This episode is mainly an interview and discussion with Ken Bechtel, who like me has been in Cyber Security for over three decades. We discuss "the Curious Case of Conficker (aka Downadup), the Botnet that Never Bit.."
This includes what we (as an industry, as a victims) learnt from it. We also discuss AVIEN, Intelligence Sharing, SNORT signatures (for new malware) as well as honeypots, Opaserv (where I was, jokingly, accused of writing new variants of this family of share crawling worms), AutoRun risks, and various other things.
If you want to reach out to Ken, I will include his contact details in the show notes.
You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
May 16, 2019
35 min

This episode does a fairly deep dive on End User Education and Testing and why everyone should be a part of any organisations security defences.
I also talk about the latest news around the Wipro and Microsoft breaches, MalwareTech's guilty plea, and the Docker breach, etc....
This episodes Question of the Day discusses what it takes to be a cyber security specialist, especially around ethical hacking, forensics or malware research.
This episode uses the same microphone, workflow and post-production tools as episode 3. As usual, all feedback is most welcome.
There are a number of companion blog postings, these can be found here: https://omgcybersecurity.co.uk/blog
You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
Apr 30, 2019
33 min

This episode does a fairly deep dive on Sextortion scams and Social Engineering.
I also talk about the latest news around the FIN6 Cyber Crime gang, Credential Stuffing attacks and a new Insurance initiative...
This episode uses a new microphone, improved workflow and post-production tools, this has hopefully produced better (more consistent/levelled) final audio. As usual, all feedback is most welcome.
There are a number of companion blog postings, these can be found here: https://omgcybersecurity.co.uk/blog
You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
Apr 14, 2019
27 min

This episode does a fairly deep dive on passwords, password use/re-use, storage and how to secure your accounts to reduce the risk of your accounts being compromised (using two and multi-factor authentication).
I also talk about the latest Facebook data breaches, introduce a new section to the show (Acronym Avenue) and cover the history of how passwords are stolen from the 80's, through the 90's and 00's to today...
This episode was delayed slightly due to technical issues, as I'm still working out the best workflow and tools to use to produce it. As usual, all feedback is most welcome.
There are a number of companion blog postings, these can be found here: https://omgcybersecurity.co.uk/blog
You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
Apr 8, 2019
25 min

This episode does a fairly deep dive on Insurance (it is more interesting than watching paint dry, honest) and the issues around the rejected/disputed insurance claims for Mondelez and DLA Piper, etc. It goes on to explain how you can check to see if your existing insurance can leave you as exposed to a similar outcome when making a claim. This episode also covers the gaps and possible issues with non-Cyber Insurance policies (Property, Casualty, Crime, D&O, Kidnap and Ransom, etc.), even as an extension to such policies, as well as covering the real and concrete benefits of a proper Cyber Insurance policy, and what it includes (a lot more than you might imagine) and typically excludes. It also looks to the future, as to what Insurers should consider to improve their Cyber Insurance offerings to remove the existing (few) gaps that they still have as well as covering new threats, such as CryptoJacking and Password Spraying. I also mention, at the end of the episode about new data dumps (stolen credentials; user ids and passwords) and what you should do to protect yourself. A companion blog posting can be found here (usually within 24 hours of the episode going live): https://omgcybersecurity.co.uk/blog You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
Mar 31, 2019
29 min

This episode covers the news around a number of recent and high profile Ransomware attack, including the one that hit Norsk Hydro.
It goes on to discuss where and when Ransomware first appeared (you may be surprised on just how long it has been around) and how it has changed over the years and grown into a multi-million (or possibly billion) business model.
Not only does this episode cover the impact, but also what you can do to help you not become the next unwitting victim of this modern day blackmail scheme...
It also looks to the future, what else might be impacted by Ransomware; listen to find out the answer
A companion blog posting can be found here: https://omgcybersecurity.co.uk/ransomware-extortion-by-any-other-name-would-be-as-bad
You can find out more about us on our website, including how to contact us, here: https://omgcybersecurity.co.uk You will also find show notes there...
Mar 24, 2019
22 min