TPM design limitations and Apple-Google app store actions

Blue Security4 Okt 2021

TPM design limitations and Apple-Google app store actions

This week on the Blue Security Podcast, Adam and Andy talk about two interesting topics. The first is a pentesting company's successful hack Bitlocker using a TPM limitation. They talk about why this is complicated and the mitigations for it. They also talk about Apple and Google's decision to pull a voting app from the store in Russia a day before the parliamentary elections and the effect it has on democracy.

-------------------------------------------

Youtube Video Link: https://youtu.be/-GNLKWTtxTI

-------------------------------------------

Documentation:

https://dolosgroup.io/blog/2021/7/9/from-stolen-laptop-to-inside-the-company-network

https://explainxkcd.com/wiki/index.php/538:_Security

https://gizmodo.com/apple-and-google-pull-opposition-app-from-russian-store-1847695238

-------------------------------------------

Contact Us:

Website: http://bluesecuritypod.com

Twitter: https://twitter.com/bluesecuritypod

Instagram: https://www.instagram.com/bluesecuritypodcast/

Facebook: https://www.facebook.com/bluesecpod

-------------------------------------------

Andy Jaw

Twitter: https://twitter.com/ajawzero

LinkedIn: https://www.linkedin.com/in/andyjaw/

Email: andy@bluesecuritypod.com

-------------------------------------------

Adam Brewer

Twitter: https://twitter.com/ajbrewer

LinkedIn: https://www.linkedin.com/in/adamjbrewer/

Email: adam@bluesecuritypod.com

Det här avsnittet är hämtat från ett öppet RSS-flöde och publiceras inte av Podme. Det kan innehålla reklam.

Avsnitt(315)

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

Control the Agents, Find the Bugs - Microsoft's AI Security Double Play

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

26 Maj 33min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

You Can't Patch Fast Enough: Exchange Zero-Day and Tycoon2FA Strike

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss two significant topics: Agent 365, a new dashboard for monitoring AI agents in the Microsoft ecosystem, and ...

19 Maj 29min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

12 Maj 47min

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

Lockdown Mode Success, Howler Cell, and Entra Conditional Access

SummaryThis episode covers Apple Lockdown Mode's effectiveness against spyware, the Phantom Device attack exploiting Azure AD, and best practices for securing device registration and conditional acces...

11 Maj 46min

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

Copy Fail, Claude Security, and Microsoft's AI Defense Playboo

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

Copy Fail, Claude Security, and Microsoft's AI Defense Playbook

SummaryIn this episode of the Blue Security Podcast, hosts Andy Jaw and Adam Brewer discuss significant topics in cybersecurity, including the discovery of a critical Linux vulnerability known as Copy...

5 Maj 40min

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

Apple-Signal Bug, NCSC recommends passkeys, Open Source debate

SummaryIn this episode, Andy and Adam discuss a recent vulnerability in the Signal messaging app that allowed the FBI to recover deleted messages from an iPhone due to a flaw in Apple's notification s...

28 Apr 34min

Allt en och samma app

Lyssna på dina favoritpoddar och ljudböcker på ett och samma ställe.

Noga utvalt innehåll

Njut av handplockade tips som passar din smak – utan ändlöst scrollande.

Fortsätt när du vill

Fortsätt lyssna där du slutade – även offline.

Populärt inom Teknik

uppgang-och-fall

bilar-med-sladd

rss-elektrikerpodden

rss-laddstationen-med-elbilen-i-sverige

developers-mer-an-bara-kod

natets-morka-sida

rss-technokratin

bli-saker-podden

skogsforum-podcast

bosse-bildoktorn-och-hasse-p

har-vi-akt-till-mars-an

rss-uppgang-och-fall

rss-upplyst-entreprenordirektor

rss-powerboat-sverige-podcast

rss-snacka-om-ai

rss-hit-med-dina-lunchpengar

Berättelserna och rösterna du älskar att lyssna på

Obegränsad lyssning på alla dina favoritpoddar och ljudböcker

Upptäck Premium