Nexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innov...
Claroty Team82's Noam Moshe and Tomer Goldschmidt join the Nexus Podcast to discuss the research team's latest publication on 10 vulnerabilities discovered in Ruijie Networks' Reyee OS cloud platform. A chain of these vulnerabilities could allow an attacker to remotely execute code on any device connected to the Ruijie cloud. Team82 also developed an attack they call Open Sesame which allows an attacker in proximity of a Ruijie device to use leaked device information and access the internal network.You can find the research here on Team82's website. Listen and subscribe to the Nexus Podcast here.
--------
31:38
Volexity's Steven Adair on the Nearest Neighbor Attack
Volexity founder Steven Adair joins the Claroty Nexus Podcast to discuss the Nearest Neighbor Attack, a unique attack carried out by Russia's APT 28 against a high-value target in an attempt to gain intelligence on Ukraine prior to the start of the war in February 2022. APT 28 was able to compromise the Wi-Fi network of its target without being in physical proximity of it. They did so by remotely compromising neighboring organizations, accessing their Wi-Fi networks—creating a daisy-chain of breaches and compromises—until they were able to reach their target. Volexity's blog contains additional technical details. Listen to every episode of the Nexus Podcast here.
--------
37:23
Joe Saunders on Advanced Cyberattacks Against Critical Infrastructure
Runsafe Security CEO and Cofounder Joe Saunders joins the Nexus Podcast to discuss the strategic shift from certain APTs toward destructive cyberattacks targeting U.S. critical infrastructure. Groups such as Volt Typhoon and Sandworm have aggressively focused their efforts on hacking OT, IoT, and healthcare organizations, opening new fronts that asset owners and operators, as well as manufacturers of embedded systems must now contend with.
--------
34:43
Grant Geyer on the Business Impact of Disruptions from Cyberattacks
Claroty Chief Strategy Officer Grant Geyer joins the Nexus Podcast to discuss the results of a survey of 1,100 cybersecurity leaders and practitioners on the business impact of disruptions from cyberattacks on cyber-physical systems. The financial losses are steep from these attacks impacting connected systems that are so central to our way of life, as are the recovery costs and operational impacts such as downtime, which is often intolerable in critical industries such as manufacturing and healthcare.Geyer brings his unique insights to the discussions, including attackers' motivations in targeting CPS, why ransomware continues to impact healthcare delivery organizations, and the risks of unsecured third-party and supply chain connections to the enterprise. Get the full survey results here.
--------
25:03
Alethe Denis on Social Engineering, Red-Teaming
Bishop Fox senior security consultant Alethe Denis joins the Claroty Nexus podcast to discuss social engineering in cybersecurity and how it has become part of red-team engagements, especially inside critical infrastructure organizations. She explains the value of open source intelligence and data stolen in breaches to scammers and extortionists in creating pretexts for their schemes. She also explains how to best defend against these tactics that aid threat actors in weaponizing personal information against victims and organizations. For more, visit nexusconnect.io/podcasts.
Nexus is a cybersecurity podcast hosted by Claroty Editorial Director Mike Mimoso. Nexus will feature discussions with cybersecurity leaders, researchers, innovators, and influencers, discussing the topics affecting cybersecurity professionals in OT, IoT, and IoMT environments. Nexus is formerly known as Aperture.
Polska