Email impersonation threats reaching corporate inboxes hit an all-time high – John Wilson – ESW #326
John Wilson has been combating email-based fraud since 2006, when he developed an authentication-based anti-phishing solution as CTO of Brandmail Solutions. John continued his mission to rid the world of email fraud at Agari. As part of their threat intelligence team, John assisted Microsoft and the FS-ISAC with the B54 Citadel botnet takedown by providing data related to Citadel botnet infections and by acting as a declarant in the civil forfeiture action filed in US District Court.
John joined Fortra through the acquisition of Agari in June 2021. In his current role at Fortra, he continues to research email scams and conduct experiments in “active defense”. In early 2023, John again worked with Microsoft, this time on a takedown effort aimed at curbing the illegal use of Fortra’s Cobalt Strike adversary simulation solution.
John holds a B.S. in Computer Science and Engineering from MIT. He has spoken at a variety of security conferences including RSA, FS-ISAC, Aviation ISAC, NCFTA Disruption, and the Microsoft Digital Crimes Consortium.
- Security Weekly listeners: Now is your chance to join the infosec community as they come together at InfoSec World 2023, September 23 – 28, 2023 at Disney's Coronado Spring Resort in Lake Buena Vista, FL. Hear keynotes from Scott Shapiro, Founding Director at Yale CyberSecurity Lab’s and Rachel Wilson, Managing Director and Head of Cybersecurity at Morgan Stanley.
As a Security Weekly community member, you’re able to receive 20% off your InfoSec World 2023 tickets using code ISW23-SECWEEK20! Register today: securityweekly.com/infosecworld2023
Building an online community to protect kids online – from scratch! – Fareedah Shaheed – ESW #326
Fareedah Shaheed is an Award-Winning Internet Safety Expert and a Forbes 30 Under 30 honoree. She specializes in helping parents protect their kids online. Her work has been featured in Cisco, CNN, The Wall Street Journal, Fortune, NASDAQ, NASA, FOX 25, FOX 46, FOX Carolina, AfroTech, Ebony Magazine, Yahoo!, NBC4, Worth Magazine, and many more. And in 2022, she was named LinkedIn Top Voices in Cybersecurity.
- Join us at an upcoming Official Cyber Security Summit in a city near you! This series of one-day, invitation-only, executive level conferences are designed to educate senior cyber professionals on the latest threat landscape.We are pleased to offer our listeners $100 off admission when you use code SecWeek23 to register.Visit securityweekly.com/cybersecuritysummit to learn more and register today!
Cyberinsurance, how cybersecurity startups fail, barbie, and cocaine sharks – ESW #326
- Stay up-to-date with us on X (formerly known as Twitter) for the latest show clips and updates! Find us @SecWeekly and stay connected with our cybersecurity community.
Adrian Sanabria
- FUNDING: HiddenLayer raises a $32M Venture Round
Well, $31.9M to be exact. Is it a Series A? I don't know. Not surprising, given they won the Innovation Sandbox this year. Hot market also (securing AI).
- FUNDING: Announcing $20M Series A to Secure Open Source Software – Socket
- FUNDING: Converge Insurance Announces $15 Million Series A Funding from Forgepoint Capital
- LAYOFFS: HackerOne Lays off 12% of Staff
LinkedIn says they have over 4000 employees, but I wonder if a lot of those are 'hackers' on the platform? If they actually have 4000 employees, we're talking 500 people let go in this round of layoffs, but I suspect 4000 isn't an accurate number, due to H1's less common business model.
- ESSAYS: SOC2 Suck — A False Sense of Security
The raw truth about SOC2s from GreyNoise's Director of IT.
- ESSAYS: Leading Cybersecurity with a Control vs. Resilience Strategy
- ESSAYS: 12 ways to fail a cybersecurity startup
- CYBERINSURANCE: Coverage Challenges in Ransomware Claims: Cyber Insurance Policies and Trends in Denials
- CYBERINSURANCE: Coverage Challenges in Ransomware Claims: Cyber Insurance Policies and Trends in Denials
- AI TRENDS: Introducing Our AI Policy
- LEGAL: Russia Sends Cybersecurity CEO to Jail for 14 Years – Krebs on Security
Well, it's Russia... but still not a good precedent.
- LEGAL: The Reformed Analyst – The Impact of Legal Action Against CISOs
- LEARNING: Edition 21: A framework to securely use LLMs in companies – Part 1: Overview of Risks
- LEARNING: What’s the difference between Product Security and Application Security?
- SCAMS: Barbie scams #shorts
- SQUIRREL: Cocaine sharks: Marine biologists believe sharks are eating cocaine dumped off Florida’s coast











