The 443 - Security Simplified

This week on the podcast we take a deep dive into the Exchange Server vulnerabilities that Microsoft issued an emergency patch for after discovering foreign adversaries were actively exploiting the flaws in the wild. We'll go over the vulnerabilities, how they work, and give some tips for defending against similar attacks in the future.

This week on the podcast we cover Gootkitand Gootloader, two oddly-named pieces of an evasive trojan that researchers have been watching evolve into a fileless threat. We also discuss the security benefits and drawbacks of Apple's closed-door approach to security. Finally, we end with some research on what happens when a cosmic ray causes your computer to load up the wrong destination for a network connection.

This week on the podcast we cover an upcoming Chrome browser update with important behind-the-scenes changes, a 9.8/10 severity vulnerability in VMWare vCenter, and a plea from Microsoft for more breach disclosure regulation in the wake of the SolarWinds breaches.

This week on the podcast, we chat about an authentication attack against one of the world’s internet address registrars, another Russian threat actor targeting a popular IT software company, and research on a credential theft trojan and its delivery methods.

This week on The 443, we cover a cyber-attack against the water supply of a small Florida town and research into a new class of vulnerabilities in software libraries called Dependency Confusion.

This week on the podcast, we cover the latest research from Avast on evasion techniques in use by malicious Chrome extensions. After that, we discuss the latest report from Google's Threat Analysis Group on nation-state threat actors targeting white hat security researchers.

This week on the podcast, we bring on Trevor Collins from the WatchGuard Threat Lab to chat about a the recently disclosed MalwareBytes breach and a series of vulnerabilities in a popular DNS forwarder, dubbed DNSPOOQ.

This week on the podcast, we cover a cloud security alert courtesy of Cybersecurity & Infrastructure Security Agency (CISA) and encrypted DNS guidance from the NSA. We also discuss a macOS malware evasion technique that has eluded analysis for over 5 years, until now.

This week on the podcast we dive into what will likely be remembered as the hack of the decade. With victims including dozens of Fortune 500 companies and US Federal agencies, the SolarWinds supply chain breach has had a massive impact on the industry and as the potential to change client/vendor trust relationships going forward.

Happy Holidays! This week on the podcast, we're going back to one of our favorite episodes from 2019 where we sat down with Biohacking pioneer Amal Graafstra to discuss implants, RFID technology and the future of human/technology interactions.