Download Cybersecurity Infographics

Infographic Threat Talks - Hack the Boat

Hack the Boat

Explore the cutting-edge of maritime cybersecurity

For years, maritime companies have focused on protecting their data and IT environments, but securing operational technology (OT) was less of a priority. One reason for this is that, until recently, said operational systems simply weren’t connected to the internet. Modern shipping operations however rely heavily on both Information Technology (IT) and Operational Technology (OT) for navigation, communication, and operational management. Especially the conventional OT systems, which have been built with fairly open and unencrypted, sometimes decades old systems, are like an open invitation to hackers.

With marine cybercrime steeply on the rise, what can maritime companies do to bring their IT and OT in line with today’s cybersecurity standards?

In this Threat Talk, the following key threats are discussed:

  • Ballast system hack
  • Securing AIS 
Infographic Threat Talks - Security and Compliance

Bridging the Gap: Security and Compliance

What’s more important: compliance or cybersecurity?

Explore the often-overlooked operational gap between compliance and actual security in episode #33 of Threat Talks. While many organizations focus on meeting compliance standards, does this truly lead to enhanced security?

Is compliance the be-all-end-all when it comes to cybersecurity? Or is there a bridge we need to gap when it comes to compliance versus practical cybersecurity requirements? Join us as we delve into the critical differences and uncover how to bridge the gap for better protection.

In this Threat Talk, the following key threats are discussed:

  • Accellion file transfer
  • OKTA data breach
  • CapitalOne data breach
    The evolution of cyber warfare infographic

    The Evolution of Cyber Warfare

    Advanced Threat Intelligence helps you know your enemy

    Explore the hidden world of cyber warfare and Advanced Persistent Threats (APT’s) with Threat Intel Specialist Luca Cipriano and special guest Cyber Security Expert Martijn Peijer as they unpack real-life cyber espionage cases.

    Host Lieuwe Jan Koning discusses real-life espionage cases like:

    • China Nexus Barracuda Hack
    • Russia GRU Viasat Hack
    • APT Sand Eagle – Operation Triangulation

      Breaking the Bank

      Financial sector cybersecurity threats

      Discover the intriguing world of legal bank heists with special guest and cybersecurity expert Jayson E Street. Lieuwe Jan Koning and Luca Cipriano delve into how Jayson exploits human nature to breach bank security, bypassing technology with ease.

      Understand the critical importance of employee training in safeguarding against cyber threats. Explore ethical hacking, data theft, and the fascinating dynamics of modern cybersecurity.

      In this Threat Talk, we’re delving into three major vulnerabilities:

       

      • SWIFT Gateway vulnerability
      • Android banking malware known as Vultur
      • Binance crypto hack

      Healthcare

      Responsibilities, regulations and legacies

      Explore the vulnerabilities of the DICOM protocol in healthcare, revealing significant risks such as data breaches and manipulation.

      Join host Lieuwe Jan Koning and guests Jan van Boesschoten and Sina Yazdanmehr as they discuss practical solutions for protecting sensitive patient information and enhancing cybersecurity measures.

      In this Threat Talk, the following key threats are discussed:

      • DICOM: The hidden risks of Legacy Protocols
      • Ireland’s HSE Ransomware Attack
      • ScreenConnect: Authentication Bypass (CVE-2024-1709)

      Unraveling CVE-2024-3400

      Threat Talks Special

      In this special episode of Threat Talks, the focus is on the critical vulnerabilities found in Palo Alto Networks’ GlobalProtect servers, particularly CVE-2024-3400 with a CVSS score of 10. The discussion covers the nature of this severe vulnerability, how it was discovered, and the risks it poses to organizations using GlobalProtect.

      You will learn about the methods attackers might use to exploit this vulnerability and practical steps to protect against such threats. The episode provides straightforward advice and recommendations to help organizations improve their security measures and safeguard their networks from similar vulnerabilities.

      Supply Chain

      Business as usual?

      As we increasingly depend on third-party and open-source software, the threat of supply chain attacks escalates. These attacks occur when hackers find and exploit less direct routes into systems, akin to burglars gaining entry with a hidden spare key.

      Lieuwe Jan, Luca, and Matthijs delve into several significant hacks:

      • SolarWinds: Highlighting the risks associated with third-party software.
      • Log4j: Underlining the perils of software dependencies.
      • MOVEit: Pointing out the risks involved when entrusting data to third-party software.

      The Authentication Apocalypse

      Staying Ahead of the Hacker

      Word of data breaches and stolen credentials reaches the news almost every other day. If your credentials get stolen, criminals could have access to your bank accounts, health care records, company secrets and more. Needless to say, authentication is key!

      At its core, authentication verifies the identity of users seeking access to various digital services and platforms.

      In this episode, Lieuwe Jan, Luca and Harald discuss the following hacks:

      • Outlook vulnerability
      • Google Oauth bypass
      • Ivanti EPM
      Remote work Infographic

      Does Remote Work?

      Vulnerabilities at home

      Allowing remote access, whether it is for remote workers or partners, is required for almost all enterprises. But enabling remote access doesn’t just bring flexibility, it comes with a number of security concerns.

      Cybercriminals have honed in on the vulnerabilities of widely used remote work technologies. What are those technologies and what are those vulnerabilities? For example: the FBI and NSA talk about rebooting your home router at least every week. Should we do this?

      The following threats will be discussed by Lieuwe Jan, Luca and Rob:

      • Citrix Netscaler
      • TunnelCrack
      • FortiOS SSLVPN buffer overflow

      Can’t deny DDoS in 2024?

      Distributed-denial-of-service attacks

      Distributed-denial-of-service attacks, more commonly referred to as DDOS attacks, are malicious attempts to disrupt traffic of a specific server, service or network by overwhelming said target or its surroundings with an abundance of internet traffic.

      Think of it as an unexpected traffic jam clogging up the highway, preventing regular traffic from arriving at its destination. Want to know how often these attacks really take place? Download the infographics on DDoS attacks in general.

      Lieuwe Jan, Peter and Luca are talking about these threats: 

      • Mirai botnet
      • HTTP/2 rapid reset
      • Reflection and Amplification DDoS attacks.