The Security Swarm Podcast cover art

The Security Swarm Podcast

The Security Swarm Podcast

Written by: Hornetsecurity
Listen for free

About this listen

 Welcome to The Security Swarm Podcast – a weekly conversation of the most critical issues facing the world of cybersecurity today, hosted by Andy Syrewicze, Security Evangelist at Hornetsecurity. From the malicious use of AI tools to social engineering scams, each episode hones in on a pertinent topic dissected by an industry expert and backed up by real-world data direct from our Security Lab. The world of cybersecurity should not be taken on alone – it’s time to join the swarm.Hornetsecurity Group Politics & Government
Episodes
  • What is the State of Ransomware in 2024

    What is the State of Ransomware in 2024
    Nov 20 2024
    In this eye-opening episode of the Security Swarm Podcast, host Andy Syrewicze and one of our regular guests, Eric Siron, examine the latest ransomware survey findings. They explore the evolving landscape of cyber threats, discussing key trends in ransomware attacks, including a decrease in overall incidents but an increase in the severity of successful breaches. The conversation provides crucial insights for IT professionals and business leaders, highlighting the importance of user training, cybersecurity awareness, and strategic approaches to mitigating ransomware risks. Do you want to join the conversation? Join us in our Security Lab LinkedIn Group! Key Takeaways: Ransomware attacks decreased to 18.6% in 2024, continuing a downward trend. 16.3% of ransomware victims paid the ransom in 2024, a significant increase from 6.9% in 2023. 55.8% of ransomware attacks targeted small organizations with 50 or fewer employees. Over 52.3% of attacks were initiated through email/phishing attempts. 32.6% of ransomware victims were unsure if their data was exfiltrated. 81.3% of organizations provide end-user security awareness training. 54.6% of organizations have purchased ransomware-specific insurance. Threat actors are becoming more sophisticated in targeting and executing attacks. Living off the land attack techniques are increasingly common. Timestamps: (01:15) History of Ransomware Attacks (03:37) 2024 Ransomware Attack Statistics (08:59) Double Extortion Tactics (15:02) Target Selection and Organization Size (29:52) Security Awareness Training Insights (36:15) Ransomware Insurance Trends (41:44) Disaster Recovery and Insurance Strategies Episode Resources: Hornetsecurity Q3 2024 Ransomware Attacks Survey What is ransomware? How can you protect against Ransomware? -- Protect your organization from ransomware with Hornetsecurity's innovative Security Awareness Service - because your employees are your first line of defense! Why Security Awareness Training is critical against ransomware: 52.3% of ransomware attacks are caused by email/phishing attempts 81.3% of organizations provide end-user security awareness training Half of organizations want more time-friendly training methods An effective security awareness training works best when it's bite-sized, consistent and a part of the organization's security culture. Click here to schedule a free consultation with a Hornetsecurity specialist.
    Show More Show Less
    36 mins
  • The Tech Industry Has a Software Quality Issue

    The Tech Industry Has a Software Quality Issue
    Nov 8 2024
    In this episode of the Security Swarm Podcast, the dynamic duo Andy Syrewicze and Paul Schnackenburg discuss the software quality problem in the cybersecurity and technology industry, as highlighted by Jen Easterly, the director of CISA. They delve into the risks associated with software selection, the role of industry analysts, the importance of software stability and security over innovation, and the need for developers to focus on secure coding practices. One area Andy and Paul focus on are the risks associated with software selection, highlighting the importance of evaluating factors such as the software's origin, reputation, and security features when making decisions. Andy and Paul also discuss the role of industry analysts like Gartner and Forrester, and how their focus on innovation and feature sets may not always align with the critical need for stability, security, and reliable support. Do you want to join the conversation? Join us in our Security Lab LinkedIn Group! Key Takeaways: The cybersecurity industry has a software quality problem, not just a security problem. Selecting software requires careful risk assessment, considering factors like the software's origin, reputation, and security features. Industry analysts often focus on innovation and features rather than software stability and security. The technology industry should reward software that is stable, secure, and operates as intended, not just the latest innovative features. Developers need to be trained in secure coding practices, as many graduates lack this knowledge. Understanding how threat actors could exploit vulnerabilities is crucial for developers to write secure code. The software landscape is constantly evolving, and the threat landscape is changing, requiring ongoing education and adaptation. Supply chain risks, such as pre-installed malware on refurbished devices, highlight the need for comprehensive security measures. Timestamps: (06:04) Assessing Software Risks (16:50) The Analyst Approach (21:11) Rewarding Stability and Security (27:16) Secure Coding Practices in Academia (32:59) Developers Understanding Threat Actors (34:33) Supply Chain Risks (37:32) Valuing Stability and Security over Innovation Episode Resources: Paul’s Article Andy and Eric’s Episode on Vendor Risk -- Proactively protect your organization's email from the growing threat of software vulnerabilities and malicious attacks. 365 Total Protection provides comprehensive security for Microsoft 365, safeguarding your business with advanced threat detection, spam filtering, and email encryption. Ensure your software is secure and your data is protected with Hornetsecurity's industry-leading 365 Total Protection. Defend your organization against sophisticated cyber threats with Hornetsecurity's Advanced Threat Protection, powered by cutting-edge technology. Our advanced system analyzes email content and attachments to detect and block even the most evasive malware and phishing attempts. Stay one step ahead of threat actors and protect your business with Hornetsecurity's Advanced Threat Protection.
    Show More Show Less
    39 mins
  • Security of the Windows Boot Process

    Security of the Windows Boot Process
    Oct 30 2024
    In this episode, Andy and Paul, the dynamic duo of the Security Swarm Podcast, delve into the often-overlooked security of the Windows boot process, revealing how recent leaks have compromised its integrity. Join Andy Syrewicze and Paul Schnackenburg as they break down how the boot process has evolved from the BIOS days to today's sophisticated UEFI system. They explore features like Trusted Boot and Secure Boot, which are designed to stop rootkits and other malware from hijacking the system. But things aren't as secure as they seem. Recent leaks of platform keys, including the infamous "PKFail" incident, have exposed vulnerabilities that threaten the whole system. Listen on to discover how these vulnerabilities are being exploited by attackers, the potential risks they pose to your system, and what you can do to safeguard your devices. Do you want to join the conversation? Join us in our Security Lab LinkedIn Group! Key Takeaways: The Windows boot process is more complex than you think: It includes multiple phases, from basic hardware checks to kernel initialization and anti-malware checks, all before you even see the login screen. Secure boot and measured boot aim to protect against rootkits and bootkits: These security features check for trusted components and fingerprint the boot process to detect unauthorized changes. PKFail exposes a major vulnerability: A leaked test key used across 800 motherboard models allows attackers to bypass secure boot and load malicious software during the boot process as if it were legitimate. Firmware vulnerabilities are widespread: The boot process isn't the only place where attackers can hide malware. Network cards, storage devices, and other components with firmware can also be compromised. Rootkits and bootkits are persistent and difficult to remove: They can survive operating system reinstallation and are incredibly difficult to detect and remove, making them highly effective for attackers. Updating firmware is crucial: You need to keep your firmware updated just like you update your operating system and software to protect yourself from vulnerabilities. Beware of the dangers of compromised hardware: While less common than other attacks, these vulnerabilities should be addressed seriously. If you suspect a machine is infected, it's often best to discard it entirely. Timestamps: (01:27) Overview of Boot Process (05:39) Breakdown of the Boot Process Steps (08:44) Secure Boot and its Features (12:13) The PKFail Leak: Leaked Platform Key Weakens Secure Boot (17:18) Bootkits and Rootkits - The Types of Attacks (22:41) Digital Supply Chain Issues and the Leaked Keys (27:42) Mitigating PK Fail & Updating Firmware (30:15) Balancing Risk Profile & Protecting Against Other Attacks (31:39) Why Rootkits are a Major Persistence Threat Episode Resources: Github Repo of known compromised devices Ars Technica Article regarding UEFI Malware Intel Boot Guard News -- Hornetsecurity's Advanced Threat Protection (ATP) can help you stay ahead of these threats. ATP provides: Threat intelligence: Stay informed about emerging security threats like bootkit and rootkit vulnerabilities. Advanced detection: Identify and block these highly sophisticated threats before they can compromise your systems. Real-time protection: Prevent malicious code from executing, even at the boot level. Don't wait for a breach! Contact Hornetsecurity today to learn how Advanced Threat Protection can help you secure your boot process and protect your organization from the most persistent malware threats. Click here to schedule a free consultation with a Hornetsecurity specialist.
    Show More Show Less
    35 mins
No reviews yet