Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
İçerik Neil C. Hughes tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Neil C. Hughes veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
The Tech Talks Daily Podcast benzeri
"web3 with a16z" is a show about the next generation of the internet, and about how builders and users -- whether artists, coders, creators, developers, companies, organizations, or communities -- now have the ability to not just "read" (web1) + "write" (web2) but "own" (web3) pieces of the internet, unlocking a new wave of creativity and entrepreneurship. Brought to you by a16z crypto, this show is the definitive resource for understanding and going deeper on all things crypto and web3. Fro ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Bitcoin groundbreakers share personal stories of how Bitcoin is changing lives for the better. Host Mauricio Di Bartolomeo, co-founder and CSO of Ledn, speaks with leading Bitcoin voices, entrepreneurs, and human rights advocates to hear their unique journey and practical real-world examples of how Bitcoin has made a positive impact in their lives. Brought to you by Ledn, a leading financial services company built for Bitcoin & digital assets. Ledn offers a suite of lending, saving and tradi ...
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
))
3029 Fortra on Phishing, AI, and LOTS Tactics: Protecting Against Trusted Service Abuse
Manage episode 440487518 series 80936
İçerik Neil C. Hughes tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Neil C. Hughes veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
In this episode of The Tech Talks Daily Podcast, I speak with Michael Tyler from Fortra to uncover the details behind a phishing campaign that exploited USign’s e-signature platform. Fortra recently discovered how cybercriminals leveraged USign’s trusted domain to bypass email security gateways, highlighting the growing challenges related to the "living off trusted services" (LOTS) tactic used by attackers. This phishing campaign exposed vulnerabilities within platforms often regarded as safe by email filters, demonstrating how easily attackers can exploit trusted services.
Cybercriminals disguised fake USign documents as HR notifications, tricking victims into entering passwords instead of signatures. By using USign’s strong sender reputation, these malicious emails were able to bypass traditional email security measures, making them harder to detect. The attack even showed signs of being generated with AI language models, adding another layer of sophistication.
We dive deeper into the LOTS tactic, where attackers take advantage of legitimate services—such as e-signature platforms, file hosting sites, and social media platforms—to execute their malicious activities. This strategy not only reduces the setup effort for attackers but also enables them to hide behind the reputation of trusted service providers, making it increasingly difficult for security systems to flag these threats.
Michael discusses the broader implications for cybersecurity and the need for multi-layered defenses. Organizations must not only invest in user education to help employees recognize phishing attempts but also implement deeper email inspection and rapid response capabilities to quickly mitigate risks. For service providers like USign, enhancing security protocols, such as limiting bulk registrations and monitoring for abnormal activity, is crucial in preventing future exploitation.
The conversation also explores how Fortra is working with organizations to bolster their defenses against such attacks. Michael shares practical recommendations, from improving detection of social engineering attempts to collaborating with trusted service providers to combat platform abuse. As the world of cybersecurity continues to evolve, this episode provides valuable insights into staying one step ahead of increasingly sophisticated phishing tactics.
2033 bölüm
Paylaş
Manage episode 440487518 series 80936
İçerik Neil C. Hughes tarafından sağlanmıştır. Bölümler, grafikler ve podcast açıklamaları dahil tüm podcast içeriği doğrudan Neil C. Hughes veya podcast platform ortağı tarafından yüklenir ve sağlanır. Birinin telif hakkıyla korunan çalışmanızı izniniz olmadan kullandığını düşünüyorsanız burada https://tr.player.fm/legal özetlenen süreci takip edebilirsiniz.
In this episode of The Tech Talks Daily Podcast, I speak with Michael Tyler from Fortra to uncover the details behind a phishing campaign that exploited USign’s e-signature platform. Fortra recently discovered how cybercriminals leveraged USign’s trusted domain to bypass email security gateways, highlighting the growing challenges related to the "living off trusted services" (LOTS) tactic used by attackers. This phishing campaign exposed vulnerabilities within platforms often regarded as safe by email filters, demonstrating how easily attackers can exploit trusted services.
Cybercriminals disguised fake USign documents as HR notifications, tricking victims into entering passwords instead of signatures. By using USign’s strong sender reputation, these malicious emails were able to bypass traditional email security measures, making them harder to detect. The attack even showed signs of being generated with AI language models, adding another layer of sophistication.
We dive deeper into the LOTS tactic, where attackers take advantage of legitimate services—such as e-signature platforms, file hosting sites, and social media platforms—to execute their malicious activities. This strategy not only reduces the setup effort for attackers but also enables them to hide behind the reputation of trusted service providers, making it increasingly difficult for security systems to flag these threats.
Michael discusses the broader implications for cybersecurity and the need for multi-layered defenses. Organizations must not only invest in user education to help employees recognize phishing attempts but also implement deeper email inspection and rapid response capabilities to quickly mitigate risks. For service providers like USign, enhancing security protocols, such as limiting bulk registrations and monitoring for abnormal activity, is crucial in preventing future exploitation.
The conversation also explores how Fortra is working with organizations to bolster their defenses against such attacks. Michael shares practical recommendations, from improving detection of social engineering attempts to collaborating with trusted service providers to combat platform abuse. As the world of cybersecurity continues to evolve, this episode provides valuable insights into staying one step ahead of increasingly sophisticated phishing tactics.
2033 bölüm
Усі епізоди
×
Player FM'e Hoş Geldiniz!
Player FM şu anda sizin için internetteki yüksek kalitedeki podcast'leri arıyor. En iyi podcast uygulaması ve Android, iPhone ve internet üzerinde çalışıyor. Aboneliklerinizi cihazlar arasında eş zamanlamak için üye olun.
The Tech Talks Daily Podcast benzeri
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
"web3 with a16z" is a show about the next generation of the internet, and about how builders and users -- whether artists, coders, creators, developers, companies, organizations, or communities -- now have the ability to not just "read" (web1) + "write" (web2) but "own" (web3) pieces of the internet, unlocking a new wave of creativity and entrepreneurship. Brought to you by a16z crypto, this show is the definitive resource for understanding and going deeper on all things crypto and web3. Fro ...
…
continue reading
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
On The Bike Shed, hosts Joël Quenneville and Stephanie Minn discuss development experiences and challenges at thoughtbot with Ruby, Rails, JavaScript, and whatever else is drawing their attention, admiration, or ire this week.
…
continue reading
Every Friday and Sunday, Slate’s popular daily news podcast What Next brings you TBD, a clear-eyed look into the future. From fake news to fake meat, algorithms to augmented reality, Lizzie O’Leary is your guide to the tech industry and the world it’s creating for us to live in.
…
continue reading
Bitcoin groundbreakers share personal stories of how Bitcoin is changing lives for the better. Host Mauricio Di Bartolomeo, co-founder and CSO of Ledn, speaks with leading Bitcoin voices, entrepreneurs, and human rights advocates to hear their unique journey and practical real-world examples of how Bitcoin has made a positive impact in their lives. Brought to you by Ledn, a leading financial services company built for Bitcoin & digital assets. Ledn offers a suite of lending, saving and tradi ...
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
From smart phones to smart homes, the Android Police Podcast gives you exactly what you need from a tech podcast - no more, no less. Every week, each of our hosts curate topics to talk about. It could be tracking through your newsfeed or a passion project or two. We're centered on Android, but go far and wide, so if you're looking for good talk that won't waste your time, listen and subscribe.
…
continue reading
Player FM - Podcast Uygulaması
Player FM uygulamasıyla çevrimdışı Player FM !
Player FM uygulamasıyla çevrimdışı Player FM !
