You are currently viewing a placeholder content from Libsyn. To access the actual content, click the button below. Please note that doing so will share data with third-party providers.
In this episode of the Security Swarm Podcast, our host Andy Syrewicze and one of our regular guests, Eric Siron discuss the latest quarterly threat report from Hornetsecurity. They dive into data points such as the breakdown of email threats, most common malicious file types, targeted industry verticals, and brand impersonations.
The conversation also covers recent security news, including Microsoft’s efforts to address the aftermath of the CrowdStrike incident and a high-severity vulnerability in the Linux CUPS system. The hosts provide valuable insights and analysis, highlighting trends in the threat landscape and the evolving tactics of cybercriminals.
Do you want to join the conversation? Join us in our Security Lab LinkedIn Group!
Key Takeaways:
-
Quarterly threat report data shows an increase in email threats in Q3 compared to Q2, driven by the ending of the summer vacation months.
-
PDF, archive, and HTML files remain the top malicious file types used by threat actors.
-
Microsoft is exploring ways to reduce security vendors’ kernel-mode access after the Crowdstrike incident.
-
NIST has updated password guidelines, including recommendations to remove password composition rules and avoid forced password rotations.
-
A high-severity vulnerability in the Linux CUPS system allows remote code execution, highlighting the need to secure critical services.
-
The importance of securing the digital supply chain and the risks of supply chain attacks.
-
The challenges of convincing users to adopt secure practices, such as using password managers.
Timestamps:
(03:33) Breakdown of email threats by category
(06:58) Most common malicious file types
(11:46) Targeted industry verticals
(19:52) Impersonated brands
(22:33) Discussion of Microsoft’s efforts after the Crowdstrike incident
(37:19) NIST’s updated password guidelines.
Episode Resources:
Hornetsecurity Monthly Threat Reports can be found here
—
Protect Your Business from Advanced Threats! Ensure your organization is safeguarded against sophisticated attacks by leveraging Hornetsecurity’s Advanced Threat Protection (ATP). Stay secure and informed—discover more here!