F5 Breached, Windows 10 EOL, AWS Outage
Blue Security28 Okt

F5 Breached, Windows 10 EOL, AWS Outage

Summary

In this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant recent cybersecurity events, including the F5 breach attributed to state-backed actors, the implications of Windows 10 reaching end of life, and the risks associated with outdated mobile operating systems. They also explore the geopolitical context of cybersecurity threats from China and the lessons learned from a recent AWS outage, emphasizing the importance of preparedness and proactive security measures for organizations.

----------------------------------------------------

YouTube Video Link: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://youtu.be/zn6cgCe5W8I

----------------------------------------------------

Documentation:

https://arstechnica.com/security/2025/10/breach-of-f5-requires-emergency-action-from-big-ip-users-feds-warn/

https://cloud.google.com/blog/topics/threat-intelligence/brickstorm-espionage-campaign

https://www.forbes.com/sites/zakdoffman/2025/10/25/unprotected-1-billion-iphone-and-android-users-must-act-now/

https://www.wired.com/story/what-that-huge-aws-outage-reveals-about-the-internet/

https://youtu.be/43vxbytjDSM?si=bzmgru3AHrhd7lP2

https://youtu.be/vFu63JNtIZ4?si=DAi64IzjkwD5bSTW

----------------------------------------------------

Contact Us:

Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.com

Bluesky: https://bsky.app/profile/bluesecuritypod.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpod

YouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast

-----------------------------------------------------------

Andy Jaw

Bluesky: https://bsky.app/profile/ajawzero.com

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠

----------------------------------------------------

Adam Brewer

Twitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewer

LinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/

Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Episoder(270)

Ransomware protection - Part 4 - Windows 10 Security, Network Segmentation, Detection and Recovery

Ransomware protection - Part 4 - Windows 10 Security, Network Segmentation, Detection and Recovery

This week, Adam and Andy wrap up the ransomware series by first going over controlled folder access in Windows 10 security and Onedrive for Business Known Folder Move. They discuss network segmentation and go into tools and process for detection and incident response. Finally, they conclude with tips on business continuity and disaster recovery when it comes to ransomware and cybersecurity. Documentation: Controlled Folder Access Onedrive for Business Known Folder Move Azure ATP/Microsoft Defender for Identity Ransomware Decryptors Maersk NotPetya Blog Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

26 Okt 202029min

Ransomware Protection - Part 3 - Admin Rights, Email Protection, Phishing Training

Ransomware Protection - Part 3 - Admin Rights, Email Protection, Phishing Training

This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into the concept of least privileged access and administrative rights, email protection solutions, and phishing/cybersecurity training program concepts for your company. Documentation: Exchange Online Protection Overview https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/exchange-online-protection-overview?view=o365-worldwide Office 365 ATP https://docs.microsoft.com/en-us/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

19 Okt 202033min

Ransomware Protection - Part 2 - EDR, Patching, and Pentesting

Ransomware Protection - Part 2 - EDR, Patching, and Pentesting

This week, Adam and Andy continue the conversation on techniques and tools to protect your organization from ransomware. They dive into EDR solutions, patching and vulnerability assessment management, and pentesting. Documentation: Maersk, me & notPetya: https://gvnshtn.com/maersk-me-notpetya/ The Untold Story of NotPetya, the Most Devastating Cyberattack in History: https://www.wired.com/story/notpetya-cyberattack-ukraine-russia-code-crashed-the-world/ Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

12 Okt 202032min

Ransomware Protection - Part 1 - Soft Skills and Endpoint Protection

Ransomware Protection - Part 1 - Soft Skills and Endpoint Protection

Due to the recent ransomware attacks, Adam and Andy use this episode to kick off a series on how to protect your company from ransomware. We started with how security professionals need to have soft skills in order to be successful at any organization. We followed up with a deep dive on why we believe Microsoft Defender for Endpoint is the most cost effective solution you can deploy. Documentation: Microsoft Defender in a Sandbox: https://www.microsoft.com/security/blog/2018/10/26/windows-defender-antivirus-can-now-run-in-a-sandbox/ Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

5 Okt 202033min

Enabled MFA!

Enabled MFA!

In this episode, Adam and Andy talk about why if you have not enabled MFA for your identity provider (IDP), this should be your top priority today. They also talk about steps for implementation and their thoughts on user documentation. Documentation: Zerologon Vulnerability https://www.secura.com/blog/zero-logon Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

28 Sep 202030min

Geo-restricting IP addresses, Password policies, Defense against password spray attacks

Geo-restricting IP addresses, Password policies, Defense against password spray attacks

In this first episode, Adam and Andy discuss whether geo-restricting IP addressing is considered "good" security. They also discuss Azure AD password protection as a method to protect against password spraying attacks. Documentation: Overview on Azure AD password protection: https://techcommunity.microsoft.com/t5/azure-active-directory-identity/azure-ad-password-protection-is-now-generally-available/ba-p/377487 How to deploy Azure AD protection: https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-password-ban-bad-on-premises-deploy Andy Jaw Twitter: @ajawzero LinkedIn: https://www.linkedin.com/in/andyjaw/ Adam Brewer Twitter: @ajbrewer LinkedIn: https://www.linkedin.com/in/adamjbrewer/

21 Sep 202031min

Populært innen Teknologi

lydartikler-fra-aftenposten
romkapsel
teknisk-sett
rss-avskiltet
energi-og-klima
tomprat-med-gunnar-tjomlid
shifter
rss-impressions-2
nasjonal-sikkerhetsmyndighet-nsm
pedagogisk-intelligens
rss-alt-som-gar-pa-strom
rss-for-alarmen-gar
smart-forklart
rss-bouvet-bobler
rss-teknologioptimistene-energibransjens-it-podcast
elektropodden
rss-fjorsilkebris-podcast
tinius-talks
rss-digitaliseringspadden
rss-ki-til-kaffen