Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Clint Marsden에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Clint Marsden 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
TLP - The Digital Forensics Podcast와 비슷한 콘텐츠
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
))
Episode 10 - Detecting and Preventing Phishing Attacks
Manage episode 429304772 series 3578563
Clint Marsden에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Clint Marsden 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Quotes:
"Phishing targets the human element, the 'wetware,' often the weakest link in any security chain." - Clint Marsden
"Phishing isn't just about poorly spelled emails anymore; it's about sophisticated campaigns that even cyber-aware individuals can fall victim to." - Clint Marsden
"Effective defense against phishing involves not just technology but ongoing education and a culture of security awareness." - Clint Marsden
Key Takeaways:
- Phishing attacks continue to evolve and remain a significant cybersecurity threat despite advances in technology.
- Attackers leverage sophisticated techniques including AI and social engineering to exploit human psychology.
- Effective defense strategies involve a multi-layered approach including user education, advanced email gateway technologies, and stringent access controls.
Action Points:
- Implement ongoing and evolving user education programs to enhance awareness of phishing tactics.
- Ensure email gateways are configured with DKIM, SPF, and DMARC protocols, and ensure the SEG is tuned appropriately to filter out malicious emails
- Follow the Essential 8 guidelines, focusing on restricting Microsoft Office macros and restricting admin privileges. If you've got the capacity, go straight into application control.
- Implement multi-factor authentication (MFA) across all public-facing and internal systems to add an additional layer of security against phishing attempts.
Links and references:
Mitre ATT&CK - Phishing
https://attack.mitre.org/techniques/T1566/
ASD Essential 8:
https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight
IDN Homograph attacks:
https://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352
Phishing Landscape 2023 by Interisle Consulting and APWG:
https://www.interisle.net/PhishingLandscape2023.pdf
Anti Phishing Working Group:
https://apwg.org/trendsreports/
16 에피소드
공유
Manage episode 429304772 series 3578563
Clint Marsden에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Clint Marsden 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
Quotes:
"Phishing targets the human element, the 'wetware,' often the weakest link in any security chain." - Clint Marsden
"Phishing isn't just about poorly spelled emails anymore; it's about sophisticated campaigns that even cyber-aware individuals can fall victim to." - Clint Marsden
"Effective defense against phishing involves not just technology but ongoing education and a culture of security awareness." - Clint Marsden
Key Takeaways:
- Phishing attacks continue to evolve and remain a significant cybersecurity threat despite advances in technology.
- Attackers leverage sophisticated techniques including AI and social engineering to exploit human psychology.
- Effective defense strategies involve a multi-layered approach including user education, advanced email gateway technologies, and stringent access controls.
Action Points:
- Implement ongoing and evolving user education programs to enhance awareness of phishing tactics.
- Ensure email gateways are configured with DKIM, SPF, and DMARC protocols, and ensure the SEG is tuned appropriately to filter out malicious emails
- Follow the Essential 8 guidelines, focusing on restricting Microsoft Office macros and restricting admin privileges. If you've got the capacity, go straight into application control.
- Implement multi-factor authentication (MFA) across all public-facing and internal systems to add an additional layer of security against phishing attempts.
Links and references:
Mitre ATT&CK - Phishing
https://attack.mitre.org/techniques/T1566/
ASD Essential 8:
https://www.cyber.gov.au/resources-business-and-government/essential-cyber-security/essential-eight
IDN Homograph attacks:
https://shahjerry33.medium.com/idn-homograph-attack-reborn-of-the-rare-case-99fa1e342352
Phishing Landscape 2023 by Interisle Consulting and APWG:
https://www.interisle.net/PhishingLandscape2023.pdf
Anti Phishing Working Group:
https://apwg.org/trendsreports/
16 에피소드
모든 에피소드
×
플레이어 FM에 오신것을 환영합니다!
플레이어 FM은 웹에서 고품질 팟캐스트를 검색하여 지금 바로 즐길 수 있도록 합니다. 최고의 팟캐스트 앱이며 Android, iPhone 및 웹에서도 작동합니다. 장치 간 구독 동기화를 위해 가입하세요.
TLP - The Digital Forensics Podcast와 비슷한 콘텐츠
Africa-focused technology, digital and innovation ecosystem insight and commentary.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
A podcast featuring panelists of engineers from Netflix, Twitch, & Atlassian talking over drinks about all things software engineering.
…
continue reading
Discover a whole new take on Artificial Intelligence with Squirro's educational podcast! Join host Lauren Hawker Zafer, a top voice in Artificial Intelligence on LinkedIn, for insightful chats that unravel the fascinating world of tech innovation, use case exploration and AI knowledge. Dive into candid discussions with accomplished industry experts and established academics. With each episode, you'll expand your grasp of cutting-edge technologies and their incredible impact on society, and y ...
…
continue reading
Three nerds discussing tech, Apple, programming, and loosely related matters.
…
continue reading
Download This Show is your weekly guide to the world of media, culture, and technology. From social media to gadgets, streaming services to privacy issues. Each week Marc Fennell and a team of people far smarter than him (his words, not ours) take a fun deep dive into how technology is reshaping our lives.
…
continue reading
The director’s commentary track for Daring Fireball. Long digressions on Apple, technology, design, movies, and more.
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
Player FM -팟 캐스트 앱
Player FM 앱으로 오프라인으로 전환하세요!
Player FM 앱으로 오프라인으로 전환하세요!
