Our thoughts on Fireeye, Solarwinds, and Sunburst
Blue Security21 Dec 2020

Our thoughts on Fireeye, Solarwinds, and Sunburst

This week, Adam and Andy give you their thoughts on the Fireeye and Solarwinds breach. They also give defenders advice on immediate steps to help strengthen their organizations as well as some future insights on the direction security may be heading in terms on identity and device management. Finally, they give some thoughts on why it is important for security, business, and technical teams need to work as one cohesive unit in order to make security programs successful.

Documentation:

Unauthorized Access of FireEye Red Team Tools

Check Point Response to FireEye Red Team Tools Leak

CISA Updates Alert and Releases Supplemental Guidance on Emergency Directive for SolarWinds Orion Compromise

Highly Evasive Attacker Leverages SolarWinds Supply Chain to Compromise Multiple Global Victims With SUNBURST Backdoor

"The Chat" by Gavin Ashton

Becoming resilient by understanding cybersecurity risks: Part 2

Detecting Abuse of Authentication Mechanisms by the NSA

Protecting Microsoft 365 from on-premises attacks

Andy Jaw

Twitter: @ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Adam Brewer

Twitter: @ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(315)

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

26 Maj 33min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

12 Maj 47min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

11 Maj 46min

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification s...

28 Apr 34min

Populärt inom Teknik

uppgang-och-fall
elbilsveckan
market-makers
bilar-med-sladd
rss-elektrikerpodden
rss-laddstationen-med-elbilen-i-sverige
developers-mer-an-bara-kod
rss-veckans-ai
natets-morka-sida
rss-technokratin
bli-saker-podden
skogsforum-podcast
bosse-bildoktorn-och-hasse-p
under-femton
har-vi-akt-till-mars-an
rss-uppgang-och-fall
rss-upplyst-entreprenordirektor
rss-powerboat-sverige-podcast
rss-snacka-om-ai
rss-hit-med-dina-lunchpengar