Tesla and FBI prevents a ransomware hack at the Gigafactory | Grassroots Security (S1:E12)

It's a busy time for security.  The Cybersecurity & Infrastructure Security Agency has released a number of guidance documents on SolarWinds and ActiveDirectory/M365 compromises as well as the recent Microsoft Exchange vulnerabilities that are being actively exploited.
Blog Post (including Links):
https://grassrootsecurity.com/2021/03/10/cisa-guidance-on-solarwinds-ad-m365-and-exchange-remediations/

We've heard of a denial of service. But what is it?  And what can we do?
Blog Entry (With References):
https://grassrootsecurity.com/2021/03/01/denial-of-service-what-is-it-and-what-to-do/

Protect your computer using a security-filtered Domain Name System (DNS) server configuration.  Also hear about the Center for Internet Security (CIS) offering to protect US hospitals against malware through a similar method of DNS protection.
Blog Post (including references and site links):
https://grassrootsecurity.com/2021/02/22/protecting-you-through-security-filtered-domain-lookups/

No, I'm not talking about cyborgs here.  We explore the cybersecurity workforce needs, certifications and the scholarships available especially for women.  We need to improve the number of women who go into cybersecurity careers.
Blog Post (including References and Links):
https://grassrootsecurity.com/2021/02/15/we-need-more-cyber-women/

Every February 9 is Safer Internet Day.  The slogan "Together for a better internet" looks toward promoting a safe and positive use of digital technology, especially among children and young people.
Reference:
https://www.saferinternetday.org
Blog Post:
https://grassrootsecurity.com/2021/02/10/safer-internet-day-on-february-9/

January 28 was Data Privacy Day and the 40th anniversary of Convention 108.  Last January 11, we also got the update of the investigation on the Solarwinds Hack.
Blog Post (including references):
https://grassrootsecurity.com/2021/02/01/data-privacy-day-and-update-on-solarwinds-hack/
Data Privacy Logo courtesy of StaySafeOnline (https://staysafeonline.org/)

 The European Data Protection Board (or EDPB) has released Guidelines 01/2021 on Examples regarding Data Breach Notification. It provides a number of examples across different areas from ransomware to data exfiltration.
References are linked in the blog post below:
https://grassrootsecurity.com/2021/01/25/edpb-releases-guidelines-data-breach-notification-examples/

Happy New Year! In this episode, we talk about misinformation and disinformation and how your memory may contribute to both misattribution and bias. We also talk about how to deal better with misinformation.
Blog Post (including references):
https://grassrootsecurity.com/2021/01/18/new-year-your-memory-and-misinformation/

Ransomware has hit one of the biggest shipping companies CMA CGM. Also, Ring will be updating their devices to support end-to-end encryption. And Egypt has enacted their data protection law.  Brazil's version is also now in effect.
Published: September 30, 2020
Blog Post (Links to References):

• https://grassrootsecurity.com/2020/09/30/ransomware-in-cma-cgm-ring-security-changes-and-egyptian-data-protection/

With Facebook's high court challenge to the Irish Data Protection Commission's suggestion that Standard Contractual Clauses (or SCCs) may not be used, it begs the question what alternatives there are for the transfer of personal data to another country.  Also, with the US Elections near, what type of attacks are we seeing especially with credential harvesting?
Published: September 14, 2020
Blog Post (Links to References):

• https://grassrootsecurity.com/2020/09/14/validity-of-sccs-and-strontiums-credential-harvesting-methods/