Coffee Talk with SURGe

Join the SURGe Team with a guest from the land down under, a recap of important news in the security landscape, a discussion on RSA, and a special interview with Danielle Jablanski of Nozomi Networks! You can watch the episode livestream here. 
 
This week Ryan Kovar, Audra Streetman, Mick Baccio, and Shannon Davis discussed CISA advisories about China state-sponsored threat actors and the data extortion group Karakurt plus an update on the Confluence and MSDT/Follina zero-days. Mick and Ryan competed in a 60 second charity challenge regarding Apple's plan to replace passwords with biometric authentication methods. The team also shared their takeaway from this year's RSA Conference in San Francisco.
People’s Republic of China State-Sponsored Cyber Actors Exploit Network Providers and Devices (CISA)
U.S. cybersecurity officials issue notice on Karakurt extortion group (CISA)
SURGe Blog about Confluence Zero-Day
SURGe Blog about Follina Zero-Day
Apple Just Killed the Password—for Real This Time (WIRED)

Grab a cup of coffee and join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. 
 
The team from Splunk broke down the Follina/MSDT zero day vulnerability (CVE-2022-30190), rounded up the latest ransomware activity, and discussed supply chain risk related to Python and PHP libraries. Mick and Ryan competed in a 60 second charity challenge to explain LOLBins before taking a deep dive into the 2022 Verizon Data Breach Investigations Report.
Microsoft Blog on CVE-2022-30190
REvil prosecution reportedly stalls in Russia
Cl0p hits 21 victims in April
Costa Rica suffers another cybersecurity incident
Hacker claims hijacking libraries, stealing AWS keys was ethical research

Grab a cup of coffee and join Audra Streetman, Mick Baccio, and special guest Haylee Mills for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. 
 
The team from Splunk discussed a ransomware attack that prompted Costa Rica to issue a state of emergency, a cardiologist in Venezuela accused of building ransomware tools, and an alert from CISA warning about cyber threats to MSPs. This week Audra and Haylee competed in a 60 second charity challenge on "certs vs. degrees" in cybersecurity before taking a deep dive into Splunk Risk-Based Alerting.
Links:
Conti targets Costa Rica
Cardiologist with alleged ransomware ties
CISA Alert on MSP Cyber Threats
Haylee's Blog on RBA
Sign up for SURGe Alerts

Grab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. 
 
This week the team from Splunk discussed CISA's list of the top exploited vulnerabilities for 2021, Mandiant's analysis of 80 zero-days exploited in the wild last year, and signs the ransomware group REvil may be back in operation. Mick and Ryan competed in a 60 second charity countdown on how to solve the talent crisis in cybersecurity before taking a deep dive into the topic of zero-days and vulnerability mining.
 
Links:
CISA Alert on the Top Routinely Exploited Vulnerabilities for 2021
Mandiant zero-day blog
Splunk's 2022 State of Security Report

Grab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. 
 
This week the team from Splunk discussed the latest security news, including the MS-RPC vulnerability CVE 2022 26809, a CISA alert about the North Korean state-sponsored Lazarus Group, and Sunday's 60 Minutes episode on the threat of Russian cyberattacks targeting U.S. critical infrastructure. Mick and Ryan also competed in a 60 second charity challenge to explain why Americans should be concerned about the potential for a Russian cyberattack targeting U.S. critical infrastructure.
Links:
SURGe website
SANS Webinar on MS-RPC Vulnerability
This week's charity 
CISA Alert about Lazarus
State Dept. $5M Reward
CISA Alert about ICS/OT malware tools
SURGe/Splunk Security Presentations at .conf22
Splunk OT Security Add-On

Grab a cup of coffee and join Ryan Kovar, Audra Streetman, and Mick Baccio for another episode of Coffee Talk with SURGe. You can watch the episode livestream here. 
 
This week the team discussed the takedown of Hydra, the U.S. State Department's new Bureau of Cyberspace and Digital Policy, and a coordinated phishing campaign aimed at targeting U.S. election officials in the lead up to the 2022 midterm elections. Mick and Ryan both competed in a 60 second charity challenge to explain the current situation regarding the Spring4Shell vulnerability. They also discussed the recent arrest of teenagers in connection with the Lapsus$ criminal hacking group and the importance of ethics in cybersecurity.

Bring a cup of coffee and tune in to join the SURGe security team for a recap of cybersecurity news and events, our 60-second charity challenge, and another topic deep dive! You can watch the episode livestream here. 
This week Audra Streetman, Mick Baccio, and Ryan Kovar discussed a recent warning from the Biden administration about Russian cyberattacks against the U.S. CISA and the FBI also released a joint advisory warning about possible threats to SATCOM networks in the U.S. and abroad. The trio also discussed claims that the Lapsus$ hacking group breached Okta along with Bing, Bing Maps, and Microsoft Cortana. Finally, the team discussed the cybersecurity gender gap and efforts by CISA Director Jen Easterly to increase the number of women in the profession.

Join Splunk's SURGe team for the latest in cybersecurity news, a deep-dive lesson into something near and dear to our hearts, and of course a 60-second charity challenge. You can watch the episode livestream here. 
 
In this episode, Audra Streetman, Mick Baccio, and Ryan Kovar discuss the war in Ukraine along with the latest cybersecurity guidance from Splunk. The trio also talked about the chat log leak tied to the Conti ransomware group and a Senate bill that would require critical infrastructure organizations to report cyberattacks to CISA within 72 hours. Mick and Ryan explained the benefits and challenges of the proposed legislation in a 60-second charity challenge. This week's donation will benefit humanitarian efforts in Ukraine and wildfire relief in Australia. Finally, with the addition of Drew Church, the team talked about what everyone is working on lately, including .conf22 submissions.

It's time for another recap of cybersecurity news, a 60-second explanation of security concepts benefitting a charity, and plenty of banter between SURGe's Mick Baccio, Ryan Kovar, and Audra Streetman! You can watch the episode livestream here. 
The team from Splunk discussed the latest security news, including:
- What the Russia-Ukraine conflict means for network defenders with information from CISA and others
- CISA's new online resource hub for free tools
- Major chat channel outage causes issues around the world
60 second charity challenge:
- Mick and Ryan discuss communications and how to deal with outages
Deep Dive:
- Mick and Ryan explain the 4 Cs of cyber: CNO, CNE, CNA, and CND.

Join Ryan Kovar, Mick Baccio, and Audra Streetman for another episode of Coffee Talk with SURGe where they'll discuss the new DHS Cyber Safety Review Board, a cyberattack targeting News Corp along with Microsoft's decision to block internet VBA macros by default in Office 365 apps. Mick and Ryan competed in a 60 second charity challenge to define a macro and explain how it can be used to deploy malware. They also discussed whether geopolitics should influence how organizations approach security and how the Diamond Model framework can help organizations with intrusion analysis.