The 443 - Security Simplified

On this week's episode, we cover the latest in car hacking, this time involving a vulnerability that could have given remote attackers full control over certain Hyundai models' doors, lights and engine. After that, we discuss the latest breach impacting a major password management app and how it's different from previous ones we've seen. We end with a discussion on the latest 'custom security solution' vendor selling spyware tools for profit.

On today's episode we cover a pair of alerts from the Cybersecurity Infrastructure and Security Agency (CISA), one detailing the tools, tactics and procedures from a prolific ransomware organization and another walking through a recent incident response engagement CISA completed with a federal agency. Before that though, we learn about what happens when you use a software component that hasn't received updates in 17 years.

This week on the podcast we dive into the world of attack surface management. We discuss what your attack surface is made up of including some areas you may not have thought of and then cover the best ways to reduce and ultimately protect it.

This week on the podcast we take a look back at our 2022 cybersecurity predictions and give ourselves a grading on how well we did. From cyber insurance to space hacks, we'll cover each of the 6 predictions we made last December and discuss why we think they did or did not come to fruition.
As mentioned on the episode, several WatchGuard employees are participating in "Mo-vember" to raise awareness and contributions for men's health charities. Check out our page, and Corey's amazing mustache, at - https://nl.movember.com/en/team/2435885

On this episode we cover the much anticipated OpenSSL vulnerabilities that were disclosed and patched on November 1st and why the 6 year streak of no critical issues continues. After that, we dive back in to election security and the hacking activity that could have the most impact. We end with an update from Apple on their security program and making vulnerability research more accessible.

This week on the podcast we cover CISA's freshly-released Cybersecurity Performance Goals (CPGs) designed to help smaller organizations bridge the gap between frameworks and practical implementation. After that, we discuss a new bill working its way through the US Senate designed to address open source software security risks. Finally, we end with a research post from Microsoft on the evolution of an interesting malware campaign.

This week on the podcast, we cover another remote code execution vulnerability that looks extremely concerning on the surface but might be less serious in reality. After that, we cover two research articles by Microsoft on ransomware campaigns including defensive takeaways for all organizations.

This week on the podcast we cover a proposed program from the White House to create an Energy Star-like label for cybersecurity in consumer products. Before that, we cover two other updates from the federal government including a new open source tool from CISA and the latest reincarnation of Privacy Shield.

This week on the podcast, we focus on highlighting WatchGuard's Q2 Internet Security Report, covering the latest threat trends and what you can do to avoid them. However, we also pack in our security news segment, with an Optus breach update from an Australian IT and security expert and WatchGuard Partner, the latest on the UBER CSO trial, and a warning about the recent zero day Exchange exploit that some call ProxyNotShell. This week's episode is a long one, so grab a fresh coffee and listen during a long walk or drive.

This week on the podcast, we cover an Optus data breach that could affect over 10 million Australian customers, and what they should do to protect themselves. We highlight a new malware-as-a-service (MaaS) information stealer that lowers the cost and technical bar for cybercriminals. Finally, we end with some good news about how the FBI was able to catch and arrest an ex-NSA insider trying to sell sensitive national security data to a supposed Russian adversary.
Or watch the video version here.