Our thoughts on Fireeye, Solarwinds, and Sunburst

Blue Security21 Des 2020

Our thoughts on Fireeye, Solarwinds, and Sunburst

This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help strengthen their organizations as well as some future insights on the direction security may be heading in terms on identity and device management. Finally, they give some thoughts on why it is important for security, business, and technical teams need to work as one cohesive unit in order to make security programs successful.

Documentation:

Unauthorized Access of FireEye Red Team Tools

Check Point Response to FireEye Red Team Tools Leak

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

"The Chat" by Gavin Ashton

Becoming resilient by understanding cybersecurity risks: Part 2

Detecting Abuse of Authentication Mechanisms by the NSA

Protecting Microsoft 365 from on-premises attacks

Andy Jaw

Twitter: @ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Adam Brewer

Twitter: @ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(315)

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

26 Mai 33min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Mai 29min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Mai 29min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

12 Mai 47min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

11 Mai 46min

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Mai 40min

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Mai 40min

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification s...

28 Apr 34min

Reklamefrie Premium-podkaster

Hør populære podkaster som Storefri med Mikkel og Herman, Ida med hjertet i hånden, Krimpodden og mye mye mer

Skap din egen podkastboble

I appen skaper du ditt eget bibliotek med favoritter, og vi gir deg også anbefalinger til podkaster du ikke kan gå glipp av.

Prøv 14 dager gratis

Dersom du er ny Podme-bruker får du 14 dager gratis prøveperiode når du oppretter abonnement

Populært innen Teknologi

lydartikler-fra-aftenposten

energi-og-klima

tomprat-med-gunnar-tjomlid

nasjonal-sikkerhetsmyndighet-nsm

hans-petter-og-co

pedagogisk-intelligens

rss-anleggspraten

teknologi-og-mennesker

rss-snakk-om-sikkerhet

rss-ai-forklart

rss-digitaliseringspadden

rss-30-minutter-inn-i-fremtiden

rss-alt-som-gar-pa-strom

Historiene og stemmene du vil høre

Ubegrenset tilgang til alle dine favorittpodkaster og lydbøker