Name: Microsoft attacked by Russian hackers - Midnight Blizzard breach explained
Start: 2024-03-21T15:35:00Z
End: 2024-03-21T15:35:07.000Z
Location: BrightTALK
Rating: 2

Learn how software-driven organizations use GitGuardian to strengthen their overall security posture and comply with application security frameworks and standards. 

GitGuardian, founded in 2017, has become the leader in automated secrets detection and is now focused on providing a comprehensive code security platform. It's raised $56M from top investors, including co-founders of GitHub and Docker. Its policy engine helps security teams monitor and enforce rules across all their VCS, DevOps tools, and infrastructure-as-code configurations. GitGuardian offers Secrets Detection, Infra as Code Security, and Honeytoken capabilities all in one platform.

This webinar is a deep dive into the world of AI, where we demystify its complex mechanisms and how it accelerates our program methods. In this webinar, we focus on how AI is transforming industries, especially cybersecurity, and making sense of massive datasets that were once impossible to handle.

We are also happy to announce that we are joined by Nicolas M. Chaillan, Former U.S. Air Force and Space Force Chief Software Officer (CSO) and Founder of Ask Sage, for a fireside chat about the future of AI.

What You’ll Learn:

How AI solves complex tasks that traditionally require human intelligence.
The difference between imperative programming and machine learning.
How to apply AI to find "needles in the haystack" within massive datasets, efficiently addressing cybersecurity challenges.
Real-world applications of AI and how it can help you uncover secrets hidden in your code and elsewhere.
This webinar helps you navigate the complexity of AI and embrace its transformative power in your security work with practical insights and examples tailored to modern-day challenges. Stay tuned for real insights from our special guest.

AI, Machine Learning & Code Security: Opportunities and Risks

In this episode of The Security Repo Podcast, we broach a wide variety of topics, ranging from The Theory of Constraints, source control horror stories, and using scorecards to drive cross-team success. 

We are joined by Justin Reock, the Head of Developer Relations for Cortex.io. 
He is an outspoken speaker, writer, and software practice evangelist. He has over 20 years of experience working in various software roles and has delivered enterprise solutions, technical leadership, and community education on a range of topics. 

We start by talking about how the work of Ed Deming translates into modern software workflow and what that means for security. Branching from there, we dip into how developer and build tooling can and should include security. The one thing all developers have in common is source control, and Justin's background lets him share a few stories that are not to be missed.  
We end with a new twist on Best Advice/Worst Advice that gives us deeper insight into our guest. 

Thanks for tuning into this episode. 

Links mentioned in this episode:

  / justinreock  

OpenRewrite and Modern  https://www.moderne.ai/blog/overview-...

Pre-frontal cortex podcast - https://podcasts.apple.com/us/podcast... 

IDPcon.com - https://idpcon.com/

From The Theory Of Constraints to Scorecard Patterns for Better Compliance - Justin Reock

In this episode of The Security Repo Podcast, we take a look at how to do secret rotation reliably in a highly available system.  

We are joined by Kenton McDonough. Kent got his MS in Computer Science from Virginia Tech in 2021 with a focus on systems and networking. He currently does security automation for Viasat Inc, a global Satellite internet service provider, with an emphasis on credential management and RBAC systems.

We walk through the tech stack that Kent works with, which includes a little of everything. We revisit his talk topic at BSides as Vegas 2024 with a discussion of 'blue/green' secrets rotation. By the end, we uncover some best practices to keep in mind when architecting a scalable, highly available application with regard to secrets management. 

Links shared in the episode:
kent07[at]bt.edu

Rotating Secrets At Scale, Automatically, and With High Availability - Kenton McDonough

We all want to have the best security posture possible, especially when it comes to our mission-critical applications. This is also true for any software we publish that is used in the software supply chain. Every security team dreams of fully implementing Zero Trust as the standard across the whole of the organization and having flawless defenses.

In reality, though, security is a never-ending journey, as the landscape constantly shifts at an ever-accelerating rate. Defending the perimeter used to be the goal, but in the ultra-interconnected world of services, cloud platforms, and open-source dependencies, we need to rethink how we defend ourselves and our customers.

We need to stop unrealistically striving for perfection and get back to basics to make sure we are guarding against the most likely, most common, and most costly threats that continue to emerge.

In this webinar, we will cover:

Understanding the threats throughout the Software Supply Chain
The benefits and realities of implementing Zero Trust
Thinking through trust, attestation, and scanning
Finding the right balance of time and effort for security ROI
Thinking past compliance and defending against the most likely scenarios
Join Chris Lindsey, Application Security Evangelist at Mend.io, and Dwayne McDaniel, Sr. Developer Advocate at GitGuardian, for an hour of conversation and learning.

Good Enough: Practical Zero Trust Posture in The Software Supply Chain

In this episode of The Security Repo Podcast, we look at security automation and how we can engineer our way to better security overall.

We are joined, once again by Huxley Barbee, who has been a fixture of the security community for over 20 years. Professionally, he was a security consultant working with customers in finance, insurance, manufacturing, and higher education. Currently, he leads the security engineering group at a fintech company. Beyond the day job, he is also active in the security and hacker community. He started attending DEF CON in the late 90s, has spoken at many conferences throughout the US, and is the lead organizer for BSidesNYC. He lives in New York. You should connect with him on social media, buy him a drink, or both.

We start with a great discussion of what to automate and what not to automate when thinking about security.  From there, we explore the role of AI in the security tool belt and how we can best leverage it to improve our posture. By the end, we get some updates about BSides NYC and elsewhere. 

Links from this episode:
Previous Appearance:  
   • Building Conferences and Communities ...  

Socials:
  / jhbarbee  

@huxley@infosec.exchang

BSides NYC:
https://bsidesnyc.org/

Security Automation And Leveraging AI To Deal With Security At Scale - Huxley Barbee

In this episode of The Security Repo Podcast, we take a look at the role developer training and awareness have in improving security.

We are joined by Chris Lindsey, Application Security Evangelist at Mend.io. He is a seasoned speaker who has appeared at conferences, webinars, and private events.  Chris draws on expertise from more than 15 years of direct security experience leading and building security programs and over 35 years of experience leading teams in programming software, solutions, and security architecture.

We start with how training and awareness are the start of the process but not all that is needed. From there, we discuss developer tooling vs security tooling and what gaps exist.  By the end, we get into AI and how to think about a future with auto-remediation.

Developer Awareness Training and AI Assisted Tooling for Improving Security - Chris Lindsey

The current state of application security often leaves us reacting to data breaches and unauthorized disclosures well after they have occurred. How do we change this reactive reality? 

In this webinar, we’ll discuss this and other questions:

- What are the CISO/security and privacy team absolutes or non-negotiables?
- How has modern AppSec failed these constituents?
- What are design decisions, and how do they impact the strength of an architecture?
- How do data flow diagrams enrich and simplify the process?
- What are security and privacy patterns, and how are they used?
- What are the most important things to measure with security/privacy by design?

By adopting these principles, development teams can shift from a reactive to a proactive stance, ensuring their software products are robust, trustworthy, and aligned with the highest security standards.

Links mentioned in the webinar:
https://devici.com

https://www.securityjourney.com/resources/application-security-podcast

https://securitytable.buzzsprout.com/

https://threatmodel.buzzsprout.com/

https://appsec.beehiiv.com/

https://www.gitguardian.com/files/devsecops-blueprint

Designing Secure and Private Software by Default with Chris Romeo from devici

In this episode of The Security Repo Podcast, we dive deep into a rather troubling phenomenon: scammers who target senior citizens. 

We are joined by Anita Nikolich,  a speaker and a university-based cybersecurity researcher specializing in network security and cryptocurrency analytics. She joins us as the founder and co-principal Investigator of DART, a collective of researchers, security experts, game designers, and community-based organizations who have come together to combine their expertise and passion to develop the Deception Awareness and Resilience Training (DART) platform.

 We discuss real-world examples, the realities of scammers and cybercrime, and why they target the people they attack. We also get into how the DART collective is working to ensure we raise awareness in a way that affects the most people without being too heavy-handed. Anita shares some free resources to help protect the people you love and tells us how we can get involved to help.

Learn more at 
https://dartcollective.net/
https://dartcollective.net/deepcover/

DeepCover & DART Academy: Fighting Scammers Through Educating Seniors - Anita Nikolich

Today we sit down with Bobby Kuzma, Director of Offensive Cyber Operations at Pro Circular and adjunct professor at the University of Washington. Bobby shares his unique journey into the world of penetration testing, including how he accidentally acquired his CISSP certification. We delve into the fascinating world of offensive security, discussing the highs and lows of pen testing, the importance of creativity in cybersecurity, and Bobby’s current work on leveraging AI to enhance security testing. Tune in for an insightful conversation filled with real-world stories, expert advice, and a look at the future of cybersecurity.

Behind the Scenes of Offensive Security with Bobby Kuzma

In this episode of The Security Repo, we sit down with Jossef Harush Kadouri, a pioneer in software supply chain security and founder of Dustico, now part of Checkmarx. Jossef shares his journey from startup to acquisition, detailing the ever-evolving landscape of supply chain attacks. We explore how malicious actors are exploiting open-source ecosystems, the challenges of maintaining secure software, and practical steps developers and organizations can take to protect themselves. Whether you're a seasoned security professional or new to the field, this episode offers valuable insights into safeguarding your software's supply chain.

The Frontline of Cybersecurity: Defending Against Supply Chain Intrusions - Jossef Harush Kadouri

Today we welcome J Wolfgang Goerlich, an advisory CISO, mentor, and strategist. We delve into the intricacies of security design frameworks and the importance of building and maintaining relationships in the cybersecurity field. Wolfgang shares his expertise on creating effective security programs, fostering trust within teams, and navigating the challenges of the CISO role. Tune in to gain valuable insights on cybersecurity strategy and the significance of collaborative relationships in achieving security goals.

Show Notes: 
Linkedin:   / jwgoerlich  
X / Twitter: https://x.com/jwgoerlich 
Website: https://jwgoerlich.com/ 
Securing Sexuality: https://www.securingsexuality.com/

Frameworks and Relationships: J Wolfgang Goerlich on Security Strategy

Join us for a roundtable on GenAI's dual role in cybersecurity. Experts from GitGuardian, Snyk, Docker, and Protiviti, with Redmonk, discuss threat mitigation versus internal tool adoption, securing coding assistants, leveraging LLMs in supply chain security, and more. Gain valuable insights on harnessing GenAI to enhance your DevSecOps practices.

How to augment DevSecOps with AI?

Join us for a comprehensive webinar on self-hosted solutions, featuring industry experts Romain Jouhannet from GitGuardian, Adrian Mouat from Chainguard and Chuck D'Antonio from Replicated.

The discussion will delve into:

Challenges of On-Prem Deployments: We will explore the complexities and distribution challenges associated with on-prem solutions.
Secure & Scalable On-Prem Experiences: We'll discuss how to deliver robust and scalable on-prem deployments, addressing the intricacies involved.
Integration of SaaS and On-Prem: Can these environments coexist and benefit each other? The session will cover best practices from on-prem development that can enhance SaaS offerings.
This session is ideal for organizations prioritizing robust data security and privacy in their operations.

Delivering Security on Your Terms: An Intro to Self-Hosted

In this episode of The Security Repo, we are thrilled to welcome Sonya Moisset, a Senior Advocate at Snyk and a renowned expert in DevSecOps, cybersecurity, and AI. With a wealth of experience as a public speaker, mentor, and top contributor to the tech community, Sonya shares her deep insights into the evolving landscape of AI in cybersecurity.

Join us as we dive into the pressing issues surrounding generative AI and large language models (LLMs), including the concept of shadow AI, the risks of using AI tools without proper oversight, and real-world examples of security breaches involving AI. Sonya discusses the importance of implementing robust security policies and fostering an open dialogue within organizations to mitigate these risks.

We also explore fascinating topics such as prompt injection attacks, the role of AI in both offensive and defensive cybersecurity strategies, and the emerging frameworks guiding ethical AI use. Whether you're a security professional, a developer, or simply curious about the intersection of AI and cybersecurity, this episode offers valuable knowledge and practical advice.

Tune in to learn how to navigate the complexities of AI in your organization and stay ahead in the fast-paced world of cybersecurity.


Show Links 
Sonya Moisset social media links
Linkedin:  

 / sonyamoisset  
X (Twitter): https://x.com/SonyaMoisset


Introduction: 0:00
What are the security risks with AI and LLMs: 1:10 
Prompt Injection Car Dealership: 6:39
Prompt Injection: 8:46 
Guardrails for AI: 16:00 
Using AI for Red Teaming: 25:19 
Regulations for AI security 32:16 
Best and Worst: 34:10

Navigating AI in Cybersecurity: Insights from Sonya Moisset

Join us this week as we host Eric Fourrier, co-founder and CEO of GitGuardian. Discover the journey of GitGuardian from a side project to a leading code security platform. Eric shares insights on the startup's growth, the integration of AI in security, and the future of protecting digital assets. Tune in for an engaging discussion on advancing code security in our digital world.

Show Notes:
GitGuardian https://gitguardian.com
State of Secrets Sprawl Report https://www.gitguardian.com/state-of-... 
GitGuardian Blog https://blog.gitguardian.com

Eric Fourrier Socials 
Linkedin:  

 / ericfourrier  

intro: 0:00 
Origin of GitGuardian: 0:55
Why wasn't secrets detection a big problem: 5:08
State of Secrets Sprawl Report: 09:50 
Can we solve secret leakage: 18:08
Finding secrets outside source code: 22:22
The evolution of GitGuardian: 25:18
Single pane of glass: 30:15
The problem of remediation: 32:55
The role of AI in security tools: 36:10
Best and Worst: 42:25

The Secrets behind GitGuardian: Building a security platform with Eric Fourrier

AI-assisted coding tools increase your delivery speed… and unfortunately security risks as well.

In this session, Sonya Moisset, Staff Security Advocate of Snyk (and 4x GitHub Star & GitHub Security Ambassador) will dive into:

- Presenting an overview of AI in development and common AI security risks.
- Use GenAI tools to build a coffee shop demo app and exploit AI-generated vulnerabilities, including SQL injection, cross-site scripting, directory traversal, and more.
- And give you some effective strategies to mitigate and fix AI-generated vulnerabilities.

If you are working with AI as your copilot then this webinar is for you!

Code Fast, Secure Smarter: The Dual Path of AI Development

Open-source components forever changed how we build software, but they are also a prominent security threat, nothing illustrated this better than the recent XZ library incident where the world narrowly avoided a massive supply chain attack.

Join Gene Gotimer, DevOps Engineer at Praeses and Mackenzie Jackson to discuss how we can keep our open-source supply chains secure as we discuss:

- Security implications of vulnerable open-source components
- How using automation can help us move toward a secure supply chain
- How to discover and detect vulnerable components

Securing the Supply Chain - Automating our Way Out of Security Whack-a-Mole

In this video, we explore AI package Hallucination. This threat is a result of AI generation tools hallucinating open-source packages or libraries that don't exist. 

In this video, we explore why this happens and show a demo of ChatGPT creating multiple packages that don't exist. We also explain why this is a prominent threat and how malicious hackers could harness this new vulnerability for evil. It is the next evolution of Typo Squatting. 

Introduction: 0:00
What is AI package Hallucination: 0:12
Sacrifice to the YouTube Gods: 0:33
How AI models find relationships: 0:45 
Lawyer uses hallucinated legal cases: 1:18
How we use open-source packages: 1:39
How ChatGPT promotes packages: 2:17 
Example of AI Package Hallucination: 2:51
Why is package hallucination a security risk: 3:46
How many packages are hallucinated? 5:37
Protection measures against AI Package Hallucination: 6:18

Understanding AI Package Hallucination: The latest dependency security threat

In this video we provide a breakdown of the nation-state attack on Microsoft by Russian backed hacking group Midnight Blizzard ( also known as NOBELIUM) that happened between November 2023 and March 2024. 

The attack targeted Microsoft's corporate email systems, with evidence showing attempts to gain unauthorized access to source code repositories and internal systems. While no evidence suggests compromise of Microsoft-hosted customer-facing systems, the attackers have escalated certain aspects of the attack, such as password sprays. The video highlights Microsoft's response efforts, including increased security investments, cross-enterprise coordination, and implementation of enhanced security controls and monitoring to defend against this advanced persistent threat. Ongoing investigations into Midnight Blizzard's activities are emphasized, with a commitment to sharing relevant findings with stakeholders.

Microsoft attacked by Russian hackers - Midnight Blizzard breach explained

Breach Detection

IT Security

Cyber Security

Cyber Attacks

Cyber Incident Response

Threat Analysis

Threat Defence

Threat Intelligence

DevSecOps

Security Automation

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

Enterprise applications have become a crucial piece of infrastructure for many businesses. The enterprise applications community on BrightTALK features the latest insights in enterprise application integration, enterprise application architecture and EAS software. Join the community to gain access to thousands of videos and webinars presented by recognized enterprise information systems experts and arm yourself with the knowledge you need to succeed.

Enterprise Applications

Get powerful end user computing insights from influential EUC experts. Connect with thought leaders and colleagues to get the most up-to-date knowledge on effective approaches to get non-programmers to create working applications.

End User Computing

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Microsoft attacked by Russian hackers - Midnight Blizzard breach explained

Presented by

About this talk

GitGuardian