welcome back Theresa Payton, the first female CIO of the White House and author of 'Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth'. We also welcome for the first time, Nick Biasini. Nick is a threat researcher within Cisco Talos and recently published a paper called ‘The Building Blocks of political disinformation campaigns’, which is part of Talos’ hands on research into election security.
We chat about some of the things that shocked Theresa when she was doing her research into manipulation tactics, as well as the amplification methods that are being used to spread certain lies online. Plus, we talk about what can be done to curb these campaigns with only a few weeks to go until the United States general election.
This is a really fascinating discussion, and whilst it highlighted the huge challenges that we’re facing at the moment, Nick and Theresa shared a lot of great information on how we can overcome them.
Also in this episode, Ben Nahorney shares his latest research on current threat trends. This time we rank the Indicators of Compromise that organizations have encountered grouped by particular topics, including ransomware, credential stealing, and looking at the top operating system IoCs.
Link to Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth'
Link to ‘The Building Blocks of political disinformation campaigns’