The 443 - Security Simplified

In this daily security byte with WatchGuard CSO, Corey Nachreiner, he explains the recent Global IT outage cause by a CrowdStrike update. We also follow-up on RockYou and the RockYou2024 data dump of 10 billion records.

This week on the podcast we discover the newly-disclosed protocol vulnerability in certain RADIUS implementations. Before that, we give an update on the continued fallout from the Snowflake customer databreaches including a new disclosure from AT&T. We also discuss a blog post from JFrog that details how they saved the world from what could have been the worst supply chain attack in history.

This week on the podcast, we cover OpenSSH's recent critical vulnerability and what it means for systems administrators. Before that, we discuss the CDK Global ransomware attack impacting car dealerships across the us, a Korean internet service provider delivering malware to their customers, and a takeover of a popular JavaScript library gone hostile.

This week on the podcast we doscuss two issues from this month's Microsoft patch tuesday that deserve your attention. After that we discuss the recent data theft campain targeting Snowflake customers that has impacted over 100 organizations. We end the episode with an update on the hackers behind the MGM and Caesar's Entertainment breaches last year.

This week on the podcast we cover the WatchGuard Threat Lab's Internet Security Report from Q1. In this episode, we discuss the latest trends in malware detections at the network and the endpoint, network attack trends, and malicious domains that targeted WatchGuard customers around the world.

This week on the podcast, we discuss a new Microsoft Windows feature that is shaping up to be a security nightmare. Before that, we discuss a new research initiative from the Advanced Research Projects Agency for Health (ARPA-H) that could make big improvements in healthcare cybersecurity.

This week on the podcast, we cover a newly disclosed weakness in the 802.11 Wi-Fi standard that affects common enterprise Wi-Fi deployments. Before that, we discuss CISA's Secure by Design Pledge for technology vendors before ending with a Microsoft research post on Quick Assist social engineering.

This week on the podcast, we cover guidance from CISA and its international partners that guides organizations on the right questions to ask during the technology procurement process to make sure the products they buy are secure. Before that, we cover Microsoft's research into a common vulnerability impacting over 4 billion Android application installations followed by a discussion on the Tunnel Vision VPN vulnerability.

This week on the podcast, we cover the key takeaways from the 2024 Verizon Data Breach Investigations Report. Before that, we discuss what we learned from United Healthcare CEO Andrew Witty's congressional testimony on their ransomware attack in February. We also discuss a research article from JFrog on malicious Docker Hub repositories.