This week on the podcast, we bring in Adam Winston, former CSO of ActZero and current Field CTO for Managed Services at WatchGuard to discuss automating the SOC with AI. We cover the history of AI in SecOps, the good and bad applications of AI and Machine Learning, what the future looks like, and how compliance might impact our ability to get there.
--------
57:15
The CVE Near-Death Experience
This week on the podcast, we discuss how the CVE program was granted an 11th hour temporary reprieve after the program's steward, MITRE, originally announced their contract had not been renewed. After that, we cover the recent cyberattack against 4chan that took it offline and resulted in leaked moderator information and source code. We end with a quick discussion on a post-exploitation technique being used in the wild against Fortinet FortiGate devices.
--------
34:14
Revoking Security Clearances as Punishment
This week on the podcast, we discuss a recent White House executive order that revoked the security clearances of former CISA chief Christopher Krebs as well as all other employees at SentinelOne and the implications that brings to our industry. Before that, we give a quick update on the Oracle Cloud breach from a few weeks back that Oracle has finally confirmed. We end with our thoughts on a few Microsoft Windows AI features that just launched in early preview and how they might impact data privacy and security.
--------
40:40
Lucid, the Phishing-as-a-Service Platform
This week on the podcast, we discuss a recent threat intelligence report on the Chinese Phishing-as-a-Service platform Lucid. Before that, we cover the alleged Oracle Cloud breach before reviewing the Singapore Shared Responsibility Framework, designed to combat financial scams.
--------
40:25
Github Actions Supply Chain Attacks
This week, we discuss a recent cascading supply chain attack involving multiple Github actions workflows that nearly succeeded in compromising a popular Coinbase application. Before that, we discuss a novel way to download malware onto an endpoint by abusing a web browser's caching feature. Additionally, we cover an FBI alert on file converter malware scams.
Get inside the minds of leading white-hat hackers and security researchers. Each week, we’ll educate and entertain you by breaking down and simplifying the latest cybersecurity headlines and trends. Using our special blend of expertise, wit, and cynicism, we’ll turn complex security concepts into easily understood and actionable insights.
UK