Coffee Talk with SURGe

Join Shannon Davis and special guest Patrick Gray, host of the Risky Biz podcast, for a discussion about Patrick's cybersecurity reporting career and the work behind the scenes to produce each episode. You can listen to Risky Biz at risky.biz or wherever you get your podcasts. 

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: 
- RCE in Progress WS_FTP Ad Hoc via IIS HTTP Modules (CVE-2023-40044)
- Exim patches three of six zero-day bugs disclosed last week
- Exploit released for Microsoft SharePoint Server auth bypass flaw
- Developments in ChatGPT capabilities 
- Tom Hanks warns fans about ‘AI version of me’ promoting dental plan
Mick and Ryan competed in a 60 second charity challenge to share the pros and cons of Cybersecurity Awareness Month.

Join Ryan Kovar and special guest Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, for a discussion about crimeware, threat actor naming conventions, and Sherrod's essay in a new book by SURGe titled, "Bluenomicon: The Network Defender's Compendium."

Grab a cup of coffee and join Audra Streetman and special guests Haylee Mills, Katie Brown and Drew Church for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: 
Microsoft's Xbox plans revealed in emails tied to FTC case
38TB of data accidentally exposed by Microsoft AI researchers
Hackers who breached casino giants MGM, Caesars also hit 3 other firms, Okta says
All thanks to ‘Big Yellow Taxi’: How State discovered Chinese hackers reading its emails

Join Ryan Kovar and special guest Derrick Lawson, Staff Sales Engineer at Splunk, for a discussion about M-21-31, a US memorandum establishing an event logging maturity model for federal government agencies. They’ll discuss strategies and tools that can help agencies with compliance.

Join Ryan Kovar and special guest Jamie Williams, MITRE ATT&CK for Enterprise Lead and Principal Adversary Emulation Engineer, for a discussion about MITRE ATT&CK use cases and Jamie's essay in a new book by SURGe titled, "Bluenomicon: The Network Defender's Compendium."
 
Download Bluenomicon

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: 
- Famed hacker and Twitter whistleblower Peiter 'Mudge' Zatko is joining the Biden administrationhttps://www.washingtonpost.com/politics/2023/09/05/cisa-makes-big-name-hire-its-crusade-against-insecure-products/- FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedownhttps://www.fbi.gov/news/stories/fbi-partners-dismantle-qakbot-infrastructure-in-multinational-cyber-takedown- Infamous Chisel Malware Analysis Reporthttps://www.cisa.gov/news-events/analysis-reports/ar23-243a
Mick and Ryan competed in a 60 second charity challenge to share their favorite hack of all time before a deep dive on extortionware vs. ransomware. 

Join Ryan Kovar and special guest Rick Holland, VP and CISO at ReliaQuest, for an interview about Rick’s career journey, his advice for cybersecurity leaders, and his contribution to the SURGe team’s new book titled, “Bluenomicon: The Network Defender’s Compendium.”
Follow Rick on Twitter 
Download the Bluenomicon PDF

Grab a cup of coffee and join Mick Baccio, Ryan Kovar and Audra Streetman for another episode of Coffee Talk with SURGe. The team from Splunk will discuss the latest security news, including: 
- Ivanti: Customers ‘impacted’ by new zero-day vulnerability
- Nearly 2,000 Citrix NetScaler Instances Hacked via Critical Vulnerability
- Joint Advisory on Safeguarding the US Space Industry
- Tesla says data breach impacting 75,000 employees was an insider job
- CISA Factsheet on Quantum Readiness
- Kirsty's Blog: Cryptographically Relevant Quantum Computers (CRQCs) & The Quantum Threat in 2023

Join Audra Streetman and special guest Jake Williams (@MalwareJake) for a discussion about hiring in cybersecurity, interview advice, the challenges associated with vulnerability prioritization, Microsoft's Storm-0558 report, and Jake's take on the future of AI and LLMs in cybersecurity.