The 443 - Security Simplified

This week on the podcast, we chat about a recent report from Qrator that highlights some of the massive weaknesses in the backbone of the internet. After that, we discuss a recent research blog post from Yan (@bcrypt) showing her work in finding a CSRF flaw in OK Cupid that bypassed Cross-Origin Resource Sharing (CORS) protections.

This week on the podcast we talk Zero-Trust. What is it? How do you implement it? And why should all IT professionals work towards updating their networks to this security architecture? We'll answer all that and more after a quick Kaseya update and a security memorandum from the White House.

This week on the podcast we cover the latest Microsoft Windows privilege escalation vulnerability, SeriousSAM aka HaveNightmare. Before that, we discuss NSO Group and their spyware software known as Pegasus and whether private organizations should be allowed to market and sell spyware to government agencies.

With the White House announcing this month that it plans to investigate potential changes to Section 230, the safe harbor laws that enable websites to moderate content without risk of liability for content they fail to remove, we wanted to bring back an episode from last year where we discuss exactly what these laws are and how they enable a free and open internet.  

This week on the podcast we cover the Kaseya mass ransomware incident from July 7. While the event is still ongoing, we already have evidence for how the attack occurred and exactly what the threat actors did on affected endpoints. In this episode we dive in to the details around the incident and defensive tips for this specific incident, and similar incidents in the future. Additionally this week, we cover the PrintNightmare vulnerability and what it means for Windows administrators.

We recorded this episode before news of the massive attack against Kasaye users broke on Friday. Suffice to say, next week's episode will give a full debrief of the incident including how it happened, who it affected, and what all MSPs can learn from it. In the meantime, check out Corey's post on the Kaseya breach here, which we will continue to update as new information comes to light. This week on the podcast, we cover the latest LinkedIn data "breach," an update in activity from the hacking group responsible for the SolarWinds supply chain attack, and research from Microsoft's security team into multiple authentication bypass vulnerabilities in a popular consumer router. After that, we have a discussion our thoughts on a recent article by the Economist that compares the cybersecurity industry to used car dealers.

Its that time of year again! This week on the podcast, we cover the latest internet security report from the WatchGuard Threat Lab. We'll go over the latest trends in malware and network attacks targeting WatchGaurd customer networks through the first quarter of the year, as well as defensive tips for all organizations.

  This week on the podcast we discuss an often overlooked item for sale on underground forums, authentication cookies. Before that though, we'll cover a few surprising stats from a  recent ransomware study by Cybereason and an update from NATO on cyber warfare.

This week on the podcast, we discuss operation Trojan Shield, a multi-year program where the FBI in partnership with international law enforcement agencies developed and distributed an encrypted communications application on the underground that gave them full access into criminal messages. We'll also cover the latest news from the recent Colonial Pipeline and JBS ransomware attacks before ending with some news from the prolific banking trojan Trickbot.

This week on the podcast, we take a look at how soldiers unknowingly leaked highly-sensitive information about the United States' foreign nuclear arsenal and discuss how we can reprogram humans to not make similar mistakes. We also cover the latest major ransomware incident targeting manufacturing and industrial control, a damning privacy admission from Google's own executives, and a Supreme Court decision that will likely have a major effect on prosecuting some forms of cyber crime.

This week on the podcast we cover an epic battle between a video game giant and a tech behemoth that has the potential to change mobile security forever. After that, we cover updates to several recent security events including the SolarWinds breach, the attempted poisoning of the Oldsmar, FL water supply, and the ransomware attack against Colonial Pipeline.

This week on the podcast we cover the ransomware attack against Colonial Pipeline which left the east coast of the United States in fear of gas shortages for more than a week. We'll discuss the threat actors behind it, how they possibly got in, and what the response was from Colonial and the United States government.

This week on the podcast we cover a 12 year old vulnerability in Dell's firmware update driver impacting hundreds of millions of servers, workstations and tablets. Then, we dive in to 21 nails, a collection of vulnerabilities in the Exim Mail Transfer Agent (MTA) which has wide use across the internet. We'll go over a few of the biggest flaws and how they work as well as what it means for email security.

This week on the podcast, we mourn a Dan Kaminsky, a well-loved hacker responsible for identifying one of the biggest vulnerabilities in the history of the internet. Then, we continue our dive into web app security standards with a discussion on Same-Origin Policy and Cross Origin Resource Sharing (CORS) and how they help protect us against Cross Site Request Forgery (CSRF) attacks.

This week on the podcast, we cover Signal CEO Moxie Marlinspike's analysis of a phone forensic analysis tool made by the grey-hat hacking organization Cellebrite. Before that though, we cover another solved mystery from the SolarWinds Orion saga.