The 443 - Security Simplified

We recorded this episode before news of the massive attack against Kasaye users broke on Friday. Suffice to say, next week's episode will give a full debrief of the incident including how it happened, who it affected, and what all MSPs can learn from it. In the meantime, check out Corey's post on the Kaseya breach here, which we will continue to update as new information comes to light.
This week on the podcast, we cover the latest LinkedIn data "breach," an update in activity from the hacking group responsible for the SolarWinds supply chain attack, and research from Microsoft's security team into multiple authentication bypass vulnerabilities in a popular consumer router. After that, we have a discussion our thoughts on a recent article by the Economist that compares the cybersecurity industry to used car dealers.

Its that time of year again! This week on the podcast, we cover the latest internet security report from the WatchGuard Threat Lab. We'll go over the latest trends in malware and network attacks targeting WatchGaurd customer networks through the first quarter of the year, as well as defensive tips for all organizations.

This week on the podcast we discuss an often overlooked item for sale on underground forums, authentication cookies. Before that though, we'll cover a few surprising stats from a  recent ransomware study by Cybereason and an update from NATO on cyber warfare.

This week on the podcast, we discuss operation Trojan Shield, a multi-year program where the FBI in partnership with international law enforcement agencies developed and distributed an encrypted communications application on the underground that gave them full access into criminal messages. We'll also cover the latest news from the recent Colonial Pipeline and JBS ransomware attacks before ending with some news from the prolific banking trojan Trickbot.

This week on the podcast, we take a look at how soldiers unknowingly leaked highly-sensitive information about the United States' foreign nuclear arsenal and discuss how we can reprogram humans to not make similar mistakes. We also cover the latest major ransomware incident targeting manufacturing and industrial control, a damning privacy admission from Google's own executives, and a Supreme Court decision that will likely have a major effect on prosecuting some forms of cyber crime.

This week on the podcast we cover an epic battle between a video game giant and a tech behemoth that has the potential to change mobile security forever. After that, we cover updates to several recent security events including the SolarWinds breach, the attempted poisoning of the Oldsmar, FL water supply, and the ransomware attack against Colonial Pipeline.

This week on the podcast we cover the ransomware attack against Colonial Pipeline which left the east coast of the United States in fear of gas shortages for more than a week. We'll discuss the threat actors behind it, how they possibly got in, and what the response was from Colonial and the United States government.

This week on the podcast we cover a 12 year old vulnerability in Dell's firmware update driver impacting hundreds of millions of servers, workstations and tablets. Then, we dive in to 21 nails, a collection of vulnerabilities in the Exim Mail Transfer Agent (MTA) which has wide use across the internet. We'll go over a few of the biggest flaws and how they work as well as what it means for email security.

This week on the podcast, we mourn a Dan Kaminsky, a well-loved hacker responsible for identifying one of the biggest vulnerabilities in the history of the internet. Then, we continue our dive into web app security standards with a discussion on Same-Origin Policy and Cross Origin Resource Sharing (CORS) and how they help protect us against Cross Site Request Forgery (CSRF) attacks.

This week on the podcast, we cover Signal CEO Moxie Marlinspike's analysis of a phone forensic analysis tool made by the grey-hat hacking organization Cellebrite. Before that though, we cover another solved mystery from the SolarWinds Orion saga.