What is a cyber security podcast?
A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
What is 2021-014 blocked by?
2021-014-Slipstreaming blocked by Chrome, Slack being used for malware, plus dork and deskjockeys!
Summary
A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
OSS sustainability, log4j fallout, developer damages own code-p1
Adam Baldwin (@adam_baldwin) Amélie Koran (@webjedi) Log4j vulnerability https://logging.apache.org/log4j/2.x/license.html https://www.theregister.com/2021/12/14/log4j_vulnerability_open_source_funding/ https://www.zdnet.com/article/security-firm-blumira-discovers-major-new-log4j-attack-vector/ F/OSS developer deliberately bricks his software in retaliation for big companies not supporting OSS.
2021-046-Mick Douglas, Log4j vulnerabilities, egress mitigations- part2
Introduction Overview of Log4j vuln (as of 16 December 2021) Why is it a big deal? (impact/criticality/risk) Talk about patching vs. mitigation why wasn’t this given the same visibility in 2009? Because it’s Oracle or Java? Good callout is building slides to brief org leadership, detections, and other educational tools.
Technology Podcasts
A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
Bit of news, Belarus train system hack, VMware Horizon vulns, edge network device vulns
News articles we covered this week: https://www.wired.com/story/belarus-railways-ransomware-hack-cyber-partisans/ https://www.hackingarticles.in/linux-privilege-escalation-polkit-cve-2021-3560/ https://old.reddit.com/r/msp/comments/s48iji/vmware_horizon_servers_being_actively_hit_with/ https://www.bleepingcomputer.com/news/security/over-20-000-data-center-management-systems-exposed-to-hackers/ Whimmery's Walkthroughs: Join @whimmery on her twitch or on the @brakesec Youtube channel for....
April Wright and Alyssa Miller- Open Source sustainabilty
Alyssa Milller (@AlyssaM_InfoSec) April Wright (@Aprilwright) 0. Open Source issues (quick discussion, because I value your opinions, and supply chain is important in the IoT world too.) Log4j and OSS software management and profitability Free as in beer, but you pay for the cup… (license costs $$, not the software).
Amélie Koran and Adam Baldwin discuss OSS sustainability, supply chain security,, governance, and outreach for popular applications - part2
Adam Baldwin (@adam_baldwin) Amélie Koran (@webjedi) https://logging.apache.org/log4j/2.x/license.html https://www.theregister.com/2021/12/14/log4j_vulnerability_open_source_funding/ https://www.zdnet.com/article/security-firm-blumira-discovers-major-new-log4j-attack-vector/ F/OSS developer deliberately bricks his software in retaliation for big companies not supporting....
OSS sustainability, log4j fallout, developer damages own code-p1
Adam Baldwin (@adam_baldwin) Amélie Koran (@webjedi) Log4j vulnerability https://logging.apache.org/log4j/2.x/license.html https://www.theregister.com/2021/12/14/log4j_vulnerability_open_source_funding/ https://www.zdnet.com/article/security-firm-blumira-discovers-major-new-log4j-attack-vector/ F/OSS developer deliberately bricks his software in retaliation for big companies not supporting....
2021-046-Mick Douglas, Log4j vulnerabilities, egress mitigations- part2
Introduction Overview of Log4j vuln (as of 16 December 2021) Why is it a big deal? (impact/criticality/risk) Talk about patching vs. mitigation why wasn’t this given the same visibility in 2009? Because it’s Oracle or Java? Good callout is building slides to brief org leadership, detections, and other educational tools.
2021-045-Mick Douglas, Log4j vulnerabilities, egress mitigations- part1
Introduction Overview of Log4j vuln (as of 16 December 2021) Why is it a big deal? (impact/criticality/risk) Talk about patching vs. mitigation why wasn’t this given the same visibility in 2009? Because it’s Oracle or Java? Good callout is building slides to brief org leadership, detections, and other educational tools.
What is a cyber security podcast?
A podcast all about the world of Cybersecurity, Privacy, Compliance, and Regulatory issues that arise in today's workplace. Co-hosts Bryan Brake, Brian Boettcher, and Amanda Berlin teach concepts that aspiring Information Security Professionals need to know, or refresh the memories of the seasoned veterans.
When will the book 8 steps to better security be released?
8 Steps to Better Security: A Simple Cyber Resilience Guide to Business is done all final editing and will be published by @WileyTech on October 5th. Available now on Kindle Pre-order here: https://amzn.to/3k3pDAN
What is 2021-014 blocked by?
2021-014-Slipstreaming blocked by Chrome, Slack being used for malware, plus dork and deskjockeys!
When will Microsoft's Secure RPC patch break domains?
Microsoft's Secure RPC patch will potentially break domains on 09 February ElasticSearch is changing licenses to SSPL Man has $270 million in BTC trapped on an Ironkey USB drive
