Basic Auth, Zero Days, & Burnout
Blue Security4 Heinä 2022

Basic Auth, Zero Days, & Burnout

This week, Adam and Andy catch up some news in their first live show in a couple of weeks. First they talk about CISA's guidance to federal agencies to switch from basic auth to modern auth due to the retirement of basic auth on Oct 1, 2022. They also give the cumulative count of zero days for 2022 and some best practices for defense. Finally, they talk through the challenges of investing in people and the burnout felt community wide.

-------------------------------------------

Youtube Video Link: https://youtu.be/XM-UwFajxHY

-------------------------------------------

Documentation:

https://www.cisa.gov/sites/default/files/publications/switch-to-modern-authentication-in-exchange-online-062822-508.pdf

https://docs.microsoft.com/en-us/azure/active-directory/reports-monitoring/workbook-legacy%20authentication

-------------------------------------------

Contact Us:

Website: http://bluesecuritypod.com

Twitter: https://twitter.com/bluesecuritypod

Linkedin: https://www.linkedin.com/company/bluesecpod

Youtube: https://www.youtube.com/c/BlueSecurityPodcast

Instagram: https://www.instagram.com/bluesecuritypodcast/

Facebook: https://www.facebook.com/bluesecpod

Twitch: https://www.twitch.tv/bluesecuritypod

-------------------------------------------

Andy Jaw

Twitter: https://twitter.com/ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Email: andy@bluesecuritypod.com

-------------------------------------------

Adam Brewer

Twitter: https://twitter.com/ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Email: adam@bluesecuritypod.com

Tämä jakso on lisätty Podme-palveluun avoimen RSS-syötteen kautta eikä se ole Podmen omaa tuotantoa. Siksi jakso saattaa sisältää mainontaa.

Jaksot(315)

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

26 Touko 33min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Touko 29min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Touko 29min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

12 Touko 47min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

11 Touko 46min

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Touko 40min

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Touko 40min

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification s...

28 Huhti 34min