Our final episode for 2023 is here! To wrap up the year, Andy and Umut Alemdar will be discussing our Monthly Threat Report for December 2023. The Monthly Threat Report by Hornetsecurity brings you monthly insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space. In this episode, Andy and Umut are focusing on data from the month of November. 

Tune in to hear about Microsoft’s recent zero-day vulnerabilities, the most common file types used to deliver malicious payloads, M365 brand impersonations and a lot more! 

Episode Resources:

Full Monthly Threat Report – December 2023

Annual Cyber Security Report 2024 – Free Download

As the year comes to a close, the Security Swarm podcast takes a reflective journey, comparing the landscape of security then and now. In this special episode, Andy and Eric Siron explore the intriguing evolution of cybersecurity from the days of floppy disks and DOS to the complex, interconnected world of today.

Tune in to learn about the significant shifts in security incidents, drawing correlations and highlighting differences. From the era of viruses attempting to one-up each other with floppy disks to the present, where data theft and ransomware dominate the landscape.

Timestamps:

(2:56) – What was security like in the early days of IT and how does it compare to now?

(12:18) – Why are threat-actors more persistent now than they used to be?

(23:33) – Security horror stories then vs. now

(44:40) – How has Andy and Eric’s Stances on Security Changed from then vs. now?

Episode Resources:

Central African Republic and El Salvador Adopt Cryptocurrency as Legal Tender

Download Hornetsecurity’s Annual Cyber Security Report 2024

Remember the days of DNS route-based email security? It’s been a steadfast approach, but in recent years, the landscape has shifted towards API-driven solutions, particularly evident in platforms like Microsoft 365 utilizing the Graph API for enhanced security.

In this episode, Umut Alemdar from Hornetsecurity’s Security Lab joins Andy once again to discuss email filtration, particularly the DNS route-based approach versus the emerging API-based method. Tune in as they compare these two methodologies, weighing the pros and cons, discussing caveats, and navigating the intricacies of email security.

Episode Resources:

365 Total Protection Free Trial

The Monthly Threat Report by Hornetsecurity brings you monthly insights into M365 security trends, email-based threats, and commentary on current events in the cybersecurity space. This edition of the Monthly Threat Report focuses on data from October.

During the episode, Andy and Eric Siron explore the rise of PDF-delivered malicious payloads, shifts in target industries, and escalating brand impersonation attempts in shipping and finance. They delve into Microsoft’s response to a recent cloud services attack and a significant vulnerability in Citrix NetScalers dubbed CitrixBleed, shedding light on the evolving threat landscape.

Join us for an insightful analysis of the latest cybersecurity developments, providing valuable insights for both professionals and enthusiasts alike.

Timestamps:

(3:07) – What is the general state of email threats during the last month?

(6:31) – What types of files are being used to deliver malicious files?

(9:38) – What industries are being targeted the most throughout the data period?

(14:40) – What are the most impersonated brands during the last month?

(18:52) – An update on the Microsoft Storm-0558 breach

(23:01) – The CitrixBleed Vulnerability Impacting Citrix NetScaler

(30:31) – Commentary on the SEC’s charges against SolarWinds and their CISO

Episode Resources:

Full Monthly Threat Report for November

Law Enforcement Shutdown of Qakbot

Paul and Andy Discuss Storm-0558

Security Awareness Service – Request Demo

Andy on LinkedIn , Twitter , Mastodon

Eric on Twitter

Paul Schnackenburg is back for another episode with Andy and this time, to discuss the story of backup and recovery inside of Microsoft 365. M365 backup has been a confusing experience over the years, especially with Microsoft’s contradictory “no backup needed” guidance. To add to the confusion, Microsoft has introduced its own M365 backup product.

During the episode, we’ll look at the various methods and tools that have been used natively within M365 to help with backup, as well as why these methods frequently fall short. Don’t miss out on this informative discussion as we delve into the complexities of data protection and recovery in M365!

Episode Resources:

Free eBook – Microsoft 365: The Essential Companion Guide

365 Total Backup – Request a Trial

VM Backup – Free Trial

Find Andy on LinkedIn, Twitter or Mastadon

Find Paul on LinkedIn or Twitter