Phish Fryday-logo

Phish Fryday

Technology Podcasts

Uniting Humanity Against Phishing with Weekly Phishing Threat Intelligence

Uniting Humanity Against Phishing with Weekly Phishing Threat Intelligence

Location:

United States

Description:

Uniting Humanity Against Phishing with Weekly Phishing Threat Intelligence

Language:

English


Episodes

Phishing Threats with Palo Alto Unit 42

10/1/2020
Phishing threats take many forms and are used to deliver malware, steal credentials, and entice recipients into taking actions they will later regret. Despite advances in technology, these threats continue to reach inboxes and continue to succeed. In this episode, we speak with Ryan Olson of Palo Alto’s Unit 42 and Cofense Intelligence Product Manager Mollie MacDougall. Learn more: Phish Fryday – Emotet Returns Coronavirus InfoCenter COVID-19: The Cybercrime Gold Rush of 2020 Emotet Thread...

Duration:00:32:25

Phishing Finance

9/10/2020
For many organizations, financial transactions are a quick, intricate dance of payments, receivables, and reporting. It’s high stakes and high pressure. Drop a phish into the midst of this environment and bad things can happen. To discuss the role of finance in an organization and how attackers target the processes and pressures to commit cyber theft are Cofense CFO Mel Wesley, Cofense Co-founder and CTO Aaron Higbee, and Cofense Security Solution Advisor Tonia Dudley. Learn more: Real...

Duration:00:22:33

Ransomware

8/27/2020
According to the latest Ponemon Cost of Data Breach Report, over half of malicious breaches are financially motivated. When we follow the money, we see ransomware continuing to cause availability concerns, which can be addressed with mature disaster recovery plans. Not to be outdone, attackers are increasing their leverage to ensure a timely payment. Joining us this week are Cofense Cyber Threat Intelligence Analysts Brad Haas and Aaron Riley to talk about this latest move by threat actors....

Duration:00:19:24

Phishing Defense Expertise

8/14/2020
Identifying a phishing email is more than a yes/no, good/bad equation. If it’s bad, you need to know how bad it is. If my user clicked it, what happened? What do I need to do to protect my organization? Answering these questions requires a certain level of expertise with tools and strategies for analyzing malicious emails. Joining us this week is Cofense Director of Product Management Pete Smith to talk about the skills needed to break down an attack to understand the Indicators of...

Duration:00:14:56

Emotet Returns

7/30/2020
What started out as a banking trojan has now evolved into one of the most widespread and disruptive botnets threatening organizations worldwide. Emotet. After a brief hiatus earlier in 2020, Emotet has returned with a new trick up its sleeve. Here to talk about the dangers of Emotet and how to reduce your vulnerability to it is Cofense Senior Research Engineer and resident Emotet expert Jason Meurer. Learn more: Emotet stealing attachments Previous discussion about Emotet on Phish Fryday...

Duration:00:19:02

Cutting Through the Noise at IMAX

7/2/2020
Security analysts need data – lots of data – to do their jobs defending organizations. It’s easy to drown in all the noise, though, and not be able to find attacks and respond quickly. In this episode, we speak with IMAX Information Security Analyst Rob Sipthorpe to discuss the IMAX phishing defense program and how they’re cutting through the noise and finding bad fast. Learn more: IMAX Cofense Triage Questions or comments? Reach us at phishfryday@cofense.com The post Phish Fryday – Cutting...

Duration:00:15:29

APIs and Automated Phishing Defense

6/25/2020
Cyber security defenders are strapped for resources, having to constantly do more with less. The risks are many, the tools are multiplying, and yet the job continues to get harder. Here to talk about how automation and integration through API usage can improve cyber defenses are Pete Smith, Cofense Director of Product Management and Cofense Director of Technical Alliances Mike Saurbaugh. Learn more Cofense Triage Cofense Vision Cofense Intelligence Questions or comments? Reach us at...

Duration:00:18:12

Secure Email Gateways

6/18/2020
Phishing continues to be one of the top attack vectors faced by companies. To address this, many organizations deploy a secure email gateway – SEG in InfoSec parlance. In this episode we speak with Cofense Co-founder and CTO Aaron Higbee and Cofense Security Solution Advisor Tonia Dudley about the history and functionality of SEGs and why they aren’t the panacea they claim to be. Additional Resources Gartner retires their secure email gateway Magic Quadrant Phish Fryday – Cloud Services in...

Duration:00:17:37

OAuth2 Phishing Attacks

6/4/2020
With credential theft making up a large portion of phishing attacks, many organizations wisely turn to MultiFactor Authentication (MFA) to protect the credentials of their employees. Attackers, however, are upping their game to continue gaining access to corporate accounts. Cofense Threat Analyst Elmer Hernandez joins us this week to discuss a particular attack observed by Cofense that leverages OAuth2 and OpenID Connect instead of passwords. Learn more OAuth2 Attack Bypasses MFA Google Docs...

Duration:00:15:16

Risk Management and Phishing Defense

5/29/2020
The very act of running an organization includes risk. Successful business leaders understand what those risks are and how to manage them. Operating information systems are no different – they are at risk by nature, but IT and security teams need to recognize those risks and manage them successfully. Here to talk about risk management and phishing defense is Pete Smith, Cofense Director of Product Management for our Triage and Vision phishing defense solutions. Learn more Cofense Triage...

Duration:00:16:41

Pentesting and Phishing Defense

5/21/2020
Organization seek out security through various means – risk analysis, regulatory compliance, alignment to security frameworks – but can never really be sure they are secure. That’s where pentesting comes in – evaluating security controls through an attack methodology. Given the prevalence of phishing in compromises and breaches, how does pentesting take advantage of this? Here to discuss pentesting and its importance in phishing defense is Soteria co-founder Paul Ihme. Learn more Soteria...

Duration:00:16:39

Beyond the Inbox

5/14/2020
Even with users reporting phishing attacks and the best analysis and response tools, there’s a chance someone has already become a victim. Security teams must race the clock to find Indicators of Compromise to identify infected endpoints and spreading malware. In this episode, we’re joined by Alan Rainer, Senior Threat Analyst at Kivu Consulting to discuss how anti-phishing solutions can go beyond the inbox to find and neutralize threats. Questions or comments? Reach us at...

Duration:00:13:51

Q1 2020 Phishing Review

5/8/2020
Phishing emails remains one of the top threat vectors used by attackers to breach corporate defenses to inflict harm and make money. Each quarter, Cofense Intelligence analyzes vast quantities of phishing attacks both reported by customers and discovered in other proprietary sources. In this episode, we’re joined by Cofense Cyber Threat Intelligence Analyst and lead author of our Q1 2020 Phishing Review, Aaron Riley. Resources: Cofense Q1 2020 Phishing Review Cofense Intelligence Questions...

Duration:00:16:24

Pragmatic Threat Intelligence

4/30/2020
Cybersecurity professionals are noted for their suspicious nature. They have to have it. But, whereas we can imagine a million threat vectors, there’s only so much time in the day and we’re forced to prioritize where we spend our resources protecting our organization. That’s where phishing threat intelligence comes in. Active threats and tactics – seen in the wild – can be more important to your organization’s defense than all the 0-days your mind can imagine. To discuss the pragmatic...

Duration:00:15:19

Phishing Defense

4/23/2020
Phishing attacks are different than other attacks – they tend to be technology light and social manipulation heavy. Defending against these attacks requires a unique set of skills and tools. In this episode we speak with Cofense Director of Product Management Pete Smith to discuss the tools and skills needed for effective phishing defense. Questions or comments? Reach us at phishfryday@cofense.com Discover how cybersecurity awareness training can help your organization defend against...

Duration:00:16:02

Remote Work Security

4/16/2020
The current COVID-19 pandemic has organizations scrambling to setup remote work options for their employees. As technology is hastily rolled out and policies are updated, anxious users are looking for guidance and support. Threat actors, taking advantage of the situation, are using this gap in information to execute successful phishing campaigns. In this episode, we speak with Cofense Co-founder and CTO Aaron Higbee and Cofense Security Solutions Advisor Tonia Dudley to discuss attacks we’re...

Duration:00:26:10

Phishing Trends from the Front Lines

4/9/2020
Phishing threat actors constantly tweak and tune their attacks to evade secure email gateways to reach user inboxes. When that happens, your best users will report those attacks to security, giving you a jump on neutralizing the threat. In this episode, we speak with Ashley Tran, Threat Analyst in Cofense’s Phishing Defense Center, about the threats she and her team have been seeing lately as customers report the latest attacks. Mentioned in this episode: YouTube Phishing Redirects...

Duration:00:13:50

Threat Intelligence in Phishing Defense

4/2/2020
Cyber defense goes beyond following a book of best practices. It requires awareness of current threats and how to defend against those threats, otherwise the amount of “what ifs” will overwhelm a security team. In this episode, we speak with Mollie MacDougall, Intelligence Product Manager at Cofense, about the role of threat intelligence in phishing defense. Mentioned in this episode: Cofense Intelligence Questions or comments? Reach us at phishfryday@cofense.com Discover how cybersecurity...

Duration:00:17:44

Cyber Insurance and Risk Management

3/26/2020
Risk management is more than just ensuring bad things don’t happen. There are some risks that can’t be adequately mitigated and organizations look to risk transference, such as insurance, to help protect them. In this episode, we speak with Darren Thomson, head of Cyber Security Strategy at CyberCube, to discuss the role of cyber insurance in cyber risk management. Mentioned in this episode: CyberCube Questions or comments? Reach us at phishfryday@cofense.com Discover how cybersecurity...

Duration:00:15:39

Phishing and Ransomware in Healthcare

3/19/2020
While phishing attacks and ransomware affect all industries, healthcare is particularly vulnerable. Medical equipment running outdated software, limited budgets, and a need to provide lifesaving actions without delay increase cyber risk beyond the confidentiality demands of HIPAA. In this episode, we speak with Gerald Auger, a Security Architect with the Medical University of South Carolina about the challenges the healthcare industry faces. Mentioned in this episode: Wood Ranch Medical...

Duration:00:18:57