← Back to Library

Cyber arrests, Death of SIEM, MS Total Recall, Getting Snowflaked, and the Gili Ra'anan Model - TCW EP4

By Daniel Kelley · The Cyber Why · · 6 min read

Welcome to TCW Pod #4, where we serve up the latest in cybersecurity with a side of snark and wit. In today's episode, we unravel the frosty Snowflake attack, navigate the labyrinth of SIEM's future, and dig into the spicy Gilli Ra'anan model. We also dish out tales of Scattered Spider arrests and the quirks of getting a job sans network. Buckle up as we blend serious insights with a splash of humor, making the world of cybersecurity both enlightening and entertaining. Let’s dive in!

TCW POD #4 SHOW NOTES

On this episode, hosts Tyler Shields, Rick Holland, Katie Teitler-Santullo, & Adrian Sanabria tackle the following key points:

00:42 - Introductions and Cold Open

Crime hasn’t been solved in other fields… so why should we be special? — Adrian Sanabria

03:42 - Show Sponsor - Material Security

Does your email security solution fit your alert budget?

Relying on built-in controls or traditional blockers will inevitably lead to more noise than your incident response team can handle.

Material Security takes a pragmatic approach to email security – stopping new flavors of phishing and pretexting attacks before reaching the user’s mailbox, while searching through everyone else’s mailbox for similar messages in a campaign. What gets surfaced to your team are the highest-value cases to investigate with all the context and reach consolidated into a single view. 

Remediations are a breeze with Material – try it out for yourself at material.security.

04:27 Have You Been Snowflaked?

In this segment, we dive into the icy depths of the Snowflake attack. It starts with a chilling recount of the breach details, where info stealers had a field day, and customers found themselves compromised. The infamous Shiny Hunters make an appearance, shining a light on the murky world of cyber threats.

The conversation then melts into a discussion about partner compromise and the ever-looming fourth-party risk, like a game of cybersecurity Jenga waiting to topple. We hear about shared responsibility, where Snowflake tries to play the role of a responsible neighbor but ends up with a "Not in My Backyard" situation when infrastructure issues and media blame come knocking. Finally, things heat up with a discussion on credential security and the many flavors of Multi-Factor Authentication (MFA), leaving everyone pondering how to keep their digital igloos safe from the next big thaw.

25:25 Is SIEM Dead - If So What’s Next?

The future of SIEM

...
Read full article on The Cyber Why →

This excerpt is provided for preview purposes. Full article content is available on the original publication.