InfosecICU is closing its doors, and Steve and Gerry hop in the studio for a final farewell and thank you to the community that made this show such a pleasure and a success.Thank you for all the support through the 2 years we were publishing.

Cyber Breaches at Record Highs, Emotet Surges 730%, CMS Exceptions

Nov 20th, 2019 49m 40s

Gerry and Aaron discuss the exponential growth of cyber breaches in 2019, the explosion of Emotet in September, and out for comments CMS Exceptions to providing security services for free to competitors.As always they end with One Cool Thing.

LightCommand, Ransomware Leads to Higher Heart Attack Rates, Project Nightingale

Nov 13th, 2019 19m 21s

Gerry is riding solo this week. Laser attacks on personal digital assistants, a review on research showing a correlation between ransomware and increased heart attacks, Google’s Project Nightingale.As always they end with One Cool Thing.Show

Industry Phishing Report, Scoring Hosts’ 2019 Predictions, and the Problem w/ mHealth

Nov 6th, 2019 48m 50s

Steve is back in studio for a special 100th Infosec ICU episode. The guys discuss an industry state of phishing report, the cover the problem with mHealth, and they revisit their bold cyber predictions for 2019 they made in 2018.As always they

The Privacy Episode! Digital Assistants spies and Interview with Privacy Expert Kellie Mendoza

Oct 30th, 2019 43m 13s

Its the PRIVACY Episode! Gerry and Matt review privacy implications of SRLabs recently released research on using digital assistants as eavesdropping devices. They interview Privacy Officer Kellie Mendoza for her perspective and reflect afterwa

Federal Privacy Legislation, Cybersecurity Culture Best Practices, SMB Still Struggling

Oct 23rd, 2019 43m 15s

Gerry and Matt dig into the proposed federal regulation ‘Mind Your Own Business Act’ and how it could shape privacy. They examine how to build a cybersecurity culture at your organization, and reflect on the recently released Ponemon global rep

Malware Analysis, Infosec Job Market, and MFA

Oct 16th, 2019 41m 32s

Gerry and Brandon discus various methods for malware analysis, the infosec job market, and multifactor authentication.As always they end with One Cool Thing.Show NotesResources:Malware Analysishttps://app.any.run/Infosec Job Markethttps

Offensive Pentester Paul Ihme Interview and Reflections

Oct 9th, 2019 46m 9s

Gerry and Brandon interview professional red teamer and penetration test expert Paul Ihme.As always they end with One Cool Thing.Show NotesResources:Paul Ihmehttps://www.linkedin.com/in/ihme/One Cool ThingSecurity Onionhttps://github.c

Malspam Trends and Apple Security News

Oct 2nd, 2019 36m 15s

Gerry and Brandon discuss trends in malspam, a permanent iOS vulnerability, and a significant webkit exploit campaign.As always they end with One Cool Thing.Show NotesResources:Malspam Trendshttps://www.zdnet.com/article/most-malspam-cont

Public Cloud Breaches, IoT Physical Security, National Cyber Security Awareness Month

Sep 25th, 2019 36m 42s

Gerry and Brandon discuss an absurd amount of public cloud misconfigurations, IoT door locks, and things you can do to be involved with October’s National Cyber Security Awareness.As always they end with One Cool Thing.Show NotesResources:

Insider Threats with M & A and Jeffrey Smith Interview on Cyber Insurance

Sep 18th, 2019 59m 36s

Gerry and Brandon discuss risk when working through merger and acquisitions and Gerry interviews Cyber Risk Underwriter’s Jeffrey Smith about cyber insurance.As always they end with One Cool Thing.Show NotesResources:Mergers and Acquisitio

HIC-MISO, Insider Threats, and NIST Securing PACS

Sep 11th, 2019

Gerry and Brandon discuss Health Industry Cybersecurity Matrix – Information Sharing Organizations (HIC-MISO), ask how insider threats can affect your organization, and mention a NIST initiative for securing PACS systems.As always they end wit

Telehealth Cybersecurity Considerations, Google and UChicago Lawsuit Updates, and Siri says Sorry

Sep 4th, 2019 44m 20s

Gerry and Aaron discuss the current state of a HIPAA lawsuit featuring Google and UChicago Medical Center as defendants. They discuss the emerging security concerns surrounding Telehealth and what NIST is doing about it. They wrap up the main s

Oops we lost your DNA, Patient Privacy Reform, and Solving the Cyber Security Problem

Aug 28th, 2019 55m 51s

Gerry and Brandon discuss a breach at Massachusetts General Hospital, patient privacy reform around addiction treatment, and how to solve the cyber security problem.As always they end with One Cool Thing.Show NotesResources:Breach at Mas

Coordinated Ransomware Attack in The Lone Star State, Security Certs for Healthcare Leaders, and a Delta Lawsuit for “Inadequate” Security

Aug 21st, 2019 42m 9s

Gerry and Brandon discuss the coordinated attack on Texas municipalities, CHISL – a healthcare leadership security certification, and a third-party lawsuit from Delta for inadequate security.As always they end with One Cool Thing.Show Notes

Blackhat and DEFCON, Defending Deepfakes, and Cyber Insurance In-Depth

Aug 14th, 2019 49m 48s

Gerry and Brandon discuss Gerry’s Blackhat and DEFCON experience and feature a few key talks from the conference.As always they end with One Cool Thing.Show NotesResources:BlackHat 2019https://www.blackhat.com/us-19/DEFCON 27https://ww

Capital One Breach, Urgent/11, and Securing Patient Portals

Aug 7th, 2019 45m 23s

Gerry and Brandon discuss the recent Capital One breach and how the alleged attacker was easily captured. The cover the release of 11 0-day vulnerabilities for a highly used but little discussed OS. They finish the discussion with securing heal

Encryption Backdoors, State of Emergency for Ransomware Attacks, “Educating” the Human Factor

Jul 31st, 2019 36m 2s

Gerry and Brandon dig into a classic debate in the information security world: Encryption Backdoors. Atty General William Barr recently implored an audience of cybersecurity professionals to champion backdoors in technology implemented encrypti

Equifax Settling for $700M, CISOs 18-Month Shelf Life, and BGP Insecurity interview with Dr. Mike Ham

Jul 24th, 2019 49m 51s

Gerry and Brandon discuss the impending Equifax $700M settlement and what it means in a macrocosm manner. They follow up analyzing the quantified trend of CISOs on average lasting 18-24 months per job posting. They finish by interviewing Dr. Mi

Zoom Vulnerability Responses, Ponemon Report on 3rd Party Vendor Risk in Healthcare, Data and Privacy Security Academic Conference

Jul 17th, 2019 47m 28s

Gerry and Steve discuss Zoom and Apples response and actions from the Zoom fallout of silent local webservers on endpoints. The guys discuss the Ponemon report on third party risk management in the healthcare industry. Finally they discuss the

British Airs GDPR Mega Fine, Attacking Outlook for Fun and Profit , and DoH for Bad Guys

Jul 10th, 2019 35m 14s

Gerry and Steve discuss a looming $240 Million dollar GDPR non-compliance fine for British Airways for an incident you may not think is GDPR coverable. They follow by talking about how malicious actors are abusing weaknesses in Outlook to estab

Florida man….Fired for Falling for Phish, UChicago Class Action Lawsuit, and Softening HIPAA Fines

Jul 3rd, 2019 37m

Gerry and Steve discuss the penalty exacted on a Florida man who was responsible for opening a malicious email leading to a ransomware attack. They discuss UChicago’s and Google being sued for (maybe) improperly handling patient data. They wrap

Patrick Wardle, Apple Security Researcher Interview and Rivieria Beach Ransomware

Jun 26th, 2019 51m 47s

Brandon and Steve take to the studio discussing the ransomware payout in Rivieria Beach. The guys interview Apple Security Researcher and regular security con speaker Patrick Wardle to discuss his research and thoughts on Apple Security.As alw

DHS Cyber Incident Response Bill, National Unique Patient Identifiers, and Recruiting a Healthcare Cyber Workforce

Jun 19th, 2019 34m 39s

The guys are focused on Washington DC this week. The guys discuss legislation that is working its way through the process on establishing a DHS cyber incident response team and the lifted ban on developing a unique patient identifier to promote

NCHICA, Personal VPNs, and Have I Been Pwned

Jun 12th, 2019 46m 15s

Steve provides insights from last weeks NCHICA conference he attended. The guys sped time discussing the pros and cons of personal VPNs and what you should consider when selected one. They wrap up discussing the Have I Been Pwned breach databas