Discover and read the best of Twitter Threads about #rsac
Most recents (15)
And now, the most horrifying security vulnerability I've seen in ages, staring @Microsoft @Azure.
A thread...
A thread...
So @orcasec found a vulnerability in @azure and reported it to Microsoft back in January. @Azure's response was to go out and buy a booth for @RSAConference, then get back to Orca six short weeks later.
A speedy month and a half later, Azure releases a patch.
I AM NOT DONE.
A speedy month and a half later, Azure releases a patch.
I AM NOT DONE.
Mandiant’s Nick Bennett & Dave Wong have taken the stage at #RSAC for a discussion on multifaceted extortion. 
“In 2022 we are seeing #ransomware attackers get very creative,” say Nick Bennett during the #RSAC presentation. “They want to create as much leverage as they can to force the victims to pay the ransom.”
One of the lessons we’ve learned in our work with organizations, Dave Wong shares at #RSAC, is “#ransomware detection is about the whole attacker life cycle. Defenders need to focus on both prevention and detection.”
Happening now: Our CEO Kevin Mandia is joining a panel at #RSAC discussing lessons learned from the #SolarWinds cyber breach & how businesses can transform to face tomorrow’s cyber threats.
Asked about increasing sophistication in #cybersecurity, Kevin says that “in 2021 we saw over 70 zero days. Hackers are gaining capabilities & there is enough money in cybercrime that actors are buying zero days.”
“I don’t think the #cybersecurity landscape looks remarkably different in 2022, but we do see nations states and cyber criminals becoming more sophisticated. The lesson from this is that we have to make cyber security national security.” - @CISAJen during the #RSAC panel.
#ElevateWICS is getting started early today with a breakfast and panel featuring #cybersecurity leaders discussing their careers and the importance of supporting women in the industry. #RSAC
"Elevate is not just for women rising at the early stage of their career...women at every stage need this community's support," says Erin Joe, Mandiant SVP, Strategy and Alliances & Executive Sponsor of #ElevateWICS
Learn more: mandiant.com/elevate
Learn more: mandiant.com/elevate
“In terms of having a seat at the table, we are on our own journey wrestling with whether we belong in the room. Someone had the confidence to put you there. … You have to go with it," says @karenkaukol CMO @entrust_corp #ElevateWICS
Having spent an hour or so walking the floor of @RSAConference, it's rather clear that #RSAC's not about security learning, but rather about selling security in a box. As @mattstratton famously said in a talk once, "you can't buy DevOps but I sure would like to sell it to you."
Here @SentinelOne teaches us that the tree of security must be refreshed from time to time with the logo of @hashicorp. #RSAC
Here we see that Angry Twitter is making its presence known at #RSAC.
Great turn out for today’s #RSAC keynote presentation from Mandiant’s @JumpforJoyce and @DAlperovitch, titled “Global Threat Brief: Hacks and Adversaries Unveiled”
This session will be an unveiling of the most novel attacks in the current global threat landscape, diving into specific, real-time examples of threat actor activity from both nation-states and criminal groups, along with strategic advice for countering them. #RSAC
They’ll begin with a deep dive on the Ukraine cyberwarfare front, covering the top cyber defender takeaways to date. Stay tuned to find out “Resiliency is Key” #RSAC
And now I go to #RSAC2022 in the hopes that someone, anyone, will be able to sell me a firewall.
To be a diamond sponsor of @rsaconference you must be a company whose best days are clearly behind it.
Or be the RSA conference, as an additional qualifier .
🧵on stealing TeamViewer credentials
Many organizations have systems with TeamViewer actively running; some know it and manage it correctly, other have no idea it is running or where. The latter probably have multiple versions #redteam #blueteam #purpleteam #ThreatThursday 1/10
Many organizations have systems with TeamViewer actively running; some know it and manage it correctly, other have no idea it is running or where. The latter probably have multiple versions #redteam #blueteam #purpleteam #ThreatThursday 1/10
I started looking deeper into TeamViewer when @snlyngaas reported that a Florida water facility had been breached. A malicious actor used TeamViewer to login and change the levels of sodium hydroxide. The plant operator say this and no damage was done cyberscoop.com/florida-water-… 2/10
For those that speak @MITREattack we are talking about T1078 Valid Accounts: attack.mitre.org/techniques/T10…
But how were these credentials obtained? We don't know but @brysonbort spoke with #RSAC about it if you want more on the Florida water plant breach: 3/10
But how were these credentials obtained? We don't know but @brysonbort spoke with #RSAC about it if you want more on the Florida water plant breach: 3/10
And now, my #rsac / #RSAConference expo hall observations in thread form.
If you pay retail price for @SentinelOne, negotiate better please. They clearly have far too much money.
It's unclear whether the @TheJusticeDept is posting a bunch of white-collar criminal wanted posts because they think the perps will show up or as a cautionary tale, but I finally found a place I don't want my photo.
The first three months of 2019 are not even over yet, and we have already added so many important enhancements to Microsoft Threat Protection. The journey to providing organizations seamless, integrated, and comprehensive security continues. microsoft.com/security/blog/…
At #RSAC, we announced the launch of Microsoft Azure Sentinel, which adds the benefits of next-gen SIEM to Microsoft Threat Protection. Azure Sentinel is a cloud-native solution, providing intelligent security analytics for the entire organization. azure.microsoft.com/en-us/blog/int…
We also announced Microsoft Threat Experts, a new managed threat hunting service in Windows Defender ATP that provides proactive hunting, prioritization, and context-rich intelligence and data-driven insights to augment customers’ SOC capabilities. microsoft.com/security/blog/…
I presented a Learning Lab at #RSAC 2019 on "#MentalHealth in #Cybersecurity: Preventing Burnout, Building Resilience" 🛡🧠💪. @RSAConference @MosconeCenter. Here are the slides:
Our San Francisco bureau chief, @martingiles, spent several months working on a story about Triton, the world’s most murderous malware. Here’s why this malicious code is so terrifying. technologyreview.com/s/613054/cyber…
Previous “cyber-physical” malware like Stuxnet, which destroyed centrifuges at an Iranian nuke plant in 2010, targeted industrial equipment.
.
.
.
Triton is the first time we’ve seen software deliberately created by hackers to put people’s lives in danger.
.
.
.
Triton is the first time we’ve seen software deliberately created by hackers to put people’s lives in danger.
The malware is capable of disabling safety instrumented systems, which are the last line of safety defense in everything from petrochemical plants to public transport systems to nuclear power plants.
"Our cyber defenders are outnumbered. We must empower these defenders." -- @ajohnsocyber at #RSAC keynote #PowerOfPeople
"Bridging the cybersecurity skills gap requires an industry-wide effort to recruit, train, and retain a diverse bench of talent." -- @ajohnsocyber #PowerOfPeople
"We know diverse teams make better and quicker decisions 87% of the time." - @ajohnsocyber #PowerOfPeople #RSAC
Top DHS cyber official Chris Krebs: Russian interference in 2016 election was galvanizing moment for defense like Sputnik launch in 1957, bigger than destructive WannaCry and NotPetya. #RSAC
Krebs priories: 5G/China; federal networks; critical infrastructure cyber attacks; election protection.
On election machines (despite lack of legislation requiring this): “Auditability is going to be a key or primary focus going forward.”
I'm seeing some say this highlights the talent shortage, while others (typically not hiring managers) continue to argue there is no shortage. There absolutely is a talent shortage, but as usual, there's more to the story than that. 1/n
threatpost.com/isaca-unfilled…
threatpost.com/isaca-unfilled…
The global multi-million dollar infosec training industry confirms there's a talent shortage. Either that or the companies you want to work for are all idiots just urinating money away. Pretty sure it's the former. 2/n
Okay, there's a talent shortage. But wait, how can that be?! You know *super talented people* who are looking for a job. Maybe you are too. You conclude there can't be a talent shortage.
This my friends is an anecdotal fallacy (and possibly even an availability bias). 3/n
This my friends is an anecdotal fallacy (and possibly even an availability bias). 3/n
