Have you ever wondered about getting into Cybersecurity or Information Technology? Have you wondered about the latest developments in Industrial Control Systems and Security? If you are open to learning and getting familiar with Information Security and like to get the most unique stories that matter, then Security Bits is the Podcast for you. This Podcast is also available on Video Format on YouTube. Go to https://icsbits.com/simplified for more details.

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/11/27/4/c516c8d8-ed3c-42ca-9c01-c74945f5a7d6_02_main.mp3

InfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. This PASTA is for a different kind of appetite, the one associated with threats aka <a href="https://www.linkedin.com/feed/hashtag/?highlightedUpdateUrns=urn%3Ali%3Aactivity%3A6813441535934283776&keywords=riskappetite" rel="nofollow">#Riskappetite</a>.PASTA is a threat modelling methodology to identify threats in a very systematic way. It stands for Process for Attack Simulation and Threat Analysis , a 7 step risk centric method to identify threats.<a href="https://www.linkedin.com/feed/hashtag/?highlightedUpdateUrns=urn%3Ali%3Aactivity%3A6813129653700608001&keywords=infosecwotd" rel="nofollow">#INFOSECWOTD</a>

InfoSec Word of The Day 02 P.A.S.T.A

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/7/9/20/35396325-6f2d-4d75-a131-a3578b258787_day1.mp3

InfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. Sneakernet, is an informal term for the transfer of information (data) by use of a physical media such as USB flash drives, optical discs, or external hard drives between computers, rather than transmitting it over a computer network.<a href="https://www.linkedin.com/feed/hashtag/?highlightedUpdateUrns=urn%3Ali%3Aactivity%3A6813129653700608001&keywords=infosecwotd" rel="nofollow">#INFOSECWOTD</a>

InfoSec WOTD

InfoSec WOTD is a daily dose of Cybersecurity Terms, Acronyms and Concepts. 

Sneakernet, is an informal term for the transfer of information (data) by use of a physical media such as USB flash drives, optical discs, or external hard drives between computers, rather than transmitting it over a computer network.

#INFOSECWOTD

InfoSec Word of The Day 01 Sneakernet

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/2/9/9/d3a615de-399a-40fc-babb-c07afea4573b_final.mp3

Hello and welcome to Simplified Security bits Episode Number 7. I am your host, Durgesh and today is Feb 9th 2021, coming to you straight from Houston Texas.  Today is Safe Internet Day. Celebrated around the world. In the US, you can find more information for more information on how you can get involved and spread the word by going to <a href="https://saferinternetday.us/" rel="nofollow">https://saferinternetday.us/</a> Tags: Podcast, Cybersecurity Podcast, Durgesh Kalya, Simplified Security,  The Florida Water Treatment Plant was hacked and the attacker managed to increase the amount of Sodium Hydroxide levels from 100 parts per million to 11,100 parts per million. The attacker was able to compromise the remote access system and managed to change parameters for the lye component. This is the worst case scenario for Industrial Control Systems which could have led to a dangerous situation. An operator was able to spot the increase in levels and was able to turn it down.  <a href="https://www.nbcnews.com/tech/security/florida-near-miss-cybersecurity-worst-case-scenario-n1257091" rel="nofollow">https://www.nbcnews.com/tech/security/florida-near-miss-cybersecurity-worst-case-scenario-n1257091</a> Project Zero Team at Google have found a zero day bug on Chrome, Which is being actively exploited and you need to update your browser now. Both Chrome and Edge browsers use the Chromium Engine. So patch now. Simply go to your browser, and click About to initiate the update. <a href="https://nakedsecurity.sophos.com/2021/02/05/chrome-zero-day-browser-bug-found-patch-now/" rel="nofollow">https://nakedsecurity.sophos.com/2021/02/05/chrome-zero-day-browser-bug-found-patch-now/</a>  Cisco reported several vulnerabilities which are tracked in various CVEs. The vulnerabilities allow an unauthenticated, remote attacker to execute arbitrary code as the root user on an affected device. Patch them Routers Now! <a href="https://thehackernews.com/2021/02/critical-flaws-reported-in-cisco-vpn.html" rel="nofollow">https://thehackernews.com/2021/02/critical-flaws-reported-in-cisco-vpn.html</a>  Google bans the Spanish Certificate Authority (CA) -Camerfirma. CAs In cryptography are certification authority is an entity that issues digital certificates. While this is nothing new, in the past major browsers have issued warnings and requested CAs to fix issues with verification and validation of certificates. The result is that the websites and services that use certificates that were issued by Camerfirma will start to get flagged on Chrome browsers and will start showing a Certificate Error with the release of the new browser version Chrome 90 which will be available in April of 2021.<a href="https://www.zdnet.com/article/google-bans-another-misbehaving-ca-from-chrome/" rel="nofollow">https://www.zdnet.com/article/google-bans-another-misbehaving-ca-from-chrome/</a> Google and Microsoft have reported various instances of ongoing attacks on security researchers. Microsoft has outlined the threat actors behind this targeted attack in their security blog. They attribute the attacks to a group called ZINC. More information is in the show notes.  <a href="https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/" rel="nofollow">https://www.microsoft.com/security/blog/2021/01/28/zinc-attacks-against-security-researchers/</a> Facebook etiquette: I am always keen to learn more about how one can improve our interactions and behaviors that can benefit the society as a whole. When it is really at a click of a button you can send communication across the wire and increasingly with very little thought or consequence. As today is Safe Internet Day, I wanted to feature an article written by ESET security blogger Amer Owaida. He very beautifully outlines some of the strategies to apply to strengthen your privacy, security and most importantly to remember the famous Vegas Line,  what happens on the internet stays on the internet. Link is in the show notes. <a href="https://www.welivesecurity.com/2021/02/04/facebook-etiquette-behaviors-avoid/" rel="nofollow">https://www.welivesecurity.com/2021/02/04/facebook-etiquette-behaviors-avoid/</a> That is it for this episode.Please provide me your feedback by reaching out on my twitter @durgeshkalya. All the links to anything I have discussed in this episode is in the show notes of this podcast.Make sure you subscribe to simplified security episodes available as podcast and on YouTube. Go to icsbits.com/simplified for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or YouTube, until then be safe and think before you click.

Florida Water Treatment Plant Hacked, Chrome Browser Vulnerability, Security Researchers were targeted, Social Media Etiquette, CISCO’s VPN Flaws, Happy Safe Internet Day and more!

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/23/11/54f0799d-8025-4f2f-8801-9110f095b503_ep6.mp3

Simplified Security - E6 - Covid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more! Headlines:Leaked information surfaces from the December attack on European Medicines Agency on COVID-19 Vaccine. EMA Original Post:<a href="https://www.ema.europa.eu/en/news/cyberattack-european-medicines-agency" rel="nofollow">https://www.ema.europa.eu/en/news/cyberattack-european-medicines-agency</a> Bleeping Computer’s Post<a href="https://www.bleepingcomputer.com/news/security/hackers-leak-stolen-pfizer-covid-19-vaccine-data-online/" rel="nofollow">https://www.bleepingcomputer.com/news/security/hackers-leak-stolen-pfizer-covid-19-vaccine-data-online/</a>  Siemens releases multiple Vulnerabilities in Web Server for Scalance X Products and Solid Edge. Siemens Scalance X Advisory:<a href="https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf" rel="nofollow">https://cert-portal.siemens.com/productcert/pdf/ssa-139628.pdf</a>  Siemens Solid Edge Advisory:<a href="https://cert-portal.siemens.com/productcert/txt/ssa-979834.txt" rel="nofollow">https://cert-portal.siemens.com/productcert/txt/ssa-979834.txt</a>  SEPA, Scottish Environment Protection Agency attacked on Christmas Eve. <a href="https://www.sepa.org.uk/about-us/cyber-attack/" rel="nofollow">https://www.sepa.org.uk/about-us/cyber-attack/</a>  Ubiquiti News,  <a href="https://community.ui.com/questions/Account-Notification/96467115-49b5-4dd6-9517-f8cdbf6906f3" rel="nofollow">https://community.ui.com/questions/Account-Notification/96467115-49b5-4dd6-9517-f8cdbf6906f3</a>  Naked Security article for Homeschooling and how to stay secure. <a href="https://nakedsecurity.sophos.com/2021/01/13/home-schooling-how-to-stay-secure/" rel="nofollow">https://nakedsecurity.sophos.com/2021/01/13/home-schooling-how-to-stay-secure/</a>  Symantec, Threat Intelligence Blog article on Solar Winds Attack.<a href="https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence" rel="nofollow">https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence</a>  --- Connect with me:Simply follow me on <a href="https://www.linkedin.com/in/durgeshkalya/" rel="nofollow">LinkedIn</a> or <a href="https://twitter.com/durgeshkalya" rel="nofollow">Twitter</a>. Subscribe to my Podcast Simplified Security:Google Podcast<a href="https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzk3NTgvcnNzLnhtbA" rel="nofollow">https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzk3NTgvcnNzLnhtbA</a>  Apple Podcast<a href="https://podcasts.apple.com/us/podcast/security-bits/id1542309317" rel="nofollow">https://podcasts.apple.com/us/podcast/security-bits/id1542309317</a>  For all other platforms such as Spotify, TuneIn, Amazon,Go to  <a href="https://icsbits.com/simplified/" rel="nofollow">https://icsbits.com/simplified/</a>  Do not forget to Subscribe to my YouTube Channel and Enable Notifications:<a href="https://www.youtube.com/channel/UC9gRPRXg3s3ZPZZafouzOWA?sub_confirmation=1" rel="nofollow">https://www.youtube.com/channel/UC9gRPRXg3s3ZPZZafouzOWA?sub_confirmation=1</a>

Covid 19 Vaccine Info Leaks, Siemens releases multiple vulnerabilities, Ubiquiti tells its users to secure their account and more!

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/7/9/b41e9e8c-8c7e-42d0-90c8-659a44042d0b_ep5_release.mp3

Public document from the court TicketMaster Lawsuit:<a href="https://www.justice.gov/usao-edny/pr/ticketmaster-pays-10-million-criminal-fine-intrusions-competitor-s-computer-systems-0" rel="nofollow">https://www.justice.gov/usao-edny/pr/ticketmaster-pays-10-million-criminal-fine-intrusions-competitor-s-computer-systems-0</a>  What is Egregor?<a href="https://www.trendmicro.com/en_us/research/20/l/egregor-ransomware-launches-string-of-high-profile-attacks-to-en.html" rel="nofollow">https://www.trendmicro.com/en_us/research/20/l/egregor-ransomware-launches-string-of-high-profile-attacks-to-en.html</a>  Veritas Advisory:<a href="https://www.veritas.com/content/support/en_US/security" rel="nofollow">https://www.veritas.com/content/support/en_US/security</a> SANs institute is offering a Free Virtual Summit:<a href="https://www.sans.org/event/ics-security-summit-2021?utm_campaign=SANS+Solution+Forum+Vendor&utm_content=ICS+Summit+Training+December+2020&utm_medium=Social&utm_source=LinkedIn" rel="nofollow">https://www.sans.org/event/ics-security-summit-2021?utm_medium=Social&amp;utm_source=LinkedIn&amp;utm_content=ICS+Summit+Training+December+2020&amp;utm_campaign=SANS+Solution+Forum+Vendor</a> Join the Certification Station Discord Group here:<a href="https://discord.gg/cD2EgtyQ" rel="nofollow">https://discord.gg/cD2EgtyQ</a> New to Discord and this community? Check out this video to get started::<a href="https://youtu.be/le_CE--Mnvs" rel="nofollow">https://youtu.be/le_CE--Mnvs</a>  --- Connect with me:Simply follow me on <a href="https://www.linkedin.com/in/durgeshkalya/" rel="nofollow">LinkedIn</a> or <a href="https://twitter.com/durgeshkalya" rel="nofollow">Twitter</a>. Subscribe to my Podcast Simplified Security:Google Podcast<a href="https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzk3NTgvcnNzLnhtbA" rel="nofollow">https://podcasts.google.com/feed/aHR0cHM6Ly9mZWVkcy5zb3VuZGVyLmZtLzk3NTgvcnNzLnhtbA</a>  Apple Podcast<a href="https://podcasts.apple.com/us/podcast/security-bits/id1542309317" rel="nofollow">https://podcasts.apple.com/us/podcast/security-bits/id1542309317</a>  For all other platforms such as Spotify, Tune IN, Amazon,Go to <a href="https://icsbits.com/simplified/" rel="nofollow">https://icsbits.com/simplified/</a>  Do not forget to Subscribe to my YouTube Channel and Enable Notifications:<a href="https://www.youtube.com/channel/UC9gRPRXg3s3ZPZZafouzOWA?sub_confirmation=1" rel="nofollow">https://www.youtube.com/channel/UC9gRPRXg3s3ZPZZafouzOWA?sub_confirmation=1</a>

Simplified Security Bits - Ticketmaster agrees to pay $10 million to Crowdsurge, Microsoft release details on SolarWinds Hack, Veritas released a handful of CVEs and Free Boot camp for CISSP Candidates and more!

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/5/8/46b9af4c-d6c3-41ca-aa03-ff75158a3c5a_audio--104054--9758--24098--4dd580e0-c843-47f1-9167-321561133d2d.m4a

Very excited to share with you our cybersecurty community an interview with ICS Cybersecurity Expert Marco Ayala (Twitter: @ics_scada) We discuss various topics, such as how he got started, why defense in depth is criticle in Industrial systems and my favorite, #snickernet using USB drives in ICS. 00:10 - Introduction to Marco Ayala02:45 - What is your story and how did you get into Industrial Control Systems Security?14:01 - What are your thoughts on Virtualization in OT Environments? 17:48 - What are the key elements of an OT Incident Response Plan22:58 - What is InfraGard?26:49 - FSO and Cybersecurity Awareness   33:12 - What is the place of USB Drives in OT Environment?

Very excited to share with you our cybersecurty community an interview with ICS Cybersecurity Expert Marco Ayala (Twitter: @ics_scada)&nbsp;
We discuss various topics, such as how he got started, why defense in depth is criticle in Industrial systems and my favorite, #snickernet using USB drives in ICS.&nbsp;

00:10 - Introduction to Marco Ayala
02:45 - What is your story and how did you get into Industrial Control Systems Security?
14:01 - What are your thoughts on Virtualization in OT Environments?&nbsp;
17:48 - What are the key elements of an OT Incident Response Plan
22:58 - What is InfraGard?
26:49 - FSO and Cybersecurity Awareness&nbsp;&nbsp;&nbsp;
33:12 - What is the place of USB Drives in OT Environment?&nbsp;

Expert in Security - Full Featured Interview with Marco Ayala on various ICS Cybersecurity Topics

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/5/8/cf0cc6b7-b60c-48ca-9552-92c43729057b_audio--103180--9758--24098--00d309c3-2042-4203-928e-02eeb963c418.m4a

Simplified Security - E3 - Supply Chain Bust with Sunburst, Interview with Marco Ayala, Cybersecurity Expert where we discuss several different topics from his humble beginnings in Industrial Control Systems Security, USB Drive in ICS Environment &amp; More!Full Interview with Marco is on YouTube Ayala <a href="https://youtu.be/gdfftCZEn28" rel="nofollow">https://youtu.be/gdfftCZEn28</a> Folllow Marc on Twitter: <a href="https://twitter.com/ICS_SCADA" rel="nofollow">@ICS_SCADA</a>Many of the Solarwinds products are built on this common technology platform, the SolarWinds® Orion which enables an organization, their customers to implement their various products whether individually or as a group. This makes it possible for their customers to have a single dashboard or a management for the products they have implemented. While there are certain solarwinds products that do not leverage this platform, their security advisory shows about 18 products. Some of which includeIP Address Manager (IPAM)Log Analyzer (LA)Network Automation Manager (NAM)Network Configuration Manager (NCM)Network Performance Monitor (NPM)Etc.For a full list of affected products, check the link <a href="https://www.solarwinds.com/securityadvisory" rel="nofollow">https://www.solarwinds.com/securityadvisory</a> Microsoft &amp; FireEye are continuing to investigate the solarwind hack, which they call Solorigate, Sunburst Backdoor respectively. For more information check out Microsoft’s and FireEye’s Security Blogs, links are in the description.<a href="https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/" rel="nofollow">https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/</a><a href="https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html" rel="nofollow">https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html</a>Special Feature: Expert in Security Interview with Marco Ayala, Cybersecurity Expert.Please provide me your feedback by reaching out on my twitter @durgeshkalya. All the links to anything I have discussed in this episode is in the descriptions of this podcast.Make sure you subscribe to simplified security episodes available as podcast and on youtube. Go to icsbits.com/simplified for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or youtube, until then be safe and think before you click.

Simplified Security - E3 - Supply Chain Bust with Sunburst, Interview with Marco Ayala, Cybersecurity Expert where we discuss several different topics from his humble beginnings in Industrial Control Systems Security, USB Drive in ICS Environment &amp; More!
Full Interview with Marco is on YouTube Ayala https://youtu.be/gdfftCZEn28 &nbsp;
Folllow Marc on Twitter: @ICS_SCADA
Many of the Solarwinds products are built on this common technology platform, the SolarWinds® Orion which enables an organization, their customers to implement their various products whether individually or as a group.  This makes it possible for their customers to have a single dashboard or a management for the products they have implemented. While there are certain solarwinds products that do not leverage this platform, their security advisory shows about 18 products. Some of which include
IP Address Manager (IPAM)
Log Analyzer (LA)
Network Automation Manager (NAM)
Network Configuration Manager (NCM)
Network Performance Monitor (NPM)
Etc. 
For a full list of affected products, check the link https://www.solarwinds.com/securityadvisory 
Microsoft &amp; FireEye are continuing to investigate the solarwind hack, which they call Solorigate, Sunburst Backdoor respectively. For more information check out Microsoft’s and FireEye’s Security Blogs, links are in the description. 
https://www.microsoft.com/security/blog/2020/12/18/analyzing-solorigate-the-compromised-dll-file-that-started-a-sophisticated-cyberattack-and-how-microsoft-defender-helps-protect/
https://www.fireeye.com/blog/threat-research/2020/12/evasive-attacker-leverages-solarwinds-supply-chain-compromises-with-sunburst-backdoor.html 
Special Feature: Expert in Security Interview with Marco Ayala, Cybersecurity Expert.
Please provide me your feedback by reaching out on my twitter @durgeshkalya. All the links to anything I have discussed in this episode is in the descriptions of this podcast.
Make sure you subscribe to simplified security episodes available as podcast and on youtube. Go to icsbits.com/simplified for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or youtube, until then be safe and think before you click.

Simplified Security - Supply Chain Bust with Sunburst, Interview with Marco Ayala, Cybersecurity Expert where we discuss several different topics from his humble beginnings in Industrial Control Systems Security, USB Drive in ICS Environment and International Society of Automation and their certification and training.

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/5/8/21919311-1b6b-414a-b15e-73bf5438a4bc_audio--100164--9758--24098--c89d3363-e59d-4b06-846e-9a61d5ceddf1.m4a

Hello and welcome to Simplified Security Episode Number 2.
Links:
 
Vulnerability in Google Play Core Library:
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/ 
TrickBot Malware gets a creepy feature:
https://www.advanced-intel.com/post/persist-brick-profit-trickbot-offers-new-trickboot-uefi-focused-functionality 
CVE-2020-8539.
https://nvd.nist.gov/vuln/detail/CVE-2020-8539
Kia Motors Head Unit CVE:
Italian National Research Council Research Paper:
https://sowhat.iit.cnr.it/pdf/IIT-20-2020.pdf 
What When and Why In Security:
Windows 98 End of Life
https://www.informationweek.com/windows-98-presents-security-problems-as-it-ends-lifespan/d/d-id/1022187?piddl_msgorder=asc 
Please provide me your feedback by reaching out on my twitter @durgeshkalya. All the links to anything I have discussed in this episode is in the descriptions of this podcast.
Make sure you subscribe to simplified security episodes available as podcast and on YouTube. Go to icsbits.com/simplified for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or YouTube, until then be safe and think before you click.

Hello and welcome to Simplified Security Episode Number 2.
Links:

Vulnerability in Google Play Core Library:
https://blog.oversecured.com/Oversecured-automatically-discovers-persistent-code-execution-in-the-Google-Play-Core-Library/&nbsp;
TrickBot Malware gets a creepy feature:
https://www.advanced-intel.com/post/persist-brick-profit-trickbot-offers-new-trickboot-uefi-focused-functionality&nbsp;
CVE-2020-8539.
https://nvd.nist.gov/vuln/detail/CVE-2020-8539
Kia Motors Head Unit CVE:
Italian National Research Council Research Paper:
https://sowhat.iit.cnr.it/pdf/IIT-20-2020.pdf&nbsp;
What When and Why In Security:
Windows 98 End of Life
https://www.informationweek.com/windows-98-presents-security-problems-as-it-ends-lifespan/d/d-id/1022187?piddl_msgorder=asc&nbsp;
Please provide me your feedback by reaching out on my twitter @durgeshkalya. All the links to anything I have discussed in this episode is in the descriptions of this podcast.
Make sure you subscribe to simplified security episodes available as podcast and on YouTube. Go to icsbits.com/simplified for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or YouTube, until then be safe and think before you click.

Simplified Security - Google Play Core Library Code Execution Vulnerability, Trickbot Evolves to new low levels and Fireeye Breached More!

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/5/8/e2c36791-bc06-4d6d-b76f-a4bb7a777942_audio--100165--9758--24098--99dbc341-b7d3-4ba5-8daf-aea2e7ac0a8c.m4a

Wordpress Plugins, Fortinet Forti System File Leak, Interpol and more! Video Podcast: https://youtu.be/zNsWFASXYoE Text Blog: https://icsbits.com/2020/12/01/simplified-security-e1/. Digitally Signed Malware which goes by the name Bandook Story: https://research.checkpoint.com/2020/bandook-signed-delivered/
 Wordpress Story: https://www.webarxsecurity.com/wordpress-vulnerability-news-september-2020/ Fake News and Disinformation:
 https://www.nytimes.com/2020/10/14/technology/personaltech/how-to-deal-with-a-crisis-of-misinformation.html Interpols News: https://www.interpol.int/en/News-and-Events/News/2020/Three-arrested-as-INTERPOL-Group-IB-and-the-Nigeria-Police-Force-disrupt-prolific-cybercrime-group Fortinet FortiOS System File Leak: https://www.fortiguard.com/psirt/FG-IR-18-384 https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13379 Drupal Releases Security Updates for Tar and other vulnerabilities: https://www.drupal.org/sa-core-2020-013 VMware Releases Workarounds for their command injection vulnerability: https://www.vmware.com/security/advisories/VMSA-2020-0027.html# These episodes are available in Text, video and audio formats. Check out icsbits.com/simplified for more details. In every episode we will look at some of the security highlights especially the ones that made it to the news and also find out about any new security events that are happening around the world this week in our NEWS In Security segment. Then we will cover vulnerabilities that scored a CVE score of 10 &amp; discuss any countermeasures that may be available in our Patch or Latch segment. And finally, we will go into the past and learn about some interesting security topics and discover how it has transformed or influenced our present in our What When &amp; Why in Security segment.
 Make sure you subscribe to simplified security episodes available as podcast and on Youtube. Go to icsbits.com/simplified for more details.

Welcome to the ICSBits.com's Simplified Security Episode 1:
Wordpress Plugins, Fortinet Forti System File Leak, Interpol and more!                                                  Video Podcast: https://youtu.be/zNsWFASXYoE

Text Blog: https://icsbits.com/2020/12/01/simplified-security-e1/.
Digitally Signed Malware which goes by the name Bandook Story:
https://research.checkpoint.com/2020/bandook-signed-delivered/
Wordpress Story:
https://www.webarxsecurity.com/wordpress-vulnerability-news-september-2020/
Fake News and Disinformation:
https://www.nytimes.com/2020/10/14/technology/personaltech/how-to-deal-with-a-crisis-of-misinformation.html
Interpols News:
https://www.interpol.int/en/News-and-Events/News/2020/Three-arrested-as-INTERPOL-Group-IB-and-the-Nigeria-Police-Force-disrupt-prolific-cybercrime-group
Fortinet FortiOS System File Leak:
https://www.fortiguard.com/psirt/FG-IR-18-384
https://blog.orange.tw/2019/08/attacking-ssl-vpn-part-2-breaking-the-fortigate-ssl-vpn.html
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13379
Drupal Releases Security Updates for Tar and other vulnerabilities:
https://www.drupal.org/sa-core-2020-013
VMware Releases Workarounds for their command injection vulnerability:
https://www.vmware.com/security/advisories/VMSA-2020-0027.html#
These episodes are available in Text, video and audio formats. Check out icsbits.com/simplified for more details.
In every episode we will look at some of the security highlights especially the ones that made it to the news and also find out about any new security events that are happening around the world this week in our NEWS In Security segment.
Then we will cover vulnerabilities that scored a CVE score of 10 & discuss any countermeasures that may be available in our Patch or Latch segment.
And finally, we will go into the past and learn about some interesting security topics and discover how it has transformed or influenced our present in our What When & Why in Security segment.
Make sure you subscribe to simplified security episodes available as podcast and on Youtube. Go to icsbits.com/simplified for more details.
I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or Youtube, until then be safe and think before you click.

Simplified Security -Wordpress Plugins, Fortinet FortiOS System File Leak, Interpol and more!

https://s3.us-east-2.amazonaws.com/pod-public-media-files/2021/1/7/8/0529fb58-9f66-4998-bc49-9c62e2e4343d_security_bits_final_trailer.mp3

Welcome to the ICSBits.com&#39;s Simplified Security Episodes. These episodes are available in Text, video and audio formats. Check out icsbits.com/simplified for more details.   <ul><li>In every episode we will look at some of the security highlights especially the ones that made it to the news and also find out about any new security events that are happening around the world this week in our NEWS In Security segment.</li><li> </li><li>Then we will cover vulnerabilities that scored a CVE score of 10 &amp; discuss any countermeasures that may be available in our Patch or Latch segment. </li><li> </li><li>And finally, we will go into the past and learn about some interesting security topics and discover how it has transformed or influenced our present in our What When &amp; Why in Security segment. </li></ul>Make sure you subscribe to simplified security episodes available as podcast and on YouTube. Go to <a href="http://icsbits.com/simplified" rel="nofollow">icsbits.com/simplified</a> for more details. I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or YouTube, until then be safe and think before you click.

Welcome to the ICSBits.com's Simplified Security Episodes. These episodes are available in Text, video and audio formats. Check out icsbits.com/simplified for more details. &nbsp;

 In every episode we will look at some of the security highlights especially the ones that made it to the news and also find out about any new security events that are happening around the world this week in our NEWS In Security segment. &nbsp;

 Then we will cover vulnerabilities that scored a CVE score of 10 &amp; discuss any countermeasures that may be available in our Patch or Latch segment. &nbsp;

 And finally, we will go into the past and learn about some interesting security topics and discover how it has transformed or influenced our present in our What When &amp; Why in Security segment. &nbsp;

Make sure you subscribe to simplified security episodes available as podcast and on YouTube. Go to icsbits.com/simplified for more details. &nbsp;I am your host Durgesh Kalya. Catch me on my next episode on your favorite podcast app or YouTube, until then be safe and think before you click.

Simplified Security - Trailer

Have you ever wondered about getting into Cybersecurity or Information Technology? Have you wondered about the latest developments in Industrial Control Systems and Security? If you are open to learning and getting familiar with Information Security and like to get the most unique stories that matter, then Security Bits is the Podcast for you. This Podcast is also available on Video Format on YouTube. Go to https://icsbits.com/simplified for more details.