Welcome to The Security Swarm Podcast – a weekly conversation of the most critical issues facing the world of cybersecurity today, hosted by Andy Syrewicze, Security Evangelist at Hornetsecurity. From the malicious use of AI tools to social engineering scams, each episode hones in on a pertinent topic dissected by an industry expert and backed up by real-world data direct from our Security Lab.
The world of cybersecurity should not be taken on alone – it’s time to join the swarm.
Spotify
Google Podcasts
Apple Podcasts
Youtube
EP14: The Permissions Management Nightmare in SharePoint Online
By loading the video, you agree to YouTube's privacy policy.
Learn more
We’re back for another episode with Philip Galea, R&D Manager at Hornetsecurity. In today’s episode, Andy and Philip discuss the frustrations and challenges IT admins face when managing permissions and sharing effectively in SharePoint Online.
As more organizations embrace remote work, collaborate with external freelancers, and rely on tools like Microsoft Teams and emails for sharing files, the need to manage permissions has become crucial. Tune in to this episode to learn about the complexities of SharePoint and discover ways to regain control over your access management.
Timestamps:
4:44 – The problems with managing permissions in SharePoint Online
8:34 – The ease of file sharing in M365 has created a problem.
11:16 – Have SharePoint security capabilities just been “lifted and shifted” to the cloud?
14:43 – The egregious problem with duplicate named SharePoint custom roles.
23:32 – What should M365 admins be doing about this problem?
27:10 – Behind the scenes with M365 Permission Manager by Hornetsecurity
Episode Resources:
Introducing 365 Permission Manager – Webinar
Find Andy on LinkedIn, Twitter or Mastadon
Find Philip on LinkedIn
As more organizations embrace remote work and collaboration with external freelancers, handling permissions becomes increasingly critical.
With the reliance on tools like Microsoft Teams and emails for file sharing, the complexities of SharePoint Online have become evident. Therefore, we at Hornetsecurity offer a proper solution to this permissions management nightmare: 365 Permission Manager.
365 Permission Manager is the ultimate savior, providing a seamless approach to permissions management in SharePoint Online. Most notable features:
Simplify Managing Permissions at Scale
Gain a comprehensive overview of your organization’s M365 permissions for SharePoint, OneDrive, and Microsoft Teams. Use advanced filtering to quickly identify accessible items for external users or guests and detect broken permissions. Transparently view users’ effective access rights by breaking down nested groups.
Take Back Control with Compliance Policies
Ensure SharePoint, Teams, and OneDrive data compliance with our GRC service. Implement out-of-the-box best practice policies or create custom ones. Immediate notifications alert site owners to violations, allowing timely intervention.
Receive Alerts for Critical Shares
Stay informed with daily summaries of permission changes across your M365 tenant. Identify newly shared items with “Everyone,” anonymous users, or external guests.
Take Quick Actions
Fix permissions on multiple sites, manage external sharing access levels, and remove indirect company-wide access. Easily remove orphaned user permissions with a single click.
Achieve Effective Compliance With Our GRC Service
Use the Audit function to approve or reject compliance violations by reverting sites to assigned policies or removing unauthorized access.
Receive Comprehensive Reporting
Generate reports for documentation and compliance, highlighting externally accessible files and access details for specific groups or users across sites, files, and folders.
EP13: Real-Life Security Horror Stories
By loading the video, you agree to YouTube's privacy policy.
Learn more
Join host Andy and special guest Martin Tanner from ADM Computing as they discuss real-life security horror stories. This fun and engaging episode was recorded live at Infosecurity Europe in London. Expect to hear interesting stories which both Andy and Martin have experienced first-hand.
With a mix of humor and valuable insights, this episode is a must-listen for anyone interested in the fascinating, and at times terrifying, world of real-life security horror stories.
Timestamps:
2:28 – The Dangers of Unmanaged IOT devices
5:30 – Hacked Video Conferencing Unit and Premium Rate Numbers
8:18 – Email Forwarding Rules and Data Leakage
11:59 – The Need for Proper Backup and Archival + Scheduled Payment Woes
15:40 – Rogue Admin and Embezzlement
18:17 – A Flattened Network and Ransomware Infection
22:16 – The Publicly Accessible Hypervisor
Episode Resources:
Email Encryption from Hornetsecurity
Find Andy on LinkedIn, Twitter or Mastadon
Find Martin on LinkedIn
EP12: What We Learned by Asking the Community About Compliance
By loading the video, you agree to YouTube's privacy policy.
Learn more
Get ready for an eye-opening episode recorded live at Infosecurity Europe in London. In this episode, Andy and Matt Frye dissect the results of a comprehensive IT compliance survey conducted by Hornetsecurity. In the rapidly evolving digital landscape, maintaining IT compliance has become a pressing concern for businesses worldwide.
Tune in to explore the key findings from this survey, featuring insights from over 200 IT professionals representing diverse roles, regions, industries, and experience levels.
Timestamps:
02:32 – Compliance is a growing concern
03:52 – Do businesses see compliance as important?
06:24 – The burden of compliance on IT teams
12:08 – How are businesses verifying compliance?
14:46 – Trust in the cloud continues to be a problem for some organizations
17:00 – M365 administrators are struggling with compliance tools
20:57 – The cost of non-compliance
Episode Resources:
IT Cybersecurity Compliance Survey
Find Andy on LinkedIn, Twitter or Mastadon
Find Matt on LinkedIn
EP11: On-Prem Exchange Server Throttling
By loading the video, you agree to YouTube's privacy policy.
Learn more
Microsoft’s recent decision to throttle traffic from old and outdated versions of On-Premises Exchange has sent shockwaves through the tech community. In today’s episode, Andy and Paul Schnackenburg delve into the details of Microsoft’s plans to protect Exchange Online against persistently vulnerable on-premises Exchange Servers by throttling and blocking emails from these unsupported servers.
Tune in to understand the reasoning behind Microsoft’s strategy with this change, how organizations can keep themselves protected through process, and where third-party vendors can plug in and provide value.
Timestamps:
4:00 – Microsoft’s plan details and communication
10:50 – Paul and Andy’s thoughts on why Microsoft is making this change
18:40 – Is it “Ethical” for Microsoft to block on-prem Exchange traffic?
26:31 – What should affected organizations do?
Episode Resources:
Hornetsecurity’s 365 Total Protection
EP 10: Tips and Tricks for Working with CISOs
By loading the video, you agree to YouTube's privacy policy.
Learn more
We’re back for another episode with Lia Fey, Customer Success Lead at Hornetsecurity. In today’s episode, Lia brings her wealth of experience working closely with CISOs on a daily basis to share valuable insights and strategies for effectively collaborating with them.
CISOs face a unique set of challenges as they operate in high-pressure environments and navigate the intersection of compliance requirements as well as the security needs of an organization.
Join us as we explore the multifaceted nature of working with CISOs on security awareness and discover tips and tricks for fostering effective partnerships in the ever-evolving security and compliance landscape.
Timestamps:
3:25 – Initial Impressions and responsibilities of CISOs?
5:47 – CISOs and Interactions with the Rest of the Organization
8:47 – Responsibilities of CISOs
15:59 – What is the Most Effective Way to Communicate with CISOs
21:40 – How can we help CISOs solve difficult business challenges?
Episode Resources:
EP09: Real World Guidance on Security Awareness Service
Andy on LinkedIn, Twitter or Mastodon
Lia on LinkedIn
EP09: Real-World Guidance on Security Awareness Service
By loading the video, you agree to YouTube's privacy policy.
Learn more
In today’s episode, our host Andy sits down with Lia Fey, Customer Success Lead at Hornetsecurity, to discuss why employees need to be trained on security awareness and what type of training works best. In addition, they explore the challenges businesses face when trying to train their employees in today’s digital landscape.
Lia Fey brings her expertise to the table and sheds light on real-world scenarios where organizations have successfully prevented attacks because an end user possessed the knowledge and ability to react appropriately.
Timestamps:
2:32 – What is a security awareness service?
9:38 – Why is security awareness training so effective?
12:45 – Measuring end-user success and right-sizing training
20:11 – What is the right kind of end-user security training?
24:22 – Some real-world scenarios
28:35 – Do security awareness services help spot threats outside of email?
Episode Resources:
Andy on LinkedIn, Twitter or Mastodon
Lia on LinkedIn
EP08: Advanced Threat Protection: A Must Have in Today’s Ecosystem?
By loading the video, you agree to YouTube's privacy policy.
Learn more
We’re back for another episode with Umut Alemdar – Head of Security Lab here at Hornetsecurity. Today, we’re discussing Advanced Threat Protection (ATP) and its crucial role in detecting, preventing, and responding to increasingly sophisticated cyber threats.
Throughout the episode, Andy and Umut discuss common ATP techniques such as sandboxing, time of click protection, and spam filters, all of which are critical in fortifying defenses against malicious actors. Furthermore, they emphasize the vital function of the natural language understanding module in ATP in detecting sophisticated social engineering attacks.
While this episode focuses on ATP in general, Andy and Umut draw concrete examples from our own ATP scanning methods here at Hornetsecurity.
Timestamps:
2:05 – What is Advanced Threat Protection
5:50 – What are common scanning techniques used by ATP technologies
10:35 – How does Sandboxing work in ATP scanning techniques?
13:07 – What is the role of AI within ATP scanning?
18:09 – Concrete example of where ATP saves the day
20:11 – Scanning for malicious QR codes
Episode Resources:
We used ChatGPT to Create Ransomware
Andy on LinkedIn, Twitter or Mastodon
Umut on LinkedIn
EP07: A Discussion and Analysis of Qakbot
By loading the video, you agree to YouTube's privacy policy.
Learn more
In today’s episode, Andy and Umut Alemdar explore one of the most malicious botnets in today’s digital threat landscape: Qakbot. What makes Qakbot so dangerous?
Qakbot originally started out as an information stealer back in 2007. Over the years, it has undergone significant transformations, evolving into a multi-modular malware that poses a severe threat to businesses. In our discussion and analysis, we uncover its attack chain from infecting a system to downloading malicious payload.
Timestamps:
3:24 – What is Qakbot?
5:18 – An overview of Qakbot’s attack chain and capabilities
14:38 – Mitigation and defence strategies for Qakbot
19:48 – What does the future look like for Qakbot?
Episode Resources:
The Reemergence of Emotet and Why Botnets Continue to Return
Find Andy on LinkedIn, Twitter or Mastadon
Find Umut on LinkedIn
EP06: How Secure is Microsoft 365?
By loading the video, you agree to YouTube's privacy policy.
Learn more
In this episode, Andy and Paul Schnackenburg, Microsoft Certified Trainer, investigate the burning question on everyone’s mind: Is Microsoft 365 a secure platform? As we discuss the intricate details and inner workings of Microsoft 365 security, we leave no stone unturned.
Tune in to learn valuable insights and expert analysis on the subject, as well as how Microsoft 365 holds up in today’s ever-changing threat landscape.
Timestamps:
2:30 – Is Microsoft 365 secure?
6:32 – Management portal and configuration creep in M365
13:28 – Does file sharing in M365 create a security problem?
20:07 – Lack of transparency in regards to internal cloud infrastructure CVEs
25:36 – The mentality of security – just because it’s in “the cloud”
29:38 – Ultimately it’s the “customer’s” responsibility to stay safe
Episode Resources:
Microsoft 365 Security Checklist
Azure Blunder left Bing Results Editable
365 Permission Manager Free Trial
Find Andy on LinkedIn, Twitter or Mastadon
Find Paul on LinkedIn or Twitter
Organizations increasingly depend on cloud-based productivity suites such as Microsoft 365 to enhance workforce productivity and streamline operations in the current digital era. Understanding Microsoft 365’s security landscape reveals a holistic and dynamic approach to safeguarding data. Nonetheless, ensuring complete protection remains imperative.
Hence, it is vital to prioritize comprehensive protection for your Microsoft 365 environment to uphold the security of your system. Fortunately, luck is on your side as Hornetsecurity has developed an exceptional security solution explicitly tailored for Microsoft 365. Seamlessly integrated, our cutting-edge protection services offer comprehensive security for Microsoft’s cloud services. Setting up is a breeze, and the intuitive interface makes it easy to manage your IT security right from the beginning.
To properly protect your Microsoft Office 365 environment, use Hornetsecurity Microsoft 365 Permission Manager, 365 Total Protection, 365 Total Backup, and 365 Total Protection Enterprise Backup to securely backup and replicate your Microsoft 365 critical data.
EP05: What is Immutability and Why Do Ransomware Gangs Hate it?
By loading the video, you agree to YouTube's privacy policy.
Learn more
In today’s episode, we welcome Philip Galea, an esteemed expert in immutability and backups at Hornetscurity. With ransomware being one of the most pervasive issues in the industry today, immutability emerges as a powerful weapon against ransomware gangs.
The term immutability is thrown around a lot in the cybersecurity community, but what does it mean, and why do ransomware gangs hate it? This episode provides a fascinating insight into immutability and its vital role in the fight against ransomware.
Timestamps:
4:25 – What is immutability?
9:34 – How ransomware drove the need for immutability
12:30 – Ransomware creation via ChatGPT
18:12 – Are there benefits and use cases for immutability outside of backup?
21:30 – How does immutability really work?
24:57 – What’s to stop a rogue admin from “Tinkering” with immutable storage?
Episode resources:
EP01: We used ChatGPT to Create Ransomware
Immutability refers to the quality of being unchanging or unable to be modified. In the context of data backups, immutable backups are copies of data that cannot be altered or deleted by anyone, including the individuals who created them. This feature makes them highly resistant to manipulation or tampering.
Now, why do ransomware gangs harbor such disdain for immutable backups? The answer lies in their malicious intent and the disruptive nature of ransomware attacks. Ransomware is malicious software that infiltrates computer systems and encrypts valuable data, holding it hostage until a ransom is paid. It thrives on the ability to control and manipulate data, leaving victims with few options.
Immutable backups, however, pose a significant obstacle to these cyber criminals. By preserving data in a state that cannot be changed, even by the most sophisticated ransomware, immutable backups provide a failsafe against data loss. When a system is compromised, organizations can restore their data from these secure, unalterable backups, rendering the ransomware attack futile.
We strongly advise utilizing Hornetsecurity’s VM backup service, especially now with the introduction of the V9 feature. Employing VM backup significantly enhances data security, effectively shielding your data from deletion and unauthorized alterations.
The new Backup Bible
Discover
The Backup Bible
For complete guidance, get our comprehensive Backup Bible, which serves as your indispensable resource containing invaluable information on backup and disaster recovery.
